[MGNLLDAP-113] Anonymous binding can't be used because of NPE when java.naming.security.principal and adminUserDN are not defined Created: 03/Aug/17  Updated: 14/Aug/17  Resolved: 09/Aug/17

Status: Closed
Project: LDAP Connector
Component/s: None
Affects Version/s: 1.9
Fix Version/s: 1.9.1

Type: Bug Priority: Critical
Reporter: Milan Divilek Assignee: Milan Divilek
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Bug DoR:
[ ]* Steps to reproduce, expected, and actual results filled
[ ]* Affected version filled
Sprint: Kromeriz 108, Kromeriz 109
Story Points: 1

 Description   

NPE occurs when java.naming.security.principal and adminUserDN are not defined. This cause that anonymous binding can't be used.

Problem is combination of two lines in info.magnolia.jaas.sp.ldap.connection.DefaultConnectionFactory

securityPrincipal = properties.getProperty(AttributeMap.ADMIN_USER_DN, ""); 
and 
if (securityPrincipal != null)

First one cause that securityPrincipal is never null, so condition is everytime met.

https://git.magnolia-cms.com/projects/ENTERPRISE/repos/ldap/browse/magnolia-ldap/src/main/java/info/magnolia/jaas/sp/ldap/connection/DefaultConnectionFactory.java?at=refs%2Ftags%2Fmagnolia-ldap-1.9#55
https://git.magnolia-cms.com/projects/ENTERPRISE/repos/ldap/browse/magnolia-ldap/src/main/java/info/magnolia/jaas/sp/ldap/connection/DefaultConnectionFactory.java?at=refs%2Ftags%2Fmagnolia-ldap-1.9#67


Generated at Mon Feb 12 02:21:41 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.