1 2 3 Previous Next 33 Replies Latest reply on Nov 2, 2016 2:17 PM by xibo_flair

authentication to call EJB in WildFly 8 CR1?

damian.petrecki Feb 3, 2014 6:35 AM

Hello,

I'm trying to rewrite my old, JavaSE application using WildFly Server.

I used to using my own, created from scratch server and standalone client with TCP connection secured by SSL/RSA bi-directional verification and encryption and then check user credentials and principals in database.

Now, I want to do that using WildFly and I'm fighting really long time to achieve this.

So.. I started with creating the keys:

keytool -genkeypair -alias myserverkey -keyalg RSA -keysize 2048 -validity 73000 -keystore server.keystore -storepass password@123 -keypass password@123
keytool -export -alias myserverkey -keystore server.keystore -file server.crt
keytool -import -file server.crt -alias myserverkey -keystore client.truststore

Then, I've configured standalone.xml:

<!-- typical ManagementRealm configuration -->

<security-realm name="ApplicationRealm">
  <server-identities>
    <ssl>
       <keystore aliast="myserverkey" path="server.keystore" relative-to="jboss.server.config.dir" keystore-password="password@123"/>
    </ssl>
  </server-identities>
  <authentication>
    <jaas name="other"/
  </authentication>
</security-realm>

<!-- valid datasource configuration -->

<subsystem xmlns="urn:jboss:domain:security:1.2">
  <security-domain name="other" cache-type="default">
    <authentication>
      <login-module code="Database" flag="required">
        <module-option name="dsJndiName" value="java:jboss/datasources/myDB"/>
        <module-option name="principalsQuery" value="SELECT pass FROM user WHERE login=?"/>
        <module-option name="rolesQuery" value="SELECT r.role, 'Roles' FROM role r INNER JOIN user u ON u.id = r.id_user WHERE u.login=?"/>
        <module-option name="password-stacking" value="useFirstPass"/>
        <module-option name="hashAlgorithm" value="SHA-256"/>
        <module-option name="hashEncoding" value="base64"/>
      </login-module>
    </authentication>
  </security-domain>

<!-- standard jboss-web-policy and jboss-ejb-policy -->

<!-- open listening on proper interface -->

Of course, I have database with tables:

user (id int, login varchar(45), pass varchar(64))

role (id int, id_user int, role varchar(45))

I have standard HelloBean with HelloRemote interface and I was able to run everything without security (with standard standalone.xml)

My client code is:

Logger.getRootLogger().setLevel(Level.ALL);
Logger.getRootLogger().addAppender(new ConsoleAppender(new SimpleLayout()));

System.setProperty("javax.net.ssl.trustStore", "resources/client.truststore") ;
System.setProperty("javax.net.ssl.trustStorePassword", "password@123") ;

final Properties clientConfigProps = new Properties();



clientConfigProps.put("endpoint.name", "my-client");
clientConfigProps.put("remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "true");
clientConfigProps.put("remote.connections", "default");
clientConfigProps.put("remote.connection.default.host", "192.168.115.10");
clientConfigProps.put("remote.connection.default.port", "8080");
clientConfigProps.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS", "true");
clientConfigProps.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", "false");
clientConfigProps.put("remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS", "JBOSS-LOCAL-USER");
clientConfigProps.put("remote.connection.default.connect.options.org.xnio.Options.SSL_STARTTLS", "true");
clientConfigProps.put("remote.connection.default.username", "admin");
clientConfigProps.put("remote.connection.default.password", "password");

final EJBClientConfiguration ejbClientConfiguration = new PropertiesBasedEJBClientConfiguration(clientConfigProps);
final ContextSelector<EJBClientContext> ejbClientContextSelector = new ConfigBasedEJBClientContextSelector(ejbClientConfiguration);
EJBClientContext.setSelector(ejbClientContextSelector);

final Properties jndiProperties = new Properties();
jndiProperties.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");
Context ctx = new InitialContext(jndiProperties);

HelloRemote bean = (HelloRemote) ctx.lookup("ejb:AppName/module-0.0.1-SNAPSHOT/HelloBean/path.to.HelloRemote");
System.out.println(bean.seyHello()); //crash

I've added user, password (created with http://www.xorbin.com/tools/sha256-hash-calculator) and some roles to database.

And that doesn't work...

So, I want to:

1. Verify server on client using RSA

2. Encrypt connection using RSA

3. Authenticate user and authorize him using database.

4. It would be nice to verify client application (non user, but just client app) on server using another pair of RSA keys.

Now, I have an exception in last line of my client:


