[NXP-21959] NPE when providing no password to create a user in LDAP - Nuxeo Issue Tracker

XML

Word

Printable

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 6.0-HF36
Fix Version/s: 8.10-HF10, 9.2
Component/s: User Registration

Tags:
- bugday
- rookie

Description

It is legitimate to create a user with no password (null), in the LDAP. The problem is that it raises an NPE.

For example, when you have activated the automatic password hashing (https://doc.nuxeo.com/nxdoc/data-lists-and-directories/,
<passwordHashAlgorithm>SSHA</passwordHashAlgorithm>):

org.nuxeo.ecm.directory.DirectoryException: createEntry failed null
        at org.nuxeo.ecm.directory.ldap.LDAPSession.handleException(LDAPSession.java:510)
        at org.nuxeo.ecm.directory.ldap.LDAPSession.createEntry(LDAPSession.java:247)
        at org.nuxeo.ecm.directory.ldap.LDAPSession.createEntry(LDAPSession.java:1197)
        at org.nuxeo.ecm.platform.usermanager.UserManagerImpl.createUser(UserManagerImpl.java:1455)
        at org.nuxeo.ecm.platform.usermanager.UserManagerImpl.createUser(UserManagerImpl.java:913)

Caused by: java.lang.NullPointerException
        at org.nuxeo.ecm.directory.PasswordHelper.digestWithSalt(PasswordHelper.java:141)
        at org.nuxeo.ecm.directory.PasswordHelper.hashPassword(PasswordHelper.java:92)
        at org.nuxeo.ecm.directory.ldap.LDAPSession.createEntry(LDAPSession.java:188)
        ... 118 more

Attachments

Activity

People

Assignee:

Patrick Abgrall

Reporter:

Ronan Daniellou

Participants:

Bertrand Chauvin, Florent Guillaume, Jenkins, Patrick Abgrall, Ronan Daniellou

Votes:

0 Vote for this issue

Watchers:

4 Start watching this issue

Dates

Created:

2017-03-27 13:29

Updated:

2017-10-02 08:11

Resolved:

2017-07-04 16:56

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

3h 15m