You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by "Kevan Miller (JIRA)" <de...@geronimo.apache.org> on 2005/08/04 19:15:47 UTC
[jira] Created: (GERONIMO-852) NullPointerException in during deploy
NullPointerException in during deploy
-------------------------------------
Key: GERONIMO-852
URL: http://issues.apache.org/jira/browse/GERONIMO-852
Project: Geronimo
Type: Bug
Components: security
Versions: 1.0-M5
Reporter: Kevan Miller
Priority: Minor
Attachments: passwordNPE.patch
While playing around with uri syntax for deploy commands, I ran across a NPE during login processing:
java.lang.NullPointerException
at java.lang.String.<init>(String.java:166)
at org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule.login(PropertiesFileLoginModule.java:142)
at org.apache.geronimo.security.jaas.JaasLoginService.performServerLogin(JaasLoginService.java:240)
at org.apache.geronimo.security.jaas.JaasLoginService$$FastClassByCGLIB$$1b5fde8c.invoke(<generated>)
at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:118)
at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:731)
at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:36)
at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:94)
at org.apache.geronimo.security.jaas.JaasLoginServiceMBean$$EnhancerByCGLIB$$5302521b.performServerLogin(<generated>)
at org.apache.geronimo.security.jaas.JaasLoginCoordinator$ServerLoginModule.login(JaasLoginCoordinator.java:230)
at org.apache.geronimo.security.jaas.LoginUtils.computeLogin(LoginUtils.java:34)
at org.apache.geronimo.security.jaas.JaasLoginCoordinator.login(JaasLoginCoordinator.java:101)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
at org.apache.geronimo.jmxremoting.Authenticator.authenticate(Authenticator.java:57)
at javax.management.remote.rmi.RMIServerImpl$1.run(RMIServerImpl.java:141)
at java.security.AccessController.doPrivileged(Native Method)
at javax.management.remote.rmi.RMIServerImpl.authenticate(RMIServerImpl.java:137)
at javax.management.remote.rmi.RMIServerImpl.newClient(RMIServerImpl.java:91)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:261)
at sun.rmi.transport.Transport$1.run(Transport.java:148)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:460)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:701)
at java.lang.Thread.run(Thread.java:534)
To reproduce, I started an out-of-the-box Geronimo server and attempted a deploy using the following:
java -jar deployer.jar deploy <your-archive-of-choice>
When prompted for a userName, enter some name. When prompted for a password, ctrl-c the deployment. You should see the NPE at the Server.
Problem is that PasswordCallback.getPassword() can return null. In that case, something like "new String(callback.getPassword())" will cause an NPE to be thrown from within the String constructor. The fix is to guard against that case... Same thing could happen in SQLoginModule. I'll post a patch for both, shortly...
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Closed: (GERONIMO-852) NullPointerException in during deploy
Posted by "Kevan Miller (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-852?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kevan Miller closed GERONIMO-852.
---------------------------------
> NullPointerException in during deploy
> -------------------------------------
>
> Key: GERONIMO-852
> URL: https://issues.apache.org/jira/browse/GERONIMO-852
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 1.0-M5
> Reporter: Kevan Miller
> Assignee: Aaron Mulder
> Priority: Minor
> Fix For: 1.0-M5
>
> Attachments: passwordNPE.patch
>
>
> While playing around with uri syntax for deploy commands, I ran across a NPE during login processing:
> java.lang.NullPointerException
> at java.lang.String.<init>(String.java:166)
> at org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule.login(PropertiesFileLoginModule.java:142)
> at org.apache.geronimo.security.jaas.JaasLoginService.performServerLogin(JaasLoginService.java:240)
> at org.apache.geronimo.security.jaas.JaasLoginService$$FastClassByCGLIB$$1b5fde8c.invoke(<generated>)
> at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
> at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
> at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:118)
> at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:731)
> at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
> at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:36)
> at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:94)
> at org.apache.geronimo.security.jaas.JaasLoginServiceMBean$$EnhancerByCGLIB$$5302521b.performServerLogin(<generated>)
> at org.apache.geronimo.security.jaas.JaasLoginCoordinator$ServerLoginModule.login(JaasLoginCoordinator.java:230)
> at org.apache.geronimo.security.jaas.LoginUtils.computeLogin(LoginUtils.java:34)
> at org.apache.geronimo.security.jaas.JaasLoginCoordinator.login(JaasLoginCoordinator.java:101)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:324)
> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
> at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
> at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
> at org.apache.geronimo.jmxremoting.Authenticator.authenticate(Authenticator.java:57)
> at javax.management.remote.rmi.RMIServerImpl$1.run(RMIServerImpl.java:141)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.management.remote.rmi.RMIServerImpl.authenticate(RMIServerImpl.java:137)
> at javax.management.remote.rmi.RMIServerImpl.newClient(RMIServerImpl.java:91)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:324)
> at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:261)
> at sun.rmi.transport.Transport$1.run(Transport.java:148)
> at java.security.AccessController.doPrivileged(Native Method)
> at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
> at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:460)
> at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:701)
> at java.lang.Thread.run(Thread.java:534)
> To reproduce, I started an out-of-the-box Geronimo server and attempted a deploy using the following:
> java -jar deployer.jar deploy <your-archive-of-choice>
> When prompted for a userName, enter some name. When prompted for a password, ctrl-c the deployment. You should see the NPE at the Server.
