Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-5801

CMP: RA CA not found when using ProfileDefault EndEntityCertificate authentication module

    Details

    • Issue discovered during:
      Integration
    • Sprint:
      6.8.0 Sprint 4

      Description

      When checking whether the admin is authorized to the CA in EndEntityCertificate authentication module, the case of when the CA is set to "ProfileDefault" is not handled. So the method looks for a CA named "ProfileDefault", which does not exist, causing a NullPointerException (stacktrace bellow) and a HTTP response with response code 500 (Internal Server Error).

      2017-03-24 17:18:26,090 DEBUG [org.ejbca.core.protocol.cmp.authentication.EndEntityCertificateAuthenticationModule] (default task-81) CA 'ProfileDefault' does not exist - CA with name ProfileDefault does not exist.
      2017-03-24 17:18:26,090 ERROR [org.ejbca.core.protocol.cmp.CmpMessageDispatcherSessionBean] (default task-81) Exception during CMP processing:: java.lang.NullPointerException
      at org.ejbca.core.protocol.cmp.authentication.EndEntityCertificateAuthenticationModule.getRaCaId(EndEntityCertificateAuthenticationModule.java:618)
      at org.ejbca.core.protocol.cmp.authentication.EndEntityCertificateAuthenticationModule.isAuthorizedAdmin(EndEntityCertificateAuthenticationModule.java:474)
      at org.ejbca.core.protocol.cmp.authentication.EndEntityCertificateAuthenticationModule.verifyOrExtract(EndEntityCertificateAuthenticationModule.java:295)
      at org.ejbca.core.protocol.cmp.authentication.VerifyPKIMessage.getUsedAuthenticationModule(VerifyPKIMessage.java:138)
      at org.ejbca.core.protocol.cmp.CrmfMessageHandler.handleRaMessage(CrmfMessageHandler.java:333)
      at org.ejbca.core.protocol.cmp.CrmfMessageHandler.handleMessage(CrmfMessageHandler.java:190)
      at org.ejbca.core.protocol.cmp.CmpMessageDispatcherSessionBean.dispatch(CmpMessageDispatcherSessionBean.java:247)
      at org.ejbca.core.protocol.cmp.CmpMessageDispatcherSessionBean.dispatch(CmpMessageDispatcherSessionBean.java:116)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      at java.lang.reflect.Method.invoke(Method.java:498)
      at org.jboss.as.ee.component.ManagedReferenceMethodInterceptor.processInvocation(ManagedReferenceMethodInterceptor.java:52)
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
      at org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:437)
      at org.jboss.as.weld.ejb.Jsr299BindingsInterceptor.doMethodInterception(Jsr299BindingsInterceptor.java:82)
      at org.jboss.as.weld.ejb.Jsr299BindingsInterceptor.processInvocation(Jsr299BindingsInterceptor.java:93)
      at org.jboss.as.ee.component.interceptors.UserInterceptorFactory$1.processInvocation(UserInterceptorFactory.java:63)
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
      at org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:437)
      at org.ejbca.core.ejb.ProfileAndTraceInterceptor.logger(ProfileAndTraceInterceptor.java:51)
      at sun.reflect.GeneratedMethodAccessor286.invoke(Unknown Source)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      at java.lang.reflect.Method.invoke(Method.java:498)
      at org.jboss.as.ee.component.ManagedReferenceLifecycleMethodInterceptor.processInvocation(ManagedReferenceLifecycleMethodInterceptor.java:89)
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
      at org.jboss.as.ejb3.component.invocationmetrics.ExecutionTimeInterceptor.processInvocation(ExecutionTimeInterceptor.java:43)
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
      at org.jboss.as.jpa.interceptor.SBInvocationInterceptor.processInvocation(SBInvocationInterceptor.java:47)
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
      at org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:437)
      at org.jboss.weld.ejb.AbstractEJBRequestScopeActivationInterceptor.aroundInvoke(AbstractEJBRequestScopeActivationInterceptor.java:73)
      at org.jboss.as.weld.ejb.EjbRequestScopeActivationInterceptor.processInvocation(EjbRequestScopeActivationInterceptor.java:83)
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
      at org.jboss.as.ee.concurrent.ConcurrentContextInterceptor.processInvocation(ConcurrentContextInterceptor.java:45)
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
      at org.jboss.invocation.InitialInterceptor.processInvocation(InitialInterceptor.java:21)
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
      at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)
      at org.jboss.as.ee.component.interceptors.ComponentDispatcherInterceptor.processInvocation(ComponentDispatcherInterceptor.java:52)
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
      at org.jboss.as.ejb3.component.pool.PooledInstanceInterceptor.processInvocation(PooledInstanceInterceptor.java:51)
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
      at org.jboss.as.ejb3.tx.CMTTxInterceptor.invokeInOurTx(CMTTxInterceptor.java:275)
      at org.jboss.as.ejb3.tx.CMTTxInterceptor.required(CMTTxInterceptor.java:327)
      at org.jboss.as.ejb3.tx.CMTTxInterceptor.processInvocation(CMTTxInterceptor.java:239)
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
      at org.jboss.as.ejb3.component.interceptors.CurrentInvocationContextInterceptor.processInvocation(CurrentInvocationContextInterceptor.java:41)
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
