12 Replies Latest reply on Oct 11, 2012 4:15 AM by ksreen

    Remoting over SSL on JBoss AS 7.1.2.FINAL

    Rohan Emmanuel Newbie

      I am tryin to access an EJB deployed on the AS 7.1.2.FINAL over SSL.

       

      i hav created an keystore and exported the public key on to a certificate on the server side and also created the keystore and exported the public key  on a certificate on the client side

       

      i have also imported the client public key on the server's keystore and the server public key on the client's  keystore

       

      i have defined an new realm in host.xml and a new security-domain in domain.xml

      i have even set SSL_ENABLED to true and   SSL_STARTTLS=true

       

      but still i'm not able to access the EJB , i get the followin EXCEPTION

       

      [java] 0010: 38 01 10 4A 42Aug 6, 2012 1:21:31 PM org.jboss.remoting3.remot

      e.RemoteConnection handleException

           [java] ERROR: JBREM000200: Remote connection failed: javax.security.sasl.Sa

      slException: Authentication failed: all available authentication mechanisms fail

      ed

           [java] javax.naming.NamingException: Failed to create remoting connection [

      Root exception is java.lang.RuntimeException: javax.security.sasl.SaslException:

      Authentication failed: all available authentication mechanisms failed]

           [java]     at org.jboss.naming.remote.client.ClientUtil.namingException(Cli

      entUtil.java:51)

           [java]     at org.jboss.naming.remote.client.InitialContextFactory.getIniti

      alContext(InitialContextFactory.java:151)

           [java]     at javax.naming.spi.NamingManager.getInitialContext(NamingManage

      r.java:667)

           [java]     at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.

      java:288)

           [java]     at javax.naming.InitialContext.init(InitialContext.java:223)

           [java]     at javax.naming.InitialContext 4F 53 53   2D 4C 4F 43 41 4C 2D 5

      5  8..JBOSS-LOCAL-U

           [java] 0020: 53 45 52 01 05 50 4C 41   49 4E 0F 7E AB 30 2A DA  SER..PLAIN.

      ..0*.

           [java] 0030: 7C 43 55 81 56 06 1C DE   4B D1                    .CU.V...K.

           [java] Remoting "config-based-naming-client-endpoint" read-1, called closeI

      nbound()

           [java] Remoting "config-based-naming-client-endpoint" read-1, fatal error:

      80: Inbound closed before receiving pee.<init>(InitialContext.java:197)

           [java]     at client.TestRemoteClientA.main(Unknown Source)

           [java] Caused by: java.lang.RuntimeException: javax.security.sasl.SaslExcep

      tion: Authentication failed: all available authentication mechanisms failed

           [java]     at org.jboss.naming.remote.protocol.IoFutureHelper.get(IoFutureH

      elper.java:87)

           [java]     at org.jboss.naming.remote.client.NamingStoreCache.getRemoteNami

      ngStore(NamingStoreCache.java:68)

           [java]     at org.jboss.naming.remote.client.InitialContextFactory.getOrCre

      ateCachedNamingStore(InitialContextFactory.java:196)

           [java]     at org.jboss.naming.remote.client.InitialContextFactory.getOrCre

      ateNamingStore(InitialContextFactory.java:169r's close_notify: possible truncati

      on attack?

           [java] javax.net.ssl.SSLException: Inbound closed before receiving peer's c

      lose_notify: p)

           [java]     at org.jboss.naming.remote.client.InitialContextFactory.getIniti

      alContext(InitialContextFactory.java:134)

           [java]     ... 5 more

           [java] Causossible truncation attack?

           [java] %% Invalidated:  [Session-1, SSL_RSA_WITH_RC4_128_MD5]

           [java] Remoting "config-based-naming-client-endpoined by: javax.security.sa

      sl.SaslException: Authentication failed: all available authentication mechanisms

      failed

           [java]     at org.jboss.rt" read-1, SEND TLSv1 ALERT:  fatal, description =

      internal_error

           [java] Padded plaintext before ENCRYPTION:  len = 18

           [java] 0000: 02 50 69 EA B8 D2 15 F6   76 0B E8 19 6F 3A 54 CF  .Pi.....v..

      .o:T.

