JBoss ON LDAP group to role mapping fails if LDAP group returned by group filter does not have a cn attribute

Solution Unverified - Updated -


  • NullPointerException (NPE) when listing available LDAP groups using objectclass=* group search filter
  • Attempting to map LDAP groups to User Roles fails if group objects returned do not include cn attribute


  • Red Hat JBoss Operations Network (JBoss ON) 3.3 Update 11 and earlier
  • LDAP Authorization has been enabled
  • One or more LDAP groups returned by the LDAP group search filter do not define the cn attribute
  • Mapping LDAP groups to roles from the LDAP Groups tab of the Roles Administration page

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In