Major Description
If the following test method is added to the end of SimpleAuthenticationTest in the core-tests module, the code goes into an infinite loop.
public void test11NonExistentUser()
{
Hashtable env = new Hashtable( configuration.toJndiEnvironment() );
env.put( Context.PROVIDER_URL, "ou=system" );
env.put( Context.SECURITY_PRINCIPAL, "uid=idontexist,ou=users,ou=system" );
env.put( Context.SECURITY_CREDENTIALS, "test" );
env.put( Context.SECURITY_AUTHENTICATION, "simple" );
env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.ldap.server.jndi.CoreContextFactory" );
try
catch(Exception expected) {
}
}
Line 139 of org.apache.ldap.server.jndi.ServerContext is
if ( ! nexusProxy.hasEntry( dn ) )
{ throw new NameNotFoundException( dn + " does not exist" ); }But the call to hasEntry(dn) results in an authenticate() call. SimpleAuthenticator then performs a "lookup" operation on the given dn. When the call reaches the ExceptionService, it calls assertHasEntry() on itself:
line 372:
if ( !nextInterceptor.hasEntry( dn ) )
{
LdapNameNotFoundException e = null;
if ( msg != null )
{ e = new LdapNameNotFoundException( msg + dn ); }else
{ e = new LdapNameNotFoundException( dn.toString() ); } e.setResolvedName( proxy.getMatchedName( dn, false ) );
throw e;
}
The hasEntry call here fails as expected. However, the subsequent call to getMatchedName results in another call through the interceptor stack, another authenticate(), another lookup from SimpleAuthenticator and then we're stuck.
Attachments
Issue Links
- is a clone of
-
DIRSERVER-252 Stack trace overflow when trying to connect with a bad DN
-
- Closed
-