[
https://issues.apache.org/jira/browse/ARTEMIS-2576?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Justin Bertram updated ARTEMIS-2576:
------------------------------------
Description:
With {{LoggingActiveMQServerPlugin}}, {{NotificationActiveMQServerPlugin}}, and
standard {{PropertiesLogin}} module enabled when authenticating with bad
credentials a NPE is thrown.
{{PlainSASL}} implementation of {{ServerSASLPlain}} interface passes {{null]]
value as {{remotingConnection}} to the {{SecurityStore}}. Handling
{{SECURITY_AUTHENTICATION_VIOLATION}} notification causes NPE when calling
{{connection.getRemoteAddress()}}.
Since {{SecurityStoreImpl.authenticate}} method throws authentication
exceptions anyway it is handled silently on {{PlainSASL.authenticate}} method.
Therefore NPE exception is treated as authentication exception and is not
logged. Because of this NPE a notification is not created and not propagated to
the {{activemq.notifications}} address.
{noformat}
// java.lang.NullPointerException
at
org.apache.activemq.artemis.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:155)
at
org.apache.activemq.artemis.protocol.amqp.sasl.PlainSASL.authenticate(PlainSASL.java:33)
at
org.apache.activemq.artemis.protocol.amqp.sasl.ServerSASLPlain.processSASL(ServerSASLPlain.java:49)
at
org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.processPending(ProtonHandler.java:341)
at
org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.onSaslInit(ProtonHandler.java:325)
at
org.apache.qpid.proton.engine.impl.SaslImpl.handleInit(SaslImpl.java:365)
at
org.apache.qpid.proton.engine.impl.SaslImpl.handleInit(SaslImpl.java:49)
at
org.apache.qpid.proton.amqp.security.SaslInit.invoke(SaslInit.java:75)
at org.apache.qpid.proton.engine.impl.SaslImpl.handle(SaslImpl.java:345)
at
org.apache.qpid.proton.engine.impl.SaslFrameParser.input(SaslFrameParser.java:374)
at
org.apache.qpid.proton.engine.impl.SaslImpl$SaslTransportWrapper.reallyProcessInput(SaslImpl.java:688)
at
org.apache.qpid.proton.engine.impl.SaslImpl$SaslTransportWrapper.process(SaslImpl.java:659)
at
org.apache.qpid.proton.engine.impl.SaslImpl$SwitchingSaslTransportWrapper.process(SaslImpl.java:832)
at
org.apache.qpid.proton.engine.impl.HandshakeSniffingTransportWrapper.process(HandshakeSniffingTransportWrapper.java:101)
at
org.apache.qpid.proton.engine.impl.TransportImpl.process(TransportImpl.java:1558)
at
org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.flush(ProtonHandler.java:284)
at
org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.inputBuffer(ProtonHandler.java:242)
at
org.apache.activemq.artemis.protocol.amqp.proton.AMQPConnectionContext.inputBuffer(AMQPConnectionContext.java:180)
at
org.apache.activemq.artemis.protocol.amqp.broker.ActiveMQProtonRemotingConnection.bufferReceived(ActiveMQProtonRemotingConnection.java:145)
at
org.apache.activemq.artemis.core.remoting.server.impl.RemotingServiceImpl$DelegatingBufferHandler.bufferReceived(RemotingServiceImpl.java:654)
at
org.apache.activemq.artemis.core.remoting.impl.netty.ActiveMQChannelHandler.channelRead(ActiveMQChannelHandler.java:73)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:359)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:345)
at
io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:337)
at
io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1408)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:359)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:345)
at
io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:930)
at
io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:163)
at
io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:677)
at
io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:612)
at
io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:529)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:491)
at
io.netty.util.concurrent.SingleThreadEventExecutor$5.run(SingleThreadEventExecutor.java:905)
at
org.apache.activemq.artemis.utils.ActiveMQThreadFactory$1.run(ActiveMQThreadFactory.java:118)
{noformat}
was:
With LoggingActiveMQServerPlugin, NotificationActiveMQServerPlugin and standard
PropertiesLogin module enabled when authenticating with bad credentials a NPE
is thrown.