           [java] 0010: 3A 77                                              :w

           [java] Remoting "config-based-naming-client-endpoint" read-1, WRITE: TLSv1

      Alert, length = 18

           [java] emoting3.remote.ClientConnectionOpenListener$Capabilities.handleEven

      t(ClientConnectionOpenListener.java:315)

           [java]     at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capab

      ilities.handleEvent(ClientConnectionOpenListener.java:214)

           [java]     at org.xnio.ChannelListeners.invokeChannelListener(ChannelListen

      ers.java:72)

           [java]     at org.xnio.channels.TranslatingSuspendableChannel.handleReadabl

      e(TranslatingSuspendableChannel.java:189)

           [java]     at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent

      (TranslatingSuspendableChannel.java:103)

           [java]     at org.xnio.ChannelListeners.invokeChannelListener(ChannelListen

      ers.java:72)

           [java]     at org.xnio.channels.TranslatingSuspendableChannel.handleReadabl

      e(TranslatingSuspendableChannel.java:189)

           [java]     at org.xnio.ssl.JsseConnectedSslStreamChannel.handleReadable(Jss

      eConnectedSslStreamChannel.java:180)

           [java]     at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent

      (TranslatingSuspendableChannel.java:103)

           [java]     at org.xnio.ChannelListeners.invokeChannelListener(ChannelListen

      ers.java:72)

           [java]     at org.xnio.nio.NioHandle.run(NioHandle.java:90)

           [java]     at org.xnio.nio.WorkerThread.run(WorkerThread.java:184)

           [java]     at ...asynchronous invocation...(Unknown Source)

           [java]     at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:

      270)

           [java]     at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:

      251)

           [java]     at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:34

      9)

           [java]     at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:33

      3)

           [java]     at org.jboss.naming.remote.client.EndpointCache$EndpointWrapper.

      connect(EndpointCache.java:105)

           [java]     at org.jboss.naming.remote.client.NamingStoreCache.getRemoteNami

      ngStore(NamingStoreCache.java:67)

           [java]     ... 8 more

           [java] Exception in thread "main" java.lang.NullPointerException

           [java]     at client.TestRemoteClientA.main(Unknown Source)

           [java] Java Result: 1

       

      please help.

        • 1. Re: Remoting over SSL on JBoss AS 7.1.2.FINAL
          Darran Lofthouse Master

          Authentication failed: all available authentication mechanisms failed

           

          This looks like the underlying connection has been established but it is then failing at the authentication, what does your realm definition look like?

          • 2. Re: Remoting over SSL on JBoss AS 7.1.2.FINAL
            Rohan Emmanuel Newbie

            The realm looks like this,

            i have added the following as per the link :http://middlewaremagic.com/jboss/?p=2176

             

            using EJB Realm:

            <subsystem xmlns="urn:jboss:domain:remoting:1.1">

                        <connector name="remoting-connector" socket-binding="remoting" security-realm="EJBRealm" />

                    </subsystem>

             

             

                            <security-domain name="other" cache-type="default">

                                <authentication>

                                    <login-module code="Remoting" flag="optional">

                                        <module-option name="password-stacking" value="useFirstPass"/>

                                    </login-module>

                                    <login-module code="RealmUsersRoles" flag="required">

                                        <module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/>

                                        <module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/>

                                        <module-option name="realm" value="ApplicationRealm"/>

                                        <module-option name="password-stacking" value="useFirstPass"/>

                                    </login-module>

                                </authentication>

                            </security-domain>

             

            <security-realm name="EJBRealm">

                            <server-identities>

                                <ssl>

                                    <keystore path="jbossServer.keystore" relative-to="jboss.server.config.dir" keystore-password="JBossPassword"/>

                                </ssl>

                            </server-identities>

                            <authentication>

                                <local default-user="$local"/>

                                <jaas name="ejb-security-domain"/>

                            </authentication>

                        </security-realm>

            • 3. Re: Remoting over SSL on JBoss AS 7.1.2.FINAL
              Darran Lofthouse Master

              Ok so your authentication should either be using the local authentication mechanism if the client is running as the same user as the AS process or it should be using username, password authentication - have you also provided the username and password in the client?

