-
Bug
-
Resolution: Fixed
-
P3
-
1.2.1
-
None
-
kestrel
-
sparc
-
solaris_7
-
Verified
The LDAP service provider throws a NullPointerException when a referral
is returned by an LDAP server during an LDAP Bind operation. Referrals
received during other LDAP operations are handled correctly.
To reproduce:
1) Create a person entry in LDAP server A which contains a referral to
LDAP server B. For example, create a ref attribute with the value
"ldap://serverB" in an entry named "cn=personB,o=sun,c=us" in server A.
2) Use the simple JNDI application below to perform an LDAP Bind operation
to server A using the DN of the person entry above. For example,
java AuthRead ldap://serverA "cn=personB,o=sun,c=us" "xxx"
Server A will return a referral to server B. The LDAP service provider
will throw a NullPointerException while processing this referral.
import java.util.Hashtable;
import java.util.Enumeration;
import javax.naming.*;
import javax.naming.directory.*;
class AuthRead {
public static void main(String[] args) {
int argc = args.length;
if ((argc < 3) ||
((argc == 1) && (args[0].equalsIgnoreCase("-help")))) {
System.out.println("Usage: AuthRead <ldapurl> <DN> <password>\n");
System.out.println(" <ldapurl> is the LDAP URL of the entry to read"
);
System.out.println(" <DN> is the principal's name");
System.out.println(" <password> is the principal's credential\n");
System.out.println("example:");
System.out.println(" java AuthRead ldap://oasis/o=airius.com \"cn=dir
ectory manager\" secret99");
return;
}
Hashtable env = new Hashtable(5, 0.75f);
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
/* Specify host and port to use for directory service */
env.put(Context.PROVIDER_URL, args[0]);
/* specify authentication information */
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, args[1]);
env.put(Context.SECURITY_CREDENTIALS, args[2]);
/* Chase referrals */
env.put(Context.REFERRAL, "follow");
try {
/* get a handle to an Initial DirContext */
DirContext ctx = new InitialDirContext(env);
Attributes attrs = ctx.getAttributes("");
if (attrs == null) {
System.out.println("No attributes");
} else {
/* print each attribute */
for (NamingEnumeration ae = attrs.getAll();
ae.hasMoreElements();) {
Attribute attr = (Attribute)ae.next();
String attrId = attr.getID();
/* print each value */
for (Enumeration vals = attr.getAll();
vals.hasMoreElements();
System.out.println(attrId + ": " + vals.nextElement()))
;
}
}
} catch (NamingException e) {
System.err.println("AuthRead failed.");
e.printStackTrace();
}
}
}
is returned by an LDAP server during an LDAP Bind operation. Referrals
received during other LDAP operations are handled correctly.
To reproduce:
1) Create a person entry in LDAP server A which contains a referral to
LDAP server B. For example, create a ref attribute with the value
"ldap://serverB" in an entry named "cn=personB,o=sun,c=us" in server A.
2) Use the simple JNDI application below to perform an LDAP Bind operation
to server A using the DN of the person entry above. For example,
java AuthRead ldap://serverA "cn=personB,o=sun,c=us" "xxx"
Server A will return a referral to server B. The LDAP service provider
will throw a NullPointerException while processing this referral.
import java.util.Hashtable;
import java.util.Enumeration;
import javax.naming.*;
import javax.naming.directory.*;
class AuthRead {
public static void main(String[] args) {
int argc = args.length;
if ((argc < 3) ||
((argc == 1) && (args[0].equalsIgnoreCase("-help")))) {
System.out.println("Usage: AuthRead <ldapurl> <DN> <password>\n");
System.out.println(" <ldapurl> is the LDAP URL of the entry to read"
);
System.out.println(" <DN> is the principal's name");
System.out.println(" <password> is the principal's credential\n");
System.out.println("example:");
System.out.println(" java AuthRead ldap://oasis/o=airius.com \"cn=dir
ectory manager\" secret99");
return;
}
Hashtable env = new Hashtable(5, 0.75f);
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
/* Specify host and port to use for directory service */
env.put(Context.PROVIDER_URL, args[0]);
/* specify authentication information */
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, args[1]);
env.put(Context.SECURITY_CREDENTIALS, args[2]);
/* Chase referrals */
env.put(Context.REFERRAL, "follow");
try {
/* get a handle to an Initial DirContext */
DirContext ctx = new InitialDirContext(env);
Attributes attrs = ctx.getAttributes("");
if (attrs == null) {
System.out.println("No attributes");
} else {
/* print each attribute */
for (NamingEnumeration ae = attrs.getAll();
ae.hasMoreElements();) {
Attribute attr = (Attribute)ae.next();
String attrId = attr.getID();
/* print each value */
for (Enumeration vals = attr.getAll();
vals.hasMoreElements();
System.out.println(attrId + ": " + vals.nextElement()))
;
}
}
} catch (NamingException e) {
System.err.println("AuthRead failed.");
e.printStackTrace();
}
}
}