DEBUG - Logging Provider: org.jboss.logging.Log4jLoggerProvider
DEBUG - endpoint.create.options. has the following options {}
TRACE - Options {} have been merged with defaults {org.xnio.Options.THREAD_DAEMON=>true} to form {org.xnio.Options.THREAD_DAEMON=>true}
DEBUG - remote.connectionprovider.create.options. has the following options {org.xnio.Options.SSL_ENABLED=>true}
TRACE - Options {org.xnio.Options.SSL_ENABLED=>true} have been merged with defaults {} to form {org.xnio.Options.SSL_ENABLED=>true}
DEBUG - remote.connection.default.connect.options. has the following options {org.xnio.Options.SASL_POLICY_NOANONYMOUS=>true,org.xnio.Options.SASL_POLICY_NOPLAINTEXT=>false,org.xnio.Options.SSL_STARTTLS=>true,org.xnio.Options.SASL_DISALLOWED_MECHANISMS=>[JBOSS-LOCAL-USER]}
TRACE - Options {org.xnio.Options.SASL_POLICY_NOANONYMOUS=>true,org.xnio.Options.SASL_POLICY_NOPLAINTEXT=>false,org.xnio.Options.SSL_STARTTLS=>true,org.xnio.Options.SASL_DISALLOWED_MECHANISMS=>[JBOSS-LOCAL-USER]} have been merged with defaults {} to form {org.xnio.Options.SASL_POLICY_NOANONYMOUS=>true,org.xnio.Options.SASL_POLICY_NOPLAINTEXT=>false,org.xnio.Options.SSL_STARTTLS=>true,org.xnio.Options.SASL_DISALLOWED_MECHANISMS=>[JBOSS-LOCAL-USER]}
DEBUG - remote.connection.default.channel.options. has the following options {}
DEBUG - Connection org.jboss.ejb.client.PropertiesBasedEJBClientConfiguration$RemotingConnectionConfigurationImpl@10dd151f successfully created for connection named default
DEBUG - No clusters configured in properties
DEBUG - Looking for jboss-ejb-client.properties using classloader sun.misc.Launcher$AppClassLoader@77a6686
DEBUG - Found jboss-ejb-client.properties using classloader sun.misc.Launcher$AppClassLoader@77a6686
DEBUG - endpoint.create.options. has the following options {}
TRACE - Options {} have been merged with defaults {org.xnio.Options.THREAD_DAEMON=>true} to form {org.xnio.Options.THREAD_DAEMON=>true}
DEBUG - remote.connectionprovider.create.options. has the following options {}
TRACE - Options {} have been merged with defaults {} to form {}
DEBUG - No remoting connections configured in properties
DEBUG - No clusters configured in properties

I'm trying to use my bean here!





