Domain configuration with jboss-as-7.1.1.Final
Hi,
I'm facing an issue with configuring jboss in domain mode. I have 2 jboss running in my network in two separate boxes (having 2 differnt IPs).
In both instances used the add-user.bat script to add Management Users ( in both instances the username and password are the same).
When I start the slave from the second box, I'm getting a connect exception due to authenticatin failure.
Calling "D:\tShare\foo\jboss\jboss-as-7.1.1.Final\bin\domain.conf.bat"
===============================================================================JBoss Bootstrap Environment
JBOSS_HOME: D:\tShare\foo\jboss\jboss-as-7.1.1.Final
JAVA: D:\Applns\Java\jdk1.6.0_27\bin\java
JAVA_OPTS: -Dprogram.name=domain.bat -Xms64M -Xmx512M -XX:MaxPermSize=256M -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000 -Djava.net.preferIPv4Stack=true -Dorg.jboss.resolver.warning=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djboss.domain.default.config=domain.xml -Djboss.host.default.config=host.xml
===============================================================================
15:49:54,290 INFO [org.jboss.modules] (main) JBoss Modules version 1.1.1.GA
15:49:54,380 INFO [org.jboss.as.process.Host Controller.status] (main) JBAS012017: Starting process 'Host Controller'
[Host Controller] 15:49:54,748 INFO [org.jboss.modules] (main) JBoss Modules version 1.1.1.GA
[Host Controller] 15:49:54,825 INFO [org.jboss.msc] (main) JBoss MSC version 1.0.2.GA
[Host Controller] 15:49:54,881 INFO [org.jboss.as] (MSC service thread 1-3) JBAS015899: JBoss AS 7.1.1.Final "Brontes" starting
[Host Controller] 15:49:55,190 INFO [org.xnio] (MSC service thread 1-1) XNIO Version 3.0.3.GA
[Host Controller] 15:49:55,198 INFO [org.xnio.nio] (MSC service thread 1-1) XNIO NIO Implementation Version 3.0.3.GA
[Host Controller] 15:49:55,204 INFO [org.jboss.remoting] (MSC service thread 1-1) JBoss Remoting version 3.2.3.GA
[Host Controller] 15:49:55,753 ERROR [org.jboss.remoting.remote.connection] (Remoting "slave:MANAGEMENT" read-1) JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
[Host Controller] 15:49:55,759 ERROR [org.jboss.as.host.controller] (Controller Boot Thread) JBAS010901: Could not connect to master. Aborting. Error was: java.lang.IllegalStateException: JBAS010942: Unable to connect due to authentication failure.
[Host Controller] 15:49:55,769 INFO [org.jboss.as] (MSC service thread 1-3) JBAS015950: JBoss AS 7.1.1.Final "Brontes" stopped in 7ms
15:49:56,113 INFO [org.jboss.as.process.Host Controller.status] (reaper for Host Controller) JBAS012010: Process 'Host Controller' finished with an exit status of 99
15:49:56,115 INFO [org.jboss.as.process] (Thread-8) JBAS012016: Shutting down process controller
15:49:56,116 INFO [org.jboss.as.process] (Thread-8) JBAS012015: All processes finished; exiting
Press any key to continue . . .
Please help me to solve this issue.
Steps which I folled to configure the instances ( the host controller and slave) is given below.
Step 1: Host Controller Instance Configuration
The domain controller is running from the first box (192.168.3.59) and used the default "host.xml" provided with the distribution . Please find the "host.xml" below.
<?xml version='1.0' encoding='UTF-8'?>
<!-- <host name="master" xmlns="urn:jboss:domain:1.2"> -->
<host name="master" xmlns="urn:jboss:domain:1.2">
<management>
<security-realms>
<security-realm name="ManagementRealm">
<authentication>
<properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/>
</authentication>
</security-realm>
<security-realm name="ApplicationRealm">
<authentication>
<properties path="application-users.properties" relative-to="jboss.domain.config.dir" />
</authentication>
</security-realm>
</security-realms>
<management-interfaces>
<native-interface security-realm="ManagementRealm">
<socket interface="management" port="${jboss.management.native.port:9999}"/>
</native-interface>
<http-interface security-realm="ManagementRealm">
<socket interface="management" port="${jboss.management.http.port:9990}"/>
</http-interface>
</management-interfaces>
</management><domain-controller>
<local/>
<!-- Alternative remote domain controller configuration with a host and port -->
<!-- <remote host="${jboss.domain.master.address}" port="${jboss.domain.master.port:9999}"/> -->
</domain-controller><interfaces>
<!--<interface name="management">
<inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
</interface> -->
<interface name="management">
<inet-address value="192.168.3.59"/>
</interface>
<!-- <interface name="public">
<inet-address value="${jboss.bind.address:127.0.0.1}"/>
</interface> -->
<interface name="public">
<inet-address value="192.168.3.59"/>
</interface>
<!--<interface name="unsecure">
Used for IIOP sockets in the standard configuration.
To secure JacORB you need to setup SSL -->
<!--<inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/>
</interface> -->
<!--<interface name="unsecure">
Used for IIOP sockets in the standard configuration.
To secure JacORB you need to setup SSL -->
<!--<inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/>
</interface> -->
<interface name="unsecure">
<inet-address value="192.168.3.59"/>
</interface>
</interfaces><jvms>
<jvm name="default">
<heap size="256m" max-size="256m"/>
<permgen size="256m" max-size="256m"/>
<jvm-options>
<option value="-server"/>
</jvm-options>
</jvm>
</jvms><servers>
<server name="server-one" group="main-server-group">
<!-- Remote JPDA debugging for a specific server
<jvm name="default">
<jvm-options>
<option value="-Xrunjdwp:transport=dt_socket,address=8787,server=y,suspend=n"/>
</jvm-options>
</jvm>
-->
</server>
<server name="server-two" group="main-server-group" auto-start="true">
<!-- server-two avoids port conflicts by incrementing the ports in
the default socket-group declared in the server-group -->
<socket-bindings port-offset="150"/>
</server>
<server name="server-three" group="other-server-group" auto-start="false">
<!-- server-three avoids port conflicts by incrementing the ports in
the default socket-group declared in the server-group -->
<socket-bindings port-offset="250"/>
</server>
</servers>
</host>
Step 2: Slave Instance Configuration
From the second instance, I have renamed the "host-slave.xml" to "host.xml".
As directed, the password is base64 encrypted and updated the "secret value" in "server-identities" ( This password is the same for bot the "domain controller" and the "slave")
<server-identities>
<!-- Replace this with either a base64 password of your own, or use a vault with a vault expression -->
<!--<secret value="c2xhdmVfdXNlcl9wYXNzd29yZA=="/> -->
<secret value="dGNjYWRtaW4="/>
</server-identities>
Now updated the "domain-controller" section in the host.xml
<domain-controller>
<!-- <remote host="${jboss.domain.master.address}" port="${jboss.domain.master.port:9999}" security-realm="ManagementRealm"/> -->
<remote host="192.168.3.59" port="9999" security-realm="ManagementRealm"/>
</domain-controller>
The whole host file is given for the reference
<?xml version='1.0' encoding='UTF-8'?>
<host name="slave" xmlns="urn:jboss:domain:1.2">
<management>
<security-realms>
<security-realm name="ManagementRealm">
<server-identities>
<!-- Replace this with either a base64 password of your own, or use a vault with a vault expression -->
<!--<secret value="c2xhdmVfdXNlcl9wYXNzd29yZA=="/> -->
<secret value="dGNjYWRtaW4="/>
</server-identities><authentication>
<properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/>
</authentication>
</security-realm>
<security-realm name="ApplicationRealm">
<authentication>
<properties path="application-users.properties" relative-to="jboss.domain.config.dir" />
</authentication>
</security-realm>
</security-realms>
<management-interfaces>
<native-interface security-realm="ManagementRealm">
<socket interface="management" port="${jboss.management.native.port:9999}"/>
</native-interface>
</management-interfaces>
</management><domain-controller>
<!-- <remote host="${jboss.domain.master.address}" port="${jboss.domain.master.port:9999}" security-realm="ManagementRealm"/> -->
<remote host="192.168.3.59" port="9999" security-realm="ManagementRealm"/>
</domain-controller><interfaces>
<!--<interface name="management">
<inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
</interface> -->
<interface name="management">
<inet-address value="192.168.2.199"/>
</interface>
<!--<interface name="public">
<inet-address value="${jboss.bind.address:127.0.0.1}"/>
</interface> -->
<interface name="public">
<inet-address value="192.168.2.199"/>
</interface>
<interface name="unsecure">
<!-- Used for IIOP sockets in the standard configuration.
To secure JacORB you need to setup SSL -->
<!-- <inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/> -->
<inet-address value="192.168.2.199"/>
</interface>
</interfaces><jvms>
<jvm name="default">
<heap size="64m" max-size="256m"/>
<permgen size="256m" max-size="256m"/>
<jvm-options>
<option value="-server"/>
</jvm-options>
</jvm>
</jvms><servers>
<server name="server-one" group="main-server-group"/>
<server name="server-two" group="other-server-group">
<!-- server-two avoids port conflicts by incrementing the ports in
the default socket-group declared in the server-group -->
<socket-bindings port-offset="150"/>
</server>
</servers>
</host>
Thanks,
San
