Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-9240

SecurityDomain.getCurrent() throws NPE when invoking SLSB using a Weld thread

    Details

    • Steps to Reproduce:
      Hide
      1. clone Weld WildFly fork and build the project
      2. clone Weld repo, build the project and run org.jboss.weld.tests.event.async.context.security.SecurityContextPropagationTest

      $ git clone -b 11.0.0.CR1-weld3 git@github.com:weld/wildfly.git
      $ cd wildfly
      $ mvn clean install -DskipTests
      $ cd ../
      $ git clone git@github.com:weld/core.git
      $ cd core
      $ mvn clean install -DskipTests
      $ export JBOSS_HOME=WFLYREPO/dist/target/wildfly-11.0.0.Beta1
      $ mvn clean test -Dincontainer -Dtest=SecurityContextPropagationTest -f tests-arquillian/pom.xml
      

      Show
      clone Weld WildFly fork and build the project clone Weld repo, build the project and run org.jboss.weld.tests.event.async.context.security.SecurityContextPropagationTest $ git clone -b 11.0.0.CR1-weld3 git@github.com:weld/wildfly.git $ cd wildfly $ mvn clean install -DskipTests $ cd ../ $ git clone git@github.com:weld/core.git $ cd core $ mvn clean install -DskipTests $ export JBOSS_HOME=WFLYREPO/dist/target/wildfly-11.0.0.Beta1 $ mvn clean test -Dincontainer -Dtest=SecurityContextPropagationTest -f tests-arquillian/pom.xml

      Description

      The integration code used by Weld 3 to propagate the security context of the current thread to different threads (needed for async events CDI 2.0 feature) is not able to obtain the current org.wildfly.security.auth.server.SecurityDomain anymore.

      The invocation of SecurityDomain.getCurrent() returns null.

      UPDATE: The original description was wrong. We wrongly assumed that Elytron is active for a deployment by default which isn't the case.

      NullPointerException being reported DURING calls to SecurityDomain.getCurrent():

      Caused by: java.lang.NullPointerException
      	at java.util.concurrent.ConcurrentHashMap.get(ConcurrentHashMap.java:936)
      	at org.wildfly.security.auth.server.SecurityDomain.getCurrent(SecurityDomain.java:171)
      	at org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:74)
      	at org.jboss.weld.tests.event.async.context.security.Printer$$$view2.print(Unknown Source)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at org.jboss.weld.util.reflection.Reflections.invokeAndUnwrap(Reflections.java:411)
      	at org.jboss.weld.module.ejb.EnterpriseBeanProxyMethodHandler.invoke(EnterpriseBeanProxyMethodHandler.java:128)
      	at org.jboss.weld.bean.proxy.EnterpriseTargetBeanInstance.invoke(EnterpriseTargetBeanInstance.java:56)
      	at org.jboss.weld.module.ejb.InjectionPointPropagatingEnterpriseTargetBeanInstance.invoke(InjectionPointPropagatingEnterpriseTargetBeanInstance.java:68)
      	at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:106)
      	at org.jboss.weld.tests.event.async.context.security.Printer$Proxy$_$$_Weld$EnterpriseProxy$.print(Unknown Source)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      

      Note that this worked on WildFly 11.0.0.Alpha1.

      It's also possible that the test (see also steps to reproduce) is wrong. A review/help from a security expert would be appreciated.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                dlofthouse Darran Lofthouse
                Reporter:
                mkouba Martin Kouba
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: