From 17ed05bcc64cba6b847d12dbf92043ac14795cfe Mon Sep 17 00:00:00 2001
From: Stuart Douglas <stuart.w.douglas@gmail.com>
Date: Wed, 22 Feb 2017 14:34:42 +1100
Subject: [PATCH] Fix some EJB/CORBA issues

---
 .../jboss/as/ejb3/iiop/EjbCorbaServant.java    |  9 +++++++--
 .../csiv2/ElytronSASClientInterceptor.java     | 18 ++++++++++++++++--
 .../wildfly/iiop/openjdk/rmi/RmiIdlUtil.java   |  2 +-
 .../rmi/marshal/strategy/SkeletonStrategy.java |  2 +-
 4 files changed, 25 insertions(+), 6 deletions(-)

diff --git a/ejb3/src/main/java/org/jboss/as/ejb3/iiop/EjbCorbaServant.java b/ejb3/src/main/java/org/jboss/as/ejb3/iiop/EjbCorbaServant.java
index bfb8d0936488..fe9cbec7a9b5 100644
--- a/ejb3/src/main/java/org/jboss/as/ejb3/iiop/EjbCorbaServant.java
+++ b/ejb3/src/main/java/org/jboss/as/ejb3/iiop/EjbCorbaServant.java
@@ -28,6 +28,7 @@
 import java.security.AccessController;
 import java.security.Principal;
 import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
 import java.security.PrivilegedExceptionAction;
 import java.util.HashMap;
 import java.util.Map;
@@ -326,7 +327,11 @@ public OutputStream _invoke(final String opName, final InputStream in, final Res
                                 }
                                 final InterceptorContext interceptorContext = new InterceptorContext();
                                 this.prepareInterceptorContext(op, params, interceptorContext);
-                                retVal = identity.runAs((PrivilegedExceptionAction<Object>) () -> this.componentView.invoke(interceptorContext));
+                                try {
+                                    retVal = identity.runAs((PrivilegedExceptionAction<Object>) () -> this.componentView.invoke(interceptorContext));
+                                } catch (PrivilegedActionException e) {
+                                    throw e.getCause();
+                                }
                             } else {
                                 // legacy security behavior: setup the security context if a SASCurrent is available and invoke the component.
                                 // One of the EJB security interceptors will authenticate and authorize the client.
@@ -380,7 +385,7 @@ public OutputStream _invoke(final String opName, final InputStream in, final Res
                 if (op.isNonVoid()) {
                     op.writeRetval(out, retVal);
                 }
-            } catch (Exception e) {
+            } catch (Throwable e) {
                 EjbLogger.ROOT_LOGGER.trace("Exception in EJBObject invocation", e);
                 if (e instanceof MBeanException) {
                     e = ((MBeanException) e).getTargetException();
diff --git a/iiop-openjdk/src/main/java/org/wildfly/iiop/openjdk/csiv2/ElytronSASClientInterceptor.java b/iiop-openjdk/src/main/java/org/wildfly/iiop/openjdk/csiv2/ElytronSASClientInterceptor.java
index 0b893972a2e2..348408707d7b 100644
--- a/iiop-openjdk/src/main/java/org/wildfly/iiop/openjdk/csiv2/ElytronSASClientInterceptor.java
+++ b/iiop-openjdk/src/main/java/org/wildfly/iiop/openjdk/csiv2/ElytronSASClientInterceptor.java
@@ -25,6 +25,7 @@
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.callback.NameCallback;
 import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
 
 import com.sun.corba.se.impl.interceptors.ClientRequestInfoImpl;
 import com.sun.corba.se.impl.transport.SocketOrChannelContactInfoImpl;
@@ -161,6 +162,9 @@ public void send_request(ClientRequestInfo ri) throws ForwardRequest {
             IdentityToken identityToken = ABSENT_IDENTITY_TOKEN;
             byte[] encodedAuthenticationToken = NO_AUTHENTICATION_TOKEN;
             final URI uri = this.getURI(ri);
+            if(uri == null) {
+                return;
+            }
 
             AuthenticationContext authContext = this.authContext == null ? AuthenticationContext.captureCurrent() : this.authContext;
 
