1 2 3 Previous Next 33 Replies Latest reply on Nov 2, 2016 2:17 PM by Bo Xi

    How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?

    Damian Petrecki Newbie

      Hello,

      I'm trying to rewrite my old, JavaSE application using WildFly Server.

      I used to using my own, created from scratch server and standalone client with TCP connection secured by SSL/RSA bi-directional verification and encryption and then check user credentials and principals in database.

      Now, I want to do that using WildFly and I'm fighting really long time to achieve this.

       

      So.. I started with creating the keys:

      keytool -genkeypair -alias myserverkey -keyalg RSA -keysize 2048 -validity 73000 -keystore server.keystore -storepass password@123 -keypass password@123
      keytool -export -alias myserverkey -keystore server.keystore -file server.crt
      keytool -import -file server.crt -alias myserverkey -keystore client.truststore
      
      
      
      

       

      Then, I've configured standalone.xml:

      <!-- typical ManagementRealm configuration -->
      
      <security-realm name="ApplicationRealm">
        <server-identities>
          <ssl>
             <keystore aliast="myserverkey" path="server.keystore" relative-to="jboss.server.config.dir" keystore-password="password@123"/>
          </ssl>
        </server-identities>
        <authentication>
          <jaas name="other"/
        </authentication>
      </security-realm>
      
      <!-- valid datasource configuration -->
      
      <subsystem xmlns="urn:jboss:domain:security:1.2">
        <security-domain name="other" cache-type="default">
          <authentication>
            <login-module code="Database" flag="required">
              <module-option name="dsJndiName" value="java:jboss/datasources/myDB"/>
              <module-option name="principalsQuery" value="SELECT pass FROM user WHERE login=?"/>
              <module-option name="rolesQuery" value="SELECT r.role, 'Roles' FROM role r INNER JOIN user u ON u.id = r.id_user WHERE u.login=?"/>
              <module-option name="password-stacking" value="useFirstPass"/>
              <module-option name="hashAlgorithm" value="SHA-256"/>
              <module-option name="hashEncoding" value="base64"/>
            </login-module>
          </authentication>
        </security-domain>
      
      <!-- standard jboss-web-policy and jboss-ejb-policy -->
      
      <!-- open listening on proper interface -->
      
      
      
      

       

      Of course, I have database with tables:

      user (id int, login varchar(45), pass varchar(64))

      role (id int, id_user int, role varchar(45))

       

      I have standard HelloBean with HelloRemote interface and I was able to run everything without security (with standard standalone.xml)

       

      My client code is:

      Logger.getRootLogger().setLevel(Level.ALL);
      Logger.getRootLogger().addAppender(new ConsoleAppender(new SimpleLayout()));
      
      System.setProperty("javax.net.ssl.trustStore", "resources/client.truststore") ;
      System.setProperty("javax.net.ssl.trustStorePassword", "password@123") ;
      
      final Properties clientConfigProps = new Properties();
      
      
      
      clientConfigProps.put("endpoint.name", "my-client");
      clientConfigProps.put("remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "true");
      clientConfigProps.put("remote.connections", "default");
      clientConfigProps.put("remote.connection.default.host", "192.168.115.10");
      clientConfigProps.put("remote.connection.default.port", "8080");
      clientConfigProps.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS", "true");
      clientConfigProps.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", "false");
      clientConfigProps.put("remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS", "JBOSS-LOCAL-USER");
      clientConfigProps.put("remote.connection.default.connect.options.org.xnio.Options.SSL_STARTTLS", "true");
      clientConfigProps.put("remote.connection.default.username", "admin");
      clientConfigProps.put("remote.connection.default.password", "password");
      
      final EJBClientConfiguration ejbClientConfiguration = new PropertiesBasedEJBClientConfiguration(clientConfigProps);
      final ContextSelector<EJBClientContext> ejbClientContextSelector = new ConfigBasedEJBClientContextSelector(ejbClientConfiguration);
      EJBClientContext.setSelector(ejbClientContextSelector);
      
      final Properties jndiProperties = new Properties();
      jndiProperties.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");
      Context ctx = new InitialContext(jndiProperties);
      
      HelloRemote bean = (HelloRemote) ctx.lookup("ejb:AppName/module-0.0.1-SNAPSHOT/HelloBean/path.to.HelloRemote");
      System.out.println(bean.seyHello()); //crash
      
      
      
      

       

      I've added user, password (created with http://www.xorbin.com/tools/sha256-hash-calculator) and some roles to database.

      And that doesn't work...

       

      So, I want to:

      1. Verify server on client using RSA

      2. Encrypt connection using RSA

      3. Authenticate user and authorize him using database.

      4. It would be nice to verify client application (non user, but just client app) on server using another pair of RSA keys.

       

      Now, I have an exception in last line of my client:

      
      DEBUG - Logging Provider: org.jboss.logging.Log4jLoggerProvider
      DEBUG - endpoint.create.options. has the following options {}
      TRACE - Options {} have been merged with defaults {org.xnio.Options.THREAD_DAEMON=>true} to form {org.xnio.Options.THREAD_DAEMON=>true}
      DEBUG - remote.connectionprovider.create.options. has the following options {org.xnio.Options.SSL_ENABLED=>true}
      TRACE - Options {org.xnio.Options.SSL_ENABLED=>true} have been merged with defaults {} to form {org.xnio.Options.SSL_ENABLED=>true}
      DEBUG - remote.connection.default.connect.options. has the following options {org.xnio.Options.SASL_POLICY_NOANONYMOUS=>true,org.xnio.Options.SASL_POLICY_NOPLAINTEXT=>false,org.xnio.Options.SSL_STARTTLS=>true,org.xnio.Options.SASL_DISALLOWED_MECHANISMS=>[JBOSS-LOCAL-USER]}
      TRACE - Options {org.xnio.Options.SASL_POLICY_NOANONYMOUS=>true,org.xnio.Options.SASL_POLICY_NOPLAINTEXT=>false,org.xnio.Options.SSL_STARTTLS=>true,org.xnio.Options.SASL_DISALLOWED_MECHANISMS=>[JBOSS-LOCAL-USER]} have been merged with defaults {} to form {org.xnio.Options.SASL_POLICY_NOANONYMOUS=>true,org.xnio.Options.SASL_POLICY_NOPLAINTEXT=>false,org.xnio.Options.SSL_STARTTLS=>true,org.xnio.Options.SASL_DISALLOWED_MECHANISMS=>[JBOSS-LOCAL-USER]}
      DEBUG - remote.connection.default.channel.options. has the following options {}
      DEBUG - Connection org.jboss.ejb.client.PropertiesBasedEJBClientConfiguration$RemotingConnectionConfigurationImpl@10dd151f successfully created for connection named default
      DEBUG - No clusters configured in properties
      DEBUG - Looking for jboss-ejb-client.properties using classloader sun.misc.Launcher$AppClassLoader@77a6686
      DEBUG - Found jboss-ejb-client.properties using classloader sun.misc.Launcher$AppClassLoader@77a6686
      DEBUG - endpoint.create.options. has the following options {}
      TRACE - Options {} have been merged with defaults {org.xnio.Options.THREAD_DAEMON=>true} to form {org.xnio.Options.THREAD_DAEMON=>true}
      DEBUG - remote.connectionprovider.create.options. has the following options {}
      TRACE - Options {} have been merged with defaults {} to form {}
      DEBUG - No remoting connections configured in properties
      DEBUG - No clusters configured in properties
      
