geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kevan Miller (JIRA)" <j...@apache.org>
Subject [jira] Closed: (GERONIMO-852) NullPointerException in during deploy
Date Sat, 02 Feb 2008 16:24:08 GMT

     [ https://issues.apache.org/jira/browse/GERONIMO-852?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Kevan Miller closed GERONIMO-852.
---------------------------------


> NullPointerException in during deploy
> -------------------------------------
>
>                 Key: GERONIMO-852
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-852
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: security
>    Affects Versions: 1.0-M5
>            Reporter: Kevan Miller
>            Assignee: Aaron Mulder
>            Priority: Minor
>             Fix For: 1.0-M5
>
>         Attachments: passwordNPE.patch
>
>
> While playing around with uri syntax for deploy commands, I ran across a NPE during login
processing:
> java.lang.NullPointerException
> 	at java.lang.String.<init>(String.java:166)
> 	at org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule.login(PropertiesFileLoginModule.java:142)
> 	at org.apache.geronimo.security.jaas.JaasLoginService.performServerLogin(JaasLoginService.java:240)
> 	at org.apache.geronimo.security.jaas.JaasLoginService$$FastClassByCGLIB$$1b5fde8c.invoke(<generated>)
> 	at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
> 	at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
> 	at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:118)
> 	at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:731)
> 	at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
> 	at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:36)
> 	at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:94)
> 	at org.apache.geronimo.security.jaas.JaasLoginServiceMBean$$EnhancerByCGLIB$$5302521b.performServerLogin(<generated>)
> 	at org.apache.geronimo.security.jaas.JaasLoginCoordinator$ServerLoginModule.login(JaasLoginCoordinator.java:230)
> 	at org.apache.geronimo.security.jaas.LoginUtils.computeLogin(LoginUtils.java:34)
> 	at org.apache.geronimo.security.jaas.JaasLoginCoordinator.login(JaasLoginCoordinator.java:101)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> 	at java.lang.reflect.Method.invoke(Method.java:324)
> 	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
> 	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
> 	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
> 	at java.security.AccessController.doPrivileged(Native Method)
> 	at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
> 	at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
> 	at org.apache.geronimo.jmxremoting.Authenticator.authenticate(Authenticator.java:57)
> 	at javax.management.remote.rmi.RMIServerImpl$1.run(RMIServerImpl.java:141)
> 	at java.security.AccessController.doPrivileged(Native Method)
> 	at javax.management.remote.rmi.RMIServerImpl.authenticate(RMIServerImpl.java:137)
> 	at javax.management.remote.rmi.RMIServerImpl.newClient(RMIServerImpl.java:91)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> 	at java.lang.reflect.Method.invoke(Method.java:324)
> 	at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:261)
> 	at sun.rmi.transport.Transport$1.run(Transport.java:148)
> 	at java.security.AccessController.doPrivileged(Native Method)
> 	at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
> 	at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:460)
> 	at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:701)
> 	at java.lang.Thread.run(Thread.java:534)
> To reproduce, I started an out-of-the-box Geronimo server and attempted a deploy using
the following:
>          java -jar deployer.jar deploy <your-archive-of-choice>
> When prompted for a userName, enter some name. When prompted for a password, ctrl-c the
deployment. You should see the NPE at the Server.
> Problem is that  PasswordCallback.getPassword() can return null. In that case, something
like "new String(callback.getPassword())" will cause an NPE to be thrown from within the String
constructor. The fix is to guard against that case... Same thing could happen in SQLoginModule.
I'll post a patch for both, shortly...

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message