IBM Support

Login to SPSS C&DS fails with Java.lang.NullPointerException

Troubleshooting


Problem

Attempts to log in to IBM SPSS Collaboration and Deployment Services with an Active Directory user fail with "Login failed java.lang.NullPointerException"

Symptom

The log in fails from both the Deployment Manager thick client and Web Client. Local admin user can log in successfully but Active Directory users fail. Once logged in as the local admin user, Active Directory users can be pulled back when searching Users and Groups from the Roles.

Cause

LDAP Security Provider was not configured to use Context Bind.

Diagnosing The Problem

Collect the logs:

  • Delete the logs (see Troubleshooting Guide for log locations based on application server).
  • Make sure the Security logging is still set to debug (see the the Repository Server Installation and Configuration Guide for steps).
  • Start the server.
  • First log in as the failing AD user.
  • Then log in as local admin user.
  • Stop the server and send the logs

CDS.log

Shows fetched results but then sets SecurityToken to null


13:00:39,836 DEBUG [LDAPPagedQueryV2] Fetched 1 results in 63 milliseconds
13:00:39,836 DEBUG [LDAPPagedQueryV2] Records per second: 15.873016
13:00:39,836 DEBUG [LDAPPagedQueryV2] Records per second: 15.873016
13:00:39,836 DEBUG [LDAPProviderV2] Searching using DN [OU=xxxx,DC=xxxx,DC=xx,DC=xxxx,DC=com] filter [(&(objectCategory=user)(sAMAccountName=xxxx))]
13:00:39,836 DEBUG [LDAPProviderV2] Searching using DN [OU=xxxx,DC=xxxx,DC=xx,DC=xxxx,DC=com] filter [(&(objectCategory=user)(sAMAccountName=xxxx))]
13:00:39,836 DEBUG [LDAPProviderV2] Comparing password
13:00:39,836 DEBUG [LDAPProviderV2] Comparing password
13:00:39,867 DEBUG [JaxwsContext] No Subject available
13:00:39,867 DEBUG [JaxwsContext] No Subject available
13:00:39,867 DEBUG [ThreadContextMap] setSecuritySubject: null
13:00:39,867 DEBUG [ThreadContextMap] setSecuritySubject: null
13:00:39,867 DEBUG [JaxwsContext] No SecurityToken available
13:00:39,867 DEBUG [JaxwsContext] No SecurityToken available
13:00:39,867 DEBUG [ThreadContextMap] setSecurityToken: null
13:00:39,867 DEBUG [ThreadContextMap] setSecurityToken: null

spssemgr.log
Mar 21 2014 18:28:55 [main] ERROR com.spss.mgmt.common.admin.ui.views.ServerAdminView - Login failed
com.spss.mgmt.common.core.model.ConnectionException: java.lang.NullPointerException



Resolving The Problem

Ensure the Activity Directory security provider is using Context Bind

  • Log into Deployment Manager as the local admin user.
  • Edit the LDAP Security provider.
  • On the 4th screen in there is a check box that says "Use Context Bind". Check this box.
  • Click the Finish button to save the change.
  • The server does not need to be restarted.
  • Log out of the Deployment Manager client.
  • Log in the Deployment Manager with the LDAP user.
  • NOTE: Context bind is a term that essentially means that you establish a connection with a server. Here we connect to an Active Directory or the OpenLDAP server etc. Our code sends whatever the user supplies during login - id, domain, password etc. to the LDAP server. If we can successfully connect the user, then we say that a context has been established. Only when a context is established, are you allowed to login to C&DS.

In the other approach (compare password), we don't actually connect to the LDAP server, but merely compare some hidden attribute (password) that we retrieve from the server. If the compare is successful then we allow login to C&DS.

[{"Product":{"code":"SS69YH","label":"IBM SPSS Collaboration and Deployment Services"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Deployment Manager","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"Not Applicable","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]

Document Information

Modified date:
16 June 2018

UID

swg21668896