INFO - JBoss EJB Client version 2.0.0.Beta5
INFO - XNIO version 3.2.0.Beta4
INFO - XNIO NIO Implementation Version 3.2.0.Beta4
TRACE - Starting up with selector provider class sun.nio.ch.EPollSelectorProvider
TRACE - Closing resource sun.nio.ch.PollSelectorImpl@5e536b73
TRACE - Using Default system selector creator for provider class sun.nio.ch.EPollSelectorProvider for main selectors and Selector creator class sun.nio.ch.PollSelectorImpl for provider class sun.nio.ch.EPollSelectorProvider for temp selectors
TRACE - CAS org.xnio.nio.NioXnioWorker@7fdd37fe 00000001 -> 00000002
TRACE - Starting worker thread Thread[Remoting "my-client" I/O-1,5,main]
DEBUG - Started channel thread 'Remoting "my-client" I/O-1', selector sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9
INFO - JBoss Remoting version (unknown)
TRACE - Completed open of endpoint "my-client" <51a84ed6>
TRACE - Allocated tick to 1 of endpoint "my-client" <51a84ed6> (opened Connection provider for remote)
TRACE - Adding connection provider registration named 'remote': Remoting remote connection provider 32b4376e for endpoint "my-client" <51a84ed6>
TRACE - Allocated tick to 2 of endpoint "my-client" <51a84ed6> (opened Connection provider for http-remoting)
TRACE - Adding connection provider registration named 'http-remoting': Remoting remote connection provider 2a7704dd for endpoint "my-client" <51a84ed6>
TRACE - Allocated tick to 3 of endpoint "my-client" <51a84ed6> (opened Connection provider for https-remoting)
TRACE - Adding connection provider registration named 'https-remoting': Remoting remote connection provider 54031f94 for endpoint "my-client" <51a84ed6>
TRACE - Allocated tick to 4 of endpoint "my-client" <51a84ed6> (opened Connection to /192.168.115.10:8080)
TRACE - Attempting to connect to "/192.168.115.10:8080" with options {org.xnio.Options.SASL_POLICY_NOANONYMOUS=>true,org.xnio.Options.SASL_POLICY_NOPLAINTEXT=>false,org.xnio.Options.SSL_STARTTLS=>true,org.xnio.Options.SASL_DISALLOWED_MECHANISMS=>[JBOSS-LOCAL-USER]}
TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Running task org.xnio.nio.WorkerThread$SynchTask@5ec4c412
TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Selected key sun.nio.ch.SelectionKeyImpl@55336cdf for java.nio.channels.SocketChannel[connection-pending local=/0:0:0:0:0:0:0:0:36725 remote=/192.168.115.10:8080]
TRACE - Invoking listener org.xnio.http.HttpUpgrade$HttpUpgradeState$ConnectionOpenListener@662077b6 on channel org.xnio.nio.NioSocketStreamConnection@5d93821b
TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Selected key sun.nio.ch.SelectionKeyImpl@55336cdf for java.nio.channels.SocketChannel[connected local=/192.168.115.1:36725 remote=/192.168.115.10:8080]
TRACE - Invoking listener org.xnio.http.HttpUpgrade$HttpUpgradeState$UpgradeResultListener@256a4d0a on channel org.xnio.conduits.ConduitStreamSourceChannel@65e7deb6
TRACE - Invoking listener org.jboss.remoting3.remote.HttpUpgradeConnectionProvider$2@6f4d33 on channel org.xnio.nio.NioSocketStreamConnection@5d93821b
TRACE - Invoking listener org.jboss.remoting3.remote.RemoteConnectionProvider$3@665c5a83 on channel org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
TRACE - Created new framed message channel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5, receive buffer Pooled wrapper around java.nio.HeapByteBuffer[pos=0 lim=8196 cap=8196], transmit buffer Pooled wrapper around java.nio.HeapByteBuffer[pos=0 lim=8196 cap=8196]
TRACE - Setting read listener to org.jboss.remoting3.remote.ClientConnectionOpenListener$Greeting@4ccd37f3
TRACE - Running task org.xnio.nio.NioHandle$1@1da2f8ca
TRACE - Invoking listener Delegating channel listener -> Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5 on channel org.xnio.conduits.ConduitStreamSourceChannel@65e7deb6
TRACE - Invoking listener Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5 on channel org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
TRACE - Invoking listener org.jboss.remoting3.remote.ClientConnectionOpenListener$Greeting@4ccd37f3 on channel org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
TRACE - Copying message from java.nio.HeapByteBuffer[pos=4 lim=21 cap=8196] into java.nio.HeapByteBuffer[pos=0 lim=8192 cap=8192]
TRACE - Received java.nio.HeapByteBuffer[pos=17 lim=8192 cap=8192]
TRACE - Client received greeting
TRACE - Client received server name: 192.168.115.10
TRACE - Client sending capabilities request
TRACE - Setting read listener to org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities@5c186f07
TRACE - Accepting java.nio.HeapByteBuffer[pos=0 lim=44 cap=8192] into java.nio.HeapByteBuffer[pos=0 lim=8196 cap=8196]
TRACE - Accepted a message into java.nio.HeapByteBuffer[pos=48 lim=8196 cap=8196]
TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
TRACE - Sent message java.nio.HeapByteBuffer[pos=44 lim=44 cap=8192] (direct)
TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
TRACE - Flushed channel (direct)
TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9 (with timeout)
TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Selected key sun.nio.ch.SelectionKeyImpl@55336cdf for java.nio.channels.SocketChannel[connected local=/192.168.115.1:36725 remote=/192.168.115.10:8080]
TRACE - Invoking listener Delegating channel listener -> Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5 on channel org.xnio.conduits.ConduitStreamSourceChannel@65e7deb6
TRACE - Invoking listener Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5 on channel org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
TRACE - Invoking listener org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities@5c186f07 on channel org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
TRACE - Copying message from java.nio.HeapByteBuffer[pos=4 lim=51 cap=8196] into java.nio.HeapByteBuffer[pos=0 lim=8192 cap=8192]
TRACE - Client received capabilities response
TRACE - Client received capability: version 1
TRACE - Client received capability: remote endpoint name "appserver"
TRACE - Client received capability: SASL mechanism PLAIN
TRACE - SASL mechanism PLAIN added to allowed set
TRACE - Client received capability: message close protocol supported
TRACE - Client received capability: remote version is "(unknown)"
TRACE - Client received capability: remote channels in is "40"
TRACE - Client received capability: remote channels out is "40"
TRACE - Client initiating authentication using mechanism PLAIN
TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9 (with timeout)
TRACE - Accepting java.nio.HeapByteBuffer[pos=0 lim=22 cap=8192] into java.nio.HeapByteBuffer[pos=0 lim=8196 cap=8196]
TRACE - Accepted a message into java.nio.HeapByteBuffer[pos=26 lim=8196 cap=8196]
TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
TRACE - Sent message java.nio.HeapByteBuffer[pos=22 lim=22 cap=8192] (direct)
TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
TRACE - Flushed channel (direct)
TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9 (with timeout)
TRACE - Setting read listener to org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication@7abb96c5
TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Selected key sun.nio.ch.SelectionKeyImpl@55336cdf for java.nio.channels.SocketChannel[connected local=/192.168.115.1:36725 remote=/192.168.115.10:8080]
TRACE - Invoking listener Delegating channel listener -> Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5 on channel org.xnio.conduits.ConduitStreamSourceChannel@65e7deb6
TRACE - Invoking listener Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5 on channel org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
TRACE - Invoking listener org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication@7abb96c5 on channel org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
TRACE - Copying message from java.nio.HeapByteBuffer[pos=4 lim=5 cap=8196] into java.nio.HeapByteBuffer[pos=0 lim=8192 cap=8192]
DEBUG - Client received authentication rejected for mechanism PLAIN
TRACE - Client sending capabilities request
TRACE - Setting read listener to org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities@31a79e76
TRACE - Accepting java.nio.HeapByteBuffer[pos=0 lim=44 cap=8192] into java.nio.HeapByteBuffer[pos=0 lim=8196 cap=8196]
TRACE - Accepted a message into java.nio.HeapByteBuffer[pos=48 lim=8196 cap=8196]
TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
TRACE - Sent message java.nio.HeapByteBuffer[pos=44 lim=44 cap=8192] (direct)
TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
TRACE - Flushed channel (direct)
TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9 (with timeout)
TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Selected key sun.nio.ch.SelectionKeyImpl@55336cdf for java.nio.channels.SocketChannel[connected local=/192.168.115.1:36725 remote=/192.168.115.10:8080]
TRACE - Invoking listener Delegating channel listener -> Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5 on channel org.xnio.conduits.ConduitStreamSourceChannel@65e7deb6
TRACE - Invoking listener Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5 on channel org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
TRACE - Invoking listener org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities@31a79e76 on channel org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
TRACE - Copying message from java.nio.HeapByteBuffer[pos=4 lim=51 cap=8196] into java.nio.HeapByteBuffer[pos=0 lim=8192 cap=8192]
TRACE - Client received capabilities response
TRACE - Client received capability: version 1
TRACE - Client received capability: remote endpoint name "appserver"
TRACE - Client received capability: SASL mechanism PLAIN
TRACE - Client received capability: message close protocol supported
TRACE - Client received capability: remote version is "(unknown)"
TRACE - Client received capability: remote channels in is "40"
TRACE - Client received capability: remote channels out is "40"
TRACE - Connection error detail
javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
    at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:367)
    at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:229)
    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
    at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:196)
    at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:110)
    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
    at org.xnio.ChannelListeners$DelegatingChannelListener.handleEvent(ChannelListeners.java:1092)
    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
    at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
    at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:87)
    at org.xnio.nio.WorkerThread.run(WorkerThread.java:531)
ERROR - JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
TRACE - Closing resource org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
TRACE - Cancelling key sun.nio.ch.SelectionKeyImpl@55336cdf of java.nio.channels.SocketChannel[connected local=/192.168.115.1:36725 remote=/192.168.115.10:8080] (same thread)
TRACE - Invoking listener Delegating channel listener -> Close listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5 on channel org.xnio.nio.NioSocketStreamConnection@5d93821b
TRACE - Invoking listener Close listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5 on channel org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
TRACE - Closing resource org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
TRACE - Closing resource org.xnio.channels.AssembledConnectedStreamChannel@393a82f5
TRACE - Registered exception result
javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
    at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:367)
    at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:229)
    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
    at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:196)
    at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:110)
    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
    at org.xnio.ChannelListeners$DelegatingChannelListener.handleEvent(ChannelListeners.java:1092)
    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
    at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
    at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:87)
    at org.xnio.nio.WorkerThread.run(WorkerThread.java:531)
TRACE - Resource closed count 00000003 of endpoint "my-client" <51a84ed6> (closed a failed connection (2))
WARN - Could not register a EJB receiver for connection to 192.168.115.10:8080
java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
    at org.jboss.ejb.client.remoting.IoFutureHelper.get(IoFutureHelper.java:92)
    at org.jboss.ejb.client.remoting.ConnectionPool.getConnection(ConnectionPool.java:77)
    at org.jboss.ejb.client.remoting.RemotingConnectionManager.getConnection(RemotingConnectionManager.java:51)
    at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.setupEJBReceivers(ConfigBasedEJBClientContextSelector.java:155)
    at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.getCurrent(ConfigBasedEJBClientContextSelector.java:115)
    at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.getCurrent(ConfigBasedEJBClientContextSelector.java:47)
    at org.jboss.ejb.client.EJBClientContext.getCurrent(EJBClientContext.java:271)
    at org.jboss.ejb.client.EJBClientContext.requireCurrent(EJBClientContext.java:281)
    at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:176)
    at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:144)
    at com.sun.proxy.$Proxy0.getCpuName(Unknown Source)
    at path.to.app.my.client.connector.test.EJBClientTest.contextTest(EJBClientTest.java:48)
    at path.to.app.my.client.connector.test.EJBClientTest.main(EJBClientTest.java:31)
Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
    at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:367)
    at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:229)
    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
    at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:196)
    at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:110)
    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
    at org.xnio.ChannelListeners$DelegatingChannelListener.handleEvent(ChannelListeners.java:1092)
    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
    at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
    at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:87)
    at org.xnio.nio.WorkerThread.run(WorkerThread.java:531)
    at ...asynchronous invocation...(Unknown Source)
    at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:272)
    at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:388)
    at org.jboss.ejb.client.remoting.EndpointPool$PooledEndpoint.connect(EndpointPool.java:187)
    at org.jboss.ejb.client.remoting.NetworkUtil.connect(NetworkUtil.java:153)
    at org.jboss.ejb.client.remoting.NetworkUtil.connect(NetworkUtil.java:133)
    at org.jboss.ejb.client.remoting.ConnectionPool.getConnection(ConnectionPool.java:75)
    ... 11 more
DEBUG - Registered a reconnect handler in EJB client context org.jboss.ejb.client.EJBClientContext@5a2712df for remote://192.168.115.10:8080
DEBUG - Registered 0 remoting EJB receivers for EJB client context org.jboss.ejb.client.EJBClientContext@5a2712df
TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Allocated tick to 4 of endpoint "my-client" <51a84ed6> (opened Connection to /192.168.115.10:8080)
TRACE - Attempting to connect to "/192.168.115.10:8080" with options {org.xnio.Options.SASL_POLICY_NOANONYMOUS=>true,org.xnio.Options.SASL_POLICY_NOPLAINTEXT=>false,org.xnio.Options.SSL_STARTTLS=>true,org.xnio.Options.SASL_DISALLOWED_MECHANISMS=>[JBOSS-LOCAL-USER]}
TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Running task org.xnio.nio.WorkerThread$SynchTask@3f987899
TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Selected key sun.nio.ch.SelectionKeyImpl@8e89bed for java.nio.channels.SocketChannel[connection-pending local=/0:0:0:0:0:0:0:0:56501 remote=/192.168.115.10:8080]
TRACE - Invoking listener org.xnio.http.HttpUpgrade$HttpUpgradeState$ConnectionOpenListener@235343c2 on channel org.xnio.nio.NioSocketStreamConnection@2f8587ac
TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Selected key sun.nio.ch.SelectionKeyImpl@8e89bed for java.nio.channels.SocketChannel[connected local=/192.168.115.1:56501 remote=/192.168.115.10:8080]
