Details
-
Bug
-
Resolution: Fixed
-
Critical
-
None
-
None
-
None
Description
For example info.magnolia.cms.security.RescueSecuritySupport.RescueUser adds workflow-base role tu superuser by default but if this role doesn't exist in magnolia(workflow is not installed) then login fails on NPE.
Same can happen if user obtain role for example from ldap/ad etc. and this role does not exist in user-role repo
javax.security.auth.login.LoginException: java.lang.NullPointerException at info.magnolia.jaas.sp.jcr.JCRAuthorizationModule.setACLForRoles(JCRAuthorizationModule.java:191) at info.magnolia.jaas.sp.jcr.JCRAuthorizationModule.setACL(JCRAuthorizationModule.java:103) at info.magnolia.jaas.sp.AbstractLoginModule.commit(AbstractLoginModule.java:230) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) at javax.security.auth.login.LoginContext.login(LoginContext.java:580) at info.magnolia.cms.security.RescueSecuritySupport.authenticate(RescueSecuritySupport.java:99) at info.magnolia.cms.security.auth.login.LoginHandlerBase.authenticate(LoginHandlerBase.java:47) at info.magnolia.cms.security.auth.login.FormLogin.handle(FormLogin.java:76) at info.magnolia.cms.security.auth.login.LoginFilter.doFilter(LoginFilter.java:66) at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:85) at info.magnolia.cms.filters.CosMultipartRequestFilter.doFilter(CosMultipartRequestFilter.java:91) at info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83) at info.magnolia.module.devicedetection.filter.DeviceDetectionFilter.doFilter(DeviceDetectionFilter.java:73) at info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter(OncePerRequestAbstractMgnlFilter.java:61) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83) at info.magnolia.cms.filters.ContentTypeFilter.doFilter(ContentTypeFilter.java:102) at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83) at info.magnolia.cms.filters.ContextFilter.doFilter(ContextFilter.java:131) at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91) at info.magnolia.cms.filters.MgnlFilterChain.doFilter(MgnlFilterChain.java:83) at info.magnolia.cms.filters.CompositeFilter.doFilter(CompositeFilter.java:67) at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter(AbstractMgnlFilter.java:91) at info.magnolia.cms.filters.SafeDestroyMgnlFilterWrapper.doFilter(SafeDestroyMgnlFilterWrapper.java:108) at info.magnolia.cms.filters.MgnlFilterDispatcher.doDispatch(MgnlFilterDispatcher.java:67) at info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:108) at info.magnolia.cms.filters.MgnlMainFilter.doFilter(MgnlMainFilter.java:94) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:859) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) at java.lang.Thread.run(Thread.java:662)
Checklists
Acceptance criteria
Attachments
Issue Links
- is related to
-
MAGNOLIA-4115 Authorization fails if user has a group which does not exist in repo
-
- Closed
-