search

TremoloSecurity / MyVirtualDirectory

Open Source LDAP Virtual Directory
Apache License 2.0
45 stars 18 forks source link

`useKerberos` on AD results in ClassNotFoundException which leads to a NullPointerException #70

Open pboos opened 5 years ago

pboos commented 5 years ago

The problem

Using:

server.AD.adinsert.config.useKerberos=true

Results in a NullPointerException (or actually a ClassNotFoundException).

More information

The quickStart shows how to use kerberos:

server.AD.adinsert.config.useKerberos=%AD_USE_KERB%

But if adding:

server.AD.adinsert.config.useKerberos=true

It will execute the following code in ADInsert

        if (useKerb.equalsIgnoreCase("true")) {
            insertNames.add("kerberos");
            props.setProperty("kerberos.className", "net.sourceforge.myvd.inserts.kerberos.ADKerberosInsert");
            props.setProperty("kerberos.config.host", compositeProps.getProperty("host"));
            props.setProperty("kerberos.config.port", compositeProps.getProperty("kerbPort","88"));
        }

net.sourceforge.myvd.inserts.kerberos.ADKerberosInsert is nowhere to be found in this repository. That is why on startup, it will then crash with a ClassNotFoundException.

Below is the error given. It is a NPE, because it tries to log the ClassNotFoundException with a logger through getLogger().error(e.toString(),e);. But ADInsert has this method with:

    @Override
    public Logger getLogger() {
        // TODO Auto-generated method stub
        return null;
    }

Error thrown when using useKerberos=true:

[2019-08-30 07:45:51,575][main] ERROR Server - Error starting server : java.lang.NullPointerException
java.lang.NullPointerException: null
    at net.sourceforge.myvd.inserts.composite.CompositeInsert.configure(CompositeInsert.java:127) ~[myvd-server-1.0.6.jar:?]
    at net.sourceforge.myvd.core.InsertChain.configureChain(InsertChain.java:192) ~[myvd-server-1.0.6.jar:?]
    at net.sourceforge.myvd.server.ServerCore.configureChain(ServerCore.java:72) ~[myvd-server-1.0.6.jar:?]
    at net.sourceforge.myvd.server.ServerCore.buildNamespaces(ServerCore.java:134) ~[myvd-server-1.0.6.jar:?]
    at net.sourceforge.myvd.server.ServerCore.startService(ServerCore.java:150) ~[myvd-server-1.0.6.jar:?]
    at net.sourceforge.myvd.server.Server.startServer(Server.java:192) ~[myvd-server-1.0.6.jar:?]
    at net.sourceforge.myvd.server.Server.main(Server.java:534) [myvd-server-1.0.6.jar:?]

Can we somehow add that class, or was it renamed (could not find a rename in git though)?

Or other question: Is there another way to force auth for every request to myvd (and have the auth done through kerberos)?