TRACE - Invoking listener org.xnio.http.HttpUpgrade$HttpUpgradeState$UpgradeResultListener@678e4593 on channel org.xnio.conduits.ConduitStreamSourceChannel@2d79eb02
TRACE - Invoking listener org.jboss.remoting3.remote.HttpUpgradeConnectionProvider$2@8ac0b08 on channel org.xnio.nio.NioSocketStreamConnection@2f8587ac
TRACE - Invoking listener org.jboss.remoting3.remote.RemoteConnectionProvider$3@5e4a3789 on channel org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
TRACE - Created new framed message channel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb, receive buffer Pooled wrapper around java.nio.HeapByteBuffer[pos=0 lim=8196 cap=8196], transmit buffer Pooled wrapper around java.nio.HeapByteBuffer[pos=0 lim=8196 cap=8196]
TRACE - Setting read listener to org.jboss.remoting3.remote.ClientConnectionOpenListener$Greeting@24671637
TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Selected key sun.nio.ch.SelectionKeyImpl@8e89bed for java.nio.channels.SocketChannel[connected local=/192.168.115.1:56501 remote=/192.168.115.10:8080]
TRACE - Invoking listener Delegating channel listener -> Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb on channel org.xnio.conduits.ConduitStreamSourceChannel@2d79eb02
TRACE - Invoking listener Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb on channel org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
TRACE - Invoking listener org.jboss.remoting3.remote.ClientConnectionOpenListener$Greeting@24671637 on channel org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
TRACE - Copying message from java.nio.HeapByteBuffer[pos=4 lim=21 cap=8196] into java.nio.HeapByteBuffer[pos=0 lim=8192 cap=8192]
TRACE - Received java.nio.HeapByteBuffer[pos=17 lim=8192 cap=8192]
TRACE - Client received greeting
TRACE - Client received server name: 192.168.115.10
TRACE - Client sending capabilities request
TRACE - Setting read listener to org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities@6be3878c
TRACE - Accepting java.nio.HeapByteBuffer[pos=0 lim=44 cap=8192] into java.nio.HeapByteBuffer[pos=0 lim=8196 cap=8196]
TRACE - Accepted a message into java.nio.HeapByteBuffer[pos=48 lim=8196 cap=8196]
TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
TRACE - Sent message java.nio.HeapByteBuffer[pos=44 lim=44 cap=8192] (direct)
TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
TRACE - Flushed channel (direct)
TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9 (with timeout)
TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Selected key sun.nio.ch.SelectionKeyImpl@8e89bed for java.nio.channels.SocketChannel[connected local=/192.168.115.1:56501 remote=/192.168.115.10:8080]
TRACE - Invoking listener Delegating channel listener -> Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb on channel org.xnio.conduits.ConduitStreamSourceChannel@2d79eb02
TRACE - Invoking listener Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb on channel org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
TRACE - Invoking listener org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities@6be3878c on channel org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
TRACE - Copying message from java.nio.HeapByteBuffer[pos=4 lim=51 cap=8196] into java.nio.HeapByteBuffer[pos=0 lim=8192 cap=8192]
TRACE - Client received capabilities response
TRACE - Client received capability: version 1
TRACE - Client received capability: remote endpoint name "appserver"
TRACE - Client received capability: SASL mechanism PLAIN
TRACE - SASL mechanism PLAIN added to allowed set
TRACE - Client received capability: message close protocol supported
TRACE - Client received capability: remote version is "(unknown)"
TRACE - Client received capability: remote channels in is "40"
TRACE - Client received capability: remote channels out is "40"
TRACE - Client initiating authentication using mechanism PLAIN
TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9 (with timeout)
TRACE - Accepting java.nio.HeapByteBuffer[pos=0 lim=22 cap=8192] into java.nio.HeapByteBuffer[pos=0 lim=8196 cap=8196]
TRACE - Accepted a message into java.nio.HeapByteBuffer[pos=26 lim=8196 cap=8196]
TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
TRACE - Sent message java.nio.HeapByteBuffer[pos=22 lim=22 cap=8192] (direct)
TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
TRACE - Flushed channel (direct)
TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9 (with timeout)
TRACE - Setting read listener to org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication@b04cb4
TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Selected key sun.nio.ch.SelectionKeyImpl@8e89bed for java.nio.channels.SocketChannel[connected local=/192.168.115.1:56501 remote=/192.168.115.10:8080]
TRACE - Invoking listener Delegating channel listener -> Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb on channel org.xnio.conduits.ConduitStreamSourceChannel@2d79eb02
TRACE - Invoking listener Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb on channel org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
TRACE - Invoking listener org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication@b04cb4 on channel org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
TRACE - Copying message from java.nio.HeapByteBuffer[pos=4 lim=5 cap=8196] into java.nio.HeapByteBuffer[pos=0 lim=8192 cap=8192]
DEBUG - Client received authentication rejected for mechanism PLAIN
TRACE - Client sending capabilities request
TRACE - Setting read listener to org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities@367bbdc6
TRACE - Accepting java.nio.HeapByteBuffer[pos=0 lim=44 cap=8192] into java.nio.HeapByteBuffer[pos=0 lim=8196 cap=8196]
TRACE - Accepted a message into java.nio.HeapByteBuffer[pos=48 lim=8196 cap=8196]
TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
TRACE - Sent message java.nio.HeapByteBuffer[pos=44 lim=44 cap=8192] (direct)
TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
TRACE - Flushed channel (direct)
TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9 (with timeout)
TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Selected key sun.nio.ch.SelectionKeyImpl@8e89bed for java.nio.channels.SocketChannel[connected local=/192.168.115.1:56501 remote=/192.168.115.10:8080]
TRACE - Invoking listener Delegating channel listener -> Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb on channel org.xnio.conduits.ConduitStreamSourceChannel@2d79eb02
TRACE - Invoking listener Read listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb on channel org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
TRACE - Invoking listener org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities@367bbdc6 on channel org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
TRACE - Copying message from java.nio.HeapByteBuffer[pos=4 lim=51 cap=8196] into java.nio.HeapByteBuffer[pos=0 lim=8192 cap=8192]
TRACE - Client received capabilities response
TRACE - Client received capability: version 1
TRACE - Client received capability: remote endpoint name "appserver"
TRACE - Client received capability: SASL mechanism PLAIN
TRACE - Client received capability: message close protocol supported
TRACE - Client received capability: remote version is "(unknown)"
TRACE - Client received capability: remote channels in is "40"
TRACE - Client received capability: remote channels out is "40"
TRACE - Connection error detail
javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
    at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:367)
    at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:229)
    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
    at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:196)
    at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:110)
    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
    at org.xnio.ChannelListeners$DelegatingChannelListener.handleEvent(ChannelListeners.java:1092)
    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
    at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
    at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:87)
    at org.xnio.nio.WorkerThread.run(WorkerThread.java:531)
ERROR - JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
