Details
-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
None
-
None
-
None
Description
Interaction with WS when running with security manager throws following NPE:
Interceptor for {http://org.picketlink.trust/sts/}PicketLinkSTS#{http://cxf.apache.org/jaxws/dispatch}Invoke has thrown exception, unwinding now: java.lang.NullPointerException at org.wildfly.security.manager.WildFlySecurityManager.findAccessDenial(WildFlySecurityManager.java:221) at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:293) at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:192) at java.lang.SecurityManager.checkConnect(SecurityManager.java:1064) at org.wildfly.security.manager.WildFlySecurityManager.checkConnect(WildFlySecurityManager.java:390) at sun.net.www.http.HttpClient.openServer(HttpClient.java:572) at sun.net.www.http.HttpClient.<init>(HttpClient.java:256) at sun.net.www.http.HttpClient.New(HttpClient.java:360) at sun.net.www.http.HttpClient.New(HttpClient.java:378) at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:1232) at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1211) at sun.net.www.protocol.http.HttpURLConnection$6.run(HttpURLConnection.java:1052) at sun.net.www.protocol.http.HttpURLConnection$6.run(HttpURLConnection.java:1050) at java.security.AccessController.doPrivileged(AccessController.java:901) at java.security.AccessController.doPrivilegedWithCombiner(AccessController.java:942) at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1049) at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:996) at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1346) at sun.net.www.protocol.http.HttpURLConnection.access$100(HttpURLConnection.java:103) at sun.net.www.protocol.http.HttpURLConnection$8.run(HttpURLConnection.java:1313) at sun.net.www.protocol.http.HttpURLConnection$8.run(HttpURLConnection.java:1311) at java.security.AccessController.doPrivileged(AccessController.java:901) at java.security.AccessController.doPrivilegedWithCombiner(AccessController.java:942) at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1310) at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream$1.run(URLConnectionHTTPConduit.java:268) at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream$1.run(URLConnectionHTTPConduit.java:265) at java.security.AccessController.doPrivileged(AccessController.java:694) at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.setupWrappedStream(URLConnectionHTTPConduit.java:265) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleHeadersTrustCaching(HTTPConduit.java:1330) at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.onFirstWrite(HTTPConduit.java:1291) at org.apache.cxf.transport.http.URLConnectionHTTPConduit$URLConnectionWrappedOutputStream.onFirstWrite(URLConnectionHTTPConduit.java:307) at org.apache.cxf.io.AbstractWrappedOutputStream.write(AbstractWrappedOutputStream.java:47) at org.apache.cxf.io.AbstractThresholdOutputStream.unBuffer(AbstractThresholdOutputStream.java:89) at org.apache.cxf.io.AbstractThresholdOutputStream.write(AbstractThresholdOutputStream.java:63) at com.ctc.wstx.io.UTF8Writer.flush(UTF8Writer.java:100) at com.ctc.wstx.sw.BufferingXmlWriter.flush(BufferingXmlWriter.java:242) at com.ctc.wstx.sw.BufferingXmlWriter.close(BufferingXmlWriter.java:215) at com.ctc.wstx.sw.BaseStreamWriter._finishDocument(BaseStreamWriter.java:1466) at com.ctc.wstx.sw.BaseStreamWriter.writeEndDocument(BaseStreamWriter.java:552) at org.apache.cxf.binding.soap.interceptor.SoapOutInterceptor$SoapOutEndingInterceptor.handleMessage(SoapOutInterceptor.java:307) at org.apache.cxf.binding.soap.interceptor.SoapOutInterceptor$SoapOutEndingInterceptor.handleMessage(SoapOutInterceptor.java:294) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308) at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:533) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:442) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:343) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:296) at org.apache.cxf.endpoint.ClientImpl.invokeWrapped(ClientImpl.java:331) at org.apache.cxf.jaxws.DispatchImpl.invoke(DispatchImpl.java:321) at org.apache.cxf.jaxws.DispatchImpl.invoke(DispatchImpl.java:240) at org.picketlink.identity.federation.core.wstrust.STSClient.validateToken(STSClient.java:412) at org.picketlink.identity.federation.bindings.jboss.auth.SAML2STSCommonLoginModule.login(SAML2STSCommonLoginModule.java:362) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:90) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55) at java.lang.reflect.Method.invoke(Method.java:508) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:788) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:196) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696) at java.security.AccessController.doPrivileged(AccessController.java:694) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:696) at javax.security.auth.login.LoginContext.login(LoginContext.java:597) at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:406) at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:345) at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:323) at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:146) at org.picketlink.trust.jbossws.handler.AbstractWSAuthenticationHandler.handleInbound(AbstractWSAuthenticationHandler.java:83) at org.picketlink.trust.jbossws.handler.AbstractPicketLinkTrustHandler.handleMessage(AbstractPicketLinkTrustHandler.java:259) at org.apache.cxf.jaxws.handler.HandlerChainInvoker.invokeHandleMessage(HandlerChainInvoker.java:359) at org.apache.cxf.jaxws.handler.HandlerChainInvoker.invokeHandlerChain(HandlerChainInvoker.java:255) at org.apache.cxf.jaxws.handler.HandlerChainInvoker.invokeProtocolHandlers(HandlerChainInvoker.java:132) at org.apache.cxf.jaxws.handler.soap.SOAPHandlerInterceptor.handleMessageInternal(SOAPHandlerInterceptor.java:166) at org.apache.cxf.jaxws.handler.soap.SOAPHandlerInterceptor.handleMessage(SOAPHandlerInterceptor.java:121) at org.apache.cxf.jaxws.handler.soap.SOAPHandlerInterceptor.handleMessage(SOAPHandlerInterceptor.java:70) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308) at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:267) at org.jboss.wsf.stack.cxf.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:109) at org.jboss.wsf.stack.cxf.transport.ServletHelper.callRequestHandler(ServletHelper.java:134) at org.jboss.wsf.stack.cxf.CXFServletExt.invoke(CXFServletExt.java:88) at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:301) at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:220) at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) at org.jboss.wsf.stack.cxf.CXFServletExt.service(CXFServletExt.java:136) at org.jboss.wsf.spi.deployment.WSFServlet.service(WSFServlet.java:140) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) at io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:67) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105) at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction$$Lambda$926.00000000105031D0.call(Unknown Source) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1526) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction$$Lambda$927.0000000010402F20.call(Unknown Source) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1526) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction$$Lambda$927.0000000010402F20.call(Unknown Source) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1526) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction$$Lambda$927.0000000010402F20.call(Unknown Source) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1526) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction$$Lambda$927.0000000010402F20.call(Unknown Source) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$1$1.run(ServletInitialHandler.java:110) at java.security.AccessController.doPrivileged(AccessController.java:694) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:107) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:360) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:830) at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378) at java.lang.Thread.run(Thread.java:811)
This happens only with IBM JDK 8 SR5 FP10:
java version "1.8.0_161" Java(TM) SE Runtime Environment (build 8.0.5.10 - pxa6480sr5fp10-20180214_01(SR5 FP10)) IBM J9 VM (build 2.9, JRE 1.8.0 Linux amd64-64 Compressed References 20180208_378436 (JIT enabled, AOT enabled) OpenJ9 - 39bb844 OMR - c04ccb2 IBM - 2321a81) JCL - 20180209_01 based on Oracle jdk8u161-b12
This issue affects also JBoss EAP 7.1.0.GA (when IBM JDK 8 SR5 FP10 is used). EAP 7.1.0.GA was certified with IBM JDK 8 SR4 FP6 where this issue does not exist.