geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kevan Miller (JIRA)" <...@geronimo.apache.org>
Subject [jira] Updated: (GERONIMO-852) NullPointerException in during deploy
Date Thu, 04 Aug 2005 17:15:51 GMT
     [ http://issues.apache.org/jira/browse/GERONIMO-852?page=all ]

Kevan Miller updated GERONIMO-852:
----------------------------------

    Attachment: passwordNPE.patch

Fixes for PropertiesFileLoginModule and  SQLLoginModule

> NullPointerException in during deploy
> -------------------------------------
>
>          Key: GERONIMO-852
>          URL: http://issues.apache.org/jira/browse/GERONIMO-852
>      Project: Geronimo
>         Type: Bug
>   Components: security
>     Versions: 1.0-M5
>     Reporter: Kevan Miller
>     Priority: Minor
>  Attachments: passwordNPE.patch
>
> While playing around with uri syntax for deploy commands, I ran across a NPE during login
processing:
> java.lang.NullPointerException
> 	at java.lang.String.<init>(String.java:166)
> 	at org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule.login(PropertiesFileLoginModule.java:142)
> 	at org.apache.geronimo.security.jaas.JaasLoginService.performServerLogin(JaasLoginService.java:240)
> 	at org.apache.geronimo.security.jaas.JaasLoginService$$FastClassByCGLIB$$1b5fde8c.invoke(<generated>)
> 	at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
> 	at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
> 	at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:118)
> 	at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:731)
> 	at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
> 	at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:36)
> 	at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:94)
> 	at org.apache.geronimo.security.jaas.JaasLoginServiceMBean$$EnhancerByCGLIB$$5302521b.performServerLogin(<generated>)
> 	at org.apache.geronimo.security.jaas.JaasLoginCoordinator$ServerLoginModule.login(JaasLoginCoordinator.java:230)
> 	at org.apache.geronimo.security.jaas.LoginUtils.computeLogin(LoginUtils.java:34)
> 	at org.apache.geronimo.security.jaas.JaasLoginCoordinator.login(JaasLoginCoordinator.java:101)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> 	at java.lang.reflect.Method.invoke(Method.java:324)
> 	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
> 	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
> 	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
> 	at java.security.AccessController.doPrivileged(Native Method)
> 	at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
> 	at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
> 	at org.apache.geronimo.jmxremoting.Authenticator.authenticate(Authenticator.java:57)
> 	at javax.management.remote.rmi.RMIServerImpl$1.run(RMIServerImpl.java:141)
> 	at java.security.AccessController.doPrivileged(Native Method)
> 	at javax.management.remote.rmi.RMIServerImpl.authenticate(RMIServerImpl.java:137)
> 	at javax.management.remote.rmi.RMIServerImpl.newClient(RMIServerImpl.java:91)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> 	at java.lang.reflect.Method.invoke(Method.java:324)
> 	at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:261)
> 	at sun.rmi.transport.Transport$1.run(Transport.java:148)
> 	at java.security.AccessController.doPrivileged(Native Method)
> 	at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
> 	at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:460)
> 	at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:701)
> 	at java.lang.Thread.run(Thread.java:534)
> To reproduce, I started an out-of-the-box Geronimo server and attempted a deploy using
the following:
>          java -jar deployer.jar deploy <your-archive-of-choice>
> When prompted for a userName, enter some name. When prompted for a password, ctrl-c the
deployment. You should see the NPE at the Server.
> Problem is that  PasswordCallback.getPassword() can return null. In that case, something
like "new String(callback.getPassword())" will cause an NPE to be thrown from within the String
constructor. The fix is to guard against that case... Same thing could happen in SQLoginModule.
I'll post a patch for both, shortly...

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message