Issue Details (XML | Word | Printable)

Key: DIRSERVER-746
Type: Bug Bug
Status: Closed Closed
Resolution: Fixed
Priority: Minor Minor
Assignee: Unassigned
Reporter: Bastiaan Bakker
Votes: 0
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
Directory ApacheDS

DefaultDirectoryService.createBootstrapEntries() throws NullPointerException if no authorizationService is configured

Created: 21/Sep/06 01:25 PM   Updated: 15/Feb/09 01:36 PM
Return to search
Component/s: core
Affects Version/s: None
Fix Version/s: None

Time Tracking:
Not Specified

File Attachments:
  File Name Date Attached Attached By Size
Text File Licensed for inclusion in ASF works apacheds-1.0-RC4-authorizationservice.patch 2006-09-21 01:32 PM Bastiaan Bakker 2 kB

Resolution Date: 25/Jan/07 02:20 PM


 Description  « Hide
DefaultDirectoryService.createBootstrapEntries() has a hardcoded dependency on AuthorizationService being configured as the 'authorizationService' interceptor. If one does not want to configure an authorizationService the code in question will throw a NullPointerException. Also if one does configure a different authorizationService implementation the code will throw a ClassCastException.
Clearly the code should not assume an AuthorizationService instance has been configured as the 'authorizationService' interceptor.

 All   Comments   Work Log   Change History   Subversion Commits      Sort Order: Ascending order - Click to sort in descending order
[ Permlink | « Hide ]
Bastiaan Bakker added a comment - 21/Sep/06 01:32 PM
The attached patchs adds a check to DefaultDirectoryService.createBootstrapEntries() to ensure that the authorizarionService interceptor exists and is an instance of AuthorizationService before calling cacheNewGroup()

Bastiaan Bakker made changes - 21/Sep/06 01:32 PM
Field Original Value New Value
Attachment apacheds-1.0-RC4-authorizationservice.patch [ 12341296 ]
[ Permlink | « Hide ]
Emmanuel Lecharny added a comment - 25/Jan/07 02:20 PM
Thanks for the post Bastiaan. And sorry for the loooooong time it took to respond.

Thanks for the report and for the patch. Nice catch !

I have somehow inverted the logic for this part : if we don't have an AuthorizationService, or if it's not a correct interceptor, then an exception is thrown (the Ldap Server is always supposed to set this kind of interceptor). If no authorization service is needed, then a pass-through service mst be created.

Here is the modified code :
...
            Interceptor authzInterceptor = interceptorChain.get( "authorizationService" );
            
            if ( authzInterceptor == null )
            {
                log.error( "The Authorization service is null : this is not allowed" );
                throw new NamingException( "The Authorization service is null" );
            }
            
            if ( !( authzInterceptor instanceof AuthorizationService) )
            {
                log.error( "The Authorization service is not set correctly : '{}' is an incorect interceptor",
                    authzInterceptor.getClass().getName() );
                throw new NamingException( "The Authorization service is incorrectly set" );
                
            }

            AuthorizationService authzSrvc = ( AuthorizationService ) authzInterceptor;
            authzSrvc.cacheNewGroup( upName, normName, attributes );
...

Emmanuel Lecharny made changes - 25/Jan/07 02:20 PM
Resolution Fixed [ 1 ]
Status Open [ 1 ] Resolved [ 5 ]

[ Permlink | « Hide ]
Emmanuel Lecharny added a comment - 15/Feb/09 01:36 PM
closed

Emmanuel Lecharny made changes - 15/Feb/09 01:36 PM
Status Resolved [ 5 ] Closed [ 6 ]

Powered by a free Atlassian JIRA open source license for Apache Software Foundation. Try JIRA - bug tracking software for your team.
Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.13.2-#335) - Bug/feature request - Atlassian news - Contact Administrators