why "Client authentication failed for mechanism DIGEST-MD5"
wutongjoe Feb 28, 2012 3:54 AMHi all,
I have created a simple ejb and deployed on the JBAS7.1 with a modified configuration file. I then invoke remote ejb from a standalone app.
Anything wrong ?
code snap
Properties props = new Properties();
props.put(Context.URL_PKG_PREFIXES,"org.jboss.ejb.client.naming");
context = new InitialContext(props);
jboss-ejb-client.properties
endpoint.name=my_end_point
remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false
remote.connections=default
remote.connection.default.host=127.0.0.1
remote.connection.default.port=4447
remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false
remote.connection.default.username=myname
remote.connection.default.password=123456
standalone-full-ha.xml modifications
<security-realm name="ApplicationRealm">
<authentication>
<properties path="application-users.properties" relative-to="jboss.server.config.dir"/>
</authentication>
</security-realm>
....
<subsystem xmlns="urn:jboss:domain:remoting:1.1">
<connector name="remoting-connector" socket-binding="remoting" security-realm="ApplicationRealm"/>
</subsystem>
....
<security-domain name="my-security-domain" cache-type="default">
<authentication>
<login-module code="Remoting" flag="optional">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
<login-module code="RealmUsersRoles" flag="required">
<module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/>
<module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/>
<module-option name="realm" value="ApplicationRealm"/>
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
</authentication>
</security-domain>
....
client side log :
16:30:42,156 DEBUG [org.jboss.logging] Logging Provider: org.jboss.logging.JBossLogManagerProvider
16:30:42,186 INFO [org.jboss.ejb.client] JBoss EJB Client version 1.0.2.Final
16:30:42,201 DEBUG [org.jboss.ejb.client.EJBClientPropertiesLoader] Looking for jboss-ejb-client.properties using classloader sun.misc.Launcher$AppClassLoader@5224ee
16:30:42,204 DEBUG [org.jboss.ejb.client.EJBClientPropertiesLoader] Found jboss-ejb-client.properties using classloader sun.misc.Launcher$AppClassLoader@5224ee
16:30:42,221 DEBUG [org.jboss.ejb.client.PropertiesBasedEJBClientConfiguration] endpoint.create.options. has the following options {}
16:30:42,224 DEBUG [org.jboss.ejb.client.PropertiesBasedEJBClientConfiguration] remote.connectionprovider.create.options. has the following options {org.xnio.Options.SSL_ENABLED=>false}
16:30:42,226 DEBUG [org.jboss.ejb.client.PropertiesBasedEJBClientConfiguration] remote.connection.default.connect.options. has the following options {org.xnio.Options.SASL_POLICY_NOANONYMOUS=>false}
16:30:42,231 DEBUG [org.jboss.ejb.client.PropertiesBasedEJBClientConfiguration] remote.connection.default.channel.options. has the following options {}
16:30:42,231 DEBUG [org.jboss.ejb.client.PropertiesBasedEJBClientConfiguration] Connection org.jboss.ejb.client.PropertiesBasedEJBClientConfiguration$RemotingConnectionConfigurationImpl@a4e743 successfully created for connection named default
16:30:42,234 DEBUG [org.jboss.ejb.client.PropertiesBasedEJBClientConfiguration] No clusters configured in properties
16:30:42,259 INFO [org.xnio] XNIO Version 3.0.3.GA
16:30:42,264 INFO [org.xnio.nio] XNIO NIO Implementation Version 3.0.3.GA
16:30:42,276 INFO [org.jboss.remoting] JBoss Remoting version 3.2.2.GA
16:30:42,351 DEBUG [org.xnio.nio] Started channel thread 'Remoting "my_end_point" read-1', selector sun.nio.ch.WindowsSelectorImpl@175d6ab
16:30:42,354 DEBUG [org.xnio.nio] Started channel thread 'Remoting "my_end_point" write-1', selector sun.nio.ch.WindowsSelectorImpl@1f66cff
16:30:42,541 DEBUG [org.jboss.ejb.client.remoting.RemotingConnectionEJBReceiver] Channel Channel ID ad618570 (outbound) of Remoting connection 00ae533a to /127.0.0.1:4447 opened for context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@7a5a19, receiver=Remoting connection EJB receiver [connection=Remoting connection <1e808ca>,channel=jboss.ejb,nodename=joe-pc]} Waiting for version handshake message from server
16:30:42,546 INFO [org.jboss.ejb.client.remoting.VersionReceiver] Received server version 1 and marshalling strategies [river]
16:30:42,559 INFO [org.jboss.ejb.client.remoting.RemotingConnectionEJBReceiver] Successful version handshake completed for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@7a5a19, receiver=Remoting connection EJB receiver [connection=Remoting connection <1e808ca>,channel=jboss.ejb,nodename=joe-pc]} on channel Channel ID ad618570 (outbound) of Remoting connection 00ae533a to /127.0.0.1:4447
16:30:42,561 DEBUG [org.jboss.ejb.client.remoting.RemotingConnectionEJBReceiver] Received module availability report for 2 modules
16:30:42,564 DEBUG [org.jboss.ejb.client.remoting.RemotingConnectionEJBReceiver] Registering module EJBModuleIdentifier{appName='jsr-77', moduleName='jsr-77', distinctName=''} availability for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@7a5a19, receiver=Remoting connection EJB receiver [connection=Remoting connection <1e808ca>,channel=jboss.ejb,nodename=joe-pc]}
16:30:42,566 DEBUG [org.jboss.ejb.client.remoting.RemotingConnectionEJBReceiver] Registering module EJBModuleIdentifier{appName='', moduleName='testEJB', distinctName=''} availability for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@7a5a19, receiver=Remoting connection EJB receiver [connection=Remoting connection <1e808ca>,channel=jboss.ejb,nodename=joe-pc]}
16:30:42,566 DEBUG [org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector] Registered 1 remoting EJB receivers for EJB client context org.jboss.ejb.client.EJBClientContext@7a5a19
16:30:42,634 DEBUG [org.jboss.ejb.client.remoting.ClusterNode] Checking for a match of client address /fe80:0:0:0:8ceb:a33f:1190:79ca%10 with client mapping ClientMapping{sourceNetworkAddress=/0:0:0:0:0:0:0:0, sourceNetworkMaskBits=0, destinationAddress='127.0.0.1', destinationPort=4447}
16:30:42,634 DEBUG [org.jboss.ejb.client.remoting.ClusterNode] Client mapping ClientMapping{sourceNetworkAddress=/0:0:0:0:0:0:0:0, sourceNetworkMaskBits=0, destinationAddress='127.0.0.1', destinationPort=4447} matches client address /fe80:0:0:0:8ceb:a33f:1190:79ca%10
16:30:42,636 DEBUG [org.jboss.ejb.client.remoting.ClusterTopologyMessageHandler] Received a cluster node(s) addition message, for cluster named ejb with 1 nodes [ClusterNode{clusterName='ejb', nodeName='joe-pc', clientMappings=[ClientMapping{sourceNetworkAddress=/0:0:0:0:0:0:0:0, sourceNetworkMaskBits=0, destinationAddress='127.0.0.1', destinationPort=4447}], resolvedDestination=[Destination address=127.0.0.1, destination port=4447]}]
16:30:42,661 DEBUG [org.jboss.remoting.remote.client] Client authentication failed for mechanism DIGEST-MD5: javax.security.sasl.SaslException: DIGEST-MD5: Cannot perform callback to acquire realm, authentication ID or password [Caused by javax.security.auth.callback.UnsupportedCallbackException]
16:30:42,668 ERROR [org.jboss.remoting.remote.connection] JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
16:30:42,673 INFO [org.jboss.ejb.client.remoting.ChannelAssociation] Discarding result for invocation id 0 since no waiting context found
javax.ejb.EJBAccessException: JBAS014502: Invocation on method: public abstract java.lang.String com.biz.ejb.face.HellowWorldRemote.hello(java.lang.String) of bean: wutong_test_hello is not allowed
at org.jboss.as.ejb3.security.AuthorizationInterceptor.processInvocation(AuthorizationInterceptor.java:101)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:76)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:59)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.as.ee.component.TCCLInterceptor.processInvocation(TCCLInterceptor.java:45)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)
at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:165)
at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.invokeMethod(MethodInvocationMessageHandler.java:300)
at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.access$200(MethodInvocationMessageHandler.java:64)
at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler$1.run(MethodInvocationMessageHandler.java:194)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
at java.util.concurrent.FutureTask.run(FutureTask.java:138)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:662)
at org.jboss.threads.JBossThread.run(JBossThread.java:122)
16:30:42,716 DEBUG [org.jboss.ejb.client.remoting.AutoConnectionCloser] Closing Remoting connection <1e808ca>
16:30:42,728 INFO [org.jboss.ejb.client.remoting.ChannelAssociation] Channel Channel ID ad618570 (outbound) of Remoting connection 00ae533a to /127.0.0.1:4447 can no longer process messages
16:30:42,731 DEBUG [org.jboss.ejb.client.remoting.RemotingConnectionEJBReceiver] Closing channelChannel ID ad618570 (outbound) of Remoting connection 00ae533a to /127.0.0.1:4447
16:30:42,731 DEBUG [org.jboss.ejb.client.remoting.ChannelAssociation] Closing channel Channel ID ad618570 (outbound) of Remoting connection 00ae533a to /127.0.0.1:4447
16:30:42,733 DEBUG [org.jboss.ejb.client.remoting.ChannelAssociation] Registering a re-connect handler org.jboss.ejb.client.remoting.EJBClientContextConnectionReconnectHandler@1d6747b for broken channel Channel ID ad618570 (outbound) of Remoting connection 00ae533a to /127.0.0.1:4447 in EJB client context org.jboss.ejb.client.EJBClientContext@7a5a19
16:30:42,736 DEBUG [org.jboss.ejb.client.remoting.AutoConnectionCloser] Closing endpoint "my_end_point" <df0438>
thanks a lot