Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 7.0.0.Beta2, 7.0.0.Final
Affects Version/s: None
Component/s: Server
Labels:
None

Git Pull Request:
https://github.com/infinispan/infinispan/pull/2823
Bugzilla References:
https://bugzilla.redhat.com/show_bug.cgi?id=1134085

Description

In server mode, when loading the roles from LDAP (e.g. scenario GSSAPI authentization and authorization is delegate to LDAP), it fails with following exception when some principal (typically InetAddressPrincipal) hasn't a record in LDAP:

Caused by: java.lang.SecurityException: JDGS010022: Cannot retrieve authorization information for user admin@INFINISPAN.ORG
        at org.infinispan.server.endpoint.subsystem.EndpointServerAuthenticationProvider$GSSAPIEndpointAuthorizingCallbackHandler.getSubjectUserInfo(EndpointServerAuthenticationProvider.java:96) [infinispan-server-endpoints-7.0.0-SNAPSHOT.
jar:7.0.0-SNAPSHOT]
        at org.infinispan.server.hotrod.Decoder2x$.customReadHeader(Decoder2x.scala:238) [infinispan.jar:7.0.0-SNAPSHOT]
        at org.infinispan.server.hotrod.HotRodDecoder.customDecodeHeader(HotRodDecoder.scala:152) [infinispan.jar:7.0.0-SNAPSHOT]
        at org.infinispan.server.core.AbstractProtocolDecoder.decodeHeader(AbstractProtocolDecoder.scala:148) [infinispan.jar:7.0.0-SNAPSHOT]
        at org.infinispan.server.core.AbstractProtocolDecoder.secureDecodeDispatch(AbstractProtocolDecoder.scala:96) [infinispan.jar:7.0.0-SNAPSHOT]
        ... 14 more
Caused by: java.io.IOException: javax.naming.NamingException: JBAS015231: User '127.0.0.1' not found in directory.
        at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapSubjectSupplemental.supplementSubject(LdapSubjectSupplementalService.java:171) [wildfly-domain-management-8.1.0.Final.jar:8.1.0.Final]
        at org.jboss.as.domain.management.security.SecurityRealmService$1.createSubjectUserInfo(SecurityRealmService.java:200) [wildfly-domain-management-8.1.0.Final.jar:8.1.0.Final]
        at org.infinispan.server.endpoint.subsystem.EndpointServerAuthenticationProvider$GSSAPIEndpointAuthorizingCallbackHandler.getSubjectUserInfo(EndpointServerAuthenticationProvider.java:94) [infinispan-server-endpoints-7.0.0-SNAPSHOT.jar:7.0.0-SNAPSHOT]
        ... 18 more
Caused by: javax.naming.NamingException: JBAS015231: User '127.0.0.1' not found in directory.
        at org.jboss.as.domain.management.security.LdapUserSearcherFactory$LdapUserSearcherImpl.search(LdapUserSearcherFactory.java:130) [wildfly-domain-management-8.1.0.Final.jar:8.1.0.Final]
        at org.jboss.as.domain.management.security.LdapUserSearcherFactory$LdapUserSearcherImpl.search(LdapUserSearcherFactory.java:67) [wildfly-domain-management-8.1.0.Final.jar:8.1.0.Final]
        at org.jboss.as.domain.management.security.LdapCacheService$NoCacheCache.search(LdapCacheService.java:223) [wildfly-domain-management-8.1.0.Final.jar:8.1.0.Final]
        at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapSubjectSupplemental.loadGroups(LdapSubjectSupplementalService.java:184) [wildfly-domain-management-8.1.0.Final.jar:8.1.0.Final]
        at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapSubjectSupplemental.supplementSubject(LdapSubjectSupplementalService.java:163) [wildfly-domain-management-8.1.0.Final.jar:8.1.0.Final]
        ... 20 more

Attachments

Activity

People

Assignee:: Tristan Tarrant

Reporter:: Vojtech Juranek

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2014/08/26 3:27 PM

Updated:: 2020/02/07 6:01 AM

Resolved:: 2014/09/03 10:39 AM