2 Replies Latest reply on Apr 12, 2017 3:21 PM by harryreid

How to add Java security jvm parameters in wildfly 10?

harryreid Apr 12, 2017 8:31 AM

Hi,

We are upgrading from Jboss 4.3 to wildfly 10. In the old system we have an option of adding java.security parameters to point the location of krb5.ini and bsclogin.conf files like below.

set JVM_ARGS=%JVM_ARGS% -Djava.security.auth.login.config=C:\conf\bscLogin.conf

set JVM_ARGS=%JVM_ARGS% -Djava.security.krb5.conf=C:\conf\krb5.ini

Is it possible to add that in Wildfly 10?

Thanks

1. Re: How to add Java security jvm parameters in wildfly 10?

mchoma Apr 12, 2017 2:59 AM (in response to harryreid)

Yes, as this is more jvm feature it should still work.

Note, you can also configure system properties using CLI command:

/system-property=java.security.krb5.conf:add(value=/path/to/krb.conf)

That way it will be persisted in standalone.xml configuration.
1 of 1 people found this helpful
Actions
2. Re: How to add Java security jvm parameters in wildfly 10?

harryreid Apr 12, 2017 3:21 PM (in response to mchoma)

Hi Martin,
I added both the parameters as system properties. But I still get an error saying Password invalid/Password required. I confirmed that the password is correct.

2017-04-12 18:37:07,813 DS_Worker-8 ERROR [stderr ] com.crystaldecisions.sdk.exception.SDKException$SecurityError: Active Directory Authentication failed to log you on.
Please contact your system administrator to make sure you are a member of a valid mapped group and try again.
If you are not a member of the default domain, enter your user name as UserName@DNS_DomainName, and then try again. (FWM 00006)

2017-04-12 18:37:07,813 DS_Worker-8 ERROR [stderr ] cause:javax.security.auth.login.FailedLoginException: PBOX00070: Password invalid/Password required

2017-04-12 18:37:07,813 DS_Worker-8 ERROR [stderr ] detail:Active Directory Authentication failed to log you on. Please contact your system administrator to make sure
you are a member of a valid mapped group and try again. If you are not a member of the default domain, enter your user name as UserName@DNS_DomainName, and then try again. (FWM 00006) PBOX00070:
Password invalid/Password required
2017-04-12 18:37:07,814 DS_Worker-8 ERROR [stderr ] at com.crystaldecisions.sdk.plugin.authentication.secwinad.internal.SecWinADError.ThrowException(SecWinADError.java:46)
2017-04-12 18:37:07,814 DS_Worker-8 ERROR [stderr ] at com.crystaldecisions.sdk.plugin.authentication.secwinad.internal.SecWinADAuthentication.startKerbLogin(SecWinADAuthentication.java:380)
2017-04-12 18:37:07,814 DS_Worker-8 ERROR [stderr ] at com.crystaldecisions.sdk.plugin.authentication.secwinad.internal.SecWinADAuthentication.startLogin(SecWinADAuthentication.java:161)
2017-04-12 18:37:07,814 DS_Worker-8 ERROR [stderr ] at com.crystaldecisions.sdk.occa.security.internal.LogonService.doLogon(LogonService.java:977)
2017-04-12 18:37:07,815 DS_Worker-8 ERROR [stderr ] at com.crystaldecisions.sdk.occa.security.internal.LogonService.doUserLogon(LogonService.java:874)
2017-04-12 18:37:07,815 DS_Worker-8 ERROR [stderr ] at com.crystaldecisions.sdk.occa.security.internal.LogonService.doUserLogon(LogonService.java:805)
2017-04-12 18:37:07,815 DS_Worker-8 ERROR [stderr ] at com.crystaldecisions.sdk.occa.security.internal.LogonService.userLogon(LogonService.java:210)
2017-04-12 18:37:07,816 DS_Worker-8 ERROR [stderr ] at com.crystaldecisions.sdk.occa.security.internal.SecurityMgr.userLogon(SecurityMgr.java:166)

Wondering if I have to configure anything in the security domain settings in the domain.xml file?
Actions

Go to original post