      
      
      
      
      
      
      

      I'm trying to use my bean here!

      
      
      
      
      INFO - JBoss EJB Client version 2.0.0.Beta5
      INFO - XNIO version 3.2.0.Beta4
      INFO - XNIO NIO Implementation Version 3.2.0.Beta4
      TRACE - Starting up with selector provider class sun.nio.ch.EPollSelectorProvider
      TRACE - Closing resource sun.nio.ch.PollSelectorImpl@5e536b73
      TRACE - Using Default system selector creator for provider class sun.nio.ch.EPollSelectorProvider for main selectors and Selector creator class sun.nio.ch.PollSelectorImpl for provider class sun.nio.ch.EPollSelectorProvider for temp selectors
      TRACE - CAS org.xnio.nio.NioXnioWorker@7fdd37fe 00000001 -> 00000002
      TRACE - Starting worker thread Thread[Remoting "my-client" I/O-1,5,main]
      DEBUG - Started channel thread 'Remoting "my-client" I/O-1', selector sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9
      INFO - JBoss Remoting version (unknown)
      TRACE - Completed open of endpoint "my-client" <51a84ed6>
      TRACE - Allocated tick to 1 of endpoint "my-client" <51a84ed6> (opened Connection provider for remote)
      TRACE - Adding connection provider registration named 'remote': Remoting remote connection provider 32b4376e for endpoint "my-client" <51a84ed6>
      TRACE - Allocated tick to 2 of endpoint "my-client" <51a84ed6> (opened Connection provider for http-remoting)
      TRACE - Adding connection provider registration named 'http-remoting': Remoting remote connection provider 2a7704dd for endpoint "my-client" <51a84ed6>
      TRACE - Allocated tick to 3 of endpoint "my-client" <51a84ed6> (opened Connection provider for https-remoting)
      TRACE - Adding connection provider registration named 'https-remoting': Remoting remote connection provider 54031f94 for endpoint "my-client" <51a84ed6>
      TRACE - Allocated tick to 4 of endpoint "my-client" <51a84ed6> (opened Connection to /192.168.115.10:8080)
      TRACE - Attempting to connect to "/192.168.115.10:8080" with options {org.xnio.Options.SASL_POLICY_NOANONYMOUS=>true,org.xnio.Options.SASL_POLICY_NOPLAINTEXT=>false,org.xnio.Options.SSL_STARTTLS=>true,org.xnio.Options.SASL_DISALLOWED_MECHANISMS=>[JBOSS-LOCAL-USER]}
      TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Running task org.xnio.nio.WorkerThread$SynchTask@5ec4c412
      TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Selected key sun.nio.ch.SelectionKeyImpl@55336cdf for java.nio.channels.SocketChannel[connection-pending local=/0:0:0:0:0:0:0:0:36725 remote=/192.168.115.10:8080]
      TRACE - Invoking listener org.xnio.http.HttpUpgrade$HttpUpgradeState$ConnectionOpenListener@662077b6 on channel org.xnio.nio.NioSocketStreamConnection@5d93821b
      TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Selected key sun.nio.ch.SelectionKeyImpl@55336cdf for java.nio.channels.SocketChannel[connected local=/192.168.115.1:36725 remote=/192.168.115.10:8080]
      TRACE - Invoking listener org.xnio.http.HttpUpgrade$HttpUpgradeState$UpgradeResultListener@256a4d0a on channel org.xnio.conduits.ConduitStreamSourceChannel@65e7deb6
      TRACE - Invoking listener org.jboss.remoting3.remote.HttpUpgradeConnectionProvider$2@6f4d33 on channel org.xnio.nio.NioSocketStreamConnection@5d93821b
      TRACE - Invoking listener org.jboss.remoting3.remote.RemoteConnectionProvider$3@665c5a83 on channel org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
      TRACE - Created new framed message channel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5, receive buffer Pooled wrapper around java.nio.HeapByteBuffer[pos=0 lim=8196 cap=8196], transmit buffer Pooled wrapper around java.nio.HeapByteBuffer[pos=0 lim=8196 cap=8196]
      TRACE - Setting read listener to org.jboss.remoting3.remote.ClientConnectionOpenListener$Greeting@4ccd37f3
      TRACE - Running task org.xnio.nio.NioHandle$1@1da2f8ca
      TRACE - Invoking listener Delegating channel listener -> Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5 on channel org.xnio.conduits.ConduitStreamSourceChannel@65e7deb6
      TRACE - Invoking listener Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5 on channel org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
      TRACE - Invoking listener org.jboss.remoting3.remote.ClientConnectionOpenListener$Greeting@4ccd37f3 on channel org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
      TRACE - Copying message from java.nio.HeapByteBuffer[pos=4 lim=21 cap=8196] into java.nio.HeapByteBuffer[pos=0 lim=8192 cap=8192]
      TRACE - Received java.nio.HeapByteBuffer[pos=17 lim=8192 cap=8192]
      TRACE - Client received greeting
      TRACE - Client received server name: 192.168.115.10
      TRACE - Client sending capabilities request
      TRACE - Setting read listener to org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities@5c186f07
      TRACE - Accepting java.nio.HeapByteBuffer[pos=0 lim=44 cap=8192] into java.nio.HeapByteBuffer[pos=0 lim=8196 cap=8196]
      TRACE - Accepted a message into java.nio.HeapByteBuffer[pos=48 lim=8196 cap=8196]
      TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
      TRACE - Sent message java.nio.HeapByteBuffer[pos=44 lim=44 cap=8192] (direct)
      TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
      TRACE - Flushed channel (direct)
      TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9 (with timeout)
      TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Selected key sun.nio.ch.SelectionKeyImpl@55336cdf for java.nio.channels.SocketChannel[connected local=/192.168.115.1:36725 remote=/192.168.115.10:8080]
      TRACE - Invoking listener Delegating channel listener -> Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5 on channel org.xnio.conduits.ConduitStreamSourceChannel@65e7deb6
      TRACE - Invoking listener Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5 on channel org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
      TRACE - Invoking listener org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities@5c186f07 on channel org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
      TRACE - Copying message from java.nio.HeapByteBuffer[pos=4 lim=51 cap=8196] into java.nio.HeapByteBuffer[pos=0 lim=8192 cap=8192]
      TRACE - Client received capabilities response
      TRACE - Client received capability: version 1
      TRACE - Client received capability: remote endpoint name "appserver"
      TRACE - Client received capability: SASL mechanism PLAIN
      TRACE - SASL mechanism PLAIN added to allowed set
      TRACE - Client received capability: message close protocol supported
      TRACE - Client received capability: remote version is "(unknown)"
      TRACE - Client received capability: remote channels in is "40"
      TRACE - Client received capability: remote channels out is "40"
      TRACE - Client initiating authentication using mechanism PLAIN
      TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9 (with timeout)
