-
1. Re: Secure remote access discrepancies between Wildfly 8.1 on Linux vs. on Windows
jbertram Mar 9, 2015 10:43 AM (in response to mashama)Are you seeing a particular error message or exception when you try to send to the remote server? If so, please paste the full details.
-
2. Re: Secure remote access discrepancies between Wildfly 8.1 on Linux vs. on Windows
mashama Mar 9, 2015 11:35 AM (in response to jbertram)My apologizes for forgetting to describe the error I am a seeing.
From the Test report:
-------------------------------------------------------------------------------
Test set: com.chp.valuequest.controller.MessagingTest
-------------------------------------------------------------------------------
Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 43.551 sec <<< FAILURE! - in com.chp.valuequest.controller.MessagingTest
testProcessCensusRemote(com.chp.valuequest.controller.MessagingTest) Time elapsed: 1.765 sec <<< ERROR!
javax.jms.JMSSecurityRuntimeException: HQ119031: Unable to validate user: guest
at org.hornetq.core.protocol.core.impl.ChannelImpl.sendBlocking(ChannelImpl.java:394)
at org.hornetq.core.client.impl.ClientSessionFactoryImpl.createSessionInternal(ClientSessionFactoryImpl.java:880)
at org.hornetq.core.client.impl.ClientSessionFactoryImpl.createSessionInternal(ClientSessionFactoryImpl.java:789)
at org.hornetq.core.client.impl.ClientSessionFactoryImpl.createSession(ClientSessionFactoryImpl.java:326)
at org.hornetq.jms.client.HornetQConnection.authorize(HornetQConnection.java:705)
at org.hornetq.jms.client.HornetQConnectionFactory.createConnectionInternal(HornetQConnectionFactory.java:762)
at org.hornetq.jms.client.HornetQConnectionFactory.createContext(HornetQConnectionFactory.java:139)
at org.hornetq.jms.client.HornetQConnectionFactory.createContext(HornetQConnectionFactory.java:130)
at com.chp.valuequest.controller.MessagingTest.testProcessCensusRemote(MessagingTest.java:130)
From the server:
14:49:18,138 INFO [org.jboss.as.server] (management-handler-thread - 1) JBAS018559: Deployed "opportunity-services.war" (runtime-name : "opportunity-services.war")
2015-03-06 14:49:22,964 INFO [com.chp.valuequest.controller.MessagingTest] (default task-1) testProcessCensusRemote
14:49:22,964 INFO [com.chp.valuequest.controller.MessagingTest] (default task-1) testProcessCensusRemote
2015-03-06 14:49:23,108 INFO [org.xnio] (default task-1) XNIO version 3.2.0.Final
14:49:23,108 INFO [org.xnio] (default task-1) XNIO version 3.2.0.Final
2015-03-06 14:49:23,117 INFO [org.xnio.nio] (default task-1) XNIO NIO Implementation Version 3.2.0.Final
14:49:23,117 INFO [org.xnio.nio] (default task-1) XNIO NIO Implementation Version 3.2.0.Final
2015-03-06 14:49:23,459 INFO [org.jboss.remoting] (default task-1) JBoss Remoting version 4.0.0.Final
14:49:23,459 INFO [org.jboss.remoting] (default task-1) JBoss Remoting version 4.0.0.Final
2015-03-06 14:49:25,825 INFO [org.wildfly.extension.undertow] (MSC service thread 1-3) JBAS017535: Unregistered web context: /OpportunityServices
-
3. Re: Secure remote access discrepancies between Wildfly 8.1 on Linux vs. on Windows
jbertram Mar 9, 2015 1:30 PM (in response to mashama)This looks like a standard security issue to me. I believe that when a client running on the same machine as the application server connects security is not enforced so that's likely why you don't see this same problem when you run the server locally.
I recommend you ensure the proper user is added to the server (e.g. use the "add-user" script in the "bin" directory to add an application user named "guest" with a password of "guest" belonging to the group "guest").
-
4. Re: Secure remote access discrepancies between Wildfly 8.1 on Linux vs. on Windows
mashama Mar 9, 2015 9:39 PM (in response to jbertram)When I run the test on the linux box with the Wildfly instance it fails with the same error. I thought it might have to with whether the client is remote or local but this test scenario suggests otherwise.
-
5. Re: Secure remote access discrepancies between Wildfly 8.1 on Linux vs. on Windows
jbertram Mar 9, 2015 9:56 PM (in response to mashama)Can you confirm that you've added the proper user in the proper group as I recommended previously?
-
6. Re: Secure remote access discrepancies between Wildfly 8.1 on Linux vs. on Windows
mashama Mar 9, 2015 10:22 PM (in response to jbertram)Yes. I can confirm that there is an application user 'guest' with password 'guest' assigned a the 'guest' role.
-
7. Re: Secure remote access discrepancies between Wildfly 8.1 on Linux vs. on Windows
mashama Mar 9, 2015 10:59 PM (in response to jbertram)I feel like I am overlooking something here. However the fact that it works when the client is local to the instance running on Windows, but fails when the client is local and remote to the instance running on Linux makes me think there is actually something wrong here. Don't forget that I literally copied the Wildfly installation from Linux to Windows so both of the installations should be exactly the same.
...
Ok I just confirmed that it works when the remote Linux client messages the instance running on Windows.
-
8. Re: Secure remote access discrepancies between Wildfly 8.1 on Linux vs. on Windows
jbertram Mar 10, 2015 10:34 AM (in response to mashama)One thing you might try is setting <security-enabled>false</security-enabled> in the messaging subsystem on the server running on Linux and seeing if that gets you past the security exception which would confirm that your Windows client is actually connecting to the right server.
A few more things...
- How are you starting the server on Linux? Are you passing any command-line parameters? If so, what are they?
- Can you attach the server configuration you're using on Linux?
- Can you attach the server.log from the Linux server when you observe this problem?
-
9. Re: Secure remote access discrepancies between Wildfly 8.1 on Linux vs. on Windows
mashama Mar 10, 2015 1:00 PM (in response to jbertram)Thanks to you I finally realized which of my assumptions was wrong. It was a configuration issue in the test server deployed on Linux causing the connection attempts to go to a different instance deployed on the same Linux box. I fixed the configuration and everything started to work as intended.
Another tidbit that became clear to me is that because I am using the Arquillian Wildfly Remote container capability the test client was always running in the same container where the JMS queue was configured in. So all is well ...thanks again!