              • 4. Re: Remoting over SSL on JBoss AS 7.1.2.FINAL
                Rohan Emmanuel Newbie

                yes... i  hav provided the username and password in the client

                 

                  Properties props = new Properties();

                               props.put(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.naming.remote.client.InitialContextFactory"); 

                                props.put(Context.PROVIDER_URL, "remote://localhost:4447");

                                props.put(Context.SECURITY_PRINCIPAL, "ejbUser");

                                props.put(Context.SECURITY_CREDENTIALS, "ejbPassword");

                System.setProperty("javax.net.ssl.trustStore", "C:/Users/emmanuro/Desktop/Joss Ex/EJB3_Over_SSL_JBossAS711/EJB3_Over_SSL/certificates/jbossClient.keystore");

                System.setProperty("javax.net.ssl.trustStorePassword", "clientPassword");

                 

                 

                and my jboss-ejb-client.properties is as follows:

                 

                remote.connections=testEJB

                 

                 

                remote.connection.testEJB.port=4447

                 

                 

                remote.connection.testEJB.host=localhost

                remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=true

                remote.connection.testEJB.connect.options.org.xnio.Options.SSL_STARTTLS=true

                remote.connection.testEJB.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false

                remote.connection.testEJB.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false

                remote.connection.testEJB.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER

                • 5. Re: Remoting over SSL on JBoss AS 7.1.2.FINAL
                  Ondra Chaloupka Expert

                  It depends how you create InitialContext on the remote client and how the SecurityRealm is set for remote client but try to use in jboss-ejb-client.properties:

                  remote.connection.testEJB.username=ejbUser

                  remote.connection.testEJB.password=ejbPassword

                  or whether you test it on your local machine try to comment line

                  # remote.connection.testEJB.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER

                  for you to see whether the connection works in case of auto-local authentication.

                  • 6. Re: Remoting over SSL on JBoss AS 7.1.2.FINAL
                    Rohan Emmanuel Newbie

                    if i comment the line

                    # remote.connection.testEJB.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER


                    and add the following lines to the jboss-ejb-client.properties:

                    remote.connection.testEJB.username=ejbUser

                    remote.connection.testEJB.password=ejbPassword


                     

                    im getting the following exception:

                    INFO: JBoss Remoting version 3.2.7.GA

                    Aug 08, 2012 11:30:41 AM org.jboss.remoting3.remote.RemoteConnection handleException

                    ERROR: JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed

                    Aug 08, 2012 11:30:41 AM org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector setupEJBReceivers

                    WARN: Could not register a EJB receiver for connection to localhost:4447

                    java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed

                      at org.jboss.ejb.client.remoting.IoFutureHelper.get(IoFutureHelper.java:91)

                      at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.setupEJBReceivers(ConfigBasedEJBClientContextSelector.java:119)

                      at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.<init>(ConfigBasedEJBClientContextSelector.java:76)

                      at org.jboss.ejb.client.EJBClientContext.<clinit>(EJBClientContext.java:77)

                      at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:120)

                      at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:104)

                      at $Proxy0.testMethod(Unknown Source)

                      at TestRemoteClientA.main(TestRemoteClientA.java:43)

                    Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed

                      at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:315)

                      at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:214)

                      at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

                      at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189)

                      at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103)

                      at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

                      at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189)

                      at org.xnio.ssl.JsseConnectedSslStreamChannel.handleReadable(JsseConnectedSslStreamChannel.java:180)

                      at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103)

                      at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

                      at org.xnio.nio.NioHandle.run(NioHandle.java:90)

                      at org.xnio.nio.WorkerThread.run(WorkerThread.java:184)

                      at ...asynchronous invocation...(Unknown Source)

                      at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:270)

                      at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:386)

                      at org.jboss.ejb.client.remoting.NetworkUtil.connect(NetworkUtil.java:151)

                      at org.jboss.ejb.client.remoting.NetworkUtil.connect(NetworkUtil.java:132)

                      at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.setupEJBReceivers(ConfigBasedEJBClientContextSelector.java:117)

                      ... 6 more

                     

                     

                    Aug 08, 2012 11:30:41 AM org.jboss.remoting3.remote.RemoteConnection handleException

                    ERROR: JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed

                    Exception in thread "main" java.lang.IllegalStateException: EJBCLIENT000025: No EJB receiver available for handling [appName:, moduleName:TestRemoteEJBEAR, distinctName:] combination for invocation context org.jboss.ejb.client.EJBClientInvocationContext@74e382

                      at org.jboss.ejb.client.EJBClientContext.requireEJBReceiver(EJBClientContext.java:588)

                    • 7. Re: Remoting over SSL on JBoss AS 7.1.2.FINAL
                      Ondra Chaloupka Expert

                      Hi,

                      I think that it could be a naming problem. It seems from the last exception that the connection was done but the EJB receiver is not able to find the demanded been. At least from the error it seems that you are working with EAR archive but you're using just moduleName.

                      Could you attach part of the server log where your application is deployed and the lookup string that you're using in remote client?

                      Or check https://docs.jboss.org/author/display/AS71/EJB+invocations+from+a+remote+client+using+JNDI

                      • 8. Re: Remoting over SSL on JBoss AS 7.1.2.FINAL
                        Rohan Emmanuel Newbie

                        yes .. its an .EAR which has a .JAR

                        i had added the module name while looking up(i had removed it some reason).

                        this is how i lookup

                         

                        CallerRemote remote=(CallerRemote)context.lookup("ejb:TestRemoteEJBEAR/remoteEJB//CallerBean!remote.CallerRemote");

                         

                         

                        The server side log is as follows:

                         

                        10:50:54,319 INFO  [org.jboss.as.ejb3.deployment.processors.EjbJndiBindingsDeplo

                        ymentUnitProcessor] (MSC service thread 1-3) JNDI bindings for session bean name

                        d CallerBean in deployment unit subdeployment "remoteEJB.jar" of deployment "Tes

                        tRemoteEJBEAR.ear" are as follows:

                         

                         

                                java:global/TestRemoteEJBEAR/remoteEJB/CallerBean!remote.CallerRemote

                                java:app/remoteEJB/CallerBean!remote.CallerRemote

                                java:module/CallerBean!remote.CallerRemote

                                java:jboss/exported/TestRemoteEJBEAR/remoteEJB/CallerBean!remote.CallerR

                        emote

                                java:global/TestRemoteEJBEAR/remoteEJB/CallerBean

                                java:app/remoteEJB/CallerBean

                                java:module/CallerBean

                         

                        The exception on the client side is as follows:

                         

                         

                         

                                  --------------------------

                        Got initial Context: javax.naming.InitialContext@bf2d5e

                        Aug 08, 2012 2:00:34 PM org.jboss.ejb.client.EJBClient <clinit>

                        INFO: JBoss EJB Client version 1.0.10.Final

                        Aug 08, 2012 2:00:34 PM org.xnio.Xnio <clinit>

                        INFO: XNIO Version 3.0.3.GA

                        Aug 08, 2012 2:00:34 PM org.xnio.nio.NioXnio <clinit>

                        INFO: XNIO NIO Implementation Version 3.0.3.GA

                        Aug 08, 2012 2:00:34 PM org.jboss.remoting3.EndpointImpl <clinit>

                        INFO: JBoss Remoting version 3.2.7.GA

                        Aug 08, 2012 2:00:35 PM org.jboss.remoting3.remote.RemoteConnection handleException

                        ERROR: JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed

                        Aug 08, 2012 2:00:35 PM org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector setupEJBReceivers

                        WARN: Could not register a EJB receiver for connection to localhost:4447

                        java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed

                                  at org.jboss.ejb.client.remoting.IoFutureHelper.get(IoFutureHelper.java:91)

                                  at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.setupEJBReceivers(ConfigBasedEJBClientContextSelector.java:119)

                                  at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.<init>(ConfigBasedEJBClientContextSelector.java:76)

                                  at org.jboss.ejb.client.EJBClientContext.<clinit>(EJBClientContext.java:77)

                                  at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:120)

                                  at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:104)

                                  at $Proxy0.testMethod(Unknown Source)

                                  at TestRemoteClientA.main(TestRemoteClientA.java:43)

                        Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed

                                  at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:315)

                                  at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:214)

                                  at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

                                  at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189)

                                  at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103)

                                  at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

                                  at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189)

                                  at org.xnio.ssl.JsseConnectedSslStreamChannel.handleReadable(JsseConnectedSslStreamChannel.java:180)

                                  at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103)

                                  at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

                                  at org.xnio.nio.NioHandle.run(NioHandle.java:90)

                                  at org.xnio.nio.WorkerThread.run(WorkerThread.java:184)

                                  at ...asynchronous invocation...(Unknown Source)

                                  at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:270)

                                  at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:386)

