#595 Not working FIRST ACCESSIBLE in case of UVOS conn error

closed-fixed
USE (9)
5
2012-12-19
2012-12-19
No

When remote UVOS server is innaccessible there is an NPE, and, what is worse FIRST ACCESSIBLE strategy is not working. Checked agains 6.5.x.

2012-12-18 15:58:27,191 [620109660@qtp-397335518-1] ERROR VOAttributeFetcher VO-PULL-CLUSTER VO-PULL-ICM - Couldn't perform server query: pl.edu.icm.unicore.uvos.wsclient.samlapi.InvocationException: org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: Couldn't send message.
2012-12-18 15:58:27,193 [620109660@qtp-397335518-1] WARN AccessControlHandler - Error setting up access control check: Exception when getting attributes for the client.: java.lang.NullPointerException (no further message available)
java.lang.SecurityException: Exception when getting attributes for the client.
at de.fzj.unicore.wsrflite.security.SecurityManager.assembleClientAttributes(SecurityManager.java:480)
...
Caused by: java.lang.NullPointerException
at java.util.ArrayList.<init>(ArrayList.java:151)
at eu.unicore.uas.security.vo.SAMLPullAuthoriser.getAttributes(SAMLPullAuthoriser.java:77)
...

Discussion

  • Krzysztof Benedyczak

    • status: open --> closed-fixed
     
  • Krzysztof Benedyczak

    The similar problem was also present for the new LDAP attribute source.

    Fixed:
    -) ldap aip doesn't fail the container when there is connection problem on startup
    -) SAML pull aip doesn't cause NPE (this was fixed already in 6.6.0-rc1)
    -) SAML pull aip throws an IOException when there is a problem connection to remote server.

    This solves the problem but additionally there is better check in core, so in future similar bugs in aips should be still properly handled.

    Integration test added checking FIRST_ACCESSIBLE alg. for LDAP, SAML-PULL and XUUDB.

     

Log in to post a comment.