Looks like security domain creation requires the server restart. At least that is how your CLI above shows. allow-resource-service-restart=true

Remove that and see what happens. Also try to run the Security-Domain creation CLI command using JBoss CLI console, and see the response as it requires a restart, typically as part of the response JBoss indicates a restart required or not.

Ramesh..

Hi Ramesh,

I have the same issue.

I have tried running the cli script using command prompt and also using the GUI tool for cli.

Script:

/subsystem=security/security-domain=TransferRulesDSSecurityDomain/:add(cache-type=default)

/subsystem=security/security-domain=TransferRulesDSSecurityDomain/authentication=classic/:add{allow-resource-service-restart=true}

/subsystem=security/security-domain=TransferRulesDSSecurityDomain/authentication=classic/login-module=Test2Module/:add(flag=required,code=SecureIdentity,module-options={username=user,password=4c01cff24a6e9ab7})

/subsystem=datasources/data-source=TransferRulesDS:add(jndi-name=java:/TransferRulesDS,driver-name=teiid,connection-url=jdbc:teiid:DSDataTransfer@mm://localhost:31000;version\\=1,security-domain=TransferRulesDSSecurityDomain,pool-use-strict-min=false,flush-strategy=FailingConnectionOnly,min-pool-size=1,max-pool-size=4,pool-prefill=false)

data-source enable --name=TestDS

Response:

{"outcome" => "success"}

{"outcome" => "success"}

{"outcome" => "success"}
{"outcome" => "success"}

Server Log:

2015-04-15 10:14:06,531 ERROR [org.jboss.as.connector.subsystems.datasources.AbstractDataSourceService$AS7DataSourceDeployer] (MSC service thread 1-8) Exception during createSubject()PBOX000016: Access denied: authentication failed: java.lang.SecurityException: PBOX000016: Access denied: authentication failed

at org.jboss.security.plugins.JBossSecuritySubjectFactory.createSubject(JBossSecuritySubjectFactory.java:84)

at org.jboss.jca.deployers.common.AbstractDsDeployer$1.run(AbstractDsDeployer.java:1073)

at org.jboss.jca.deployers.common.AbstractDsDeployer$1.run(AbstractDsDeployer.java:1068)

at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_60]

at org.jboss.jca.deployers.common.AbstractDsDeployer.createSubject(AbstractDsDeployer.java:1067)

at org.jboss.jca.deployers.common.AbstractDsDeployer.deployDataSource(AbstractDsDeployer.java:591)

at org.jboss.jca.deployers.common.AbstractDsDeployer.createObjectsAndInjectValue(AbstractDsDeployer.java:282)

at org.jboss.as.connector.subsystems.datasources.AbstractDataSourceService$AS7DataSourceDeployer.deploy(AbstractDataSourceService.java:284)

at org.jboss.as.connector.subsystems.datasources.AbstractDataSourceService.start(AbstractDataSourceService.java:117)

at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1811)

at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1746)

at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) [rt.jar:1.7.0_60]

at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) [rt.jar:1.7.0_60]

at java.lang.Thread.run(Unknown Source) [rt.jar:1.7.0_60]

2015-04-15 10:14:06,531 INFO [org.jboss.as.connector.subsystems.datasources] (MSC service thread 1-8) JBAS010400: Bound data source [java:/TransferRulesDS]

Please help in this reagards,

Thanks,

Nabeel

Set the "min-pool-size=1" to 0, as during that starting of the EAP, there is no way to authenticate a connection. Only when a user logs in the credential can be supplied, or you need to have a Security domain that can provide a default shared connection with static userid/password.

The only thing I see is your LoginModule "Test2Module" when presented with null/empty principle it fails, rather than using the default one you configured.

try min-poolsize=0,  as I was suggesting it looks like the issue is in the Test2module login module, so I suggest working with a debugger and see why you have are seeing the error