-
1. Re: Remote JNDI invocation failure
wdfink Jun 28, 2012 4:58 AM (in response to sergiu_pienar)Hi Sergiu,
The behaviour in AS7 is very different for EJB's. The client is optimized and you will not connect to the server until the bean method will be executed, so a successful lookup is no indicator that it should work.
Also the remote-naming project is deprecated and not recomended for use, so I would use the ejb-client direct.
If you use the remote-naming you have to add an application user to the server and add the credentials at client side.
But nevertheless you should have a look into [1,2] if it not helps or you have still questions please ask.
[1] https://docs.jboss.org/author/display/AS71/EJB+invocations+from+a+remote+client+using+JNDI
-
2. Re: Remote JNDI invocation failure
sergiu_pienar Jun 28, 2012 5:58 AM (in response to wdfink)Hi Wolf,
I switched to the ejb-client approach but I still get the same error. The look-up works fine but I can't invoke the method on the ejb.
For the ejb-client approach is it necessary to configure a user/password ?
Also, my remoting subsystem looks like this :
<subsystem xmlns="urn:jboss:domain:remoting:1.1">
<connector name="remoting-connector" socket-binding="remoting"/>
</subsystem>
I've removed the security-realm attribute.
Thanks.
Message was edited by: Sergiu Pienar
-
3. Re: Remote JNDI invocation failure
jaikiran Jun 28, 2012 6:14 AM (in response to sergiu_pienar)Sergiu Pienar wrote:
For the ejb-client approach is it necessary to configure a user/password ?
Also, my remoting subsystem looks like this :
<subsystem xmlns="urn:jboss:domain:remoting:1.1">
<connector name="remoting-connector" socket-binding="remoting"/>
</subsystem>
I've removed the security-realm attribute.
If you have disabled security, then you don't have to pass the username/password from the client.
As for the exception, post the server side logs which show the JNDI names to which the bean is being bound and also post the exact client side code.
-
4. Re: Remote JNDI invocation failure
sergiu_pienar Jun 28, 2012 6:39 AM (in response to jaikiran)So .... I'll eventually try and use security settings.
My remoting subsystem :
<subsystem xmlns="urn:jboss:domain:remoting:1.1">
<connector name="remoting-connector" socket-binding="remoting" security-realm="ApplicationRealm"/>
</subsystem>
The EJB is annotated with @SecurityDomain(value = "myRealm")
and this domain is defined like this :
<security-domain name="myRealm" cache-type="default">
<authentication>
<login-module code="com.LoginModule" flag="required">
<module-option name="dsJndiName" value="java:jboss/datasources/myDS"/>
<module-option name="hashAlgorithm" value="SHA"/>
<module-option name="hashEncoding" value="BASE64"/>
<module-option name="principalsQuery" value="....query..."/>
<module-option name="rolesQuery" value=".......query...."/>
</login-module>
</authentication>
</security-domain>
The security domain is fine since I'm using it to access other resources.
When trying to acces my EJB I'm using such code :
UsernamePasswordHandler handler = new UsernamePasswordHandler("SYSTEM","SYSTEM");
LoginContext lc = new LoginContext(myRealm, handler);
lc.login();
Properties jndiProps = new Properties();
jndiProps.put(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.naming.remote.client.InitialContextFactory");
jndiProps.put(Context.PROVIDER_URL, "remote://localhost:4447");
jndiProps.put("jboss.naming.client.ejb.context", true);
jndiProps.put(Context.SECURITY_PRINCIPAL, "SYSTEM");
jndiProps.put(Context.SECURITY_CREDENTIALS, "SYSTEM");
Context ctx = new InitialContext(jndiProps);
ConfigRemote remoteInterface = (ConfigRemote)ctx
.lookup("all-dev/all-ejbs/ConfigBean!com.ConfigRemote");
PlatformConfig remoteConfig = remoteInterface.getConfig();
Upon creating the initial Context, I get :
javax.naming.NamingException: Failed to create remoting connection [Root exception is java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed]
Thanks guys.
-
5. Re: Remote JNDI invocation failure
jaikiran Jun 28, 2012 6:44 AM (in response to sergiu_pienar)You don't need this:
UsernamePasswordHandler handler = new UsernamePasswordHandler("SYSTEM","SYSTEM");
LoginContext lc = new LoginContext(myRealm, handler);
lc.login();
on the client side when you are passing the username/pass via the JNDI InitialContext properties.
How have you added the SYSTEM username and password to the ApplicationRealm that's being used by the remoting-connector? You should be using the add-user.sh to add it. Is this client a standalone remote client?
By the way, I think you forgot to post the server side JNDI logs.
-
6. Re: Remote JNDI invocation failure
sergiu_pienar Jun 28, 2012 7:06 AM (in response to jaikiran)I've removed the code you mentioned and changed re-added the SYSTEM user via add.user.bat (with the password TEST as if I use SYSTEM as a password it complains).
What I'm getting now is :
10:53:33,091 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (EJB default - 2) Login failure: javax.security.auth.login.FailedLoginException: PB00019: Processing Failed:No matching username found in Principals
at org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(DatabaseServerLoginModule.java:186) [picketbox-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:249) [picketbox-4.0.7.Final.jar:4.0.7.Final]
at com.LoginModule.login(LoginModule.java:54) [all-ejbs.jar:]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.6.0_25-ea]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [rt.jar:1.6.0_25-ea]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [rt.jar:1.6.0_25-ea]
at java.lang.reflect.Method.invoke(Method.java:597) [rt.jar:1.6.0_25-ea]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) [rt.jar:1.6.0_25-ea]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [rt.jar:1.6.0_25-ea]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [rt.jar:1.6.0_25-ea]
at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.6.0_25-ea]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [rt.jar:1.6.0_25-ea]
at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [rt.jar:1.6.0_25-ea]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:306) [jboss-as-security-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.security.service.SimpleSecurityManager.push(SimpleSecurityManager.java:272) [jboss-as-security-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.ejb3.security.SecurityContextInterceptor$1.run(SecurityContextInterceptor.java:49) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.ejb3.security.SecurityContextInterceptor$1.run(SecurityContextInterceptor.java:45) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.6.0_25-ea]
at org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:74) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:59) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ejb3.component.interceptors.EjbExceptionTransformingInterceptorFactories$1.processInvocation(EjbExceptionTransformingInterceptorFactories.java:65) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50) [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ejb3.component.interceptors.AdditionalSetupInterceptor.processInvocation(AdditionalSetupInterceptor.java:43) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ee.component.TCCLInterceptor.processInvocation(TCCLInterceptor.java:45) [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:165) [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.invokeMethod(MethodInvocationMessageHandler.java:302) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.access$200(MethodInvocationMessageHandler.java:64) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler$1.run(MethodInvocationMessageHandler.java:196) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441) [rt.jar:1.6.0_25-ea]
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303) [rt.jar:1.6.0_25-ea]
at java.util.concurrent.FutureTask.run(FutureTask.java:138) [rt.jar:1.6.0_25-ea]
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) [rt.jar:1.6.0_25-ea]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) [rt.jar:1.6.0_25-ea]
at java.lang.Thread.run(Thread.java:662) [rt.jar:1.6.0_25-ea
at org.jboss.threads.JBossThread.run(JBossThread.java:122)
10:53:33,148 ERROR [org.jboss.ejb3.invocation] (EJB default - 2) JBAS014134: EJB Invocation failed on component CACPlatformConfigBean for method public abstract com.Config com.ConfigRemote.getConfig() throws com.CException: javax.ejb.EJBAccessException: JBAS013323: Invalid User
at org.jboss.as.ejb3.security.SecurityContextInterceptor$1.run(SecurityContextInterceptor.java:54) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.ejb3.security.SecurityContextInterceptor$1.run(SecurityContextInterceptor.java:45) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.6.0_25-ea]
at org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:74) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:59) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ejb3.component.interceptors.EjbExceptionTransformingInterceptorFactories$1.processInvocation(EjbExceptionTransformingInterceptorFactories.java:65) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50) [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ejb3.component.interceptors.AdditionalSetupInterceptor.processInvocation(AdditionalSetupInterceptor.java:43) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ee.component.TCCLInterceptor.processInvocation(TCCLInterceptor.java:45) [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:165) [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.invokeMethod(MethodInvocationMessageHandler.java:302) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.access$200(MethodInvocationMessageHandler.java:64) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler$1.run(MethodInvocationMessageHandler.java:196) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441) [rt.jar:1.6.0_25-ea]
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303) [rt.jar:1.6.0_25-ea]
at java.util.concurrent.FutureTask.run(FutureTask.java:138) [rt.jar:1.6.0_25-ea]
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) [rt.jar:1.6.0_25-ea]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) [rt.jar:1.6.0_25-ea]
at java.lang.Thread.run(Thread.java:662) [rt.jar:1.6.0_25-ea]
at org.jboss.threads.JBossThread.run(JBossThread.java:122)
and the exception is thrown at look-up now, not at invocation.
Where can I find the JNDI logs ?
Thanks.
-
7. Re: Remote JNDI invocation failure
wdfink Jun 28, 2012 7:09 AM (in response to sergiu_pienar)Jaikiran mean
As for the exception, post the server side logs which show the JNDI names to which the bean is being bound and also post the exact client side code.
This is the part of the server log where the application is deployed, you will see blocks like:
INFO [org.jboss.as.ejb3.deployment.processors.EjbJndiBindingsDeploymentUnitProcessor] (MSC service thread 1-6) JNDI bindings for session bean named ....Bean in deployment unit subdeployment "ejb.jar" of deployment "ejb.ear" are as follows:
java:global/...
java:app/...
java:module/...
java:global/...
java:app/...
java:module/...
-
8. Re: Remote JNDI invocation failure
sergiu_pienar Jun 28, 2012 8:18 AM (in response to wdfink)This is how the bean is deployed :
java:global/all-dev/all-ejbs/ConfigBean!com.ConfigRemote
java:app/all-ejbs/ConfigBean!com.ConfigRemote
java:module/ConfigBean!com.ConfigRemote
java:jboss/exported/all-dev/all-ejbs/ConfigBean!com.ConfigRemote
java:global/all-dev/all-ejbs/ConfigBean!com.ConfigLocal
java:app/all-ejbs/ConfigBean!com.ConfigLocal
java:module/ConfigBean!com.ConfigLocal
Later edit : If I remove the @SecurityDomain(value = "myRealm") from the bean, the invocation works.
-
9. Re: Remote JNDI invocation failure
jaikiran Jun 28, 2012 8:30 AM (in response to sergiu_pienar)Take a look at this guide https://sso.jboss.org/login?service=https%3A%2F%2Fdocs.jboss.org%2Fauthor%2Fdisplay%2FAS71%2FAdmin%2BGuide&gateway=true#AdminGuide-othersecuritydomain especially the part about the "Remoting" login module which you'll have to include in your security-domain configuration for remote invocations
-
10. Re: Remote JNDI invocation failure
sergiu_pienar Jul 4, 2012 6:30 AM (in response to jaikiran)Still no luck.
I'm interested on how can I link my customRealm to the JNDI look-up.
-
11. Re: Remote JNDI invocation failure
sergiu_pienar Jul 10, 2012 8:26 AM (in response to jaikiran)Jaikiran,
Can you confirm that the code below is valid in JBoss 7 ?
If not, what would it be a good replacement ?
UsernamePasswordHandler handler = new UsernamePasswordHandler(String,String);
LoginContext lc = new LoginContext(myRealm, handler);
lc.login();
Thank you !
-
12. Re: Remote JNDI invocation failure
sergiu_pienar Jul 11, 2012 7:22 AM (in response to sergiu_pienar)The authentication is now passing through my custom login module but it gets there with UUID password and username (not the ones I transmit).
My configuration is like this :
<management>
<security-realms>
<security-realm name="ManagementRealm">
<authentication>
<properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>
</authentication>
</security-realm>
<security-realm name="ApplicationRealm">
<authentication>
<properties path="application-users.properties" relative-to="jboss.server.config.dir"/>
</authentication>
</security-realm>
<security-realm name="myAuthRealm">
<authentication>
<jaas name="myRealm"/>
</authentication>
</security-realm>
</security-realms>
<management-interfaces>
<native-interface security-realm="ManagementRealm">
<socket-binding native="management-native"/>
</native-interface>
<http-interface security-realm="ManagementRealm">
<socket-binding http="management-http"/>
</http-interface>
</management-interfaces>
</management>
.................
<subsystem xmlns="urn:jboss:domain:remoting:1.1">
<connector name="remoting-connector" socket-binding="remoting" security-realm="myAuthRealm"/>
</subsystem>
..................................
<security-domain name="myRealm" cache-type="default">
<authentication>
<login-module code="Remoting" flag="optional">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
<login-module code="com.LoginModule" flag="required">
<module-option name="dsJndiName" value="java:jboss/datasources/myDS"/>
<module-option name="hashAlgorithm" value="SHA"/>
<module-option name="hashEncoding" value="BASE64"/>
<module-option name="principalsQuery" value="....."/>
<module-option name="rolesQuery" value="..."/>
</login-module>
</authentication>
</security-domain>
.........................
The look-up code :
final EJBClientConfiguration clientConfiguration = new PropertiesBasedEJBClientConfiguration(
PlatformConfig.createClientConfigurationProperties());
final ContextSelector<EJBClientContext> contextSelector = new ConfigBasedEJBClientContextSelector(clientConfiguration);
EJBClientContext.setSelector(contextSelector);
Properties jndiProps = new Properties();
jndiProps.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");
jndiProps.put(Context.SECURITY_PRINCIPAL, "SYSTEM");
jndiProps.put(Context.SECURITY_CREDENTIALS, "SYSTEM");
jndiProps.put("jboss.naming.client.ejb.context", true);
jndiProps.put(Context.PROVIDER_URL, "remote://localhost:4447");
Context ctx = new InitialContext(jndiProps);
ConfigRemote remoteInterface = (ConfigRemote)ctx
.lookup("ejb:all-dev/all-ejbs/ConfigBean!com.ConfigRemote");
PlatformConfig remoteConfig = remoteInterface.getConfig();
private static Properties createClientConfigurationProperties() { final Properties properties = new Properties(); properties.put("remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "false"); properties.put("remote.connections", "default"); properties.put("remote.connection.default.host", "localhost"); properties.put("remote.connection.default.port", "4447"); properties.put("remote.connection.default.username", "SYSTEM"); properties.put("remote.connection.default.password", "SYSTEM"); //properties.put("remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS", "JBOSS-LOCAL-USER"); properties.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", "false"); properties.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS", "true"); return properties; } If I enable the SASL_DISALLOWED_MECHANISMS I get no EJB receiver available for handling.