      TRACE - Accepting java.nio.HeapByteBuffer[pos=0 lim=22 cap=8192] into java.nio.HeapByteBuffer[pos=0 lim=8196 cap=8196]
      TRACE - Accepted a message into java.nio.HeapByteBuffer[pos=26 lim=8196 cap=8196]
      TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
      TRACE - Sent message java.nio.HeapByteBuffer[pos=22 lim=22 cap=8192] (direct)
      TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
      TRACE - Flushed channel (direct)
      TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9 (with timeout)
      TRACE - Setting read listener to org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication@7abb96c5
      TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Selected key sun.nio.ch.SelectionKeyImpl@55336cdf for java.nio.channels.SocketChannel[connected local=/192.168.115.1:36725 remote=/192.168.115.10:8080]
      TRACE - Invoking listener Delegating channel listener -> Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5 on channel org.xnio.conduits.ConduitStreamSourceChannel@65e7deb6
      TRACE - Invoking listener Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5 on channel org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
      TRACE - Invoking listener org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication@7abb96c5 on channel org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
      TRACE - Copying message from java.nio.HeapByteBuffer[pos=4 lim=5 cap=8196] into java.nio.HeapByteBuffer[pos=0 lim=8192 cap=8192]
      DEBUG - Client received authentication rejected for mechanism PLAIN
      TRACE - Client sending capabilities request
      TRACE - Setting read listener to org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities@31a79e76
      TRACE - Accepting java.nio.HeapByteBuffer[pos=0 lim=44 cap=8192] into java.nio.HeapByteBuffer[pos=0 lim=8196 cap=8196]
      TRACE - Accepted a message into java.nio.HeapByteBuffer[pos=48 lim=8196 cap=8196]
      TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
      TRACE - Sent message java.nio.HeapByteBuffer[pos=44 lim=44 cap=8192] (direct)
      TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
      TRACE - Flushed channel (direct)
      TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9 (with timeout)
      TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Selected key sun.nio.ch.SelectionKeyImpl@55336cdf for java.nio.channels.SocketChannel[connected local=/192.168.115.1:36725 remote=/192.168.115.10:8080]
      TRACE - Invoking listener Delegating channel listener -> Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5 on channel org.xnio.conduits.ConduitStreamSourceChannel@65e7deb6
      TRACE - Invoking listener Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5 on channel org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
      TRACE - Invoking listener org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities@31a79e76 on channel org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
      TRACE - Copying message from java.nio.HeapByteBuffer[pos=4 lim=51 cap=8196] into java.nio.HeapByteBuffer[pos=0 lim=8192 cap=8192]
      TRACE - Client received capabilities response
      TRACE - Client received capability: version 1
      TRACE - Client received capability: remote endpoint name "appserver"
      TRACE - Client received capability: SASL mechanism PLAIN
      TRACE - Client received capability: message close protocol supported
      TRACE - Client received capability: remote version is "(unknown)"
      TRACE - Client received capability: remote channels in is "40"
      TRACE - Client received capability: remote channels out is "40"
      TRACE - Connection error detail
      javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
          at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:367)
          at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:229)
          at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
          at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:196)
          at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:110)
          at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
          at org.xnio.ChannelListeners$DelegatingChannelListener.handleEvent(ChannelListeners.java:1092)
          at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
          at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
          at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:87)
          at org.xnio.nio.WorkerThread.run(WorkerThread.java:531)
      ERROR - JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
      TRACE - Closing resource org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
      TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
      TRACE - Cancelling key sun.nio.ch.SelectionKeyImpl@55336cdf of java.nio.channels.SocketChannel[connected local=/192.168.115.1:36725 remote=/192.168.115.10:8080] (same thread)
      TRACE - Invoking listener Delegating channel listener -> Close listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5 on channel org.xnio.nio.NioSocketStreamConnection@5d93821b
      TRACE - Invoking listener Close listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5 on channel org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
      TRACE - Closing resource org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
      TRACE - Closing resource org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
      TRACE - Registered exception result
      javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
          at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:367)
          at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:229)
          at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
          at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:196)
          at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:110)
          at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
          at org.xnio.ChannelListeners$DelegatingChannelListener.handleEvent(ChannelListeners.java:1092)
          at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
          at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
          at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:87)
          at org.xnio.nio.WorkerThread.run(WorkerThread.java:531)
      TRACE - Resource closed count 00000003 of endpoint "my-client" <51a84ed6> (closed a failed connection (2))
      WARN - Could not register a EJB receiver for connection to 192.168.115.10:8080
      java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
          at org.jboss.ejb.client.remoting.IoFutureHelper.get(IoFutureHelper.java:92)
          at org.jboss.ejb.client.remoting.ConnectionPool.getConnection(ConnectionPool.java:77)
          at org.jboss.ejb.client.remoting.RemotingConnectionManager.getConnection(RemotingConnectionManager.java:51)
          at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.setupEJBReceivers(ConfigBasedEJBClientContextSelector.java:155)
          at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.getCurrent(ConfigBasedEJBClientContextSelector.java:115)
