grails-spring-security-core icon indicating copy to clipboard operation
grails-spring-security-core copied to clipboard

Published 20 hours ago verified publisher icon grails

NullPointerException with 6.0.0-SNAPSHOT and Grails 7

Open spmcewen opened this issue 10 months ago • 1 comments

I get the following NPE when using grails-spring-security-cas 6.0.0-SNAPSHOT with Grails 7.0.0-M1:

java.lang.NullPointerException: Cannot execute null+null
	at org.codehaus.groovy.runtime.NullObject.plus(NullObject.java:162)
	at org.codehaus.groovy.vmplugin.v8.IndyInterface.fromCache(IndyInterface.java:321)
	at grails.plugin.springsecurity.cas.SpringSecurityCasGrailsPlugin$_doWithSpring_closure1$_closure4.doCall(SpringSecurityCasGrailsPlugin.groovy:102)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:568)
	at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:343)
	at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:328)
	at org.codehaus.groovy.runtime.metaclass.ClosureMetaClass.invokeMethod(ClosureMetaClass.java:279)
	at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1007)
	at groovy.lang.Closure.call(Closure.java:433)
	at grails.spring.BeanBuilder.invokeBeanDefiningMethod(BeanBuilder.java:708)
	at grails.spring.BeanBuilder.invokeMethod(BeanBuilder.java:565)
	at org.codehaus.groovy.runtime.InvokerHelper.invokePogoMethod(InvokerHelper.java:651)
	at org.codehaus.groovy.runtime.InvokerHelper.invokeMethod(InvokerHelper.java:628)
	at org.codehaus.groovy.runtime.metaclass.ClosureMetaClass.invokeOnDelegationObjects(ClosureMetaClass.java:405)
	at org.codehaus.groovy.runtime.metaclass.ClosureMetaClass.invokeMethod(ClosureMetaClass.java:328)
	at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1007)
	at org.codehaus.groovy.vmplugin.v8.IndyInterface.fromCache(IndyInterface.java:321)
	at grails.plugin.springsecurity.cas.SpringSecurityCasGrailsPlugin$_doWithSpring_closure1.doCall(SpringSecurityCasGrailsPlugin.groovy:100)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:568)
	at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:343)
	at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:328)
	at org.codehaus.groovy.runtime.metaclass.ClosureMetaClass.invokeMethod(ClosureMetaClass.java:279)
	at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1007)
	at groovy.lang.Closure.call(Closure.java:433)
	at groovy.lang.Closure.call(Closure.java:412)
	at grails.spring.BeanBuilder.invokeBeanDefiningClosure(BeanBuilder.java:759)
	at grails.spring.BeanBuilder.beans(BeanBuilder.java:588)
	at grails.spring.BeanBuilder.invokeMethod(BeanBuilder.java:531)

It looks like this is coming from grails.plugin.springsecurity.cas.SpringSecurityCasGrailsPlugin

spmcewen avatar Jan 15 '25 14:01 spmcewen

I am running into the same issue

dylankolson avatar Jan 30 '25 20:01 dylankolson

@dylankolson please retry with 7.0.0-SNAPSHOT versions of both.

jamesfredley avatar Jul 25 '25 15:07 jamesfredley

@jamesfredley same issue with 7.0.0-SNAPSHOT

dylankolson avatar Jul 29 '25 19:07 dylankolson

@spmcewen @dylankolson do either of you have time to submit a PR against the 7.0.x branch?

@bkoehm Do you have familiarity with this area? If you do, do you have any input?

jamesfredley avatar Aug 21 '25 15:08 jamesfredley

@jamesfredley @dylankolson

Looking at SpringSecurityCasGrailsPlugin.groovy:102 from commit 8e231d677b4b762e7777a2a228ef398817aff9b5, this line is: loginUrl = conf.cas.serverUrlPrefix + conf.cas.loginUri

Looks like maybe the CAS configuration is not available?

Try something like this:

grails {
    plugin {
        springsecurity {
            cas {
                loginUri = '/login'
                serviceUrl = "${grails.serverURL}/login/cas"
                serverUrlPrefix = 'https://YOUR.CAS.SERVER.HERE/cas'
            }
            logout {
                // redirect location when someone logs out
                afterLogoutUrl = "${grails.plugin.springsecurity.cas.serverUrlPrefix}/logout?service=${grails.serverURL}/"
            }

        }
    }
}

It's possible the documentation needs to be updated and it also looks like we need some configuration checks to throw a more useful error when the mandatory configuration items are missing.

bkoehm avatar Aug 21 '25 18:08 bkoehm

Closed by #1164

matrei avatar Sep 12 '25 09:09 matrei