TRACE - Closing resource org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
TRACE - Fully flushed org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
TRACE - Cancelling key sun.nio.ch.SelectionKeyImpl@8e89bed of java.nio.channels.SocketChannel[connected local=/192.168.115.1:56501 remote=/192.168.115.10:8080] (same thread)
TRACE - Invoking listener Delegating channel listener -> Close listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb on channel org.xnio.nio.NioSocketStreamConnection@2f8587ac
TRACE - Invoking listener Close listener for org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb on channel org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
TRACE - Closing resource org.xnio.channels.FramedMessageChannel around org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
TRACE - Closing resource org.xnio.channels.AssembledConnectedStreamChannel@5a8433bb
TRACE - Registered exception result
javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
    at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:367)
    at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:229)
    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
    at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:196)
    at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:110)
    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
    at org.xnio.ChannelListeners$DelegatingChannelListener.handleEvent(ChannelListeners.java:1092)
    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
    at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
    at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:87)
    at org.xnio.nio.WorkerThread.run(WorkerThread.java:531)
TRACE - Resource closed count 00000003 of endpoint "my-client" <51a84ed6> (closed a failed connection (2))
DEBUG - Re-connect attempt# 1 failed for 192.168.115.10:8080
java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
    at org.jboss.ejb.client.remoting.IoFutureHelper.get(IoFutureHelper.java:92)
    at org.jboss.ejb.client.remoting.ConnectionPool.getConnection(ConnectionPool.java:77)
    at org.jboss.ejb.client.remoting.RemotingConnectionManager.getConnection(RemotingConnectionManager.java:51)
    at org.jboss.ejb.client.remoting.MaxAttemptsReconnectHandler.tryConnect(MaxAttemptsReconnectHandler.java:65)
    at org.jboss.ejb.client.remoting.EJBClientContextConnectionReconnectHandler.reconnect(EJBClientContextConnectionReconnectHandler.java:56)
    at org.jboss.ejb.client.EJBClientContext$ReconnectAttempt.run(EJBClientContext.java:1304)
    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
    at java.util.concurrent.FutureTask.run(FutureTask.java:262)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:744)
Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
    at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:367)
    at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:229)
    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
    at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:196)
    at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:110)
    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
    at org.xnio.ChannelListeners$DelegatingChannelListener.handleEvent(ChannelListeners.java:1092)
    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
    at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
    at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:87)
    at org.xnio.nio.WorkerThread.run(WorkerThread.java:531)
    at ...asynchronous invocation...(Unknown Source)
    at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:272)
    at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:388)
    at org.jboss.ejb.client.remoting.EndpointPool$PooledEndpoint.connect(EndpointPool.java:187)
    at org.jboss.ejb.client.remoting.NetworkUtil.connect(NetworkUtil.java:153)
    at org.jboss.ejb.client.remoting.NetworkUtil.connect(NetworkUtil.java:133)
    at org.jboss.ejb.client.remoting.ConnectionPool.getConnection(ConnectionPool.java:75)
    ... 9 more
Exception in thread "main" TRACE - Beginning select on sun.nio.ch.EPollSelectorImpl@c7b7af9
java.lang.IllegalStateException: EJBCLIENT000025: No EJB receiver available for handling [appName:my, moduleName:maintenance-0.0.1-SNAPSHOT, distinctName:] combination for invocation context org.jboss.ejb.client.EJBClientInvocationContext@5f2d8ca1
    at org.jboss.ejb.client.EJBClientContext.requireEJBReceiver(EJBClientContext.java:749)
    at org.jboss.ejb.client.ReceiverInterceptor.handleInvocation(ReceiverInterceptor.java:116)
    at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:183)
    at org.jboss.ejb.client.EJBInvocationHandler.sendRequestWithPossibleRetries(EJBInvocationHandler.java:253)
    at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:198)
    at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:181)
    at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:144)
    at com.sun.proxy.$Proxy0.getCpuName(Unknown Source)
    at path.to.app.my.client.connector.test.EJBClientTest.contextTest(EJBClientTest.java:48)
    at path.to.app.my.client.connector.test.EJBClientTest.main(EJBClientTest.java:31)
TRACE - Closing endpoint "my-client" <51a84ed6> synchronously
TRACE - Closing Remoting remote connection provider 54031f94 for endpoint "my-client" <51a84ed6> asynchronously
TRACE - Completed close of Remoting remote connection provider 54031f94 for endpoint "my-client" <51a84ed6>
TRACE - Closing Registration of 'https-remoting': Remoting remote connection provider 54031f94 for endpoint "my-client" <51a84ed6> asynchronously
TRACE - Closing Remoting remote connection provider 54031f94 for endpoint "my-client" <51a84ed6> asynchronously
TRACE - Completed close of Registration of 'https-remoting': Remoting remote connection provider 54031f94 for endpoint "my-client" <51a84ed6>
TRACE - Phase 1 shutdown count 00000002 of endpoint "my-client" <51a84ed6> (closed Remoting remote connection provider 54031f94 for endpoint "my-client" <51a84ed6>)
TRACE - Closing Remoting remote connection provider 32b4376e for endpoint "my-client" <51a84ed6> asynchronously
TRACE - Completed close of Remoting remote connection provider 32b4376e for endpoint "my-client" <51a84ed6>
TRACE - Closing Registration of 'remote': Remoting remote connection provider 32b4376e for endpoint "my-client" <51a84ed6> asynchronously
TRACE - Closing Remoting remote connection provider 32b4376e for endpoint "my-client" <51a84ed6> asynchronously
TRACE - Completed close of Registration of 'remote': Remoting remote connection provider 32b4376e for endpoint "my-client" <51a84ed6>
TRACE - Phase 1 shutdown count 00000001 of endpoint "my-client" <51a84ed6> (closed Remoting remote connection provider 32b4376e for endpoint "my-client" <51a84ed6>)
TRACE - Closing Remoting remote connection provider 2a7704dd for endpoint "my-client" <51a84ed6> asynchronously
TRACE - Completed close of Remoting remote connection provider 2a7704dd for endpoint "my-client" <51a84ed6>
TRACE - Closing Registration of 'http-remoting': Remoting remote connection provider 2a7704dd for endpoint "my-client" <51a84ed6> asynchronously
TRACE - Closing Remoting remote connection provider 2a7704dd for endpoint "my-client" <51a84ed6> asynchronously
TRACE - Completed close of Registration of 'http-remoting': Remoting remote connection provider 2a7704dd for endpoint "my-client" <51a84ed6>
TRACE - Finished phase 1 shutdown of endpoint "my-client" <51a84ed6>
TRACE - Initiating shutdown of org.xnio.nio.NioXnioWorker@7fdd37fe
TRACE - Selected on sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - Shutting down channel thread "Thread[Remoting "my-client" I/O-1,5,main]"
TRACE - Closing resource sun.nio.ch.EPollSelectorImpl@c7b7af9
TRACE - CAS org.xnio.nio.NioXnioWorker@7fdd37fe 80000002 -> 80000001
TRACE - Closing resource false
TRACE - CAS org.xnio.nio.NioXnioWorker@7fdd37fe 80000001 -> 80000000
TRACE - CAS org.xnio.nio.NioXnioWorker@7fdd37fe 80000000 -> c0000000 (close complete)
TRACE - Completed close of endpoint "my-client" <51a84ed6>
TRACE - Closing Remoting local connection provider 2f62236f for endpoint "my-client" <51a84ed6> asynchronously
TRACE - Completed close of Remoting local connection provider 2f62236f for endpoint "my-client" <51a84ed6>

