VOOZH about

URL: https://www.ibm.com/support/pages/apar/IJ53086

⇱ IJ53086: NULLPOINTEREXCEPTION ENCOUNTERED DURING KRB5LOGINMODULE LOGIN

IJ53086: NULLPOINTEREXCEPTION ENCOUNTERED DURING KRB5LOGINMODULE LOGIN

APAR status

  • Closed as program error.

Error description

  • Error Message: Kerberos Login failed: Integrated authentication
failed due to javax.security.auth.login.FailedLoginException
(Login error: java.lang.NullPointerException)
.
Stack Trace: Caused by:
javax.security.auth.login.FailedLoginException: Login error:
java.lang.NullPointerException
at
com.ibm.security.jgss.i18n.I18NException.throwFailedLoginExcepti
on(Unknown Source)
at com.ibm.security.auth.module.Krb5LoginModule.k(Unknown
Source)
at com.ibm.security.auth.module.Krb5LoginModule.b(Unknown
Source)
at com.ibm.security.auth.module.Krb5LoginModule.login(Unknown
Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessor
Impl.java:90)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethod
AccessorImpl.java:55)
at java.lang.reflect.Method.invoke(Method.java:508)
at
javax.security.auth.login.LoginContext.invoke(LoginContext.java:
788)
at
javax.security.auth.login.LoginContext.access$000(LoginContext.j
ava:196)
at
javax.security.auth.login.LoginContext$4.run(LoginContext.java:6
98)
at
javax.security.auth.login.LoginContext$4.run(LoginContext.java:6
96)
at
java.security.AccessController.doPrivileged(AccessController.jav
a:746)
at
javax.security.auth.login.LoginContext.invokePriv(LoginContext.j
ava:696)
at
javax.security.auth.login.LoginContext.login(LoginContext.java:5
97)
.
There is the second error. Kerberos Login failed: Integrated
authentication failed due to
javax.security.auth.login.LoginException
(java.lang.IllegalArgumentException: Null name not allowed.
The stack trace is:
at
com.ibm.security.jgss.i18n.I18NException.throwIllegalArgumentExc
eption(I18NException.java:43)
at com.ibm.security.krb5.PrincipalName.(PrincipalName.java:13)
at com.ibm.security.krb5.PrincipalName.(PrincipalName.java:87)
at javax.security.auth.kerberos.KerberosPrincipal.(Unknown
Source)
at javax.security.auth.kerberos.KerberosPrincipal.(Unknown
Source)
at
com.ibm.security.auth.module.Krb5LoginModule.commit(Krb5LoginMod
ule.java:558)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessor
Impl.java:90)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethod
AccessorImpl.java:55)
at java.lang.reflect.Method.invoke(Method.java:508)
at
javax.security.auth.login.LoginContext.invoke(LoginContext.java:
788)
at
javax.security.auth.login.LoginContext.access$000(LoginContext.j
ava:196)
at
javax.security.auth.login.LoginContext$4.run(LoginContext.java:6
98)
at
javax.security.auth.login.LoginContext$4.run(LoginContext.java:6
96)
at
java.security.AccessController.doPrivileged(AccessController.jav
a:746)
at
javax.security.auth.login.LoginContext.invokePriv(LoginContext.j
ava:696)
at
javax.security.auth.login.LoginContext.login(LoginContext.java:5
98)

Local fix

  • This problem does not happen on 8.0.8.10 and the lower levels.

Problem summary

  • This problem happens when principal name is null.

Problem conclusion

  • Adding the null principal name checking, and handling it instead
of throwing the exception.
A fix is made to ibmjgssprovider.jar
The associated Hursley RTC Problem Report is 151953
The associated Austin APAR is IJ52912
JVMs affected: Java 8
The fix was delivered for Java 8 SR8 FP40
The affected jar is "ibmjgssprovider.jar".
The build level of this jar for the affected releases is
"build_20241105--187"
.
This APAR will be fixed in the following Releases:
.
IBM Semeru Runtimes
IBM SDK, Java Technology Edition
 8 SR8 FP40 (8.0.8.40)
.
Downloads and supplementary documentation can be found at the
following locations:
- For non z/OS operating systems:
 - IBM Semeru Runtimes, Version 11 and later
 https://www.ibm.com/semeru-runtimes/downloads/
 - IBM SDK, Java Technology Edition, Version 8
 https://www.ibm.com/support/pages/java-sdk-downloads/
- For the z/OS operating system:
 - Java SDK Products on z/OS
 https://www.ibm.com/support/pages/java-sdk-products-zos

Temporary fix



Comments


    



APAR Information




    

  • APAR number
    IJ53086
    • 

  • Reported component name
    SECURITY
    • 

  • Reported component ID
    620700125
    • 

  • Reported release
    270
    • 

  • Status
    CLOSED PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2024-11-20
    • 

  • Closed date
    2024-11-20
    • 

  • Last modified date
    2024-11-20
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    SECURITY
    • 

  • Fixed component ID
    620700125
    • 



Applicable component levels







 
 
 
 

 [{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"270","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}}]
 

 

 
 
 

 

 

 

 

 

 
Document Information


 

 

 Modified date:
 

 20 November 2024