VOOZH about

URL: https://www.ibm.com/support/pages/apar/IJ57596

⇱ IJ57596: KERBEROS THROWS NULLPOINTEREXCEPTION

IJ57596: KERBEROS THROWS NULLPOINTEREXCEPTION

APAR status

  • Closed as program error.

Error description

  • Error Message: N/A
.
Stack Trace: Caused by: java.lang.NullPointerException at
 java.lang.StringBuffer.(StringBuffer.java:148)
at

com.ibm.security.krb5.KrbTgsRep.(KrbTgsRep.java:66) at

com.ibm.security.krb5.KrbTgsReq.getReply(KrbTgsReq.java:247) at

com.ibm.security.krb5.KrbTgsReq.sendAndGetCreds(KrbTgsReq.java:2
54)
 at

com.ibm.security.krb5.internal.CredentialsUtil.serviceCreds(Cred
entialsUtil.java:319)
 at

com.ibm.security.krb5.internal.CredentialsUtil.serviceCredsRefer
rals(CredentialsUtil.java:376)
 at

com.ibm.security.krb5.internal.CredentialsUtil.serviceCreds(Cred
entialsUtil.java:340)
 at

com.ibm.security.krb5.internal.CredentialsUtil.getTGTforRealm(Cr
edentialsUtil.java:212)
 at

com.ibm.security.krb5.internal.CredentialsUtil.acquireServiceCre
ds(CredentialsUtil.java:163)
 at

com.ibm.security.krb5.Credentials.acquireServiceCreds(Credential
s.java:279)
 at

com.ibm.security.jgss.mech.krb5.Krb5Context.initSecContext(Krb5C
ontext.java:324)
 at

com.ibm.security.jgss.GSSContextImpl.initSecContext(GSSContextIm
pl.java:308)
 at

com.ibm.security.jgss.GSSContextImpl.initSecContext(GSSContextIm
pl.java:272)
 at

com.ibm.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(Un
known
 Source)
.

Local fix

  • The NullPointerException is not the root cause of the problem.
The
 root cause is that the Ticket Granting Service reply
from the Key
 Distribution Center cannot be parsed.

Problem summary

  • Kerberos throws a NullPointerException when a Ticket Granting
 Service Reply from KDC (KrbTgsRep) cannot be parsed
and the
 associated KRBError has null for message text.

Problem conclusion

  • The Kerberos code was modified to check for null message text.
 The associated Hursley RTC Problem Report is 153905
The associated
 Austin GIT defect in IBMJGSS#154 The associated
Austin APAR is N/A
 JVMs affected: Java 8.0 The fix was delivered for:
Java 8 sr8 fp65
 (20250627-465)

 The affected jar is ibmjgssprovider.jar

.
This APAR will be fixed in the following Releases:
.
IBM Semeru Runtimes
IBM SDK, Java Technology Edition
 8 SR8 FP65 (8.0.8.65)
.
Downloads and supplementary documentation can be found at the
following locations:
- For non z/OS operating systems:
 - IBM Semeru Runtimes, Version 11 and later
 https://www.ibm.com/semeru-runtimes/downloads/
 - IBM SDK, Java Technology Edition, Version 8
 https://www.ibm.com/support/pages/java-sdk-downloads/
- For the z/OS operating system:
 - Java SDK Products on z/OS
 https://www.ibm.com/support/pages/java-sdk-products-zos

Temporary fix



Comments


    



APAR Information




    

  • APAR number
    IJ57596
    • 

  • Reported component name
    SECURITY
    • 

  • Reported component ID
    620700125
    • 

  • Reported release
    270
    • 

  • Status
    CLOSED PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2026-03-11
    • 

  • Closed date
    2026-03-11
    • 

  • Last modified date
    2026-03-11
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    SECURITY
    • 

  • Fixed component ID
    620700125
    • 



Applicable component levels







 
 
 
 

 [{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"270","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}}]
 

 

 
 
 

 

 

 

 

 

 
Document Information


 

 

 Modified date:
 

 11 March 2026