Project

General

Profile

Actions
Copy link

Defect #2077

closed

An assertion occurs when coming to password tab of identity after it was removed from system

Added by Ondrej Husník about 4 years ago. Updated about 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Ondrej Husník
Category:
Password
Target version:
10.2.0
Start date:
02/20/2020
Due date:
% Done:

100%

Estimated time:
Affected versions:
Owner:

Description

Steps to reproduce are.
A system with PASSWORD provisioning is necessary. Used postgres.
1) add a role for given system to an identity
2) change manually password of the identity
3) remove that role from the identity
4) go to the password tab of the identity

assertion/exception is thrown

Actions
Copy link
 #1

Updated by Ondrej Husník about 4 years ago

  • Assignee set to Ondrej Husník
Actions
Copy link
 #2

Updated by Ondrej Husník about 4 years ago

found in 10.1

Actions
Copy link
 #3

Updated by Ondrej Husník about 4 years ago

java.lang.IllegalArgumentException: DTO is required.
at org.springframework.util.Assert.notNull(Assert.java:198)
at eu.bcvsolutions.idm.core.api.utils.DtoUtils.getEmbedded(DtoUtils.java:33)
at eu.bcvsolutions.idm.core.api.utils.DtoUtils.getEmbedded(DtoUtils.java:52)
at eu.bcvsolutions.idm.core.api.utils.DtoUtils.getEmbedded(DtoUtils.java:70)
at eu.bcvsolutions.idm.acc.event.processor.IdentityPasswordPreValidateDefinitionProcessor.validateDefinition(IdentityPasswordPreValidateDefinitionProcessor.java:78)
at eu.bcvsolutions.idm.acc.event.processor.IdentityPasswordPreValidateDefinitionProcessor.process(IdentityPasswordPreValidateDefinitionProcessor.java:63)
at eu.bcvsolutions.idm.core.api.event.AbstractEntityEventProcessor.onApplicationEvent(AbstractEntityEventProcessor.java:238)
at eu.bcvsolutions.idm.core.api.event.AbstractEntityEventProcessor$$FastClassBySpringCGLIB$$df69624d.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:749)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:93)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:688)
at eu.bcvsolutions.idm.acc.event.processor.IdentityPasswordPreValidateDefinitionProcessor$$EnhancerBySpringCGLIB$$4f8624c9.onApplicationEvent(<generated>)
at org.springframework.context.event.SimpleApplicationEventMulticaster.doInvokeListener(SimpleApplicationEventMulticaster.java:172)
at org.springframework.context.event.SimpleApplicationEventMulticaster.invokeListener(SimpleApplicationEventMulticaster.java:165)
at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:139)
at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:402)
at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:372)
at eu.bcvsolutions.idm.core.model.service.impl.DefaultEntityEventManager.process(DefaultEntityEventManager.java:228)
at eu.bcvsolutions.idm.core.model.service.impl.DefaultEntityEventManager.process(DefaultEntityEventManager.java:158)
at eu.bcvsolutions.idm.core.model.service.impl.DefaultEntityEventManager$$FastClassBySpringCGLIB$$1694e58f.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:749)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:295)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:98)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:688)
at eu.bcvsolutions.idm.core.model.service.impl.DefaultEntityEventManager$$EnhancerBySpringCGLIB$$a769b723.process(<generated>)
at eu.bcvsolutions.idm.core.model.service.impl.DefaultIdmIdentityService.validatePassword(DefaultIdmIdentityService.java:479)
at eu.bcvsolutions.idm.core.model.service.impl.DefaultIdmIdentityService$$FastClassBySpringCGLIB$$8401595e.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:684)
at eu.bcvsolutions.idm.core.model.service.impl.DefaultIdmIdentityService$$EnhancerBySpringCGLIB$$6c526bf0.validatePassword(<generated>)
at eu.bcvsolutions.idm.core.rest.impl.PasswordChangeController.validate(PasswordChangeController.java:147)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:190)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:104)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:892)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:797)
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1039)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:942)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1005)
at org.springframework.web.servlet.FrameworkServlet.doPut(FrameworkServlet.java:919)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:663)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:882)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:112)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at eu.bcvsolutions.idm.core.security.auth.filter.ExtendExpirationFilter.doFilter(ExtendExpirationFilter.java:69)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at eu.bcvsolutions.idm.core.security.api.auth.filter.AuthenticationFilter.doFilter(AuthenticationFilter.java:63)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:320)

Actions
Copy link
 #4

Updated by Ondrej Husník about 4 years ago

The cause of this situation is an attempt to find a system according to the account which represents the record of given identity. But the account doesn't exist at that moment (because of previous removal of the identity from system) and returned DTO is null which causes an assertion. This happens in IdentityPasswordPreValidateDefinitionProcessor.

https://github.com/bcvsolutions/CzechIdMng/pull/86/commits/e131ab6870a5be5532e66d4823bcea07cd4fa280

Actions
Copy link
 #5

Updated by Ondrej Husník about 4 years ago

  • Category set to Password
  • Status changed from New to Needs feedback
  • Assignee changed from Ondrej Husník to Ondřej Kopr
  • % Done changed from 0 to 90
Actions
Copy link
 #6

Updated by Ondrej Husník about 4 years ago

  • Assignee changed from Ondřej Kopr to Radek Tomiška
Actions
Copy link
 #7

Updated by Radek Tomiška about 4 years ago

  • Target version set to 10.2.0
Actions
Copy link
 #8

Updated by Radek Tomiška about 4 years ago

  • Status changed from Needs feedback to Resolved
  • Assignee changed from Radek Tomiška to Ondrej Husník
  • % Done changed from 90 to 100

I did test and review, it works and code looks nice, thx!

Note: The source of this issue is on FE component PasswordChangeComponent#_preValidate method, which doesn't wait to refresh idnetity accounts, but this fix will work without redesign whole FE component.

Actions
Copy link
 #9

Updated by Vít Švanda about 4 years ago

  • Tracker changed from Task to Defect
Actions
Copy link
 #10

Updated by Radek Tomiška about 4 years ago

  • Status changed from Resolved to Closed
Actions
Copy link

Also available in: Atom PDF