PlainSASL implementation of ServerSASLPlain interface passes NULL value as
remotingConnection to the SecurityStore. Handling
SECURITY_AUTHENTICATION_VIOLATION notification causes NPE when calling
connection.getRemoteAddress()
Since SecurityStoreImpl.authenticate method throws authentication exceptions
anyway it is handled silently in PlainSASL.authenticate method. Therefore NPE
exception is treated as authentication exception and is not logged. Because of
this NPE a notification is not created and not propagated to the
activemq.notifications address.
{code:java}
// java.lang.NullPointerException
at
org.apache.activemq.artemis.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:155)
at
org.apache.activemq.artemis.protocol.amqp.sasl.PlainSASL.authenticate(PlainSASL.java:33)
at
org.apache.activemq.artemis.protocol.amqp.sasl.ServerSASLPlain.processSASL(ServerSASLPlain.java:49)
at
org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.processPending(ProtonHandler.java:341)
at
org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.onSaslInit(ProtonHandler.java:325)
at
org.apache.qpid.proton.engine.impl.SaslImpl.handleInit(SaslImpl.java:365)
at
org.apache.qpid.proton.engine.impl.SaslImpl.handleInit(SaslImpl.java:49)
at
org.apache.qpid.proton.amqp.security.SaslInit.invoke(SaslInit.java:75)
at org.apache.qpid.proton.engine.impl.SaslImpl.handle(SaslImpl.java:345)
at
org.apache.qpid.proton.engine.impl.SaslFrameParser.input(SaslFrameParser.java:374)
at
org.apache.qpid.proton.engine.impl.SaslImpl$SaslTransportWrapper.reallyProcessInput(SaslImpl.java:688)
at
org.apache.qpid.proton.engine.impl.SaslImpl$SaslTransportWrapper.process(SaslImpl.java:659)
at
org.apache.qpid.proton.engine.impl.SaslImpl$SwitchingSaslTransportWrapper.process(SaslImpl.java:832)
at
org.apache.qpid.proton.engine.impl.HandshakeSniffingTransportWrapper.process(HandshakeSniffingTransportWrapper.java:101)
at
org.apache.qpid.proton.engine.impl.TransportImpl.process(TransportImpl.java:1558)
at
org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.flush(ProtonHandler.java:284)
at
org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.inputBuffer(ProtonHandler.java:242)
at
org.apache.activemq.artemis.protocol.amqp.proton.AMQPConnectionContext.inputBuffer(AMQPConnectionContext.java:180)
at
org.apache.activemq.artemis.protocol.amqp.broker.ActiveMQProtonRemotingConnection.bufferReceived(ActiveMQProtonRemotingConnection.java:145)
at
org.apache.activemq.artemis.core.remoting.server.impl.RemotingServiceImpl$DelegatingBufferHandler.bufferReceived(RemotingServiceImpl.java:654)
at
org.apache.activemq.artemis.core.remoting.impl.netty.ActiveMQChannelHandler.channelRead(ActiveMQChannelHandler.java:73)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:359)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:345)
at
io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:337)
at
io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1408)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:359)
at
io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:345)
at
io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:930)
at
io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:163)
at
io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:677)
at
io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:612)
at
io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:529)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:491)
at
io.netty.util.concurrent.SingleThreadEventExecutor$5.run(SingleThreadEventExecutor.java:905)
at
org.apache.activemq.artemis.utils.ActiveMQThreadFactory$1.run(ActiveMQThreadFactory.java:118)
{code}
> NullPointerException during AMQP SECURITY_AUTHENTICATION_VIOLATION
> notification handling
> ----------------------------------------------------------------------------------------
>
> Key: ARTEMIS-2576
> URL: https://issues.apache.org/jira/browse/ARTEMIS-2576
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Components: AMQP
> Affects Versions: 2.10.1
> Reporter: Wojciech Zub
> Priority: Major
>
> With {{LoggingActiveMQServerPlugin}}, {{NotificationActiveMQServerPlugin}},
> and standard {{PropertiesLogin}} module enabled when authenticating with bad
> credentials a NPE is thrown.