          at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.getCurrent(ConfigBasedEJBClientContextSelector.java:47)
          at org.jboss.ejb.client.EJBClientContext.getCurrent(EJBClientContext.java:271)
          at org.jboss.ejb.client.EJBClientContext.requireCurrent(EJBClientContext.java:281)
          at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:176)
          at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:144)
          at com.sun.proxy.$Proxy0.getCpuName(Unknown Source)
          at path.to.app.my.client.connector.test.EJBClientTest.contextTest(EJBClientTest.java:48)
          at path.to.app.my.client.connector.test.EJBClientTest.main(EJBClientTest.java:31)
      Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
          at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:367)
          at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:229)
          at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
          at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:196)
          at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:110)
          at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
          at org.xnio.ChannelListeners$DelegatingChannelListener.handleEvent(ChannelListeners.java:1092)
          at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
          at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
          at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:87)
          at org.xnio.nio.WorkerThread.run(WorkerThread.java:531)
          at ...asynchronous invocation...(Unknown Source)
          at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:272)
          at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:388)
          at org.jboss.ejb.client.remoting.EndpointPool$PooledEndpoint.connect(EndpointPool.java:187)
          at org.jboss.ejb.client.remoting.NetworkUtil.connect(NetworkUtil.java:153)
          at org.jboss.ejb.client.remoting.NetworkUtil.connect(NetworkUtil.java:133)
          at org.jboss.ejb.client.remoting.ConnectionPool.getConnection(ConnectionPool.java:75)
          ... 11 more
      DEBUG - Registered a reconnect handler in EJB client context org.jboss.ejb.client.EJBClientContext@5a2712df for remote://192.168.115.10:8080
      DEBUG - Registered 0 remoting EJB receivers for EJB client context org.jboss.ejb.client.EJBClientContext@5a2712df
      TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Allocated tick to 4 of endpoint "my-client" <51a84ed6> (opened Connection to /192.168.115.10:8080)
      TRACE - Attempting to connect to "/192.168.115.10:8080" with options {org.xnio.Options.SASL_POLICY_NOANONYMOUS=>true,org.xnio.Options.SASL_POLICY_NOPLAINTEXT=>false,org.xnio.Options.SSL_STARTTLS=>true,org.xnio.Options.SASL_DISALLOWED_MECHANISMS=>[JBOSS-LOCAL-USER]}
      TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Running task org.xnio.nio.WorkerThread$SynchTask@3f987899
      TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Selected key sun.nio.ch.SelectionKeyImpl@8e89bed for java.nio.channels.SocketChannel[connection-pending local=/0:0:0:0:0:0:0:0:56501 remote=/192.168.115.10:8080]
      TRACE - Invoking listener org.xnio.http.HttpUpgrade$HttpUpgradeState$ConnectionOpenListener@235343c2 on channel org.xnio.nio.NioSocketStreamConnection@2f8587ac
      TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Selected key sun.nio.ch.SelectionKeyImpl@8e89bed for java.nio.channels.SocketChannel[connected local=/192.168.115.1:56501 remote=/192.168.115.10:8080]
      TRACE - Invoking listener org.xnio.http.HttpUpgrade$HttpUpgradeState$UpgradeResultListener@678e4593 on channel org.xnio.conduits.ConduitStreamSourceChannel@2d79eb02
      TRACE - Invoking listener org.jboss.remoting3.remote.HttpUpgradeConnectionProvider$2@8ac0b08 on channel org.xnio.nio.NioSocketStreamConnection@2f8587ac
      TRACE - Invoking listener org.jboss.remoting3.remote.RemoteConnectionProvider$3@5e4a3789 on channel org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
      TRACE - Created new framed message channel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb, receive buffer Pooled wrapper around java.nio.HeapByteBuffer[pos=0 lim=8196 cap=8196], transmit buffer Pooled wrapper around java.nio.HeapByteBuffer[pos=0 lim=8196 cap=8196]
      TRACE - Setting read listener to org.jboss.remoting3.remote.ClientConnectionOpenListener$Greeting@24671637
      TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Selected key sun.nio.ch.SelectionKeyImpl@8e89bed for java.nio.channels.SocketChannel[connected local=/192.168.115.1:56501 remote=/192.168.115.10:8080]
      TRACE - Invoking listener Delegating channel listener -> Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb on channel org.xnio.conduits.ConduitStreamSourceChannel@2d79eb02
      TRACE - Invoking listener Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb on channel org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
      TRACE - Invoking listener org.jboss.remoting3.remote.ClientConnectionOpenListener$Greeting@24671637 on channel org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
      TRACE - Copying message from java.nio.HeapByteBuffer[pos=4 lim=21 cap=8196] into java.nio.HeapByteBuffer[pos=0 lim=8192 cap=8192]
      TRACE - Received java.nio.HeapByteBuffer[pos=17 lim=8192 cap=8192]
      TRACE - Client received greeting
      TRACE - Client received server name: 192.168.115.10
      TRACE - Client sending capabilities request
      TRACE - Setting read listener to org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities@6be3878c
      TRACE - Accepting java.nio.HeapByteBuffer[pos=0 lim=44 cap=8192] into java.nio.HeapByteBuffer[pos=0 lim=8196 cap=8196]
      TRACE - Accepted a message into java.nio.HeapByteBuffer[pos=48 lim=8196 cap=8196]
      TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
      TRACE - Sent message java.nio.HeapByteBuffer[pos=44 lim=44 cap=8192] (direct)
      TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
      TRACE - Flushed channel (direct)
      TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9 (with timeout)
      TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Selected key sun.nio.ch.SelectionKeyImpl@8e89bed for java.nio.channels.SocketChannel[connected local=/192.168.115.1:56501 remote=/192.168.115.10:8080]
      TRACE - Invoking listener Delegating channel listener -> Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb on channel org.xnio.conduits.ConduitStreamSourceChannel@2d79eb02
      TRACE - Invoking listener Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb on channel org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
      TRACE - Invoking listener org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities@6be3878c on channel org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
      TRACE - Copying message from java.nio.HeapByteBuffer[pos=4 lim=51 cap=8196] into java.nio.HeapByteBuffer[pos=0 lim=8192 cap=8192]
