https://bz.apache.org/bugzilla/show_bug.cgi?id=65330
Bug ID: 65330
Summary: NullPointerException on LDAP auth since tomcat 9.0.46
(works on 9.0.45)
Product: Tomcat 9
Version: 9.0.46
Hardware: PC
OS: Linux
Status: NEW
Severity: regression
Priority: P2
Component: Catalina
Assignee: dev@tomcat.apache.org
Reporter: sl...@aceslash.net
Target Milestone: -----
I suppose this regression is due to Bug 65224 .
This is the relevant server.xml configuration:
################################################################################
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
<Realm className="org.apache.catalina.realm.JNDIRealm"
authentication="simple"
connectionURL="ldaps://ldap.example.com:636"
connectionName="uid=REDACTED,ou=servers,dc=example,dc=com"
connectionPassword="REDACTED"
userSearch="(|(&(uid={0})(objectClass=REDACTED)(REDACTEDStatus=active))(&(uid={0})(objectClass=REDACTED)))"
userBase="ou=people,dc=example,dc=com"
userSubtree="true"
roleBase="ou=groups,dc=example,dc=com"
roleSubtree="true"
roleName="cn"
roleSearch="(memberUid={1})"
/>
</Realm>
################################################################################
This configuration works on tomcat 9.0.45, I use it to log users to the manager
context.
On 9.0.46, it doesn't work and it raises the following exception:
################################################################################
25-May-2021 19:36:08.098 INFO [main] org.apache.coyote.AbstractProtocol.start
Starting ProtocolHandler ["http-nio2-8080"]
25-May-2021 19:36:08.101 INFO [main] org.apache.coyote.AbstractProtocol.start
Starting ProtocolHandler ["https-openssl-apr-8443"]
25-May-2021 19:36:08.106 INFO [main] org.apache.catalina.startup.Catalina.start
Server startup in [1095] milliseconds
25-May-2021 19:36:17.828 INFO [http-nio2-8080-exec-2]
org.apache.catalina.realm.JNDIRealm.authenticate Exception performing
authentication. Retrying...
java.lang.NullPointerException
at
org.apache.catalina.realm.JNDIRealm.doAttributeValueEscaping(JNDIRealm.java:2884)
at
org.apache.catalina.realm.JNDIRealm.getRoles(JNDIRealm.java:1892)
at
org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:1350)
at
org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:1232)
at
org.apache.catalina.realm.CombinedRealm.authenticate(CombinedRealm.java:191)
at
org.apache.catalina.realm.LockOutRealm.authenticate(LockOutRealm.java:154)
at
org.apache.catalina.authenticator.BasicAuthenticator.doAuthenticate(BasicAuthenticator.java:101)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:632)
at
org.apache.catalina.valves.RequestFilterValve.process(RequestFilterValve.java:378)
at
org.apache.catalina.valves.RemoteAddrValve.invoke(RemoteAddrValve.java:56)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
at
org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:687)
at
org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:764)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:357)
at
org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:374)
at
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
at
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:893)
at
org.apache.tomcat.util.net.Nio2Endpoint$SocketProcessor.doRun(Nio2Endpoint.java:1685)
at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at
org.apache.tomcat.util.net.AbstractEndpoint.processSocket(AbstractEndpoint.java:1167)
at
org.apache.tomcat.util.net.Nio2Endpoint.setSocketOptions(Nio2Endpoint.java:331)
at
org.apache.tomcat.util.net.Nio2Endpoint$Nio2Acceptor.completed(Nio2Endpoint.java:451)
at
org.apache.tomcat.util.net.Nio2Endpoint$Nio2Acceptor.completed(Nio2Endpoint.java:387)
at
java.base/sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:127)
at java.base/sun.nio.ch.Invoker$2.run(Invoker.java:219)
at
java.base/sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)
at
java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at
java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.base/java.lang.Thread.run(Thread.java:829)
################################################################################
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
