Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-13100

LDAP Decision node fails with NPE when used with Active Directory

    Details

    • Support Ticket IDs:

      Description

      Bug description

      LDAP Decision node fails with NPE when used with Active Directory.

      ERROR: Node processing failed
      java.lang.NullPointerException
          at org.forgerock.openam.auth.nodes.LdapDecisionNode.process(LdapDecisionNode.java:280)
          at org.forgerock.openam.auth.trees.engine.AuthTreeExecutor.process(AuthTreeExecutor.java:105)
      ..

      How to reproduce the issue

      1). Edit the sample 'Example' authentication tree and replace the data store node with an LDAP Decision node.

      2). Configure the LDAP Decision node to point to an AD instance.

      3). Attempt to login using the tree which fails and note the NPE in the Authentication debug log.

      Expected behaviour
      Login should work with Active Directory
      Current behaviour
      Login fails with Active Directory
      

      Code analysis

      LdapDecisionNode.java:280

      String userStatus = ldapUtil.getUserAttributeValues().get(USER_STATUS_ATTRIBUTE).iterator().next();

      ...where USER_STATUS_ATTRIBUTE is set as:

      private static final String USER_STATUS_ATTRIBUTE = "inetuserstatus";
      

      ...an attribute which doesn't exist in Active Directory.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                sean.oneill Sean ONeill [X] (Inactive)
                Reporter:
                andy.itter Andy Itter
              • Votes:
                0 Vote for this issue
                Watchers:
                11 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: