[ELY-1745] The AvailableRealmsCallback should not result in a NPE if …

…there is no mechanism configuration.

auth/server/base/src/main/java/org/wildfly/security/auth/server/ServerAuthenticationContext.java

@@ -1492,6 +1492,9 @@ private void transition() {
         }
 
         private InitialState selectMechanismConfiguration() {
+            if (mechanismConfigurationSelector == null) {
+                throw log.mechanismConfigurationSelectorNotDefined();
+            }
             MechanismConfiguration mechanismConfiguration = mechanismConfigurationSelector.selectConfiguration(mechanismInformation);
             if (mechanismConfiguration == null) {
                 throw log.unableToSelectMechanismConfiguration(mechanismInformation.getMechanismType(),

auth/server/base/src/main/java/org/wildfly/security/auth/server/_private/ElytronMessages.java

@@ -108,6 +108,9 @@ IllegalStateException unableToSelectMechanismConfiguration(String mechanismType,
     @Message(id = 1120, value = "Too late to set mechanism information as authentication has already begun.")
     IllegalStateException tooLateToSetMechanismInformation();
 
+    @Message(id = 1121, value = "MechanismConfigurationSelector is not defined.")
+    IllegalStateException mechanismConfigurationSelectorNotDefined();
+
     @Message(id = 1124, value = "The security realm does not support updating a credential")
     UnsupportedOperationException credentialUpdateNotSupportedByRealm();
 

auth/server/base/src/test/java/org/wildfly/security/server/AvailableRealmsCallbackTest.java

@@ -0,0 +1,58 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2023 Red Hat, Inc., and individual contributors
+ * as indicated by the @author tags.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.wildfly.security.server;
+
+import org.junit.Test;
+import org.wildfly.security.auth.server.MechanismConfiguration;
+import org.wildfly.security.auth.server.MechanismConfigurationSelector;
+import org.wildfly.security.auth.server.SecurityDomain;
+import org.wildfly.security.auth.server.ServerAuthenticationContext;
+
+import java.io.IOException;
+
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+
+public class AvailableRealmsCallbackTest {
+
+    @Test
+    public void testNullMechanismConfigurationSelector() {
+        SecurityDomain securityDomain = SecurityDomain.builder().build();
+        ServerAuthenticationContext sac = securityDomain.createNewAuthenticationContext(null);
+
+        try {
+            sac.setAuthenticationName("user");
+            fail("The exception should be thrown.");
+        } catch (Exception e) {
+            String expectedMessage = "MechanismConfigurationSelector is not defined.";
+            String actualMessage = e.getMessage();
+
+            assertTrue(actualMessage.contains(expectedMessage));
+        }
+    }
+
+    @Test
+    public void testEmptyMechanismConfiguration() throws IOException {
+        SecurityDomain securityDomain = SecurityDomain.builder().build();
+        MechanismConfigurationSelector mechanismConfigurationSelector = MechanismConfigurationSelector.constantSelector(MechanismConfiguration.EMPTY);
+        ServerAuthenticationContext sac = securityDomain.createNewAuthenticationContext(mechanismConfigurationSelector);
+        sac.setAuthenticationName("user");
+    }
+}
+