Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-15160

LDAP Decision Node throws NPE when custom ldap server returns LDAP code 50 on bind

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 6.0.0.5
    • Fix Version/s: 5.5.3, 6.0.1, 7.0.0, 6.5.3
    • Component/s: trees
    • Labels:
    • Sprint:
      AM Sustaining Sprint 65, AM Sustaining Sprint 66
    • Story Points:
      2
    • Needs backport:
      No
    • Support Ticket IDs:
    • Needs QA verification:
      Yes
    • Functional tests:
      No
    • Are the reproduction steps defined?:
      Yes and I used the same an in the description

      Description

      Bug description

      LDAP decision node throws NPE when customized LDAP server return error code 50 on BIND.

      NOTE: Bind doesn’t require any aci for the actual operation for OpenDJ.  

      How to reproduce the issue

      Create an authentication tree with an LDAP Decision Node which authenticate to custom LDAP server with plugin that checks the user rights and return error code 50 (Insufficient Access Rights). Since this is not a default OpenDJ behavior, bug cannot be recreated easily.

      Expected behaviour
      not to throw NPE
      
      Current behaviour
      NullPointerException
      

      Work around

      None.

      Code analysis

      Bind doesn’t require any aci for the actual operation for OpenDJ.
      As such, we don't really map INSUFFICIENT_ACCESS_RIGHTS during authentication and in this sense this bug is not really valid.
      However, it is also true that LDAP Decision Node shouldn't throw NPE checking result code.

      LDAPAuthUtils.java

          private void authenticate() throws LDAPUtilException {
                  :
                  } else {
                      if (debug.messageEnabled()) {
                          debug.message("Cannot authenticate to " + servers, ere);
                      }
      
                      throw new LDAPUtilException("amAuth", "FAuth", null, null);  <---- HERE
                  }
              }
          }
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                sachiko Sachiko Wallace
                Reporter:
                jamal.yafai Jamal Yafai
              • Votes:
                1 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: