[
https://issues.apache.org/jira/browse/QPID-7549?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Alex Rudyy updated QPID-7549:
-----------------------------
Description:
Authentication with SimpleLDAP authentication provider fails due to the
following exception:
{noformat}
2016-11-24 12:59:12,878 WARN [HttpManagement-testHTTP-158]
(o.e.j.s.ServletHandler) - /service/sasl
java.lang.NullPointerException: null
at
org.apache.qpid.server.security.auth.manager.AuthenticationResultCacher.digestCredentials(AuthenticationResultCacher.java:116)
~[qpid-broker-core-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.security.auth.manager.AuthenticationResultCacher.getOrLoad(AuthenticationResultCacher.java:80)
~[qpid-broker-core-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.security.auth.manager.SimpleLDAPAuthenticationManagerImpl.getOrLoadAuthenticationResult(SimpleLDAPAuthenticationManagerImpl.java:410)
~[qpid-broker-core-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.security.auth.manager.SimpleLDAPAuthenticationManagerImpl.access$200(SimpleLDAPAuthenticationManagerImpl.java:83)
~[qpid-broker-core-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.security.auth.manager.SimpleLDAPAuthenticationManagerImpl$SimpleLDAPPlainCallbackHandler.handle(SimpleLDAPAuthenticationManagerImpl.java:669)
~[qpid-broker-core-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.security.auth.sasl.plain.PlainSaslServer.evaluateResponse(PlainSaslServer.java:87)
~[qpid-broker-core-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.security.auth.manager.SimpleLDAPAuthenticationManagerImpl.authenticate(SimpleLDAPAuthenticationManagerImpl.java:312)
~[qpid-broker-core-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.security.SubjectCreator.authenticate(SubjectCreator.java:115)
~[qpid-broker-core-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.management.plugin.servlet.rest.SaslServlet.evaluateSaslResponse(SaslServlet.java:213)
~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.management.plugin.servlet.rest.SaslServlet.doPostWithSubjectAndActor(SaslServlet.java:135)
~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet$2.run(AbstractServlet.java:121)
~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet$2.run(AbstractServlet.java:117)
~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
at java.security.AccessController.doPrivileged(Native Method)
~[na:1.8.0_74]
at javax.security.auth.Subject.doAs(Subject.java:422) ~[na:1.8.0_74]
at
org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.doWithSubjectAndActor(AbstractServlet.java:218)
~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.doPost(AbstractServlet.java:115)
~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:595)
~[geronimo-servlet_3.0_spec-1.0.jar:1.0]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:668)
~[geronimo-servlet_3.0_spec-1.0.jar:1.0]
at
org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:684)
~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1496)
~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.apache.qpid.server.management.plugin.filter.ForbiddingAuthorisationFilter.doFilter(ForbiddingAuthorisationFilter.java:94)
~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.apache.qpid.server.management.plugin.filter.ForbiddingTraceFilter.doFilter(ForbiddingTraceFilter.java:65)
~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.apache.qpid.server.management.plugin.filter.LoggingFilter.doFilter(LoggingFilter.java:65)
~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.servlets.CrossOriginFilter.handle(CrossOriginFilter.java:247)
~[jetty-servlets-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.servlets.CrossOriginFilter.doFilter(CrossOriginFilter.java:210)
~[jetty-servlets-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.apache.qpid.server.management.plugin.filter.ExceptionHandlingFilter.doFilter(ExceptionHandlingFilter.java:56)
~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:501)
[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:229)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:429)
[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.server.Server.handle(Server.java:370)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
{noformat}
This issue only impacts authentication via Web Management Console (when
SimpleLDAp authentication provider is configured for HTTP port). Due to NPE the
authentication fails and user is not able to login to Web Management Console.
Authentication over AMQP or preemptive authentication is not impacted by the
issue.
Disabling of the caching allows to work around the issue. The caching can be
turned off by setting to 'null' or '0' or negative value any/all of the
following context variables:
* qpid.auth.cache.size
* qpid.auth.cache.expiration_time
* qpid.auth.cache.iteration_count
was:
Authentication with SimpleLDAP authentication provider fails due to the
following exception:
{noformat}
2016-11-24 12:59:12,878 WARN [HttpManagement-testHTTP-158]
(o.e.j.s.ServletHandler) - /service/sasl
java.lang.NullPointerException: null
at
org.apache.qpid.server.security.auth.manager.AuthenticationResultCacher.digestCredentials(AuthenticationResultCacher.java:116)
~[qpid-broker-core-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.security.auth.manager.AuthenticationResultCacher.getOrLoad(AuthenticationResultCacher.java:80)
~[qpid-broker-core-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.security.auth.manager.SimpleLDAPAuthenticationManagerImpl.getOrLoadAuthenticationResult(SimpleLDAPAuthenticationManagerImpl.java:410)
~[qpid-broker-core-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.security.auth.manager.SimpleLDAPAuthenticationManagerImpl.access$200(SimpleLDAPAuthenticationManagerImpl.java:83)
~[qpid-broker-core-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.security.auth.manager.SimpleLDAPAuthenticationManagerImpl$SimpleLDAPPlainCallbackHandler.handle(SimpleLDAPAuthenticationManagerImpl.java:669)
~[qpid-broker-core-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.security.auth.sasl.plain.PlainSaslServer.evaluateResponse(PlainSaslServer.java:87)
~[qpid-broker-core-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.security.auth.manager.SimpleLDAPAuthenticationManagerImpl.authenticate(SimpleLDAPAuthenticationManagerImpl.java:312)
~[qpid-broker-core-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.security.SubjectCreator.authenticate(SubjectCreator.java:115)
~[qpid-broker-core-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.management.plugin.servlet.rest.SaslServlet.evaluateSaslResponse(SaslServlet.java:213)
~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.management.plugin.servlet.rest.SaslServlet.doPostWithSubjectAndActor(SaslServlet.java:135)
~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet$2.run(AbstractServlet.java:121)
~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet$2.run(AbstractServlet.java:117)
~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
at java.security.AccessController.doPrivileged(Native Method)
~[na:1.8.0_74]
at javax.security.auth.Subject.doAs(Subject.java:422) ~[na:1.8.0_74]
at
org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.doWithSubjectAndActor(AbstractServlet.java:218)
~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
at
org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.doPost(AbstractServlet.java:115)
~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:595)
~[geronimo-servlet_3.0_spec-1.0.jar:1.0]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:668)
~[geronimo-servlet_3.0_spec-1.0.jar:1.0]
at
org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:684)
~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1496)
~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.apache.qpid.server.management.plugin.filter.ForbiddingAuthorisationFilter.doFilter(ForbiddingAuthorisationFilter.java:94)
~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.apache.qpid.server.management.plugin.filter.ForbiddingTraceFilter.doFilter(ForbiddingTraceFilter.java:65)
~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.apache.qpid.server.management.plugin.filter.LoggingFilter.doFilter(LoggingFilter.java:65)
~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.servlets.CrossOriginFilter.handle(CrossOriginFilter.java:247)
~[jetty-servlets-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.servlets.CrossOriginFilter.doFilter(CrossOriginFilter.java:210)
~[jetty-servlets-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.apache.qpid.server.management.plugin.filter.ExceptionHandlingFilter.doFilter(ExceptionHandlingFilter.java:56)
~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:501)
[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:229)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:429)
[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at org.eclipse.jetty.server.Server.handle(Server.java:370)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
at
org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)
[jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
{noformat}
This issue only impacts authentication via Web Management Console (when
SimpleLDAp authentication provider is configured for HTTP port). Due to NPE the
authentication fails and user is not able to login to Web Management Console.
Authentication over AMQP or preemptive authentication is not impacted by the
issue.
