[jira] [Updated] (QPIDJMS-65) CRAM-MD5 SASL mechanism throws NullPointerException when no username or password is specified

Jakub Scholz (JIRA) Mon, 01 Jun 2015 15:39:34 -0700

     [ 
https://issues.apache.org/jira/browse/QPIDJMS-65?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Jakub Scholz updated QPIDJMS-65:
--------------------------------
    Attachment: QPIDJMS-65.patch

This patch uses solution based on PlainMechanism - it replaces null value in 
username with empty string and null value or empty string in password with 
single space. IMHO, if nothing else, thanks to this patch the client throws 
better exception "javax.jms.JMSSecurityException: Client failed to 
authenticate".

> CRAM-MD5 SASL mechanism throws NullPointerException when no username or 
> password is specified
> ---------------------------------------------------------------------------------------------
>
>                 Key: QPIDJMS-65
>                 URL: https://issues.apache.org/jira/browse/QPIDJMS-65
>             Project: Qpid JMS
>          Issue Type: Bug
>    Affects Versions: 0.2.0
>            Reporter: Jakub Scholz
>            Priority: Minor
>         Attachments: QPIDJMS-65.patch
>
>
> When the CRAM-MD5 SASL mechanism is used and no jms.username or jms.password 
> parameter was specified in connection URI, a NullPointerExpception will be 
> thrown, for example:
> {code}TRACE org.apache.qpid.jms.transports.netty.NettyTcpTransport - 
> Attempted write of: 8 bytes
> TRACE org.apache.qpid.jms.transports.netty.NettyTcpTransport - New data read: 
> 68 bytes incoming: UnpooledHeapByteBuf(ridx: 0, widx: 68, cap: 65536)
> TRACE org.apache.qpid.jms.provider.amqp.AmqpProvider - Received from Broker 
> 68 bytes: UnpooledHeapByteBuf(ridx: 0, widx: 68, cap: 65536)
> TRACE org.apache.qpid.jms.provider.amqp.AmqpProvider - New Proton Event: 
> CONNECTION_INIT
> TRACE org.apache.qpid.jms.provider.amqp.AmqpProvider - New Proton Event: 
> SESSION_INIT
> TRACE org.apache.qpid.jms.provider.amqp.AmqpProvider - New Proton Event: 
> CONNECTION_LOCAL_OPEN
> DEBUG org.apache.qpid.jms.sasl.SaslMechanismFinder - Unknown SASL mechanism: 
> [DIGEST-MD5]
> INFO org.apache.qpid.jms.sasl.SaslMechanismFinder - Best match for SASL auth 
> was: SASL-CRAM-MD5
> TRACE org.apache.qpid.jms.transports.netty.NettyTcpTransport - Attempted 
> write of: 24 bytes
> TRACE org.apache.qpid.jms.transports.netty.NettyTcpTransport - New data read: 
> 55 bytes incoming: UnpooledHeapByteBuf(ridx: 0, widx: 55, cap: 65536)
> TRACE org.apache.qpid.jms.provider.amqp.AmqpProvider - Received from Broker 
> 55 bytes: UnpooledHeapByteBuf(ridx: 0, widx: 55, cap: 65536)
> WARN org.apache.qpid.jms.provider.amqp.AmqpProvider - Caught Exception during 
> update processing: null
> java.lang.NullPointerException
>       at 
> org.apache.qpid.jms.sasl.CramMD5Mechanism.getChallengeResponse(CramMD5Mechanism.java:57)
>       at 
> org.apache.qpid.jms.provider.amqp.AmqpSaslAuthenticator.handleSaslStep(AmqpSaslAuthenticator.java:111)
>       at 
> org.apache.qpid.jms.provider.amqp.AmqpSaslAuthenticator.authenticate(AmqpSaslAuthenticator.java:63)
>       at 
> org.apache.qpid.jms.provider.amqp.AmqpConnection.processSaslAuthentication(AmqpConnection.java:155)
>       at 
> org.apache.qpid.jms.provider.amqp.AmqpProvider.processUpdates(AmqpProvider.java:777)
>       at 
> org.apache.qpid.jms.provider.amqp.AmqpProvider.access$1500(AmqpProvider.java:87)
>       at 
> org.apache.qpid.jms.provider.amqp.AmqpProvider$16.run(AmqpProvider.java:667)
>       at 
> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
>       at java.util.concurrent.FutureTask.run(FutureTask.java:262)
>       at 
> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:178)
>       at 
> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:292)
>       at 
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
>       at 
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
>       at java.lang.Thread.run(Thread.java:745)
> javax.jms.JMSException: java.lang.NullPointerException
> Exception occurred and was caught by onException
>       at 
> org.apache.qpid.jms.exceptions.JmsExceptionSupport.create(JmsExceptionSupport.java:60)
>       at 
> org.apache.qpid.jms.JmsConnection.onAsyncException(JmsConnection.java:1169)
>       at 
> org.apache.qpid.jms.JmsConnection.onConnectionFailure(JmsConnection.java:1085)
>       at 
> org.apache.qpid.jms.provider.amqp.AmqpProvider.fireProviderException(AmqpProvider.java:832)
>       at 
> org.apache.qpid.jms.provider.amqp.AmqpProvider.processUpdates(AmqpProvider.java:781)
>       at 
> org.apache.qpid.jms.provider.amqp.AmqpProvider.access$1500(AmqpProvider.java:87)
>       at 
> org.apache.qpid.jms.provider.amqp.AmqpProvider$16.run(AmqpProvider.java:667)
>       at 
> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
>       at java.util.concurrent.FutureTask.run(FutureTask.java:262)
>       at 
> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:178)
>       at 
> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:292)
>       at 
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
>       at 
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
>       at java.lang.Thread.run(Thread.java:745)
> Caused by: java.io.IOException: java.lang.NullPointerException
>       at 
> org.apache.qpid.jms.util.IOExceptionSupport.create(IOExceptionSupport.java:45)
>       ... 11 more
> Caused by: java.lang.NullPointerException
>       at 
> org.apache.qpid.jms.sasl.CramMD5Mechanism.getChallengeResponse(CramMD5Mechanism.java:57)
>       at 
> org.apache.qpid.jms.provider.amqp.AmqpSaslAuthenticator.handleSaslStep(AmqpSaslAuthenticator.java:111)
>       at 
> org.apache.qpid.jms.provider.amqp.AmqpSaslAuthenticator.authenticate(AmqpSaslAuthenticator.java:63)
>       at 
> org.apache.qpid.jms.provider.amqp.AmqpConnection.processSaslAuthentication(AmqpConnection.java:155)
>       at 
> org.apache.qpid.jms.provider.amqp.AmqpProvider.processUpdates(AmqpProvider.java:777)
>       ... 9 more{code}
> The PLAIN mechanism actually validates username and password and replaces it 
> with empty string in case they are null. However, setting the password to 
> empty string causes another exception in SecretKeySpec. So the password has 
> to be set for example to space to make it work.
> Is missing username or password (or set to empty string) actually a valid 
> scenario? For example I don't think it can be configured on the Qpid C++ 
> broker.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Updated] (QPIDJMS-65) CRAM-MD5 SASL mechanism throws NullPointerException when no username or password is specified

Reply via email to