> {{PlainSASL}} implementation of {{ServerSASLPlain}} interface passes {{null]]
> value as {{remotingConnection}} to the {{SecurityStore}}. Handling
> {{SECURITY_AUTHENTICATION_VIOLATION}} notification causes NPE when calling
> {{connection.getRemoteAddress()}}.
> Since {{SecurityStoreImpl.authenticate}} method throws authentication
> exceptions anyway it is handled silently on {{PlainSASL.authenticate}}
> method. Therefore NPE exception is treated as authentication exception and is
> not logged. Because of this NPE a notification is not created and not
> propagated to the {{activemq.notifications}} address.
> {noformat}
> // java.lang.NullPointerException
> at
> org.apache.activemq.artemis.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:155)
> at
> org.apache.activemq.artemis.protocol.amqp.sasl.PlainSASL.authenticate(PlainSASL.java:33)
> at
> org.apache.activemq.artemis.protocol.amqp.sasl.ServerSASLPlain.processSASL(ServerSASLPlain.java:49)
> at
> org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.processPending(ProtonHandler.java:341)
> at
> org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.onSaslInit(ProtonHandler.java:325)
> at
> org.apache.qpid.proton.engine.impl.SaslImpl.handleInit(SaslImpl.java:365)
> at
> org.apache.qpid.proton.engine.impl.SaslImpl.handleInit(SaslImpl.java:49)
> at
> org.apache.qpid.proton.amqp.security.SaslInit.invoke(SaslInit.java:75)
> at
> org.apache.qpid.proton.engine.impl.SaslImpl.handle(SaslImpl.java:345)
> at
> org.apache.qpid.proton.engine.impl.SaslFrameParser.input(SaslFrameParser.java:374)
> at
> org.apache.qpid.proton.engine.impl.SaslImpl$SaslTransportWrapper.reallyProcessInput(SaslImpl.java:688)
> at
> org.apache.qpid.proton.engine.impl.SaslImpl$SaslTransportWrapper.process(SaslImpl.java:659)
> at
> org.apache.qpid.proton.engine.impl.SaslImpl$SwitchingSaslTransportWrapper.process(SaslImpl.java:832)
> at
> org.apache.qpid.proton.engine.impl.HandshakeSniffingTransportWrapper.process(HandshakeSniffingTransportWrapper.java:101)
> at
> org.apache.qpid.proton.engine.impl.TransportImpl.process(TransportImpl.java:1558)
> at
> org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.flush(ProtonHandler.java:284)
> at
> org.apache.activemq.artemis.protocol.amqp.proton.handler.ProtonHandler.inputBuffer(ProtonHandler.java:242)
> at
> org.apache.activemq.artemis.protocol.amqp.proton.AMQPConnectionContext.inputBuffer(AMQPConnectionContext.java:180)
> at
> org.apache.activemq.artemis.protocol.amqp.broker.ActiveMQProtonRemotingConnection.bufferReceived(ActiveMQProtonRemotingConnection.java:145)
> at
> org.apache.activemq.artemis.core.remoting.server.impl.RemotingServiceImpl$DelegatingBufferHandler.bufferReceived(RemotingServiceImpl.java:654)
> at
> org.apache.activemq.artemis.core.remoting.impl.netty.ActiveMQChannelHandler.channelRead(ActiveMQChannelHandler.java:73)
> at
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:359)
> at
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:345)
> at
> io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:337)
> at
> io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1408)
> at
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:359)
> at
> io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:345)
> at
> io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:930)
> at
> io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:163)
> at
> io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:677)
> at
> io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:612)
> at
> io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:529)
> at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:491)
> at
> io.netty.util.concurrent.SingleThreadEventExecutor$5.run(SingleThreadEventExecutor.java:905)
> at
> org.apache.activemq.artemis.utils.ActiveMQThreadFactory$1.run(ActiveMQThreadFactory.java:118)
> {noformat}
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
