Bug 859361
| Summary: | engine: GSSAPIDirContextAuthenticationStrategy gets Error from Kerberos with java.lang.NullPointerException | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Virtualization Manager | Reporter: | Dafna Ron <dron> | ||||
| Component: | ovirt-engine | Assignee: | Yair Zaslavsky <yzaslavs> | ||||
| Status: | CLOSED DUPLICATE | QA Contact: | Pavel Stehlik <pstehlik> | ||||
| Severity: | high | Docs Contact: | |||||
| Priority: | high | ||||||
| Version: | 3.1.0 | CC: | bazulay, dyasny, iheim, lpeer, oourfali, oramraz, Rhev-m-bugs, yeylon, ykaul, yzaslavs | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | x86_64 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | infra | ||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2012-09-23 09:48:48 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | Infra | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
*** This bug has been marked as a duplicate of bug 858769 *** |
Created attachment 615356 [details] log Description of problem: we are getting NPE on command GSSAPIDirContextAuthenticationStrategy when we try to add a user from domain with internal user. Version-Release number of selected component (if applicable): si18 How reproducible: 100% Steps to Reproduce: 1. add a domain using rhevm-manage-domains (do not add permissions) 2. log in to rhevm with internal user and try to add a user 3. Actual results: we are getting NPE on ERROR from krb. Expected results: we should not get NPE Additional info: full engine log attached command used to add the domains: rhevm-manage-domains -action=add -domain=qa.lab.tlv.redhat.com -provider=activeDirectory -user=vdcadmin -interactive 2012-09-21 12:59:01,922 ERROR [org.ovirt.engine.core.bll.adbroker.DirectorySearcher] (ajp-/127.0.0.1:8009-8) Failed ldap search server LDAP://qa2-tlv.qa.lab.tlv.redhat.com:389 due to javax.naming.CommunicationException: qa2-tlv.qa.lab.tlv.redhat.com:389 [Root exception is java.net.SocketTimeoutException: connect timed out]. We should try the next server 2012-09-21 12:59:01,991 ERROR [org.ovirt.engine.core.bll.adbroker.GSSAPIDirContextAuthenticationStrategy] (ajp-/127.0.0.1:8009-10) Error from Kerberos: java.lang.NullPointerException at org.ovirt.engine.core.bll.adbroker.GSSAPICallbackHandler.handle(GSSAPICallbackHandler.java:47) at javax.security.auth.login.LoginContext$SecureCallbackHandler$1.run(LoginContext.java:969) at javax.security.auth.login.LoginContext$SecureCallbackHandler$1.run(LoginContext.java:966) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext$SecureCallbackHandler.handle(LoginContext.java:965) at com.sun.security.auth.module.Krb5LoginModule.promptForPass(Krb5LoginModule.java:870) at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:715) at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:580) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:601) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695) at javax.security.auth.login.LoginContext.login(LoginContext.java:594) at org.ovirt.engine.core.bll.adbroker.GSSAPIDirContextAuthenticationStrategy.authenticateToKDC(GSSAPIDirContextAuthenticationStrategy.java:127) at org.ovirt.engine.core.bll.adbroker.GSSAPIDirContextAuthenticationStrategy.explicitAuth(GSSAPIDirContextAuthenticationStrategy.java:119) at org.ovirt.engine.core.bll.adbroker.GSSAPIDirContextAuthenticationStrategy.authenticate(GSSAPIDirContextAuthenticationStrategy.java:111) at org.ovirt.engine.core.bll.adbroker.GSSAPILdapTemplateWrapper.useAuthenticationStrategy(GSSAPILdapTemplateWrapper.java:86) at org.ovirt.engine.core.bll.adbroker.PrepareLdapConnectionTask.call(PrepareLdapConnectionTask.java:56) at org.ovirt.engine.core.bll.adbroker.DirectorySearcher.find(DirectorySearcher.java:103) at org.ovirt.engine.core.bll.adbroker.DirectorySearcher.FindAll(DirectorySearcher.java:48) at org.ovirt.engine.core.bll.adbroker.LdapSearchGroupsByQueryCommand.executeQuery(LdapSearchGroupsByQueryCommand.java:22) at org.ovirt.engine.core.bll.adbroker.LdapBrokerCommandBase.Execute(LdapBrokerCommandBase.java:69) at org.ovirt.engine.core.bll.adbroker.LdapBrokerBase.RunAdAction(LdapBrokerBase.java:18)