1. 首頁
  2. 問答
  3. WSO2身份服務器當帳戶被鎖定時,OAuth2登錄時發生NullPointerException

WSO2身份服務器當帳戶被鎖定時,OAuth2登錄時發生NullPointerException

2014-02-06 57 views
0

我正在使用wso2is 4.6.0,並且正在測試「帳戶鎖定/解鎖」功能。WSO2身份服務器當帳戶被鎖定時,OAuth2登錄時發生NullPointerException

這裏是配置我從identity-mgt.properties文件中使用:

# If account verification is not enabled, following property will decide where user must be lock or not after user is created 
Authentication.Policy.Account.Lock.On.Creation=true 
Authentication.Policy.Account.Lock.Time=5 
Authentication.Policy.Account.Lock.On.Failure=true 
Authentication.Policy.Account.Lock.On.Failure.Max.Attempts=3

在3次登錄失敗,該帳戶被鎖定5分鐘

該帳戶被鎖定和解鎖如預期的那樣,它完美地工作,但是當帳戶被鎖定時,當我嘗試使用OAuth2(代碼流)登錄時,出現以下錯誤:

java.lang.RuntimeException: org.apache.cxf.interceptor.Fault 
at org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:116) 
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:331) 
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) 
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:239) 
at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:223) 
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:203) 
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:137) 
at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:159) 
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:286) 
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:206) 
at javax.servlet.http.HttpServlet.service(HttpServlet.java:755) 
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:262) 
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) 
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) 
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:749) 
at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:487) 
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:412) 
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:339) 
at org.wso2.carbon.identity.application.authentication.framework.CommonApplicationAuthenticationServlet.sendResponseToCaller(CommonApplicationAuthenticationServlet.java:242) 
at org.wso2.carbon.identity.application.authentication.framework.CommonApplicationAuthenticationServlet.sendResponseToCaller(CommonApplicationAuthenticationServlet.java:223) 
at org.wso2.carbon.identity.application.authentication.framework.CommonApplicationAuthenticationServlet.doPost(CommonApplicationAuthenticationServlet.java:174) 
at javax.servlet.http.HttpServlet.service(HttpServlet.java:755) 
at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) 
at org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37) 
at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61) 
at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128) 
at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:60) 
at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) 
at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68) 
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) 
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) 
at org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61) 
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243) 
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) 
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222) 
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123) 
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) 
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171) 
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99) 
at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:178) 
at org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47) 
at org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:56) 
at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47) 
at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:141) 
at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:156) 
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936) 
at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:52) 
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) 
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407) 
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004) 
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589) 
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1653) 
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) 
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) 
at java.lang.Thread.run(Thread.java:744) 
Caused by: org.apache.cxf.interceptor.Fault 
at org.apache.cxf.service.invoker.AbstractInvoker.createFault(AbstractInvoker.java:162) 
at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:128) 
at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:194) 
at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:100) 
at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:57) 
at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:93) 
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271) 
... 53 more 
Caused by: java.lang.NullPointerException 
at org.apache.amber.oauth2.common.message.OAuthResponse$OAuthErrorResponseBuilder.error(OAuthResponse.java:165) 
at org.wso2.carbon.identity.oauth.endpoint.authz.OAuth2AuthzEndpoint.authorize(OAuth2AuthzEndpoint.java:172) 
at org.wso2.carbon.identity.oauth.endpoint.authz.OAuth2AuthzEndpoint.authorizePost(OAuth2AuthzEndpoint.java:288) 
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) 
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
at java.lang.reflect.Method.invoke(Method.java:606) 
at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:180) 
at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96) 
... 58 more

我錯過了配置中的某些東西嗎? 任何建議,以避免此錯誤?

來源

2014-02-06 user2441141

回答

0

您試圖在您的帳戶鎖定時獲取訪問令牌?基本上,因爲您不是經過身份驗證的用戶,因此在鎖定時無法獲得訪問令牌。但我同意不能有空指針。您必須返回身份驗證失敗消息。這必須是代碼中的錯誤。如果您只是查找「OAuth2AuthzEndpoint」的來源,您可以看到有一個可能的空指針。當用戶未通過身份驗證時,它會嘗試創建OAuth錯誤消息,但由於此空指針而無法創建OAuth錯誤消息。我希望這可以在下一個版本中修復。

來源

2014-02-07 09:55:10 Asela

+0

Jira創建... https://wso2.org/jira/browse/IDENTITY-2033 – Asela

相關問題

 相關問題