来自Jboss LdapExtLoginModule的NullPointerException
我正在尝试为Jboss web应用程序配置Ldap身份验证。Jboss加载我的模块,但不验证已知良好的凭据。我应该指出,我的模块只是扩展了LdapExtLoginModule,没有添加任何逻辑。当直接延迟到LdapExtLoginModule时,我会遇到相同的错误。错误: PBOX000070:密码无效/需要密码 当我尝试登录时返回。我跟踪到org.jboss.security.auth.spi.LdapExtLoginModule.constructInitialLdapContext中的hashtable.put()操作引发的空指针。以下是堆栈跟踪:来自Jboss LdapExtLoginModule的NullPointerException,jboss,ldap,Jboss,Ldap,我正在尝试为Jboss web应用程序配置Ldap身份验证。Jboss加载我的模块,但不验证已知良好的凭据。我应该指出,我的模块只是扩展了LdapExtLoginModule,没有添加任何逻辑。当直接延迟到LdapExtLoginModule时,我会遇到相同的错误。错误: PBOX000070:密码无效/需要密码 当我尝试登录时返回。我跟踪到org.jboss.security.auth.spi.LdapExtLoginModule.constructInitialLdapContext中的ha
javax.security.auth.login.FailedLoginException: PBOX000070: Password invalid/Password required
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:284)
at com.alstom.auth.login.ldap.CustomLdapLoginModule.login(CustomLdapLoginModule.java:164)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:762)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:690)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:688)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:687)
at javax.security.auth.login.LoginContext.login(LoginContext.java:595)
at org.springframework.security.authentication.jaas.AbstractJaasAuthenticationProvider.authenticate(AbstractJaasAuthenticationProvider.java:149)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:156)
at com.etse.security.SecureMethodAuthenticationManager.authenticate(SecureMethodAuthenticationManager.java:29)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:174)
at org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:94)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:195)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149)
at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:336)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:920)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.NullPointerException
at java.util.Hashtable.put(Hashtable.java:514)
at org.jboss.security.auth.spi.LdapExtLoginModule.constructInitialLdapContext(LdapExtLoginModule.java:742)
at org.jboss.security.auth.spi.LdapExtLoginModule.createLdapInitContext(LdapExtLoginModule.java:463)
at org.jboss.security.auth.spi.LdapExtLoginModule.validatePassword(LdapExtLoginModule.java:340)
at com.alstom.auth.login.ldap.CustomLdapLoginModule.validatePassword(CustomLdapLoginModule.java:152)
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:281)
... 40 more
职能:
private InitialLdapContext constructInitialLdapContext(String dn, Object credential) throws NamingException
{
String protocol = (String)options.get(Context.SECURITY_PROTOCOL);
String providerURL = (String) options.get(Context.PROVIDER_URL);
if (providerURL == null)
providerURL = "ldap://localhost:" + ((protocol != null && protocol.equals("ssl")) ? "636" : "389");
Properties env = constructLdapContextEnvironment(providerURL, dn, credential);
return new InitialLdapContext(env, null);
}
没有hashtable.put()操作,因此它必须来自InitialDapContext构造函数,对吗
public InitialLdapContext(Hashtable<?,?> environment,Control[] connCtls) throws NamingException {
super(true); // don't initialize yet
// Clone environment since caller owns it.
Hashtable env = (environment == null)
? new Hashtable(11)
: (Hashtable)environment.clone();
// Put connect controls into environment. Copy them first since
// caller owns the array.
if (connCtls != null) {
Control[] copy = new Control[connCtls.length];
System.arraycopy(connCtls, 0, copy, 0, connCtls.length);
env.put(BIND_CONTROLS_PROPERTY, copy);
}
// set version to LDAPv3
env.put("java.naming.ldap.version", "3");
// Initialize with updated environment
init(env);
}
public InitialLdapContext(哈希表环境,控件[]conncctls)引发NamingException{
super(true);//还没有初始化
//克隆环境,因为调用者拥有它。
哈希表env=(环境==null)
?新哈希表(11)
:(哈希表)environment.clone();
//将连接控件放入环境中。从
//调用方拥有数组。
如果(connCtls!=null){
控件[]复制=新控件[connCtls.length];
System.arraycopy(connCtls,0,copy,0,connCtls.length);
环境放置(绑定控件属性,复制);
}
//将版本设置为LDAPv3
put(“java.naming.ldap.version”,“3”);
//使用更新的环境初始化
初始(环境);
}
connCtls为null(请参阅构造函数调用),因此唯一的put操作是env.put(“java.naming.ldap.version”,“3”),这显然是很好的
知道这是怎么回事吗?谢谢。哈希表不允许键为空。验证放入哈希表env中的所有键都不为null。比如说,
env.put(BIND_CONTROLS_PROPERTY, copy);
绑定\u控件\u属性不能为空
希望对您有所帮助IMO,您有另一个版本的
LdapExtLoginModule
的代码。正确的答案可能是
那里的代码是:
private InitialLdapContext构造函数InitialLdapContext(字符串dn,对象凭据)引发NamingException
{
Properties env=新属性();
迭代器iter=options.entrySet().Iterator();
while(iter.hasNext())
{
Entry=(Entry)iter.next();
env.put(entry.getKey(),entry.getValue());/*这是第742行*/
}
因此,似乎有一个带有空值的登录模块选项。请检查您的配置
请下次分享更多有关您的环境的详细信息。这将有助于评估您的问题。最重要的详细信息:
- 应用服务器版本
- 使用的服务器配置(即本例中的安全域配置)