      TRACE - Client received capabilities response
      TRACE - Client received capability: version 1
      TRACE - Client received capability: remote endpoint name "appserver"
      TRACE - Client received capability: SASL mechanism PLAIN
      TRACE - SASL mechanism PLAIN added to allowed set
      TRACE - Client received capability: message close protocol supported
      TRACE - Client received capability: remote version is "(unknown)"
      TRACE - Client received capability: remote channels in is "40"
      TRACE - Client received capability: remote channels out is "40"
      TRACE - Client initiating authentication using mechanism PLAIN
      TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9 (with timeout)
      TRACE - Accepting java.nio.HeapByteBuffer[pos=0 lim=22 cap=8192] into java.nio.HeapByteBuffer[pos=0 lim=8196 cap=8196]
      TRACE - Accepted a message into java.nio.HeapByteBuffer[pos=26 lim=8196 cap=8196]
      TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
      TRACE - Sent message java.nio.HeapByteBuffer[pos=22 lim=22 cap=8192] (direct)
      TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
      TRACE - Flushed channel (direct)
      TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9 (with timeout)
      TRACE - Setting read listener to org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication@b04cb4
      TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Selected key sun.nio.ch.SelectionKeyImpl@8e89bed for java.nio.channels.SocketChannel[connected local=/192.168.115.1:56501 remote=/192.168.115.10:8080]
      TRACE - Invoking listener Delegating channel listener -> Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb on channel org.xnio.conduits.ConduitStreamSourceChannel@2d79eb02
      TRACE - Invoking listener Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb on channel org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
      TRACE - Invoking listener org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication@b04cb4 on channel org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
      TRACE - Copying message from java.nio.HeapByteBuffer[pos=4 lim=5 cap=8196] into java.nio.HeapByteBuffer[pos=0 lim=8192 cap=8192]
      DEBUG - Client received authentication rejected for mechanism PLAIN
      TRACE - Client sending capabilities request
      TRACE - Setting read listener to org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities@367bbdc6
      TRACE - Accepting java.nio.HeapByteBuffer[pos=0 lim=44 cap=8192] into java.nio.HeapByteBuffer[pos=0 lim=8196 cap=8196]
      TRACE - Accepted a message into java.nio.HeapByteBuffer[pos=48 lim=8196 cap=8196]
      TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
      TRACE - Sent message java.nio.HeapByteBuffer[pos=44 lim=44 cap=8192] (direct)
      TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
      TRACE - Flushed channel (direct)
      TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9 (with timeout)
      TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Selected key sun.nio.ch.SelectionKeyImpl@8e89bed for java.nio.channels.SocketChannel[connected local=/192.168.115.1:56501 remote=/192.168.115.10:8080]
      TRACE - Invoking listener Delegating channel listener -> Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb on channel org.xnio.conduits.ConduitStreamSourceChannel@2d79eb02
      TRACE - Invoking listener Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb on channel org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
      TRACE - Invoking listener org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities@367bbdc6 on channel org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
      TRACE - Copying message from java.nio.HeapByteBuffer[pos=4 lim=51 cap=8196] into java.nio.HeapByteBuffer[pos=0 lim=8192 cap=8192]
      TRACE - Client received capabilities response
      TRACE - Client received capability: version 1
      TRACE - Client received capability: remote endpoint name "appserver"
      TRACE - Client received capability: SASL mechanism PLAIN
      TRACE - Client received capability: message close protocol supported
      TRACE - Client received capability: remote version is "(unknown)"
      TRACE - Client received capability: remote channels in is "40"
      TRACE - Client received capability: remote channels out is "40"
      TRACE - Connection error detail
      javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
          at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:367)
          at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:229)
          at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
          at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:196)
          at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:110)
          at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
          at org.xnio.ChannelListeners$DelegatingChannelListener.handleEvent(ChannelListeners.java:1092)
          at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
          at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
          at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:87)
          at org.xnio.nio.WorkerThread.run(WorkerThread.java:531)
      ERROR - JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
      TRACE - Closing resource org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
      TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
      TRACE - Cancelling key sun.nio.ch.SelectionKeyImpl@8e89bed of java.nio.channels.SocketChannel[connected local=/192.168.115.1:56501 remote=/192.168.115.10:8080] (same thread)
      TRACE - Invoking listener Delegating channel listener -> Close listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb on channel org.xnio.nio.NioSocketStreamConnection@2f8587ac
      TRACE - Invoking listener Close listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb on channel org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
      TRACE - Closing resource org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
      TRACE - Closing resource org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
      TRACE - Registered exception result
      javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
          at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:367)
          at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:229)
          at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
          at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:196)
          at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:110)
          at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
          at org.xnio.ChannelListeners$DelegatingChannelListener.handleEvent(ChannelListeners.java:1092)
          at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
          at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
          at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:87)
          at org.xnio.nio.WorkerThread.run(WorkerThread.java:531)
