Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Throwing NullPointerException when approving the API state change request [APIM 4.2.0] #3321

Open
Sumudu-Sahan opened this issue Oct 31, 2024 · 0 comments
Open

Throwing NullPointerException when approving the API state change request [APIM 4.2.0] #3321

Sumudu-Sahan opened this issue Oct 31, 2024 · 0 comments
Labels
Affected/APIM-4.2.0 Type/Bug

Comments

@Sumudu-Sahan
Copy link

Description

Under a tenant domain except for the carbon.super, when approving the API state change request to move the API state from CREATED to PUBLISHED, the request is getting accepted and throwing a NullPointerException, but the API is still in the CREATED state.

Steps to Reproduce

  • Start the APIM pack and IS pack (IS pack to take the LDAP)
  • Go to the carbon management console of the API Manager and create a tenant domain (abc.com)
  • Log into the tenant domain and configure the LDAP secondary user store (Domain: SECONDARY)
  • Then create 2 new users under the secondary userstore with the below user roles.
creatorUser: Internal/creator
creatorPublisherUser: Internal/creator, Internal/publisher
  • Under the tenant domain, enable the API state change approval workflow.
<APIStateChange executor="org.wso2.carbon.apimgt.impl.workflow.APIStateChangeApprovalWorkflowExecutor">
    <Property name="stateList">Created:Publish,Published:Block</Property>
</APIStateChange>
  • Log into the publisher portal by using the creatorUser's credentials and create an API (API Name: API_1, API Version: 1.0.0)
  • Under the Portal Configurations -> Basic Info section, add the Internal/creator role under the Publisher Access Control role list as below.
abc
  • Log out from the publisher portal.
  • After that, log into the publisher portal by using the creatorPublisherUser's credentials and send the API publishing request.
  • Log into the admin portal by using the tenant admin's credentials.
  • Try to approve the API state change request and able to see the below error stack trace under the wso2carbon.log level. But at the UI level, there is no error message.
TID: [-1234] [api/am/admin] [2024-10-28 17:49:22,197] ERROR {org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager} - Error occurred while accessing Java Security Manager Privilege Block
TID: [-1234] [api/am/admin] [2024-10-28 17:49:22,200] ERROR {org.wso2.carbon.apimgt.impl.workflow.WorkflowUtils} - Could not complete api state change workflow org.wso2.carbon.apimgt.api.APIManagementException: Error while checking the user:SECONDARY/creatorUser-AT-abc.com authorized or not
	at org.wso2.carbon.apimgt.impl.utils.APIUtil.hasPermission_aroundBody142(APIUtil.java:2399)
	at org.wso2.carbon.apimgt.impl.utils.APIUtil.hasPermission(APIUtil.java:1)
	at org.wso2.carbon.apimgt.impl.APIProviderImpl.checkAccessControlPermission_aroundBody440(APIProviderImpl.java:5712)
	at org.wso2.carbon.apimgt.impl.APIProviderImpl.checkAccessControlPermission(APIProviderImpl.java:1)
	at org.wso2.carbon.apimgt.impl.APIProviderImpl.getAPIbyUUID_aroundBody398(APIProviderImpl.java:5225)
	at org.wso2.carbon.apimgt.impl.APIProviderImpl.getAPIbyUUID(APIProviderImpl.java:1)
	at org.wso2.carbon.apimgt.impl.UserAwareAPIProvider.getAPIbyUUID(UserAwareAPIProvider.java:1)
	at org.wso2.carbon.apimgt.impl.APIProviderImpl.getAPIorAPIProductByUUID_aroundBody536(APIProviderImpl.java:6920)
	at org.wso2.carbon.apimgt.impl.APIProviderImpl.getAPIorAPIProductByUUID(APIProviderImpl.java:1)
	at org.wso2.carbon.apimgt.impl.UserAwareAPIProvider.getAPIorAPIProductByUUID(UserAwareAPIProvider.java:1)
	at org.wso2.carbon.apimgt.impl.workflow.WorkflowUtils.completeStateChangeWorkflow_aroundBody8(WorkflowUtils.java:288)
	at org.wso2.carbon.apimgt.impl.workflow.WorkflowUtils.completeStateChangeWorkflow(WorkflowUtils.java:1)
	at org.wso2.carbon.apimgt.impl.workflow.APIStateChangeApprovalWorkflowExecutor.complete_aroundBody10(APIStateChangeApprovalWorkflowExecutor.java:106)
	at org.wso2.carbon.apimgt.impl.workflow.APIStateChangeApprovalWorkflowExecutor.complete(APIStateChangeApprovalWorkflowExecutor.java:1)
	at org.wso2.carbon.apimgt.rest.api.admin.v1.impl.WorkflowsApiServiceImpl.workflowsUpdateWorkflowStatusPost(WorkflowsApiServiceImpl.java:196)
	at org.wso2.carbon.apimgt.rest.api.admin.v1.WorkflowsApi.workflowsUpdateWorkflowStatusPost(WorkflowsApi.java:94)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:566)
	at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:179)
	at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96)