                                  at org.jboss.ejb.client.remoting.NetworkUtil.connect(NetworkUtil.java:151)

                                  at org.jboss.ejb.client.remoting.NetworkUtil.connect(NetworkUtil.java:132)

                                  at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.setupEJBReceivers(ConfigBasedEJBClientContextSelector.java:117)

                                  ... 6 more

                         

                         

                        Aug 08, 2012 2:00:35 PM org.jboss.remoting3.remote.RemoteConnection handleException

                        ERROR: JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed

                        Exception in thread "main" java.lang.IllegalStateException: EJBCLIENT000025: No EJB receiver available for handling [appName:TestRemoteEJBEAR, moduleName:remoteEJB, distinctName:] combination for invocation context org.jboss.ejb.client.EJBClientInvocationContext@286fe6

                                  at org.jboss.ejb.client.EJBClientContext.requireEJBReceiver(EJBClientContext.java:588)

                                  at org.jboss.ejb.client.ReceiverInterceptor.handleInvocation(ReceiverInterceptor.java:116)

                                  at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:181)

                                  at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:136)

                                  at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:121)

                                  at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:104)

                                  at $Proxy0.testMethod(Unknown Source)

                                  at TestRemoteClientA.main(TestRemoteClientA.java:43)

                        • 9. Re: Remoting over SSL on JBoss AS 7.1.2.FINAL
                          Ondra Chaloupka Expert

                          It seems to me that the configuration is fine.

                          Just as an idea - could you try to use only jboss-ejb-client.properties for creating InitialContext? I mean that  you'll create InitialContext like:

                          Properties properties = new Properties();

                          properties.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");

                          InitialContext initialContext = new InitialContext(properties);

                           

                          CallerRemote remote = (CallerRemote) initialContext.lookup("ejb:TestRemoteEJBEAR/remoteEJB/CallerBean!remote.CallerRemote");

                          and then you'll have jboss-ejb-client.properties defined as you presented before

                          remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=true

                           

                          remote.connections=testEJB

                          remote.connection.testEJB.host=localhost

                          remote.connection.testEJB.port=4447

                          remote.connection.testEJB.connect.options.org.xnio.Options.SSL_STARTTLS=true

                          remote.connection.testEJB.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false

                          remote.connection.testEJB.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false

                          # remote.connection.testEJB.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER

                          • 10. Re: Remoting over SSL on JBoss AS 7.1.2.FINAL
                            Rohan Emmanuel Newbie

                            yes...i tried what u suggested, still i see the same exception

                             

                            Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed

                             

                            in my client

                            System.setProperty("javax.net.ssl.trustStore", "C:/Users/emmanuro/Desktop/Joss Ex/EJB3_Over_SSL_JBossAS711/EJB3_Over_SSL/certificates/jbossClient.keystore");

                            System.setProperty("javax.net.ssl.trustStorePassword", "clientPassword");

                             

                             

                            the ablove part of the setting the property of truststore and its password is correct?

                             

                             

                            please help


                            • 11. Re: Remoting over SSL on JBoss AS 7.1.2.FINAL
                              Ondra Chaloupka Expert

                              What I can point out is that the error message

                              Aug 08, 2012 2:00:35 PM org.jboss.remoting3.remote.RemoteConnection handleException

                              ERROR: JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed

                              Exception in thread "main" java.lang.IllegalStateException: EJBCLIENT000025: No EJB receiver available for handling [appName:TestRemoteEJBEAR, moduleName:remoteEJB, distinctName:] combination for invocation context org.jboss.ejb.client.EJBClientInvocationContext@286fe6

                                        at org.jboss.ejb.client.EJBClientContext.requireEJBReceiver(EJBClientContext.java:588)

                                        ....

                              is a little confusing (at leas I think). The information that "No EJB receiver available for handling" should means that the connection to server was successful. Like that the SSL channel works fine. But receiver for EJB that you want is not available.

                              Does the remoting call work without using SSL? That could be worthy to try.

                              • 12. Re: Remoting over SSL on JBoss AS 7.1.2.FINAL
                                ksreen Newbie

                                The problem is actually with the security domain authentication when the realm uses jaas authentication mechanism. It is describe in https://issues.jboss.org/browse/AS7-4824  and fixed in 7.1.3

                                1 of 1 people found this helpful