I've activated TRACE level for the security subsystem and getting :
10:39:27,230 TRACE [org.jboss.security.authentication.JBossCachedAuthenticationManager] (EJB default - 2) Begin isValid, principal:35205348-665b-448a-91e9-604173963b89, cache entry: null
10:39:27,234 TRACE [org.jboss.security.authentication.JBossCachedAuthenticationManager] (EJB default - 2) defaultLogin, principal=35205348-665b-448a-91e9-604173963b89
10:39:27,236 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] (EJB default - 2) Begin getAppConfigurationEntry(myRealm), size=6
10:39:27,239 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] (EJB default - 2) End getAppConfigurationEntry(myRealm), authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: org.jboss.as.security.remoting.RemotingLoginModule
ControlFlag: LoginModuleControlFlag: optional
Options:
name=password-stacking, value=useFirstPass
[1]
LoginModule Class: com.LoginModule
ControlFlag: LoginModuleControlFlag: required
Options:
name=hashAlgorithm, value=SHA
name=principalsQuery, value="..."
name=hashEncoding, value=BASE64
name=dsJndiName, value=java:jboss/datasources/myDS
name=rolesQuery, value="..."
10:39:39,249 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (EJB default - 2) Login failure: javax.security.auth.login.FailedLoginException: PB00019: Processing Failed:No matching username found in Principals
at org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(DatabaseServerLoginModule.java:186) [picketbox-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:249) [picketbox-4.0.7.Final.jar:4.0.7.Final]
at com.LoginModule.login(LoginModule.java:54) [all-ejbs.jar:]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.6.0_25-ea]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [rt.jar:1.6.0_25-ea]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [rt.jar:1.6.0_25-ea]
at java.lang.reflect.Method.invoke(Method.java:597) [rt.jar:1.6.0_25-ea]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) [rt.jar:1.6.0_25-ea]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [rt.jar:1.6.0_25-ea]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [rt.jar:1.6.0_25-ea]
at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.6.0_25-ea]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [rt.jar:1.6.0_25-ea]
at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [rt.jar:1.6.0_25-ea]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:306) [jboss-as-security-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.security.service.SimpleSecurityManager.push(SimpleSecurityManager.java:272) [jboss-as-security-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.ejb3.security.SecurityContextInterceptor$1.run(SecurityContextInterceptor.java:49) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.ejb3.security.SecurityContextInterceptor$1.run(SecurityContextInterceptor.java:45) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.6.0_25-ea]
at org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:74) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:59) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ejb3.component.interceptors.EjbExceptionTransformingInterceptorFactories$1.processInvocation(EjbExceptionTransformingInterceptorFactories.java:65) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50) [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ejb3.component.interceptors.AdditionalSetupInterceptor.processInvocation(AdditionalSetupInterceptor.java:43) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ee.component.TCCLInterceptor.processInvocation(TCCLInterceptor.java:45) [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61) [jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:165) [jboss-as-ee-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.invokeMethod(MethodInvocationMessageHandler.java:302) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.access$200(MethodInvocationMessageHandler.java:64) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler$1.run(MethodInvocationMessageHandler.java:196) [jboss-as-ejb3-7.1.1.Final.jar:7.1.1.Final]
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441) [rt.jar:1.6.0_25-ea]
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303) [rt.jar:1.6.0_25-ea]
at java.util.concurrent.FutureTask.run(FutureTask.java:138) [rt.jar:1.6.0_25-ea]
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) [rt.jar:1.6.0_25-ea]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) [rt.jar:1.6.0_25-ea]
at java.lang.Thread.run(Thread.java:662) [rt.jar:1.6.0_25-ea]
at org.jboss.threads.JBossThread.run(JBossThread.java:122)
-
13. Re: Remote JNDI invocation failure
jaikiran Jul 11, 2012 7:55 AM (in response to sergiu_pienar)Can you try this against the latest nightly build?
Sergiu Pienar wrote:
//properties.put("remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS", "JBOSS-LOCAL-USER"); ...
If I enable the SASL_DISALLOWED_MECHANISMS I get no EJB receiver available for handling.
Set the SASL_DISALLOWED_MECHANISMS and post the logs that you see when that fails.
-
14. Re: Remote JNDI invocation failure
sergiu_pienar Jul 12, 2012 3:10 AM (in response to jaikiran)It works with the latest nightly.
Thank you.