-
30. Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)
Thanks Darren and other for constant and quick support.
I have one quick query.
Currently we are passing management realm user name and password in client ejb properties file.
remote.connection.default.username=admin
remote.connection.default.password=adminHow can I pass user name and password (Above parameters) programatically?
-
31. Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)
apparaonali wrote:
Thanks Darren and other for constant and quick support.
I have one quick query.
Currently we are passing management realm user name and password in client ejb properties file.
remote.connection.default.username=admin
remote.connection.default.password=adminHow can I pass user name and password (Above parameters) programatically?
You set remote.connection.default.callback.handler.class to a class name in your project which implements javax.security.auth.callback.CallbackHandler. Using this API you can obtain them on the fly from the user, or via some other means.
-
32. Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)
final IoFuture<Connection> futureConnection = endpoint.connect(new URI("remote://localhost:" + "4447"), OptionMap.create(Options.SASL_POLICY_NOPLAINTEXT, Boolean.FALSE), callbackhndlr);
@Ganesh - I tried your code, but i got an exception at the code above. Have you ever got any exception for that row???
My log is like below:
24.04.2012 14:13:27: DEBUG logging [main] - Logging Provider: org.jboss.logging.Log4jLoggerProvider
24.04.2012 14:13:27: DEBUG PropertiesBasedEJBClientConfiguration [main] - endpoint.create.options. has the following options {}
24.04.2012 14:13:27: DEBUG PropertiesBasedEJBClientConfiguration [main] - remote.connectionprovider.create.options. has the following options {org.xnio.Options.SSL_ENABLED=>false}
24.04.2012 14:13:27: INFO PropertiesBasedEJBClientConfiguration [main] - No host configured for connection named default. Skipping connection creation
24.04.2012 14:13:27: DEBUG PropertiesBasedEJBClientConfiguration [main] - No clusters configured in properties
24.04.2012 14:13:27: DEBUG EJBClientPropertiesLoader [main] - Looking for jboss-ejb-client.properties using classloader sun.misc.Launcher$AppClassLoader@16f0472
24.04.2012 14:13:27: DEBUG ConfigBasedEJBClientContextSelector [main] - EJB client context org.jboss.ejb.client.EJBClientContext@12368df will have no EJB receivers associated with it since there was no EJB client configuration available to create the receivers
24.04.2012 14:13:27: INFO xnio [main] - XNIO Version 3.0.3.GA
24.04.2012 14:13:27: INFO nio [main] - XNIO NIO Implementation Version 3.0.3.GA
24.04.2012 14:13:27: INFO remoting [main] - JBoss Remoting version 3.2.3.GA
24.04.2012 14:13:27: DEBUG nio [Remoting "ejb-remote-client-endpoint" read-1] - Started channel thread 'Remoting "ejb-remote-client-endpoint" read-1', selector sun.nio.ch.WindowsSelectorImpl@98ce7e
24.04.2012 14:13:27: DEBUG nio [Remoting "ejb-remote-client-endpoint" write-1] - Started channel thread 'Remoting "ejb-remote-client-endpoint" write-1', selector sun.nio.ch.WindowsSelectorImpl@1cb7a1
javax.security.auth.callback.NameCallback@1c8fb4b
javax.security.sasl.RealmCallback@1ea0105
24.04.2012 14:13:40: DEBUG client [Remoting "ejb-remote-client-endpoint" read-1] - Client received authentication rejected for mechanism JBOSS-LOCAL-USER
24.04.2012 14:13:40: ERROR connection [Remoting "ejb-remote-client-endpoint" read-1] - JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
Exception in thread "main" java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
at org.jboss.ejb.client.remoting.IoFutureHelper.get(IoFutureHelper.java:91)
at tr.gov.tubitak.bilgem.uekae.deys.tckk.kuvars.KuvarsEjbTestAS7.<init>(KuvarsEjbTestAS7.java:145)
at tr.gov.tubitak.bilgem.uekae.deys.tckk.kuvars.KuvarsEjbTestAS7.main(KuvarsEjbTestAS7.java:427)
Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:365)
at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:214)
at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)
at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189)
at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103)
at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)
at org.xnio.nio.NioHandle.run(NioHandle.java:90)
at org.xnio.nio.WorkerThread.run(WorkerThread.java:184)
at ...asynchronous invocation...(Unknown Source)
at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:270)
at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:251)
at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:349)
at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:333)
at tr.gov.tubitak.bilgem.uekae.deys.tckk.kuvars.KuvarsEjbTestAS7.<init>(KuvarsEjbTestAS7.java:143)
... 1 more
-
33. Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)
You should enable trace logs for your JBoss instance. You will have a much clearer idea of what is your problem. Search for string 'rejected' in the logs
-
34. Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)
My problem is solved in thread:
https://community.jboss.org/message/732309#732309
Tahnk you Daniel for your reply...
-
35. Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)
Hi ,
I was tryin to invoke a bean deployed in 7.1.2.Final with a remote client , and on the client side in debug log i see "DEBUG: Client authentication failed for mechanism JBOSS-LOCAL-USER: javax.security.sasl.SaslException: Failed to read server challenge [Caused by java.io.FileNotFoundException: \home\rohan\nsasj_june_spr\nsasj4400\domain\tmp\auth\local1752629224252837967.challenge (The system cannot find the path specified)]"
even when i invoke using remote client "JBOSS-LOCAL-USER" mechanism is used first?
after adding the following line to my client properties file ,the debug messages goes away.
remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USERcan you please explain the significance of the above line?i couldnt find the explanation
-
36. Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)
The local mechanism needs to be attempted so that we know it will not work when it fails and then we can move onto the next authentication mechanism in the list.
If a client is always going to be remote from the server then the SASL_DISALLOWED_MECHANISMS is the correct way to disable this for that client, if all clients will be remote from the server remove the <local /> element from the ApplicationRealm and it will be disabled for all clients.
-
37. Re: remote ejb client username is encrypted at the server(JBOSS7.1 Final)
Hi Darran,
I am invoking an local EJB bean in my Presentation layer using JAAS security. In AS 7 server, the SessionContext in EJB is giving "anonymous" where as in AS 5 i am able to get the name properly. Kindly let me know what am i missing in this migration. Awaiting for your reply. I am been stuck up in this for past 1 week. Kindly help