-
Bug
-
Resolution: Fixed
-
Neutral
-
1.10.3
-
None
-
-
Empty show more show less
-
AdminX 38, AdminX 39
When logging in with a magnolia user and wrong password info.magnolia.jaas.sp.ldap.LDAPAuthenticationModule#matchPassword:68 results in a NullPointerException. Problem does not occur with LDAP users.
The functionality works well; however the exception is not manager properly.
Steps to reproduce
- Loggin using a magnolia user and purposely enter a wrong password
- Note the following stack in the terminal
ERROR info.magnolia.cms.security.SecuritySupportBase : Can't login due to: javax.security.auth.login.LoginException: java.lang.NullPointerException at info.magnolia.jaas.sp.ldap.LDAPAuthenticationModule.matchPassword(LDAPAuthenticationModule.java:68) at info.magnolia.jaas.sp.ldap.ADAuthenticationModule.validateUser(ADAuthenticationModule.java:56) at info.magnolia.jaas.sp.AbstractLoginModule.login(AbstractLoginModule.java:199) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680) ...
Acceptance criteria