I have no idea, what is wrong, so any help will be gratefull.

1. Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?

ybxiang.china Jan 26, 2014 7:48 PM (in response to damian.petrecki)

JBoss AS 7.2.0 - Example - EJB over SSL
Actions
2. Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?

ybxiang.china Jan 26, 2014 7:54 PM (in response to damian.petrecki)

1. Do NOT use "other" as your security domain! It is a special domain!
2. You should specify the security domain in your ejb application through jboss-ejb3.xml too.
3. please do NOT forget to set keystores in your client's class path.

Above link is a detailed example.
Good luck!
1 of 1 people found this helpful
Actions
3. Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?

ybxiang.china Jan 26, 2014 7:58 PM (in response to damian.petrecki)

Moreover, please use jboss as 7.2.0, it is a stable release.
Wildfly-8 is under development.

Please always use stable release if you are newbie to any technology.
Actions
4. Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?

damian.petrecki Jan 27, 2014 7:24 AM (in response to ybxiang.china)

Thanks for Your answer.
I want to use WildFly, because I don't want to learn "old standards". I know that JBoss 7 will be "current standard" still a long time, but the new, stable WildFly 8.0 Final should appears this week, so I wanted to start on something up to date.
I wanted to use "other" Security Domain, because it is default SD and doesn't need to be configured in beans or in jboss-ejb3.xml.
Of course I remembered to set keystore and truststore
All in all, when I had used org.jboss.security.auth.spi.Util to generate password stored in DB (instead web SHA-256 generator and web base64 encryptor), and - as You said - changed Security Domain to my own, the application ran correctly.

Unfortunately, after some tests I realized that connection is still not encrypted.
Actions
5. Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?

ybxiang.china Jan 27, 2014 7:38 PM (in response to damian.petrecki)

I know that JBoss 7 will be "current standard" still a long time, but the new, stable WildFly 8.0 Final should appears this week, so I wanted to start on something up to date.
~~~~~OK. Actually, the configuration for jboss as 7 and wildfly 8 is almost same!!!
(Sometimes, you will meet strange bugs in CR version, if you do not track the JIRA, you will be lost. That is why I suggest you use stable version. )

All in all, when I had used org.jboss.security.auth.spi.Util to generate password stored in DB (instead web SHA-256 generator and web base64 encryptor),
~~~~~Yes, you are right. We should NOT use "SHA-256 generator and web base64 encryptor" to generate hashed password!

and - as You said - changed Security Domain to my own, the application ran correctly.
~~~~~I do NOT know too much about "default" Security Domain, but I think you had better use it ONLY in test environment.

Unfortunately, after some tests I realized that connection is still not encrypted.
~~~~~Now, you problem is ONLY about SSL. Have you configured the SSL option for your EJB client? Like this (I tested bellow code in wildfly-8.CR!):
Actions

6. Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?

ybxiang.china Jan 27, 2014 7:37 PM (in response to damian.petrecki)




    
try{   

 


        
Properties p = new Properties();


        
p.put("remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "true");


   

 p.put("remote.connections", "default");


   

 p.put("remote.connection.default.host", serverIP);


   

 p.put("remote.connection.default.port", "80");


        
p.put("remote.connection.default.username", username);


        
p.put("remote.connection.default.password", password);


        
p.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS", "false");


        
p.put("remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS", "JBOSS-LOCAL-USER");


        
p.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", "false");


        
p.put("remote.connection.default.connect.options.org.xnio.Options.SSL_STARTTLS", "true");


        
p.put("remote.connection.default.connect.timeout", "30000");//for xnio 



 


       
 


        
EJBClientConfiguration cc = new PropertiesBasedEJBClientConfiguration(p);


        
ContextSelector<EJBClientContext> selector = new ConfigBasedEJBClientContextSelector(cc);


        
EJBClientContext.setSelector(selector);


       
 


        
EJBClientContext.getCurrent().registerInterceptor(0,new ClientSessionTokenInterceptor());


        
EJBClientContext.getCurrent().registerInterceptor(1,new ClientExceptionInterceptor());


       
 


        
Properties props = new Properties();


        
props.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");


        
context = new InitialContext(props);


        
securedRemoteSessionProxy = (ISecuredRemoteSession)context.lookup(jndiName);


   
 }catch(Exception e){


   

 log.error("连接服务器失败：",e);


   

 throw ConnectionToServerFailedException.INSTANCE;


   
 }

7. Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?

damian.petrecki Jan 28, 2014 1:48 AM (in response to ybxiang.china)

As You can see in my first post, I have very similar client configuration.
I don't have interceptors, timeout, and i use port 8080 and set "SASL_POLICY_NOANONYMOUS" to true.
When I added timeout and change no-anonymous policy (but still don't understand, why I should enable anonymous access), nothing changed.
There is no way to encrypt communication using public-key cryptography in my current application, because server doesn't have clients truststore yet and I don't know, how to configure it.
Actions

8. Re: Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?

damian.petrecki Jan 28, 2014 3:48 AM (in response to damian.petrecki)

I've added:

<jsse 
 keystore-url="${jboss.server.config.dir}/server.keystore"
 keystore-password="password@123" 
 server-alias="myserverkey" 
 client-auth="true" 
 truststore-url="${jboss.server.config.dir}/server.truststore" 
 truststore-password="password@123"/>

to security domain and remove

<server-identities>
  <ssl>
    <keystore path="server.keystore" relative-to="jboss.server.config.dir" keystore-password="password@123" alias="myserverkey"/>
  </ssl>
</server-identities>

from security realm but i have no changes in program behavior.

