NullPointerException at JBossServerAuthConfig.getAuthContext line 108

huangapple go评论62阅读模式
英文:

NullPointerException at JBossServerAuthConfig.getAuthContext line 108

问题

I'm using Spring Boot 2.7.9 to create a website along with Spring OAuth2 and Google Auth. When I try to access the site, I'm getting the above error. I've traced it back a bit, but would like to hear from someone who knows the code better to help me determine what's wrong. Here's the exception stack trace.

java.lang.NullPointerException
at org.jboss.security.auth.message.config.JBossServerAuthConfig.getAuthContext(JBossServerAuthConfig.java:108)
at org.apache.catalina.authenticator.AuthenticatorBase.getJaspicState(AuthenticatorBase.java:773)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:619)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:360)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:399)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:891)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1784)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable run(TaskThread.java:61)
at java.base/java.lang.Thread run(Thread.java:834)

It looks like the error is in this statement:

secDomain = (String) properties.get("security-domain");

and it seems that "properties" is null. The code around this line is this:

SecurityContext securityContext = SecurityActions.getSecurityContext();
if (securityContext != null)
{
secDomain = securityContext.getSecurityDomain();
}
else{
secDomain = (String) properties.get("security-domain");

so I'm assuming securityContext is null and should not be. This code, BTW, is just what I found online without doing a Git pull.

What would cause SecurityActions.getSecurityContext() to return null?

Also, as a side note, we would not have the NPE except for the way getAuthContext() was called. I think this is happening in AuthenticatorBase.java and here's a code snippet:

private JaspicState getJaspicState(AuthConfigProvider jaspicProvider, Request request, Response response,
boolean authMandatory) throws IOException {
...
try {
CallbackHandler callbackHandler = getCallbackHandler();
ServerAuthConfig serverAuthConfig = jaspicProvider.getServerAuthConfig("HttpServlet", jaspicAppContextID,
callbackHandler);
String authContextID = serverAuthConfig.getAuthContextID(jaspicState.messageInfo);
jaspicState.serverAuthContext = serverAuthConfig.getAuthContext(authContextID, null, null); <-- Passing in null for properties
} catch (AuthException e) {
log warn(sm.getString("authenticator.jaspicServerAuthContextFail"), e);
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
return null;
}

英文:

I'm using Spring Boot 2.7.9 to create a website along with Spring OAuth2 and Google Auth. When I try to access the site, I'm getting the above error. I've traced it back a bit, but would like to hear from someone who knows the code better to help me determine what's wrong. Here's the exception stack trace.

java.lang.NullPointerException
at org.jboss.security.auth.message.config.JBossServerAuthConfig.getAuthContext(JBossServerAuthConfig.java:108)
at org.apache.catalina.authenticator.AuthenticatorBase.getJaspicState(AuthenticatorBase.java:773)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:619)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:360)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:399)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:891)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1784)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.base/java.lang.Thread.run(Thread.java:834)

It looks like the error is in this statement:

secDomain = (String) properties.get(&quot;security-domain&quot;);

and it seems that "properties" is null. The code around this line is this:

SecurityContext securityContext = SecurityActions.getSecurityContext();
if (securityContext != null)
{
   secDomain = securityContext.getSecurityDomain();
}
else{
   secDomain = (String) properties.get(&quot;security-domain&quot;);

so I'm assuming securityContext is null and should not be. This code, BTW, is just what I found online without doing a Git pull.

What would cause SecurityActions.getSecurityContext() to return null?

Also, as a side note, we would not have the NPE except for the way getAuthContext() was called. I think this is happening in AuthenticatorBase.java and here's a code snippet:

private JaspicState getJaspicState(AuthConfigProvider jaspicProvider, Request request, Response response,
        boolean authMandatory) throws IOException {
...
    try {
        CallbackHandler callbackHandler = getCallbackHandler();
        ServerAuthConfig serverAuthConfig = jaspicProvider.getServerAuthConfig(&quot;HttpServlet&quot;, jaspicAppContextID,
                callbackHandler);
        String authContextID = serverAuthConfig.getAuthContextID(jaspicState.messageInfo);
        jaspicState.serverAuthContext = serverAuthConfig.getAuthContext(authContextID, null, null); &lt;--- Passing in null for properties
    } catch (AuthException e) {
        log.warn(sm.getString(&quot;authenticator.jaspicServerAuthContextFail&quot;), e);
        response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
        return null;
    }

答案1

得分: 0

这个问题居然是通过注意到我认为是一个完全不同的问题而解决的。我的项目使用了一个我自己创建的“commons”项目。在这个项目中,我在pom.xml中遇到了一个问题。我指定了“maven-compiler-plugin”,但忘记了指定版本,Eclipse报错了。然后我注意到,这是我项目中唯一一个使用这个插件的项目,其他项目都使用了“spring-boot-maven-plugin”,所以我把我的commons项目的pom文件切换到了这个插件,突然间原来的问题就解决了。

英文:

Oddly enough, this was solved by noticing what I thought was a completely different problem. My project uses a 'commons' project that I also created. In that, I had a problem in the pom.xml. I was specifying the "maven-compiler-plugin" but had left out the version and Eclipse was complaining. I then noticed that was the only one of my projects that was using that, while the rest used "spring-boot-maven-plugin", so I switched my commons pom to that one, and all of a sudden the original problem disappeared.

huangapple
  • 本文由 发表于 2023年3月9日 14:27:32
  • 转载请务必保留本文链接:https://go.coder-hub.com/75681098.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定