Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NullPointerException when not setting a Username for LdapAutoConfiguration #11691

Closed
vdubus opened this issue Jan 19, 2018 · 6 comments
Closed

NullPointerException when not setting a Username for LdapAutoConfiguration #11691

vdubus opened this issue Jan 19, 2018 · 6 comments

Comments

@vdubus
Copy link

vdubus commented Jan 19, 2018
edited

As of version 2.0.0.M7, when not setting any username property for LdapAutoConfiguration, this cause an NullPointerException to occur when attempting to connect to the LDAP server.

java.lang.NullPointerException: null
	at java.util.Hashtable.put(Hashtable.java:460) ~[na:1.8.0_152]
	at org.springframework.ldap.core.support.SimpleDirContextAuthenticationStrategy.setupEnvironment(SimpleDirContextAuthenticationStrategy.java:42) ~[spring-ldap-core-2.3.2.RELEASE.jar:2.3.2.RELEASE]
	at org.springframework.ldap.core.support.AbstractContextSource.setupAuthenticatedEnvironment(AbstractContextSource.java:194) ~[spring-ldap-core-2.3.2.RELEASE.jar:2.3.2.RELEASE]
	at org.springframework.ldap.core.support.AbstractContextSource.getAuthenticatedEnv(AbstractContextSource.java:582) ~[spring-ldap-core-2.3.2.RELEASE.jar:2.3.2.RELEASE]
	at org.springframework.ldap.core.support.AbstractContextSource.doGetContext(AbstractContextSource.java:134) ~[spring-ldap-core-2.3.2.RELEASE.jar:2.3.2.RELEASE]
	at org.springframework.ldap.core.support.AbstractContextSource.getReadOnlyContext(AbstractContextSource.java:158) ~[spring-ldap-core-2.3.2.RELEASE.jar:2.3.2.RELEASE]
	at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:357) ~[spring-ldap-core-2.3.2.RELEASE.jar:2.3.2.RELEASE]
	at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:309) ~[spring-ldap-core-2.3.2.RELEASE.jar:2.3.2.RELEASE]
	at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:642) ~[spring-ldap-core-2.3.2.RELEASE.jar:2.3.2.RELEASE]
	at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:578) ~[spring-ldap-core-2.3.2.RELEASE.jar:2.3.2.RELEASE]
	at org.springframework.ldap.core.LdapTemplate.find(LdapTemplate.java:1840) ~[spring-ldap-core-2.3.2.RELEASE.jar:2.3.2.RELEASE]
	at org.springframework.ldap.core.LdapTemplate.find(LdapTemplate.java:1861) ~[spring-ldap-core-2.3.2.RELEASE.jar:2.3.2.RELEASE]
	at org.springframework.ldap.core.LdapTemplate.findOne(LdapTemplate.java:1869) ~[spring-ldap-core-2.3.2.RELEASE.jar:2.3.2.RELEASE]
	at org.springframework.data.ldap.repository.query.AbstractLdapRepositoryQuery.execute(AbstractLdapRepositoryQuery.java:70) ~[spring-data-ldap-2.0.2.RELEASE.jar:2.0.2.RELEASE]
	at org.springframework.data.repository.core.support.RepositoryFactorySupport$QueryExecutorMethodInterceptor.doInvoke(RepositoryFactorySupport.java:597) ~[spring-data-commons-2.0.2.RELEASE.jar:2.0.2.RELEASE]
	at org.springframework.data.repository.core.support.RepositoryFactorySupport$QueryExecutorMethodInterceptor.invoke(RepositoryFactorySupport.java:580) ~[spring-data-commons-2.0.2.RELEASE.jar:2.0.2.RELEASE]
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:185) ~[spring-aop-5.0.2.RELEASE.jar:5.0.2.RELEASE]
	at org.springframework.data.projection.DefaultMethodInvokingMethodInterceptor.invoke(DefaultMethodInvokingMethodInterceptor.java:59) ~[spring-data-commons-2.0.2.RELEASE.jar:2.0.2.RELEASE]
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:185) ~[spring-aop-5.0.2.RELEASE.jar:5.0.2.RELEASE]
	at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92) ~[spring-aop-5.0.2.RELEASE.jar:5.0.2.RELEASE]
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:185) ~[spring-aop-5.0.2.RELEASE.jar:5.0.2.RELEASE]
	at org.springframework.data.repository.core.support.SurroundingTransactionDetectorMethodInterceptor.invoke(SurroundingTransactionDetectorMethodInterceptor.java:61) ~[spring-data-commons-2.0.2.RELEASE.jar:2.0.2.RELEASE]
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:185) ~[spring-aop-5.0.2.RELEASE.jar:5.0.2.RELEASE]
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212) ~[spring-aop-5.0.2.RELEASE.jar:5.0.2.RELEASE]
	at com.sun.proxy.$Proxy78.findByLogin(Unknown Source) ~[na:na]