@@ -315,7 +319,11 @@ private URI getURI(final ClientRequestInfo clientRequestInfo) throws URISyntaxEx
         final StringBuilder builder = new StringBuilder("iiop:");
         if (clientRequestInfo instanceof ClientRequestInfoImpl) {
             ClientRequestInfoImpl infoImpl = (ClientRequestInfoImpl) clientRequestInfo;
-            ContactInfo info = ((CorbaConnection) infoImpl.connection()).getContactInfo();
+            CorbaConnection connection = (CorbaConnection) infoImpl.connection();
+            if(connection == null) {
+                return null;
+            }
+            ContactInfo info = connection.getContactInfo();
             if (info instanceof SocketOrChannelContactInfoImpl) {
                 String hostname = ((SocketOrChannelContactInfoImpl) info).getHost();
                 if (hostname != null)
@@ -324,6 +332,8 @@ private URI getURI(final ClientRequestInfo clientRequestInfo) throws URISyntaxEx
                 if (port > 0)
                     builder.append(":").append(port);
             }
+        } else {
+            return null;
         }
         return new URI(builder.toString());
     }
@@ -349,7 +359,11 @@ private byte[] createInitialContextToken(final URI uri, final String purpose, fi
         final CallbackHandler handler = AUTH_CONFIG_CLIENT.getCallbackHandler(configuration);
         final NameCallback nameCallback = new NameCallback("Username: ");
         final PasswordCallback passwordCallback = new PasswordCallback("Password: ", false);
-        handler.handle(new Callback[]{nameCallback, passwordCallback});
+        try {
+            handler.handle(new Callback[]{nameCallback, passwordCallback});
+        } catch (UnsupportedCallbackException e) {
+            return NO_AUTHENTICATION_TOKEN;
+        }
 
         // if the name callback contains a valid username we create the initial context token.
         if (nameCallback.getName() != null && !nameCallback.getName().equals(AnonymousPrincipal.getInstance().getName())) {
diff --git a/iiop-openjdk/src/main/java/org/wildfly/iiop/openjdk/rmi/RmiIdlUtil.java b/iiop-openjdk/src/main/java/org/wildfly/iiop/openjdk/rmi/RmiIdlUtil.java
index 28dae1db8d4c..5b8a9fc25eb3 100644
--- a/iiop-openjdk/src/main/java/org/wildfly/iiop/openjdk/rmi/RmiIdlUtil.java
+++ b/iiop-openjdk/src/main/java/org/wildfly/iiop/openjdk/rmi/RmiIdlUtil.java
@@ -454,7 +454,7 @@ public static boolean isAbstractValueType(Class type) {
         return cannotBeRemote && cannotBeAbstractInterface;
     }
 
-    public static void rethrowIfCorbaSystemException(Exception e) {
+    public static void rethrowIfCorbaSystemException(Throwable e) {
         if (e instanceof java.rmi.MarshalException)
             throw new org.omg.CORBA.MARSHAL(e.toString());
         else if (e instanceof java.rmi.NoSuchObjectException)
diff --git a/iiop-openjdk/src/main/java/org/wildfly/iiop/openjdk/rmi/marshal/strategy/SkeletonStrategy.java b/iiop-openjdk/src/main/java/org/wildfly/iiop/openjdk/rmi/marshal/strategy/SkeletonStrategy.java
index bee5093e0451..6b51b254cc2a 100644
--- a/iiop-openjdk/src/main/java/org/wildfly/iiop/openjdk/rmi/marshal/strategy/SkeletonStrategy.java
+++ b/iiop-openjdk/src/main/java/org/wildfly/iiop/openjdk/rmi/marshal/strategy/SkeletonStrategy.java
@@ -157,7 +157,7 @@ public void writeRetval(OutputStream out, Object retVal) {
      * @param out a CDR output stream
      * @param e   the exception to be written.
      */
-    public void writeException(OutputStream out, Exception e) {
+    public void writeException(OutputStream out, Throwable e) {
         int len = excepWriters.length;
         for (int i = 0; i < len; i++) {
             if (excepWriters[i].getExceptionClass().isInstance(e)) {