> Problem is that PasswordCallback.getPassword() can return null. In that case, something like "new String(callback.getPassword())" will cause an NPE to be thrown from within the String constructor. The fix is to guard against that case... Same thing could happen in SQLoginModule. I'll post a patch for both, shortly...
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (GERONIMO-852) NullPointerException in during deploy
Posted by "Kevan Miller (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-852?page=all ]
Kevan Miller updated GERONIMO-852:
----------------------------------
Attachment: passwordNPE.patch
Fixes for PropertiesFileLoginModule and SQLLoginModule
> NullPointerException in during deploy
> -------------------------------------
>
> Key: GERONIMO-852
> URL: http://issues.apache.org/jira/browse/GERONIMO-852
> Project: Geronimo
> Type: Bug
> Components: security
> Versions: 1.0-M5
> Reporter: Kevan Miller
> Priority: Minor
> Attachments: passwordNPE.patch
>
> While playing around with uri syntax for deploy commands, I ran across a NPE during login processing:
> java.lang.NullPointerException
> at java.lang.String.<init>(String.java:166)
> at org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule.login(PropertiesFileLoginModule.java:142)
> at org.apache.geronimo.security.jaas.JaasLoginService.performServerLogin(JaasLoginService.java:240)
> at org.apache.geronimo.security.jaas.JaasLoginService$$FastClassByCGLIB$$1b5fde8c.invoke(<generated>)
> at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
> at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
> at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:118)
> at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:731)
> at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
> at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:36)
> at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:94)
> at org.apache.geronimo.security.jaas.JaasLoginServiceMBean$$EnhancerByCGLIB$$5302521b.performServerLogin(<generated>)
> at org.apache.geronimo.security.jaas.JaasLoginCoordinator$ServerLoginModule.login(JaasLoginCoordinator.java:230)
> at org.apache.geronimo.security.jaas.LoginUtils.computeLogin(LoginUtils.java:34)
> at org.apache.geronimo.security.jaas.JaasLoginCoordinator.login(JaasLoginCoordinator.java:101)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:324)
> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
> at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
> at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
> at org.apache.geronimo.jmxremoting.Authenticator.authenticate(Authenticator.java:57)
> at javax.management.remote.rmi.RMIServerImpl$1.run(RMIServerImpl.java:141)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.management.remote.rmi.RMIServerImpl.authenticate(RMIServerImpl.java:137)
> at javax.management.remote.rmi.RMIServerImpl.newClient(RMIServerImpl.java:91)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:324)
> at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:261)
> at sun.rmi.transport.Transport$1.run(Transport.java:148)
> at java.security.AccessController.doPrivileged(Native Method)
> at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
> at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:460)
> at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:701)
> at java.lang.Thread.run(Thread.java:534)
> To reproduce, I started an out-of-the-box Geronimo server and attempted a deploy using the following:
> java -jar deployer.jar deploy <your-archive-of-choice>
> When prompted for a userName, enter some name. When prompted for a password, ctrl-c the deployment. You should see the NPE at the Server.
> Problem is that PasswordCallback.getPassword() can return null. In that case, something like "new String(callback.getPassword())" will cause an NPE to be thrown from within the String constructor. The fix is to guard against that case... Same thing could happen in SQLoginModule. I'll post a patch for both, shortly...
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Resolved: (GERONIMO-852) NullPointerException in during deploy
Posted by "Aaron Mulder (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-852?page=all ]
Aaron Mulder resolved GERONIMO-852:
-----------------------------------
Fix Version: 1.0-M5
Resolution: Fixed
Thanks!
I wasn't able to replicate the stack trace (Linux SuSE 9.3), but it still seems wise to guard against it. Added a slightly more extensive patch that potentially allows a legitimately null password, and includes tests.
> NullPointerException in during deploy
> -------------------------------------
>
> Key: GERONIMO-852
> URL: http://issues.apache.org/jira/browse/GERONIMO-852
> Project: Geronimo
> Type: Bug
> Components: security
> Versions: 1.0-M5
> Reporter: Kevan Miller
> Assignee: Aaron Mulder
> Priority: Minor
> Fix For: 1.0-M5
> Attachments: passwordNPE.patch
>
> While playing around with uri syntax for deploy commands, I ran across a NPE during login processing:
> java.lang.NullPointerException
> at java.lang.String.<init>(String.java:166)
> at org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule.login(PropertiesFileLoginModule.java:142)
> at org.apache.geronimo.security.jaas.JaasLoginService.performServerLogin(JaasLoginService.java:240)
> at org.apache.geronimo.security.jaas.JaasLoginService$$FastClassByCGLIB$$1b5fde8c.invoke(<generated>)
> at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
> at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
> at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:118)
> at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:731)
> at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
> at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:36)
> at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:94)
> at org.apache.geronimo.security.jaas.JaasLoginServiceMBean$$EnhancerByCGLIB$$5302521b.performServerLogin(<generated>)
> at org.apache.geronimo.security.jaas.JaasLoginCoordinator$ServerLoginModule.login(JaasLoginCoordinator.java:230)
> at org.apache.geronimo.security.jaas.LoginUtils.computeLogin(LoginUtils.java:34)
> at org.apache.geronimo.security.jaas.JaasLoginCoordinator.login(JaasLoginCoordinator.java:101)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:324)
> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
> at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
> at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
> at org.apache.geronimo.jmxremoting.Authenticator.authenticate(Authenticator.java:57)
> at javax.management.remote.rmi.RMIServerImpl$1.run(RMIServerImpl.java:141)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.management.remote.rmi.RMIServerImpl.authenticate(RMIServerImpl.java:137)
> at javax.management.remote.rmi.RMIServerImpl.newClient(RMIServerImpl.java:91)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:324)
> at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:261)
> at sun.rmi.transport.Transport$1.run(Transport.java:148)
> at java.security.AccessController.doPrivileged(Native Method)
> at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
> at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:460)
> at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:701)
> at java.lang.Thread.run(Thread.java:534)
> To reproduce, I started an out-of-the-box Geronimo server and attempted a deploy using the following:
> java -jar deployer.jar deploy <your-archive-of-choice>
> When prompted for a userName, enter some name. When prompted for a password, ctrl-c the deployment. You should see the NPE at the Server.
> Problem is that PasswordCallback.getPassword() can return null. In that case, something like "new String(callback.getPassword())" will cause an NPE to be thrown from within the String constructor. The fix is to guard against that case... Same thing could happen in SQLoginModule. I'll post a patch for both, shortly...
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Assigned: (GERONIMO-852) NullPointerException in during deploy
Posted by "Aaron Mulder (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-852?page=all ]
Aaron Mulder reassigned GERONIMO-852:
-------------------------------------
Assign To: Aaron Mulder
> NullPointerException in during deploy
> -------------------------------------
>
> Key: GERONIMO-852
> URL: http://issues.apache.org/jira/browse/GERONIMO-852
> Project: Geronimo
> Type: Bug
> Components: security
> Versions: 1.0-M5
> Reporter: Kevan Miller
> Assignee: Aaron Mulder
> Priority: Minor
> Attachments: passwordNPE.patch
>
> While playing around with uri syntax for deploy commands, I ran across a NPE during login processing:
> java.lang.NullPointerException
> at java.lang.String.<init>(String.java:166)
> at org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule.login(PropertiesFileLoginModule.java:142)
> at org.apache.geronimo.security.jaas.JaasLoginService.performServerLogin(JaasLoginService.java:240)
> at org.apache.geronimo.security.jaas.JaasLoginService$$FastClassByCGLIB$$1b5fde8c.invoke(<generated>)
> at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
> at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
> at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:118)
> at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:731)
> at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
> at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:36)
> at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:94)
> at org.apache.geronimo.security.jaas.JaasLoginServiceMBean$$EnhancerByCGLIB$$5302521b.performServerLogin(<generated>)
> at org.apache.geronimo.security.jaas.JaasLoginCoordinator$ServerLoginModule.login(JaasLoginCoordinator.java:230)
> at org.apache.geronimo.security.jaas.LoginUtils.computeLogin(LoginUtils.java:34)
> at org.apache.geronimo.security.jaas.JaasLoginCoordinator.login(JaasLoginCoordinator.java:101)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:324)
> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
> at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
> at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
> at org.apache.geronimo.jmxremoting.Authenticator.authenticate(Authenticator.java:57)
> at javax.management.remote.rmi.RMIServerImpl$1.run(RMIServerImpl.java:141)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.management.remote.rmi.RMIServerImpl.authenticate(RMIServerImpl.java:137)
> at javax.management.remote.rmi.RMIServerImpl.newClient(RMIServerImpl.java:91)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:324)
> at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:261)
> at sun.rmi.transport.Transport$1.run(Transport.java:148)
> at java.security.AccessController.doPrivileged(Native Method)
> at sun.rmi.transport.Transport.serviceCall(Transport.java:144)
> at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:460)
> at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:701)
> at java.lang.Thread.run(Thread.java:534)
> To reproduce, I started an out-of-the-box Geronimo server and attempted a deploy using the following:
> java -jar deployer.jar deploy <your-archive-of-choice>
> When prompted for a userName, enter some name. When prompted for a password, ctrl-c the deployment. You should see the NPE at the Server.
> Problem is that PasswordCallback.getPassword() can return null. In that case, something like "new String(callback.getPassword())" will cause an NPE to be thrown from within the String constructor. The fix is to guard against that case... Same thing could happen in SQLoginModule. I'll post a patch for both, shortly...
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira