1 Reply Latest reply on Jun 12, 2012 7:43 AM by Wolf-Dieter Fink

    Domain configuration with jboss-as-7.1.1.Final

    Santhosh TR Newbie

      Hi,

       

      I'm facing an issue with configuring jboss in domain mode. I have 2 jboss running in my network in two separate boxes (having 2 differnt IPs).

      In both instances used the add-user.bat script to add Management Users ( in both instances the username and password are the same).

      When I start the slave from the second box, I'm getting a connect exception due to authenticatin failure.

       

       


      Calling "D:\tShare\foo\jboss\jboss-as-7.1.1.Final\bin\domain.conf.bat"
      ===============================================================================

        JBoss Bootstrap Environment

        JBOSS_HOME: D:\tShare\foo\jboss\jboss-as-7.1.1.Final

        JAVA: D:\Applns\Java\jdk1.6.0_27\bin\java

        JAVA_OPTS: -Dprogram.name=domain.bat -Xms64M -Xmx512M -XX:MaxPermSize=256M -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000 -Djava.net.preferIPv4Stack=true -Dorg.jboss.resolver.warning=true -Djboss.modules.system.pkgs=org.jboss.byteman -Djboss.domain.default.config=domain.xml -Djboss.host.default.config=host.xml

      ===============================================================================

      15:49:54,290 INFO  [org.jboss.modules] (main) JBoss Modules version 1.1.1.GA
      15:49:54,380 INFO  [org.jboss.as.process.Host Controller.status] (main) JBAS012017: Starting process 'Host Controller'
      [Host Controller] 15:49:54,748 INFO  [org.jboss.modules] (main) JBoss Modules version 1.1.1.GA
      [Host Controller] 15:49:54,825 INFO  [org.jboss.msc] (main) JBoss MSC version 1.0.2.GA
      [Host Controller] 15:49:54,881 INFO  [org.jboss.as] (MSC service thread 1-3) JBAS015899: JBoss AS 7.1.1.Final "Brontes" starting
      [Host Controller] 15:49:55,190 INFO  [org.xnio] (MSC service thread 1-1) XNIO Version 3.0.3.GA
      [Host Controller] 15:49:55,198 INFO  [org.xnio.nio] (MSC service thread 1-1) XNIO NIO Implementation Version 3.0.3.GA
      [Host Controller] 15:49:55,204 INFO  [org.jboss.remoting] (MSC service thread 1-1) JBoss Remoting version 3.2.3.GA
      [Host Controller] 15:49:55,753 ERROR [org.jboss.remoting.remote.connection] (Remoting "slave:MANAGEMENT" read-1) JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
      [Host Controller] 15:49:55,759 ERROR [org.jboss.as.host.controller] (Controller Boot Thread) JBAS010901: Could not connect to master. Aborting. Error was: java.lang.IllegalStateException: JBAS010942: Unable to connect due to authentication failure.
      [Host Controller] 15:49:55,769 INFO  [org.jboss.as] (MSC service thread 1-3) JBAS015950: JBoss AS 7.1.1.Final "Brontes" stopped in 7ms
      15:49:56,113 INFO  [org.jboss.as.process.Host Controller.status] (reaper for Host Controller) JBAS012010: Process 'Host Controller' finished with an exit status of 99
      15:49:56,115 INFO  [org.jboss.as.process] (Thread-8) JBAS012016: Shutting down process controller
      15:49:56,116 INFO  [org.jboss.as.process] (Thread-8) JBAS012015: All processes finished; exiting
      Press any key to continue . . .

       

       

      Please help me to solve this issue.

      Steps which I folled to configure the instances ( the host controller and slave) is given below.

       

      Step 1: Host Controller Instance Configuration

       

      The domain controller is running from the first box (192.168.3.59) and used the default "host.xml" provided with the distribution . Please find the "host.xml" below.

       

       

      <?xml version='1.0' encoding='UTF-8'?>

      <!--  <host name="master" xmlns="urn:jboss:domain:1.2"> -->
      <host name="master" xmlns="urn:jboss:domain:1.2">
          <management>
              <security-realms>
                  <security-realm name="ManagementRealm">
                      <authentication>
                          <properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/>
                      </authentication>
                  </security-realm>
                  <security-realm name="ApplicationRealm">
                      <authentication>
                          <properties path="application-users.properties" relative-to="jboss.domain.config.dir" />
                      </authentication>
                  </security-realm>
              </security-realms>
              <management-interfaces>
                  <native-interface security-realm="ManagementRealm">
                      <socket interface="management" port="${jboss.management.native.port:9999}"/>
                  </native-interface>
                  <http-interface security-realm="ManagementRealm">
                      <socket interface="management" port="${jboss.management.http.port:9990}"/>
                  </http-interface>
              </management-interfaces>
          </management>

          <domain-controller>
             <local/>
             <!-- Alternative remote domain controller configuration with a host and port -->
             <!-- <remote host="${jboss.domain.master.address}" port="${jboss.domain.master.port:9999}"/> -->
          </domain-controller>

          <interfaces>
              <!--<interface name="management">
                  <inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
              </interface> -->
        <interface name="management">
                  <inet-address value="192.168.3.59"/>
              </interface>
        <!-- <interface name="public">
                 <inet-address value="${jboss.bind.address:127.0.0.1}"/>
              </interface> -->
        <interface name="public">
                 <inet-address value="192.168.3.59"/>
              </interface>
              <!--<interface name="unsecure">
                  Used for IIOP sockets in the standard configuration.
                       To secure JacORB you need to setup SSL -->
                  <!--<inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/>
              </interface> -->
       
         <!--<interface name="unsecure">
                  Used for IIOP sockets in the standard configuration.
                       To secure JacORB you need to setup SSL -->
                  <!--<inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/>
              </interface> -->
       
        <interface name="unsecure">
                   <inet-address value="192.168.3.59"/>
              </interface>
          </interfaces>

        <jvms>
           <jvm name="default">
                <heap size="256m" max-size="256m"/>
                <permgen size="256m" max-size="256m"/>
                  <jvm-options>
                      <option value="-server"/>
                  </jvm-options>
             </jvm>
        </jvms>

          <servers>
              <server name="server-one" group="main-server-group">
                  <!-- Remote JPDA debugging for a specific server
                  <jvm name="default">
                    <jvm-options>
                      <option value="-Xrunjdwp:transport=dt_socket,address=8787,server=y,suspend=n"/>
                    </jvm-options>
                 </jvm>
                 -->
              </server>
              <server name="server-two" group="main-server-group" auto-start="true">
                  <!-- server-two avoids port conflicts by incrementing the ports in
                       the default socket-group declared in the server-group -->
                  <socket-bindings port-offset="150"/>
              </server>
              <server name="server-three" group="other-server-group" auto-start="false">
                  <!-- server-three avoids port conflicts by incrementing the ports in
                       the default socket-group declared in the server-group -->
                  <socket-bindings port-offset="250"/>
              </server>
          </servers>
      </host>

       

       

      Step 2: Slave Instance Configuration

       

       

      From the second instance, I have renamed the "host-slave.xml" to "host.xml".

      As directed, the password is base64 encrypted and updated the "secret value" in "server-identities" ( This password is the same for bot the "domain controller" and the "slave")

       

      <server-identities>

                           <!-- Replace this with either a base64 password of your own, or use a vault with a vault expression -->

                           <!--<secret value="c2xhdmVfdXNlcl9wYXNzd29yZA=="/> -->

            <secret value="dGNjYWRtaW4="/>

      </server-identities>

       

      Now updated the "domain-controller" section in the host.xml

       

      <domain-controller>

             <!-- <remote host="${jboss.domain.master.address}" port="${jboss.domain.master.port:9999}" security-realm="ManagementRealm"/> -->

          <remote host="192.168.3.59" port="9999" security-realm="ManagementRealm"/>

      </domain-controller>

      The whole host file is given for the reference

       

       

      <?xml version='1.0' encoding='UTF-8'?>

      <host name="slave" xmlns="urn:jboss:domain:1.2">

          <management>
              <security-realms>
                  <security-realm name="ManagementRealm">
                      <server-identities>
                           <!-- Replace this with either a base64 password of your own, or use a vault with a vault expression -->
                           <!--<secret value="c2xhdmVfdXNlcl9wYXNzd29yZA=="/> -->
            <secret value="dGNjYWRtaW4="/>
                      </server-identities>

                      <authentication>
                          <properties path="mgmt-users.properties" relative-to="jboss.domain.config.dir"/>
                      </authentication>
                  </security-realm>
                  <security-realm name="ApplicationRealm">
                      <authentication>
                          <properties path="application-users.properties" relative-to="jboss.domain.config.dir" />
                      </authentication>
                  </security-realm>
              </security-realms>
              <management-interfaces>
                  <native-interface security-realm="ManagementRealm">
                      <socket interface="management" port="${jboss.management.native.port:9999}"/>
                  </native-interface>
              </management-interfaces>
          </management>

          <domain-controller>
             <!-- <remote host="${jboss.domain.master.address}" port="${jboss.domain.master.port:9999}" security-realm="ManagementRealm"/> -->
          <remote host="192.168.3.59" port="9999" security-realm="ManagementRealm"/>
          </domain-controller>

          <interfaces>
              <!--<interface name="management">
                  <inet-address value="${jboss.bind.address.management:127.0.0.1}"/>
              </interface> -->
       
        <interface name="management">
                  <inet-address value="192.168.2.199"/>
              </interface>
              <!--<interface name="public">
                 <inet-address value="${jboss.bind.address:127.0.0.1}"/>
              </interface> -->
        <interface name="public">
                 <inet-address value="192.168.2.199"/>
              </interface>
       
              <interface name="unsecure">
                  <!-- Used for IIOP sockets in the standard configuration.
                       To secure JacORB you need to setup SSL -->
                  <!-- <inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/> -->
         <inet-address value="192.168.2.199"/>
              </interface>
          </interfaces>

          <jvms>
             <jvm name="default">
                  <heap size="64m" max-size="256m"/>
                  <permgen size="256m" max-size="256m"/>
                    <jvm-options>
                        <option value="-server"/>
                    </jvm-options>
               </jvm>
          </jvms>

          <servers>
              <server name="server-one" group="main-server-group"/>
              <server name="server-two" group="other-server-group">
                  <!-- server-two avoids port conflicts by incrementing the ports in
                       the default socket-group declared in the server-group -->
                  <socket-bindings port-offset="150"/>
              </server>
          </servers>
      </host>

       

       

      Thanks,

      San