You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "Justin Bertram (Jira)" <ji...@apache.org> on 2020/03/17 19:24:00 UTC
[jira] [Updated] (ARTEMIS-2576) NullPointerException during AMQP
SECURITY_AUTHENTICATION_VIOLATION notification handling
[ https://issues.apache.org/jira/browse/ARTEMIS-2576?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Justin Bertram updated ARTEMIS-2576:
------------------------------------
Description:
With {{LoggingActiveMQServerPlugin}}, {{NotificationActiveMQServerPlugin}}, and standard {{PropertiesLogin}} module enabled when authenticating with bad credentials a NPE is thrown.
{{PlainSASL}} implementation of {{ServerSASLPlain}} interface passes {{null]] value as {{remotingConnection}} to the {{SecurityStore}}. Handling {{SECURITY_AUTHENTICATION_VIOLATION}} notification causes NPE when calling {{connection.getRemoteAddress()}}.
Since {{SecurityStoreImpl.authenticate}} method throws authentication exceptions anyway it is handled silently on {{PlainSASL.authenticate}} method. Therefore NPE exception is treated as authentication exception and is not logged. Because of this NPE a notification is not created and not propagated to the {{activemq.notifications}} address.
{noformat}
// java.lang.NullPointerException
at org.apache.activemq.artemis.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:155)
at org.apache.activemq.artemis.protocol.amqp.sasl.PlainSASL.authenticate(PlainSASL.java:33)
at org.apache.activemq.artemis.protocol.amqp.sasl.ServerSASLPlain.processSASL(ServerSASLPlain.java:49)
at org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.processPending(ProtonHandler.java:341)
at org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.onSaslInit(ProtonHandler.java:325)
at org.apache.qpid.proton.engine.impl.SaslImpl.handleInit(SaslImpl.java:365)
at org.apache.qpid.proton.engine.impl.SaslImpl.handleInit(SaslImpl.java:49)
at org.apache.qpid.proton.amqp.security.SaslInit.invoke(SaslInit.java:75)
at org.apache.qpid.proton.engine.impl.SaslImpl.handle(SaslImpl.java:345)
at org.apache.qpid.proton.engine.impl.SaslFrameParser.input(SaslFrameParser.java:374)
at org.apache.qpid.proton.engine.impl.SaslImpl$SaslTransportWrapper.reallyProcessInput(SaslImpl.java:688)
at org.apache.qpid.proton.engine.impl.SaslImpl$SaslTransportWrapper.process(SaslImpl.java:659)
at org.apache.qpid.proton.engine.impl.SaslImpl$SwitchingSaslTransportWrapper.process(SaslImpl.java:832)
at org.apache.qpid.proton.engine.impl.HandshakeSniffingTransportWrapper.process(HandshakeSniffingTransportWrapper.java:101)
at org.apache.qpid.proton.engine.impl.TransportImpl.process(TransportImpl.java:1558)
at org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.flush(ProtonHandler.java:284)
at org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.inputBuffer(ProtonHandler.java:242)
at org.apache.activemq.artemis.protocol.amqp.proton.AMQPConnectionContext.inputBuffer(AMQPConnectionContext.java:180)
at org.apache.activemq.artemis.protocol.amqp.broker.ActiveMQProtonRemotingConnection.bufferReceived(ActiveMQProtonRemotingConnection.java:145)
at org.apache.activemq.artemis.core.remoting.server.impl.RemotingServiceImpl$DelegatingBufferHandler.bufferReceived(RemotingServiceImpl.java:654)
at org.apache.activemq.artemis.core.remoting.impl.netty.ActiveMQChannelHandler.channelRead(ActiveMQChannelHandler.java:73)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:359)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:345)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:337)
at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1408)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:359)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:345)
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:930)
at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:163)
at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:677)
at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:612)
at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:529)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:491)
at io.netty.util.concurrent.SingleThreadEventExecutor$5.run(SingleThreadEventExecutor.java:905)
at org.apache.activemq.artemis.utils.ActiveMQThreadFactory$1.run(ActiveMQThreadFactory.java:118)
{noformat}
was:
With LoggingActiveMQServerPlugin, NotificationActiveMQServerPlugin and standard PropertiesLogin module enabled when authenticating with bad credentials a NPE is thrown.
