Uploaded image for project: 'Zeppelin'
  1. Zeppelin
  2. ZEPPELIN-3332

Zeppelin login fails with NPE if ldapRealm.authorizationEnabled is not set true

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 0.8.0
    • Fix Version/s: 0.8.0
    • Component/s: security
    • Labels:
      None

      Description

      NPE is caused due the return value of org.apache.zeppelin.realm.LdapRealm method queryForAuthorizationInfo is null if authorizationEnabled = false (false is the default)
       
      The null is not correctly handled by org.apache.zeppelin.utils.SecurityUtils and the login attempt always fails with:
       
       

      Caused by: java.lang.NullPointerException
      at org.apache.zeppelin.utils.SecurityUtils.getRoles(SecurityUtils.java:144) 
      at org.apache.zeppelin.rest.LoginRestApi.postLogin(LoginRestApi.java:82) 
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      at java.lang.reflect.Method.invoke(Method.java:498)
      at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:180)
      at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96)
      ... 50 more

       
      Even when the authentication was successful and authorizationEnabled=false we are not able to login to the zeppelin ui. 
       
      Issue was introduced by pull https://github.com/apache/zeppelin/pull/2498

        Attachments

          Activity

            People

            • Assignee:
              falbani Felix Albani
              Reporter:
              falbani Felix Albani
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: