-
Bug
-
Resolution: Duplicate
-
P3
-
None
-
7u25
-
linux
FULL PRODUCT VERSION :
java version "1.7.0_25"
Java(TM) SE Runtime Environment (build 1.7.0_25-b15)
Java HotSpot(TM) 64-Bit Server VM (build 23.25-b01, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Linux itstl1080 3.0.51-0.7.9-default #1 SMP Thu Nov 29 22:12:17 UTC 2012 (f3be9d0) x86_64 x86_64 x86_64 GNU/Linux
EXTRA RELEVANT SYSTEM CONFIGURATION :
I used MIT Kerberos 5 to generate the credentials cache
A DESCRIPTION OF THE PROBLEM :
I got NPE when reading MIT Kerberos cached credetial file that I produced as described below.
Exception stack trace:
java.lang.NullPointerException
at sun.security.krb5.Credentials.acquireTGTFromCache(Credentials.java:339)
The shortest reproducable scenario is when I run sun.security.krb5.Credentials.acquireTGTFromCache() directly, but when using JAAS login with com.sun.security.auth.module.Krb5LoginModule to login using the same cached credentials Java will produce the same NPE (encapsulated in LoginException).
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
To reproduce, please create a cached credentials that doesn't contain TGT (using MIT Kerberos command line programs) in the following way:
$ kinit -S host/servername.com
Password for username@DOMAIN.COM:
$ klist -5
Ticket cache: FILE:/tmp/krb5cc_UID
Default principal: username@DOMAIN.COM
Valid starting Expires Service principal
11/24/13 19:03:26 11/25/13 05:03:26 host/servername.com@DOMAIN.COM
renew until 12/24/13 19:03:26
Now, this code will reproduce the NPE:
sun.security.krb5.Credentials.acquireTGTFromCache(null, "/tmp/krb5cc_UID");
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
I would expect that Credentials.acquireTGTFromCache() return "null" because there is no TGT in the cached credentials.
ACTUAL -
Credentials.acquireTGTFromCache() throws this exception:
java.lang.NullPointerException
at sun.security.krb5.Credentials.acquireTGTFromCache(Credentials.java:339)
ERROR MESSAGES/STACK TRACES THAT OCCUR :
java.lang.NullPointerException
at sun.security.krb5.Credentials.acquireTGTFromCache(Credentials.java:339)
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
import sun.security.krb5.Credentials;
public class CredentialsNPE
{
public static void main(String[] args) throws Exception
{
Credentials.acquireTGTFromCache(null, "/tmp/krb5cc_UID");
}
}
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
We're catching the NPE and assume that when it happens this indicated the the cached credentials lacks of TGT.
java version "1.7.0_25"
Java(TM) SE Runtime Environment (build 1.7.0_25-b15)
Java HotSpot(TM) 64-Bit Server VM (build 23.25-b01, mixed mode)
ADDITIONAL OS VERSION INFORMATION :
Linux itstl1080 3.0.51-0.7.9-default #1 SMP Thu Nov 29 22:12:17 UTC 2012 (f3be9d0) x86_64 x86_64 x86_64 GNU/Linux
EXTRA RELEVANT SYSTEM CONFIGURATION :
I used MIT Kerberos 5 to generate the credentials cache
A DESCRIPTION OF THE PROBLEM :
I got NPE when reading MIT Kerberos cached credetial file that I produced as described below.
Exception stack trace:
java.lang.NullPointerException
at sun.security.krb5.Credentials.acquireTGTFromCache(Credentials.java:339)
The shortest reproducable scenario is when I run sun.security.krb5.Credentials.acquireTGTFromCache() directly, but when using JAAS login with com.sun.security.auth.module.Krb5LoginModule to login using the same cached credentials Java will produce the same NPE (encapsulated in LoginException).
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
To reproduce, please create a cached credentials that doesn't contain TGT (using MIT Kerberos command line programs) in the following way:
$ kinit -S host/servername.com
Password for username@DOMAIN.COM:
$ klist -5
Ticket cache: FILE:/tmp/krb5cc_UID
Default principal: username@DOMAIN.COM
Valid starting Expires Service principal
11/24/13 19:03:26 11/25/13 05:03:26 host/servername.com@DOMAIN.COM
renew until 12/24/13 19:03:26
Now, this code will reproduce the NPE:
sun.security.krb5.Credentials.acquireTGTFromCache(null, "/tmp/krb5cc_UID");
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
I would expect that Credentials.acquireTGTFromCache() return "null" because there is no TGT in the cached credentials.
ACTUAL -
Credentials.acquireTGTFromCache() throws this exception:
java.lang.NullPointerException
at sun.security.krb5.Credentials.acquireTGTFromCache(Credentials.java:339)
ERROR MESSAGES/STACK TRACES THAT OCCUR :
java.lang.NullPointerException
at sun.security.krb5.Credentials.acquireTGTFromCache(Credentials.java:339)
REPRODUCIBILITY :
This bug can be reproduced always.
---------- BEGIN SOURCE ----------
import sun.security.krb5.Credentials;
public class CredentialsNPE
{
public static void main(String[] args) throws Exception
{
Credentials.acquireTGTFromCache(null, "/tmp/krb5cc_UID");
}
}
---------- END SOURCE ----------
CUSTOMER SUBMITTED WORKAROUND :
We're catching the NPE and assume that when it happens this indicated the the cached credentials lacks of TGT.
- duplicates
-
-
- Closed
-