PlainSASL implementation of ServerSASLPlain interface passes NULL value as remotingConnection to the SecurityStore. Handling SECURITY_AUTHENTICATION_VIOLATION notification causes NPE when calling connection.getRemoteAddress()
Since SecurityStoreImpl.authenticate method throws authentication exceptions anyway it is handled silently in PlainSASL.authenticate method. Therefore NPE exception is treated as authentication exception and is not logged. Because of this NPE a notification is not created and not propagated to the activemq.notifications address.
{code:java}
// java.lang.NullPointerException
at org.apache.activemq.artemis.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:155)
at org.apache.activemq.artemis.protocol.amqp.sasl.PlainSASL.authenticate(PlainSASL.java:33)
at org.apache.activemq.artemis.protocol.amqp.sasl.ServerSASLPlain.processSASL(ServerSASLPlain.java:49)
at org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.processPending(ProtonHandler.java:341)
at org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.onSaslInit(ProtonHandler.java:325)
at org.apache.qpid.proton.engine.impl.SaslImpl.handleInit(SaslImpl.java:365)
at org.apache.qpid.proton.engine.impl.SaslImpl.handleInit(SaslImpl.java:49)
at org.apache.qpid.proton.amqp.security.SaslInit.invoke(SaslInit.java:75)
at org.apache.qpid.proton.engine.impl.SaslImpl.handle(SaslImpl.java:345)
at org.apache.qpid.proton.engine.impl.SaslFrameParser.input(SaslFrameParser.java:374)
at org.apache.qpid.proton.engine.impl.SaslImpl$SaslTransportWrapper.reallyProcessInput(SaslImpl.java:688)
at org.apache.qpid.proton.engine.impl.SaslImpl$SaslTransportWrapper.process(SaslImpl.java:659)
at org.apache.qpid.proton.engine.impl.SaslImpl$SwitchingSaslTransportWrapper.process(SaslImpl.java:832)
at org.apache.qpid.proton.engine.impl.HandshakeSniffingTransportWrapper.process(HandshakeSniffingTransportWrapper.java:101)
at org.apache.qpid.proton.engine.impl.TransportImpl.process(TransportImpl.java:1558)
at org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.flush(ProtonHandler.java:284)
at org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.inputBuffer(ProtonHandler.java:242)
at org.apache.activemq.artemis.protocol.amqp.proton.AMQPConnectionContext.inputBuffer(AMQPConnectionContext.java:180)
at org.apache.activemq.artemis.protocol.amqp.broker.ActiveMQProtonRemotingConnection.bufferReceived(ActiveMQProtonRemotingConnection.java:145)
at org.apache.activemq.artemis.core.remoting.server.impl.RemotingServiceImpl$DelegatingBufferHandler.bufferReceived(RemotingServiceImpl.java:654)
at org.apache.activemq.artemis.core.remoting.impl.netty.ActiveMQChannelHandler.channelRead(ActiveMQChannelHandler.java:73)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:359)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:345)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:337)
at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1408)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:359)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:345)
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:930)
at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:163)
at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:677)
at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:612)
at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:529)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:491)
at io.netty.util.concurrent.SingleThreadEventExecutor$5.run(SingleThreadEventExecutor.java:905)
at org.apache.activemq.artemis.utils.ActiveMQThreadFactory$1.run(ActiveMQThreadFactory.java:118)
{code}
> NullPointerException during AMQP SECURITY_AUTHENTICATION_VIOLATION notification handling
> ----------------------------------------------------------------------------------------
>
> Key: ARTEMIS-2576
> URL: https://issues.apache.org/jira/browse/ARTEMIS-2576
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Components: AMQP
> Affects Versions: 2.10.1
> Reporter: Wojciech Zub
> Priority: Major
>
> With {{LoggingActiveMQServerPlugin}}, {{NotificationActiveMQServerPlugin}}, and standard {{PropertiesLogin}} module enabled when authenticating with bad credentials a NPE is thrown.
