Details
-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
PicketBox_v4_0_1
-
None
Description
When using DatabaseRolesMappingProvider as part of a web app, everything works fine if the query returns at least one role. If the user does not have any (a valid case in our system) then an IllegalArgumentException is thrown, which is not caught and aborts the authentication process (see stack trace at bottom.)
In particular the Util.addRolesToGroup method explicitly checks for the no-role case, but only to for logging purposes, and then continues on trying to read the roles. This will obviously always fail as per JDBC specs. It looks like the reading should have been put inside an else clause.
15:55:55,700 ERROR [org.apache.catalina.connector.CoyoteAdapter] (http--127.0.0.1-8080-4) An exception or error occurred in the container during the request processing: java.lang.IllegalArgumentException: Query failed
at org.jboss.security.mapping.providers.role.Util.addRolesToGroup(Util.java:250) [picketbox-4.0.1.jar:4.0.1]
at org.jboss.security.mapping.providers.role.DatabaseRolesMappingProvider.performMapping(DatabaseRolesMappingProvider.java:100) [picketbox-4.0.1.jar:4.0.1]
at org.jboss.security.mapping.providers.role.DatabaseRolesMappingProvider.performMapping(DatabaseRolesMappingProvider.java:42) [picketbox-4.0.1.jar:4.0.1]
at org.jboss.security.mapping.MappingContext.performMapping(MappingContext.java:54) [picketbox-4.0.1.jar:4.0.1]
at org.jboss.security.plugins.JBossAuthorizationManager.getCurrentRoles(JBossAuthorizationManager.java:396) [picketbox-4.0.1.jar:4.0.1]
at org.jboss.security.plugins.JBossAuthorizationManager.getSubjectRoles(JBossAuthorizationManager.java:323) [picketbox-4.0.1.jar:4.0.1]
at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:144) [jboss-as-web-7.0.1.Final.jar:7.0.1.Final]
at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:280) [jbossweb-7.0.1.Final.jar:7.0.1.Final]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:372) [jbossweb-7.0.1.Final.jar:7.0.1.Final]
at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57) [jboss-as-web-7.0.1.Final.jar:7.0.1.Final]
at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:49) [jboss-as-jpa-7.0.1.Final.jar:7.0.1.Final]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154) [jbossweb-7.0.1.Final.jar:7.0.1.Final]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.1.Final.jar:7.0.1.Final]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.1.Final.jar:7.0.1.Final]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362) [jbossweb-7.0.1.Final.jar:7.0.1.Final]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.1.Final.jar:7.0.1.Final]
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:667) [jbossweb-7.0.1.Final.jar:7.0.1.Final]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:952) [jbossweb-7.0.1.Final.jar:7.0.1.Final]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_29]
Caused by: java.sql.SQLException: Exhausted Resultset
at oracle.jdbc.driver.OracleResultSetImpl.getString(OracleResultSetImpl.java:1270)
at org.jboss.jca.adapters.jdbc.WrappedResultSet.getString(WrappedResultSet.java:1338)
at org.jboss.security.mapping.providers.role.Util.addRolesToGroup(Util.java:239) [picketbox-4.0.1.jar:4.0.1]
... 18 more