      TRACE - Resource closed count 00000003 of endpoint "my-client" <51a84ed6> (closed a failed connection (2))
      DEBUG - Re-connect attempt# 1 failed for 192.168.115.10:8080
      java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
          at org.jboss.ejb.client.remoting.IoFutureHelper.get(IoFutureHelper.java:92)
          at org.jboss.ejb.client.remoting.ConnectionPool.getConnection(ConnectionPool.java:77)
          at org.jboss.ejb.client.remoting.RemotingConnectionManager.getConnection(RemotingConnectionManager.java:51)
          at org.jboss.ejb.client.remoting.MaxAttemptsReconnectHandler.tryConnect(MaxAttemptsReconnectHandler.java:65)
          at org.jboss.ejb.client.remoting.EJBClientContextConnectionReconnectHandler.reconnect(EJBClientContextConnectionReconnectHandler.java:56)
          at org.jboss.ejb.client.EJBClientContext$ReconnectAttempt.run(EJBClientContext.java:1304)
          at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
          at java.util.concurrent.FutureTask.run(FutureTask.java:262)
          at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
          at java.lang.Thread.run(Thread.java:744)
      Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
          at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:367)
          at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:229)
          at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
          at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:196)
          at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:110)
          at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
          at org.xnio.ChannelListeners$DelegatingChannelListener.handleEvent(ChannelListeners.java:1092)
          at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
          at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
          at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:87)
          at org.xnio.nio.WorkerThread.run(WorkerThread.java:531)
          at ...asynchronous invocation...(Unknown Source)
          at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:272)
          at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:388)
          at org.jboss.ejb.client.remoting.EndpointPool$PooledEndpoint.connect(EndpointPool.java:187)
          at org.jboss.ejb.client.remoting.NetworkUtil.connect(NetworkUtil.java:153)
          at org.jboss.ejb.client.remoting.NetworkUtil.connect(NetworkUtil.java:133)
          at org.jboss.ejb.client.remoting.ConnectionPool.getConnection(ConnectionPool.java:75)
          ... 9 more
      Exception in thread "main" TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9
      java.lang.IllegalStateException: EJBCLIENT000025: No EJB receiver available for handling [appName:my, moduleName:maintenance-0.0.1-SNAPSHOT, distinctName:] combination for invocation context org.jboss.ejb.client.EJBClientInvocationContext@5f2d8ca1
          at org.jboss.ejb.client.EJBClientContext.requireEJBReceiver(EJBClientContext.java:749)
          at org.jboss.ejb.client.ReceiverInterceptor.handleInvocation(ReceiverInterceptor.java:116)
          at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:183)
          at org.jboss.ejb.client.EJBInvocationHandler.sendRequestWithPossibleRetries(EJBInvocationHandler.java:253)
          at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:198)
          at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:181)
          at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:144)
          at com.sun.proxy.$Proxy0.getCpuName(Unknown Source)
          at path.to.app.my.client.connector.test.EJBClientTest.contextTest(EJBClientTest.java:48)
          at path.to.app.my.client.connector.test.EJBClientTest.main(EJBClientTest.java:31)
      TRACE - Closing endpoint "my-client" <51a84ed6> synchronously
      TRACE - Closing Remoting remote connection provider 54031f94 for endpoint "my-client" <51a84ed6> asynchronously
      TRACE - Completed close of Remoting remote connection provider 54031f94 for endpoint "my-client" <51a84ed6>
      TRACE - Closing Registration of 'https-remoting': Remoting remote connection provider 54031f94 for endpoint "my-client" <51a84ed6> asynchronously
      TRACE - Closing Remoting remote connection provider 54031f94 for endpoint "my-client" <51a84ed6> asynchronously
      TRACE - Completed close of Registration of 'https-remoting': Remoting remote connection provider 54031f94 for endpoint "my-client" <51a84ed6>
      TRACE - Phase 1 shutdown count 00000002 of endpoint "my-client" <51a84ed6> (closed Remoting remote connection provider 54031f94 for endpoint "my-client" <51a84ed6>)
      TRACE - Closing Remoting remote connection provider 32b4376e for endpoint "my-client" <51a84ed6> asynchronously
      TRACE - Completed close of Remoting remote connection provider 32b4376e for endpoint "my-client" <51a84ed6>
      TRACE - Closing Registration of 'remote': Remoting remote connection provider 32b4376e for endpoint "my-client" <51a84ed6> asynchronously
      TRACE - Closing Remoting remote connection provider 32b4376e for endpoint "my-client" <51a84ed6> asynchronously
      TRACE - Completed close of Registration of 'remote': Remoting remote connection provider 32b4376e for endpoint "my-client" <51a84ed6>
      TRACE - Phase 1 shutdown count 00000001 of endpoint "my-client" <51a84ed6> (closed Remoting remote connection provider 32b4376e for endpoint "my-client" <51a84ed6>)
      TRACE - Closing Remoting remote connection provider 2a7704dd for endpoint "my-client" <51a84ed6> asynchronously
      TRACE - Completed close of Remoting remote connection provider 2a7704dd for endpoint "my-client" <51a84ed6>
      TRACE - Closing Registration of 'http-remoting': Remoting remote connection provider 2a7704dd for endpoint "my-client" <51a84ed6> asynchronously
      TRACE - Closing Remoting remote connection provider 2a7704dd for endpoint "my-client" <51a84ed6> asynchronously
      TRACE - Completed close of Registration of 'http-remoting': Remoting remote connection provider 2a7704dd for endpoint "my-client" <51a84ed6>
      TRACE - Finished phase 1 shutdown of endpoint "my-client" <51a84ed6>
      TRACE - Initiating shutdown of org.xnio.nio.NioXnioWorker@7fdd37fe
      TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - Shutting down channel thread "Thread[Remoting "my-client" I/O-1,5,main]"
      TRACE - Closing resource sun.nio.ch.EPollSelectorImpl@c7b7af9
      TRACE - CAS org.xnio.nio.NioXnioWorker@7fdd37fe 80000002 -> 80000001
      TRACE - Closing resource false
      TRACE - CAS org.xnio.nio.NioXnioWorker@7fdd37fe 80000001 -> 80000000
      TRACE - CAS org.xnio.nio.NioXnioWorker@7fdd37fe 80000000 -> c0000000 (close complete)
      TRACE - Completed close of endpoint "my-client" <51a84ed6>
      TRACE - Closing Remoting local connection provider 2f62236f for endpoint "my-client" <51a84ed6> asynchronously
      TRACE - Completed close of Remoting local connection provider 2f62236f for endpoint "my-client" <51a84ed6>
      