	at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:201)
	at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:104)
	at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:59)
	at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:96)
	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
	at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
	at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:265)
	at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234)
	at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208)
	at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160)
	at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:225)
	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:304)
	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:217)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:555)
	at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:279)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:209)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:168)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:481)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:130)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93)
	at org.wso2.carbon.identity.context.rewrite.valve.TenantContextRewriteValve.invoke(TenantContextRewriteValve.java:119)
	at org.wso2.carbon.identity.context.rewrite.valve.OrganizationContextRewriteValve.invoke(OrganizationContextRewriteValve.java:116)
	at org.wso2.carbon.tomcat.ext.valves.SameSiteCookieValve.invoke(SameSiteCookieValve.java:38)
	at org.wso2.carbon.identity.authz.valve.AuthorizationValve.invoke(AuthorizationValve.java:165)
	at org.wso2.carbon.identity.auth.valve.AuthenticationValve.invoke(AuthenticationValve.java:118)
	at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:106)
	at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:49)
	at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:67)
	at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:152)
	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:670)
	at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:63)
	at org.wso2.carbon.tomcat.ext.valves.RequestCorrelationIdValve.invoke(RequestCorrelationIdValve.java:137)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:390)
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63)
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:928)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1794)
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52)
	at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
	at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: org.wso2.carbon.user.core.UserStoreException: Error occurred while accessing Java Security Manager Privilege Block
	at org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager.callSecure(JDBCAuthorizationManager.java:1534)
	at org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager.isUserAuthorized(JDBCAuthorizationManager.java:226)
	at org.wso2.carbon.apimgt.impl.utils.APIUtil.hasPermission_aroundBody142(APIUtil.java:2391)
	... 69 more
Caused by: java.security.PrivilegedActionException: java.lang.reflect.InvocationTargetException
	at java.base/java.security.AccessController.doPrivileged(Native Method)
	at org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager.callSecure(JDBCAuthorizationManager.java:1519)
	... 71 more
Caused by: java.lang.reflect.InvocationTargetException
	at jdk.internal.reflect.GeneratedMethodAccessor69.invoke(Unknown Source)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:566)
	at org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager$2.run(JDBCAuthorizationManager.java:1522)
	... 73 more
Caused by: java.lang.NullPointerException
	at org.wso2.carbon.user.core.authorization.AuthorizationCache.isCaseSensitiveUsername(AuthorizationCache.java:329)
	at org.wso2.carbon.user.core.authorization.AuthorizationCache.isUserAuthorized(AuthorizationCache.java:150)
	at org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager.isUserAuthorized(JDBCAuthorizationManager.java:257)
	... 77 more
  • After this, check the API state via the publisher portal and still the API is in the CREATED state.

Affected Component

APIM

Version

4.2.0

Environment Details (with versions)

No response

Relevant Log Output

No response

Related Issues

No response

Suggested Labels

No response
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Affected/APIM-4.2.0 Type/Bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Sumudu-Sahan