Invalid DN values in group/role member attributes result in null pointer dereferences in the BasePrincipalImpl class

If the users belonging to a role are determined by role attributes, so role to user mapping (and not the default, mapping users to roles), then an invalid DN in the role membership attribute will cause a user principal to be created with a NULL name. The reason for that is that the UID attribute (e.g. "CN=") cannot be found in the invalid DN value.