      
      
      
      

       

      I have no idea, what is wrong, so any help will be gratefull.

        • 2. Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?
          xiang yingbing Master

          1. Do NOT use "other" as your security domain! It is a special domain!

          2. You should specify the security domain in your ejb application through jboss-ejb3.xml too.

          3. please do NOT forget to set keystores in your client's class path.

           

          Above link is a detailed example.

          Good luck!

          1 of 1 people found this helpful
          • 3. Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?
            xiang yingbing Master

            Moreover, please use jboss as 7.2.0, it is a stable release.

            Wildfly-8 is under development.

             

            Please always use stable release if you are newbie to any technology.

            • 4. Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?
              Damian Petrecki Newbie

              Thanks for Your answer.

              I want to use WildFly, because I don't want to learn "old standards". I know that JBoss 7 will be "current standard" still a long time, but the new, stable WildFly 8.0 Final should appears this week, so I wanted to start on something up to date.

              I wanted to use "other" Security Domain, because it is default SD and doesn't need to be configured in beans or in jboss-ejb3.xml.

              Of course I remembered to set keystore and truststore

              All in all, when I had used org.jboss.security.auth.spi.Util to generate password stored in DB (instead web SHA-256 generator and web base64 encryptor), and - as You said - changed Security Domain to my own, the application ran correctly.

               

              Unfortunately, after some tests I realized that connection is still not encrypted.

              • 5. Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?
                xiang yingbing Master

                I know that JBoss 7 will be "current standard" still a long time, but the new, stable WildFly 8.0 Final should appears this week, so I wanted to start on something up to date.

                ~~~~~OK. Actually, the configuration for jboss as 7 and wildfly 8 is almost same!!!

                          (Sometimes, you will meet strange bugs in CR version, if you do not track the JIRA, you will be lost. That is why I suggest you use stable version. )

                 

                All in all, when I had used org.jboss.security.auth.spi.Util to generate password stored in DB (instead web SHA-256 generator and web base64 encryptor),

                ~~~~~Yes, you are right. We should NOT use "SHA-256 generator and web base64 encryptor" to generate hashed password!

                 

                and - as You said - changed Security Domain to my own, the application ran correctly.

                ~~~~~I do NOT know too much about "default" Security Domain, but I think you had better use it ONLY in test environment.

                 

                Unfortunately, after some tests I realized that connection is still not encrypted.

                ~~~~~Now, you problem is ONLY about SSL. Have you configured the SSL option for your EJB client? Like this (I tested bellow code in wildfly-8.CR!):

                • 6. Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?
                  xiang yingbing Master
                  
                  
                  
                      
                  try{   
                  
                   
                  
                  
                          
                  Properties p = new Properties();
                  
                  
                          
                  p.put("remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "true");
                  
                  
                     
                  
                   p.put("remote.connections", "default");
                  
                  
                     
                  
                   p.put("remote.connection.default.host", serverIP);
                  
                  
                     
                  
                   p.put("remote.connection.default.port", "80");
                  
                  
                          
                  p.put("remote.connection.default.username", username);
                  
                  
                          
                  p.put("remote.connection.default.password", password);
                  
                  
                          
                  p.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS", "false");
                  
                  
                          
                  p.put("remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS", "JBOSS-LOCAL-USER");
                  
                  
                          
                  p.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", "false");
                  
                  
                          
                  p.put("remote.connection.default.connect.options.org.xnio.Options.SSL_STARTTLS", "true");
                  
                  
                          
                  p.put("remote.connection.default.connect.timeout", "30000");//for xnio 
                  
                  
                  
                   
                  
                  
                         
                   
                  
                  
                          
                  EJBClientConfiguration cc = new PropertiesBasedEJBClientConfiguration(p);
                  
                  
                          
                  ContextSelector<EJBClientContext> selector = new ConfigBasedEJBClientContextSelector(cc);
                  
                  
                          
                  EJBClientContext.setSelector(selector);
                  
                  
                         
                   
                  
                  
                          
                  EJBClientContext.getCurrent().registerInterceptor(0,new ClientSessionTokenInterceptor());
                  
                  
                          
                  EJBClientContext.getCurrent().registerInterceptor(1,new ClientExceptionInterceptor());
                  
                  
                         
                   
                  
                  
                          
                  Properties props = new Properties();
                  
                  
                          
                  props.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");
                  
                  
                          
                  context = new InitialContext(props);
                  
                  
                          
                  securedRemoteSessionProxy = (ISecuredRemoteSession)context.lookup(jndiName);
                  
                  
                     
                   }catch(Exception e){
                  
                  
                     
                  
                   log.error("连接服务器失败:",e);
                  
                  
                     
                  
                   throw ConnectionToServerFailedException.INSTANCE;
                  
                  
                     
                   }
                  
                  
                  
                  
                  • 7. Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?
                    Damian Petrecki Newbie

                    As You can see in my first post, I have very similar client configuration.

                    I don't have interceptors, timeout, and i use port 8080 and set "SASL_POLICY_NOANONYMOUS" to true.

                    When I added timeout and change no-anonymous policy (but still don't understand, why I should enable anonymous access), nothing changed.

                    There is no way to encrypt communication using public-key cryptography in my current application, because server doesn't have clients truststore yet and I don't know, how to configure it.

                    • 8. Re: Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?
                      Damian Petrecki Newbie

                      I've added:

                      <jsse 
                       keystore-url="${jboss.server.config.dir}/server.keystore"
                       keystore-password="password@123" 
                       server-alias="myserverkey" 
                       client-auth="true" 
                       truststore-url="${jboss.server.config.dir}/server.truststore" 
                       truststore-password="password@123"/>
                      

                      to security domain and remove

                      <server-identities>
                        <ssl>
                          <keystore path="server.keystore" relative-to="jboss.server.config.dir" keystore-password="password@123" alias="myserverkey"/>
                        </ssl>
                      </server-identities>
                      

                      from security realm but i have no changes in program behavior.

                      • 10. Re: Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?
                        Damian Petrecki Newbie

                        I have read example, You linked. Unfortunately, there is no solution for me.

                        First of all, there are some specific configuration entries in JBoss 7.2, that are not present in WildFly CR1 (and WildFly Final, I suppose). I mean some port configuration, jacorb configuration and "obsolete" security 1.2 subsystem in place of new 2.0 version.

                        Secondly, it seems You are using SSL to secure HTTPS connection from web client, but I'm trying to achieve that with standalone client which use standard native interface.

                        Thirdly, I can't find any reference to server.truststore in Your configuration. Are You sure that You're using public keys of both sides of communication to encrypt You transmission between standalone client and server?

                        • 11. Re: Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?
                          Darren Jones Newbie

                          From what I remember when I upgraded from JBoss 7.2 to WildFly, to get SSL working for a remote EJB client, the following was necessary in standalone.xml:

                           

                                  <subsystem xmlns="urn:jboss:domain:remoting:2.0">

                                      <http-connector name="https-remoting-connector" connector-ref="undertow-https" security-realm="<your-realm>"/>

                                  </subsystem>

                           

                          This tells remoting to use an http connector that is defined in the undertow subsystem. WildFly will use the http-upgrade feature to switch the communication on the http port over to the remoting binary protocol.