This problem occur because in org.springframework.ldap.core.support.AbstractContextSource the default values of userDn and password are set to an empty string which is then replaced by null.

Configuration example:

spring:
  ldap:
    urls:
      - 'ldap://mycompany.com:389'
    base: 'dc=mycompany,dc=com'

As a fix for this problem, I would suggest to set the anonymousReadOnly property to true when username is an empty String or null.

	@Bean
	@ConditionalOnMissingBean
	public ContextSource ldapContextSource() {
		LdapContextSource source = new LdapContextSource();
		if(StringUtils.isEmpty(this.properties.getUsername())) {
			source.setAnonymousReadOnly(true);
		}
		source.setUserDn(this.properties.getUsername());
		source.setPassword(this.properties.getPassword());
		source.setBase(this.properties.getBase());
		source.setUrls(this.properties.determineUrls(this.environment));
		source.setBaseEnvironmentProperties(
				Collections.unmodifiableMap(this.properties.getBaseEnvironment()));
		return source;
	}
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Jan 19, 2018
@philwebb
Copy link
Member

@vdubus Is this a regression or are you also seeing this problem with Spring Boot 1.5?

It feels a little wrong to me that we should automatically set anonymousReadOnly. It feels more like this might be a bug in Spring LDAP, especially given the output it logs.

@philwebb philwebb mentioned this issue Jan 22, 2018
Closed
@philwebb
Copy link
Member

I've raised spring-projects/spring-ldap#473 to see if Spring LDAP can fix the underlying problem.

@philwebb philwebb removed the status: waiting-for-triage An issue we've not yet triaged label Jan 22, 2018
@vdubus
Copy link
Author

vdubus commented Jan 22, 2018

@vdubus Is this a regression or are you also seeing this problem with Spring Boot 1.5?

I don't think that it's a regression.

I've raised spring-projects/spring-ldap#473 to see if Spring LDAP can fix the underlying problem.

In fact, there is two problems.

One is the NullPointerException which I do think should be fixed on spring-ldap side.
In this case, opening an issue on their side seems to be the right thing to do.
A work around for this exception is to set the username and password to an empty String in the configuration.

The other is the impossibility to define the property anonymousReadOnly from spring-autoconfigure configuration.
There is also others configurations possible which aren't available in the current configuration system.
Maybe there is already a ticket which ask for this kind of functionality ?

@philwebb philwebb mentioned this issue Jan 22, 2018
Closed
@philwebb
Copy link
Member

@vdubus I've raised #11722 to add anonymousReadOnly support.

@filiphr
Copy link
Contributor

filiphr commented Aug 22, 2019

Just in case someone else stumbles on this. The NPE is now fixed via #17861. Spring Boot will no longer set the userDn and password if they are null.

@chaqui
Copy link

chaqui commented Jul 16, 2020

Sos grande, me has salvado

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@vdubus @philwebb @chaqui @filiphr @spring-projects-issues