Created attachment 939983 [details] test app It is caused by missing null value check for CallerPrincipalCallback in authenticate method of WebJASPIAuthenticator. Steps to reproduce: 1) add following security domain: <security-domain name="jaspi"> <authentication-jaspi> <auth-module code="org.jboss.as.test.integration.security.jaspi.SuccessAuthModule" flag="required"/> </authentication-jaspi> </security-domain> 2) start standalone server and deploy test.war 3) hit http://localhost:8080/test/SimpleSecuredServlet - you will see NPE in server log: ERROR [org.apache.catalina.connector] (http-/127.0.0.1:8080-1) JBWEB001018: An exception or error occurred in the container during the request processing: java.lang.NullPointerException at org.jboss.as.web.security.jaspi.WebJASPIAuthenticator.authenticate(WebJASPIAuthenticator.java:128) [jboss-as-web-7.5.0.Final-redhat-2.jar:7.5.0.Final-redhat-2] at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:478) [jbossweb-7.5.0.Beta1.jar:7.5.0.Beta1] at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web-7.5.0.Final-redhat-2.jar:7.5.0.Final-redhat-2] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145) [jbossweb-7.5.0.Beta1.jar:7.5.0.Beta1] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb-7.5.0.Beta1.jar:7.5.0.Beta1] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb-7.5.0.Beta1.jar:7.5.0.Beta1] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344) [jbossweb-7.5.0.Beta1.jar:7.5.0.Beta1] at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:855) [jbossweb-7.5.0.Beta1.jar:7.5.0.Beta1] at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653) [jbossweb-7.5.0.Beta1.jar:7.5.0.Beta1] at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926) [jbossweb-7.5.0.Beta1.jar:7.5.0.Beta1] at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_55]
https://github.com/jbossas/jboss-eap/pull/2034
Verified in EAP 6.4.0.DR11