> {{PlainSASL}} implementation of {{ServerSASLPlain}} interface passes {{null]] value as {{remotingConnection}} to the {{SecurityStore}}. Handling {{SECURITY_AUTHENTICATION_VIOLATION}} notification causes NPE when calling {{connection.getRemoteAddress()}}.
> Since {{SecurityStoreImpl.authenticate}} method throws authentication exceptions anyway it is handled silently on {{PlainSASL.authenticate}} method. Therefore NPE exception is treated as authentication exception and is not logged. Because of this NPE a notification is not created and not propagated to the {{activemq.notifications}} address.
> {noformat}
> // java.lang.NullPointerException
> at org.apache.activemq.artemis.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:155)
> at org.apache.activemq.artemis.protocol.amqp.sasl.PlainSASL.authenticate(PlainSASL.java:33)
> at org.apache.activemq.artemis.protocol.amqp.sasl.ServerSASLPlain.processSASL(ServerSASLPlain.java:49)
> at org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.processPending(ProtonHandler.java:341)
> at org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.onSaslInit(ProtonHandler.java:325)
> at org.apache.qpid.proton.engine.impl.SaslImpl.handleInit(SaslImpl.java:365)
> at org.apache.qpid.proton.engine.impl.SaslImpl.handleInit(SaslImpl.java:49)
> at org.apache.qpid.proton.amqp.security.SaslInit.invoke(SaslInit.java:75)
> at org.apache.qpid.proton.engine.impl.SaslImpl.handle(SaslImpl.java:345)
> at org.apache.qpid.proton.engine.impl.SaslFrameParser.input(SaslFrameParser.java:374)
> at org.apache.qpid.proton.engine.impl.SaslImpl$SaslTransportWrapper.reallyProcessInput(SaslImpl.java:688)
> at org.apache.qpid.proton.engine.impl.SaslImpl$SaslTransportWrapper.process(SaslImpl.java:659)
> at org.apache.qpid.proton.engine.impl.SaslImpl$SwitchingSaslTransportWrapper.process(SaslImpl.java:832)
> at org.apache.qpid.proton.engine.impl.HandshakeSniffingTransportWrapper.process(HandshakeSniffingTransportWrapper.java:101)
> at org.apache.qpid.proton.engine.impl.TransportImpl.process(TransportImpl.java:1558)
> at org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.flush(ProtonHandler.java:284)
> at org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.inputBuffer(ProtonHandler.java:242)
> at org.apache.activemq.artemis.protocol.amqp.proton.AMQPConnectionContext.inputBuffer(AMQPConnectionContext.java:180)
> at org.apache.activemq.artemis.protocol.amqp.broker.ActiveMQProtonRemotingConnection.bufferReceived(ActiveMQProtonRemotingConnection.java:145)
> at org.apache.activemq.artemis.core.remoting.server.impl.RemotingServiceImpl$DelegatingBufferHandler.bufferReceived(RemotingServiceImpl.java:654)
> at org.apache.activemq.artemis.core.remoting.impl.netty.ActiveMQChannelHandler.channelRead(ActiveMQChannelHandler.java:73)
> at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:359)
> at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:345)
> at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:337)
> at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1408)
> at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:359)
> at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:345)
> at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:930)
> at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:163)
> at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:677)
> at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:612)
> at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:529)
> at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:491)
> at io.netty.util.concurrent.SingleThreadEventExecutor$5.run(SingleThreadEventExecutor.java:905)
> at org.apache.activemq.artemis.utils.ActiveMQThreadFactory$1.run(ActiveMQThreadFactory.java:118)
> {noformat}
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)