Fix null username in ldap (#8717)

Closes #14667
2022-09-30 11:34:02 +04:00 · 2022-09-30 11:34:02 +04:00 · 581def56d6
commit 581def56d6
parent 52f58b5f28
1 changed files with 5 additions and 0 deletions
--- a/federation/ldap/src/main/java/org/keycloak/storage/ldap/mappers/membership/MembershipType.java
+++ b/federation/ldap/src/main/java/org/keycloak/storage/ldap/mappers/membership/MembershipType.java
@ -17,6 +17,7 @@

 package org.keycloak.storage.ldap.mappers.membership;

+import org.keycloak.models.ModelException;
 import org.keycloak.models.RealmModel;
 import org.keycloak.models.UserModel;
 import org.keycloak.storage.ldap.LDAPConfig;
@ -93,6 +94,10 @@ public enum MembershipType {
            if (ldapConfig.getUsernameLdapAttribute().equals(ldapConfig.getRdnLdapAttribute())) {
                for (LDAPDn userDn : dns) {
                    String username = userDn.getFirstRdn().getAttrValue(ldapConfig.getRdnLdapAttribute());
+                    if (username == null) {
+                        throw new ModelException("User returned from LDAP has null username! Check configuration of your LDAP mappings. Mapped username LDAP attribute: " +
+                            ldapConfig.getRdnLdapAttribute() + ", user DN: " + userDn + ", attributes from LDAP: " + userDn.getFirstRdn().getAllKeys());
+                    }
                    usernames.add(username);
                }
            } else {