      at org.jboss.as.ejb3.component.invocationmetrics.WaitTimeInterceptor.processInvocation(WaitTimeInterceptor.java:47)
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
      at org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:100)
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
      at org.jboss.as.ejb3.deployment.processors.StartupAwaitInterceptor.processInvocation(StartupAwaitInterceptor.java:22)
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
      at org.jboss.as.ejb3.component.interceptors.ShutDownInterceptorFactory$1.processInvocation(ShutDownInterceptorFactory.java:64)
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
      at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:67)
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
      at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50)
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
      at org.jboss.as.ejb3.component.interceptors.AdditionalSetupInterceptor.processInvocation(AdditionalSetupInterceptor.java:54)
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
      at org.jboss.invocation.ContextClassLoaderInterceptor.processInvocation(ContextClassLoaderInterceptor.java:64)
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
      at org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:356)
      at org.wildfly.security.manager.WildFlySecurityManager.doChecked(WildFlySecurityManager.java:636)
      at org.jboss.invocation.AccessCheckingInterceptor.processInvocation(AccessCheckingInterceptor.java:61)
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
      at org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:356)
      at org.jboss.invocation.PrivilegedWithCombinerInterceptor.processInvocation(PrivilegedWithCombinerInterceptor.java:80)
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
      at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)
      at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:198)
      at org.jboss.as.ee.component.ViewDescription$1.processInvocation(ViewDescription.java:185)
      at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:340)
      at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)
      at org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:73)
      at org.ejbca.core.protocol.cmp.CmpMessageDispatcherSessionLocal$$$view318.dispatch(Unknown Source)
      at org.ejbca.ui.web.protocol.CmpServlet.service(CmpServlet.java:131)
      at org.ejbca.ui.web.protocol.CmpServlet.doPost(CmpServlet.java:92)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
      at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)
      at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
      at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
      at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
      at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
      at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)
      at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
      at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
      at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53)
      at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
      at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
      at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59)
      at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
      at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
      at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
      at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
      at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
      at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
      at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
      at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
      at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292)
      at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81)
      at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138)
      at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135)
      at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
      at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
      at io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
      at io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
      at io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
      at io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
      at io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
      at io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
      at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272)
      at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
      at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104)
      at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202)
      at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:805)
      at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
      at java.lang.Thread.run(Thread.java:745)

        Attachments

          Activity

            People

            Assignee:
            aveen Aveen Ismail (Inactive)
            Reporter:
            aveen Aveen Ismail (Inactive)
            Verified by:
            Tomas Gustavsson
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 2 days Original Estimate - 2 days
                2d
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 4 days
                4d