[ https://issues.apache.org/jira/browse/QPID-8208?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16508312#comment-16508312 ]
Keith Wall commented on QPID-8208: ---------------------------------- Alex That looks to me to be a Java platform defect rather than a Broker-J issue. {{InitialDirContext}} is defined by its API as throwing a {{NamingException}} only. It cannot legitimately throw a {{NullPointerException}}. You haven't stated the version of the JVM that produced this defect, but I notice looking at the sources for LdapClient 1.8.0_171, there is appears to be race condition in the implementation. If an "Notice of Disconnection" (1.3.6.1.4.1.1466.20036) arrives from the LDAP peer this causes the {{com.sun.jndi.ldap.LdapClient#conn}} ref to be nulled (look at {{processUnsolicited()}} invokes {{forcedClosed()}} - which doesn't take the mutex). If this occurs whilst a thread is executing {{LdapClient.authenticate}}, then the NPE will occur. I think this defect should be closed as not a defect. > [Broker-J] Improve unexpected exception handling for LDAP connections in > SimpleLDAPAuthenticationProvider > --------------------------------------------------------------------------------------------------------- > > Key: QPID-8208 > URL: https://issues.apache.org/jira/browse/QPID-8208 > Project: Qpid > Issue Type: Bug > Components: Broker-J > Affects Versions: qpid-java-6.1.6, qpid-java-broker-7.0.3, > qpid-java-broker-7.0.2, 0.32, qpid-java-6.0, qpid-java-6.0.1, > qpid-java-6.0.2, qpid-java-6.0.3, qpid-java-6.0.4, qpid-java-6.0.5, > qpid-java-6.1, qpid-java-6.0.6, qpid-java-6.1.1, qpid-java-6.1.2, > qpid-java-6.0.7, qpid-java-6.1.3, qpid-java-6.0.8, qpid-java-6.1.4, > qpid-java-broker-7.0.0, qpid-java-6.1.5, qpid-java-broker-7.0.1, > qpid-java-broker-7.0.4 > Reporter: Alex Rudyy > Priority: Critical > Fix For: qpid-java-broker-7.0.5 > > Attachments: 0001-QPID-8208-Broker-J-Improve-exception-handling.patch > > > The establishment of connection with LDAP using default > {{com.sun.jndi.ldap.LdapCtxFactory}} can end-up in unexpected exception > thrown from {{com.sun.jndi.ldap.LdapClient}}. Thought, it looks like a defect > in {{LdapClient}}, the unexpected exceptions should be handled appropriately. > The exception should be logged and the authentication failure error should be > returned back to the client. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org