                           

                                  <subsystem xmlns="urn:jboss:domain:undertow:1.0">

                                       ...

                                      <server name="default-server">

                                          <http-listener name="undertow-http" socket-binding="http"/>

                                          <https-listener name="undertow-https" socket-binding="https" security-realm="<your-realm>"/>

                                          ...

                                      </server>

                                       ...

                                  </subsystem>


                          This defined the undertow-https connection. The realm I used was my own security-realm, but it looks similar to your initial ApplicationRealm, with a <server-identities> and an <ssl> element in it (I did not need the <jsse> style). I'm not sure about bi-directional SSL - at the moment we only needed the client to trust the server.


                          Finally, the EJB subsystem needs to point to that remoting connector - this is the line:


                                  <subsystem xmlns="urn:jboss:domain:ejb3:2.0">

                                       ...

                                      <remote connector-ref="https-remoting-connector" thread-pool-name="default"/>


                          The Java EJB client then connects using a number of properties. The client must specify that it uses the "https-remoting" protocol. Here is a snippet of the properties I use:


                                  final Properties jndiConfig = new Properties();

                                  jndiConfig.put(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.naming.remote.client.InitialContextFactory");

                                  jndiConfig.put(Context.PROVIDER_URL, "https-remoting://localhost:443");

                                  jndiConfig.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");

                           

                                  jndiConfig.put("org.jboss.ejb.client.scoped.context", "true");

                           

                                  jndiConfig.put("remote.connections", "my-connection");

                                  jndiConfig.put(REMOTE_CONNECTION_SETTING_PREFIX + "host", "localhost");

                                  jndiConfig.put(REMOTE_CONNECTION_SETTING_PREFIX + "port", "443");

                                  jndiConfig.put(REMOTE_CONNECTION_SETTING_PREFIX + "protocol", "https-remoting");

                                  jndiConfig.put("remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "true");

                                  jndiConfig.put("remote.connection.my-connection.callback.handler.class", ServerConnectCallbackHandler.class.getName());

                                  jndiConfig.put("remote.connection.my-connection.connect.options.org.xnio.Options.SSL_PROTOCOL", "TLSv1.2"); 

                                  jndiConfig.put("remote.connection.my-connection.connect.options.org.xnio.Options.SSL_JSSE_TRUST_MANAGER_CLASSES", MyClientTrustManager.class.getName());

                           

                                  jndiConfig.put("jboss.naming.client.remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "true");

                                  jndiConfig.put("jboss.naming.client.security.callback.handler.class", ServerConnectCallbackHandler.class.getName());

                                  jndiConfig.put("jboss.naming.client.connect.options.org.xnio.Options.SSL_PROTOCOL", "TLSv1.2"); 

                                  jndiConfig.put("jboss.naming.client.connect.options.org.xnio.Options.SSL_JSSE_TRUST_MANAGER_CLASSES", MyClientTrustManager.class.getName());

                           

                          I am using a trust manager class on the client - I guess you are using those javax.net.* properties instead, which should be OK. I am also using a CallbackHandler to provide the username and password - again your use of the username and password in the properties should be fine instead. The second set of "jboss.naming.*" settings may only be necessary if you want to do JNDI lookups of non-EJB objects. And for the port, make sure you use the https port configured in your socket-bindings, not 8080, which is the default http port.

                           

                          I remember it being particularly fiddly to get right, so I've probably forgotten something - I can only hope this gets you closer to what you want to do.

                          1 of 1 people found this helpful
                          • 12. Re: Re: Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?
                            Damian Petrecki Newbie

                            Thanks for Your answer. Now I have exception, during lookup:

                             

                            java.lang.RuntimeException: Operation failed with status WAITING
                                at org.jboss.ejb.client.remoting.IoFutureHelper.get(IoFutureHelper.java:94)
                                at org.jboss.ejb.client.remoting.ConnectionPool.getConnection(ConnectionPool.java:77)
                                at org.jboss.ejb.client.remoting.RemotingConnectionManager.getConnection(RemotingConnectionManager.java:51)
                                at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.setupEJBReceivers(ConfigBasedEJBClientContextSelector.java:155)
                                at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.getCurrent(ConfigBasedEJBClientContextSelector.java:115)
                                at org.jboss.ejb.client.naming.ejb.EjbNamingContext.createIdentifiableEjbClientContext(EjbNamingContext.java:258)
                                at org.jboss.ejb.client.naming.ejb.EjbNamingContext.setupScopedEjbClientContextIfNeeded(EjbNamingContext.java:123)
                                at org.jboss.ejb.client.naming.ejb.EjbNamingContext.<init>(EjbNamingContext.java:98)
                                at org.jboss.ejb.client.naming.ejb.ejbURLContextFactory.getObjectInstance(ejbURLContextFactory.java:38)
                                at javax.naming.spi.NamingManager.getURLObject(NamingManager.java:601)
                                at javax.naming.spi.NamingManager.getURLContext(NamingManager.java:550)
                                at javax.naming.InitialContext.getURLOrDefaultInitCtx(InitialContext.java:339)
                                at javax.naming.InitialContext.lookup(InitialContext.java:411)
                            

                             

                            I'm still fighting but also losing hope...

                            • 13. Re: Re: Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?
                              Darren Jones Newbie

                              I remember seeing that exception. If your client is running on Windows, it might be this issue I reported in XNIO (not due for a fix until xnio 3.2.1 and I don't know if that'll make it into WildFly 8.0.0 final):

                               

                              [XNIO-221] Hang in WindowsSelectorImpl.select() when establishing SSL Connection - JBoss Issue Tracker

                               

                              Something to try is running your client using xnio 3.2.0.Beta3 (not the Beta4 that ships with WildFly 8 CR1).

                               

                              Of course it might be something else - I don't have much advice to offer on debugging the XNIO code.

                              • 14. Re: Re: Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?
                                Damian Petrecki Newbie

                                I'm using Ubuntu client and Ubuntu Server, so I think I have to face something else.

                                I've got "RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty" now, so my "System.setPropety" isn't the best way to configure keystores.

                                1 2 3 Previous Next