> [Java Broker] Authentication using SimpleLDAP authentication provider fails
> with NPE when caching of authentication results is enabled(by default)
> --------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: QPID-7549
> URL: https://issues.apache.org/jira/browse/QPID-7549
> Project: Qpid
> Issue Type: Bug
> Components: Java Broker
> Affects Versions: qpid-java-6.1
> Reporter: Alex Rudyy
> Fix For: qpid-java-6.1.1
>
>
> Authentication with SimpleLDAP authentication provider fails due to the
> following exception:
> {noformat}
> 2016-11-24 12:59:12,878 WARN [HttpManagement-testHTTP-158]
> (o.e.j.s.ServletHandler) - /service/sasl
> java.lang.NullPointerException: null
> at
> org.apache.qpid.server.security.auth.manager.AuthenticationResultCacher.digestCredentials(AuthenticationResultCacher.java:116)
> ~[qpid-broker-core-6.1.0.jar:6.1.0]
> at
> org.apache.qpid.server.security.auth.manager.AuthenticationResultCacher.getOrLoad(AuthenticationResultCacher.java:80)
> ~[qpid-broker-core-6.1.0.jar:6.1.0]
> at
> org.apache.qpid.server.security.auth.manager.SimpleLDAPAuthenticationManagerImpl.getOrLoadAuthenticationResult(SimpleLDAPAuthenticationManagerImpl.java:410)
> ~[qpid-broker-core-6.1.0.jar:6.1.0]
> at
> org.apache.qpid.server.security.auth.manager.SimpleLDAPAuthenticationManagerImpl.access$200(SimpleLDAPAuthenticationManagerImpl.java:83)
> ~[qpid-broker-core-6.1.0.jar:6.1.0]
> at
> org.apache.qpid.server.security.auth.manager.SimpleLDAPAuthenticationManagerImpl$SimpleLDAPPlainCallbackHandler.handle(SimpleLDAPAuthenticationManagerImpl.java:669)
> ~[qpid-broker-core-6.1.0.jar:6.1.0]
> at
> org.apache.qpid.server.security.auth.sasl.plain.PlainSaslServer.evaluateResponse(PlainSaslServer.java:87)
> ~[qpid-broker-core-6.1.0.jar:6.1.0]
> at
> org.apache.qpid.server.security.auth.manager.SimpleLDAPAuthenticationManagerImpl.authenticate(SimpleLDAPAuthenticationManagerImpl.java:312)
> ~[qpid-broker-core-6.1.0.jar:6.1.0]
> at
> org.apache.qpid.server.security.SubjectCreator.authenticate(SubjectCreator.java:115)
> ~[qpid-broker-core-6.1.0.jar:6.1.0]
> at
> org.apache.qpid.server.management.plugin.servlet.rest.SaslServlet.evaluateSaslResponse(SaslServlet.java:213)
> ~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
> at
> org.apache.qpid.server.management.plugin.servlet.rest.SaslServlet.doPostWithSubjectAndActor(SaslServlet.java:135)
> ~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
> at
> org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet$2.run(AbstractServlet.java:121)
> ~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
> at
> org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet$2.run(AbstractServlet.java:117)
> ~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
> at java.security.AccessController.doPrivileged(Native Method)
> ~[na:1.8.0_74]
> at javax.security.auth.Subject.doAs(Subject.java:422) ~[na:1.8.0_74]
> at
> org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.doWithSubjectAndActor(AbstractServlet.java:218)
> ~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
> at
> org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.doPost(AbstractServlet.java:115)
> ~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:595)
> ~[geronimo-servlet_3.0_spec-1.0.jar:1.0]
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:668)
> ~[geronimo-servlet_3.0_spec-1.0.jar:1.0]
> at
> org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:684)
> ~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1496)
> ~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.apache.qpid.server.management.plugin.filter.ForbiddingAuthorisationFilter.doFilter(ForbiddingAuthorisationFilter.java:94)
> ~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
> ~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.apache.qpid.server.management.plugin.filter.ForbiddingTraceFilter.doFilter(ForbiddingTraceFilter.java:65)
> ~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
> ~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.apache.qpid.server.management.plugin.filter.LoggingFilter.doFilter(LoggingFilter.java:65)
> ~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
> ~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.servlets.CrossOriginFilter.handle(CrossOriginFilter.java:247)
> ~[jetty-servlets-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.servlets.CrossOriginFilter.doFilter(CrossOriginFilter.java:210)
> ~[jetty-servlets-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
> ~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.apache.qpid.server.management.plugin.filter.ExceptionHandlingFilter.doFilter(ExceptionHandlingFilter.java:56)
> ~[qpid-broker-plugins-management-http-6.1.0.jar:6.1.0]
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
> ~[jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:501)
> [jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:229)
> [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
> [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:429)
> [jetty-servlet-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
> [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
> [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
> [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
> [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
> at org.eclipse.jetty.server.Server.handle(Server.java:370)
> [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
> at
> org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)
> [jetty-server-8.1.17.v20150415.jar:8.1.17.v20150415]
> {noformat}
> This issue only impacts authentication via Web Management Console (when
> SimpleLDAp authentication provider is configured for HTTP port). Due to NPE
> the authentication fails and user is not able to login to Web Management
> Console. Authentication over AMQP or preemptive authentication is not
> impacted by the issue.
> Disabling of the caching allows to work around the issue. The caching can be
> turned off by setting to 'null' or '0' or negative value any/all of the
> following context variables:
> * qpid.auth.cache.size
> * qpid.auth.cache.expiration_time
> * qpid.auth.cache.iteration_count
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
