We have a setup that is throwing NPE on line 1059. It appears that the server can't get host address, but I'm not sure of this.
It works on Wildfly 17, as this lines do not exists, and, ind Wildfly 21, it works if the server is reached through internal LAN, but fails when server is reached through DMZ.
This is possible a bug? Or it is a wrong DMZ setup?
Farah Juma
unread,
Apr 26, 2021, 2:51:49 PM4/26/21
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to WildFly
The changes introduced in that commit make it possible to make use of the IP address of the client that's connecting to the server to determine what roles should be assigned to the client.
The new lines (1058-1060) in ServerAuthenticationContext are used to inform the server of the client's IP address.
An NPE occurring on line 1059 would mean that the IP address of the client that's connecting to the server could not be determined.
I've created ELY-2120 to make sure that we avoid an NPE there if the client's IP address could not be determined.
Claudio Weiler
unread,
Apr 26, 2021, 3:00:59 PM4/26/21
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to WildFly
Thanks Farah.
Additionally, this is probably because of missing
X-Forwarded-For header?
Farah Juma
unread,
Apr 26, 2021, 3:23:54 PM4/26/21
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to WildFly
The HttpServerExchange#getSourceAddress method is what's used to determine the client's IP address and populate the value that will be returned by SocketAddressCallback.getAddress():