[OPENAM-9400] NPE in LDAP module if "hasNext" throws an ErrorResultIOException Created: 11/Jul/16  Updated: 20/Nov/16  Resolved: 25/Jul/16

Status: Resolved
Project: OpenAM
Component/s: authentication
Affects Version/s: 12.0.3
Fix Version/s: 12.0.4

Type: Bug Priority: Minor
Reporter: Quentin CASTEL [X] (Inactive) Assignee: Quentin CASTEL [X] (Inactive)
Resolution: Fixed Votes: 0
Labels: Backlog, EDISON
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Support Ticket IDs:

 Description   

If the function

    @Override
    public boolean hasNext() throws ErrorResultIOException {
        // Poll for the next response if needed.
        final Response r = getNextResponse();
        if (!(r instanceof Result)) {
            // Entry or reference.
            return true;
        }

        // Final result.
        final Result result = (Result) r;
        if (result.isSuccess()) {
            return false;
        }

        throw new ErrorResultIOException(newErrorResult(result));
    }

throw the ErrorResultIOException, then OpenAM throws the NPE.

Expected result:

A correct error handling and a generic authentication failure for the user.

Current result:

As the error is not handled correctly, the flow is instantly stopped. The user will get a 500.

NPE:

java.lang.NullPointerException
	at com.sun.identity.authentication.modules.ldap.LDAP.process(LDAP.java:453)
	at com.sun.identity.authentication.spi.AMLoginModule.wrapProcess(AMLoginModule.java:1035)
	at com.sun.identity.authentication.spi.AMLoginModule.login(AMLoginModule.java:1209)
	at sun.reflect.GeneratedMethodAccessor68.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at com.sun.identity.authentication.jaas.LoginContext.invoke(LoginContext.java:210)
	at com.sun.identity.authentication.jaas.LoginContext.login(LoginContext.java:123)
	at com.sun.identity.authentication.service.AMLoginContext.runLogin(AMLoginContext.java:558)
	at com.sun.identity.authentication.server.AuthContextLocal.submitRequirements(AuthContextLocal.java:699)
	at com.sun.identity.authentication.UI.LoginViewBean.processLoginDisplay(LoginViewBean.java:1367)
	at com.sun.identity.authentication.UI.LoginViewBean.processLogin(LoginViewBean.java:854)
	at com.sun.identity.authentication.UI.LoginViewBean.forwardTo(LoginViewBean.java:522)
	at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:981)
	at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
	at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:648)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:292)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
	at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:44)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
	at org.forgerock.openam.xui.XUIFilter.doFilter(XUIFilter.java:131)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
	at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:98)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:528)
	at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1099)
	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:672)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1520)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1476)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.lang.Thread.run(Thread.java:745)

How to reproduced?

I was in debug mode, forcing returned values of function and changing variables value... That's not something I can describe there unfortunately



 Comments   
Comment by Quentin CASTEL [X] (Inactive) [ 25/Jul/16 ]

The code in 13+ is different, it shouldn't be affected by this issue.

Generated at Mon Nov 30 14:06:13 UTC 2020 using Jira 7.13.12#713012-sha1:6e07c38070d5191bbf7353952ed38f111754533a.