9. Re: Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?

ybxiang.china Jan 28, 2014 6:08 AM (in response to damian.petrecki)

Please download http://javaarm.com/file/jboss/ApplicationServer/JBossAS7.2.0_EJB3-over-SSL/JBossAS7.2.0_EJB3-over-SSL__configuration.zip, and study the standalone.xml in the zip file. Those configurations can be used in wildfly8 too.

Please refer to JBoss AS 7.2.0 - Example - EJB over SSL
Actions
10. Re: Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?

damian.petrecki Jan 28, 2014 7:05 AM (in response to ybxiang.china)

I have read example, You linked. Unfortunately, there is no solution for me.
First of all, there are some specific configuration entries in JBoss 7.2, that are not present in WildFly CR1 (and WildFly Final, I suppose). I mean some port configuration, jacorb configuration and "obsolete" security 1.2 subsystem in place of new 2.0 version.
Secondly, it seems You are using SSL to secure HTTPS connection from web client, but I'm trying to achieve that with standalone client which use standard native interface.
Thirdly, I can't find any reference to server.truststore in Your configuration. Are You sure that You're using public keys of both sides of communication to encrypt You transmission between standalone client and server?
Actions
11. Re: Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?

darrenjones Jan 28, 2014 7:45 AM (in response to damian.petrecki)

From what I remember when I upgraded from JBoss 7.2 to WildFly, to get SSL working for a remote EJB client, the following was necessary in standalone.xml:

        <subsystem xmlns="urn:jboss:domain:remoting:2.0">
            <http-connector name="https-remoting-connector" connector-ref="undertow-https" security-realm="<your-realm>"/>
        </subsystem>

This tells remoting to use an http connector that is defined in the undertow subsystem. WildFly will use the http-upgrade feature to switch the communication on the http port over to the remoting binary protocol.

        <subsystem xmlns="urn:jboss:domain:undertow:1.0">
             ...
            <server name="default-server">
                <http-listener name="undertow-http" socket-binding="http"/>
                <https-listener name="undertow-https" socket-binding="https" security-realm="<your-realm>"/>
                ...
            </server>
             ...
        </subsystem>

This defined the undertow-https connection. The realm I used was my own security-realm, but it looks similar to your initial ApplicationRealm, with a <server-identities> and an <ssl> element in it (I did not need the <jsse> style). I'm not sure about bi-directional SSL - at the moment we only needed the client to trust the server.

Finally, the EJB subsystem needs to point to that remoting connector - this is the line:

        <subsystem xmlns="urn:jboss:domain:ejb3:2.0">
             ...
            <remote connector-ref="https-remoting-connector" thread-pool-name="default"/>

The Java EJB client then connects using a number of properties. The client must specify that it uses the "https-remoting" protocol. Here is a snippet of the properties I use:

        final Properties jndiConfig = new Properties();
        jndiConfig.put(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.naming.remote.client.InitialContextFactory");
        jndiConfig.put(Context.PROVIDER_URL, "https-remoting://localhost:443");
        jndiConfig.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");

        jndiConfig.put("org.jboss.ejb.client.scoped.context", "true");

        jndiConfig.put("remote.connections", "my-connection");
        jndiConfig.put(REMOTE_CONNECTION_SETTING_PREFIX + "host", "localhost");
        jndiConfig.put(REMOTE_CONNECTION_SETTING_PREFIX + "port", "443");
        jndiConfig.put(REMOTE_CONNECTION_SETTING_PREFIX + "protocol", "https-remoting");
        jndiConfig.put("remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "true");
        jndiConfig.put("remote.connection.my-connection.callback.handler.class", ServerConnectCallbackHandler.class.getName());
        jndiConfig.put("remote.connection.my-connection.connect.options.org.xnio.Options.SSL_PROTOCOL", "TLSv1.2");
        jndiConfig.put("remote.connection.my-connection.connect.options.org.xnio.Options.SSL_JSSE_TRUST_MANAGER_CLASSES", MyClientTrustManager.class.getName());

        jndiConfig.put("jboss.naming.client.remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "true");
        jndiConfig.put("jboss.naming.client.security.callback.handler.class", ServerConnectCallbackHandler.class.getName());
        jndiConfig.put("jboss.naming.client.connect.options.org.xnio.Options.SSL_PROTOCOL", "TLSv1.2");
        jndiConfig.put("jboss.naming.client.connect.options.org.xnio.Options.SSL_JSSE_TRUST_MANAGER_CLASSES", MyClientTrustManager.class.getName());

I am using a trust manager class on the client - I guess you are using those javax.net.* properties instead, which should be OK. I am also using a CallbackHandler to provide the username and password - again your use of the username and password in the properties should be fine instead. The second set of "jboss.naming.*" settings may only be necessary if you want to do JNDI lookups of non-EJB objects. And for the port, make sure you use the https port configured in your socket-bindings, not 8080, which is the default http port.

I remember it being particularly fiddly to get right, so I've probably forgotten something - I can only hope this gets you closer to what you want to do.
1 of 1 people found this helpful
Actions

12. Re: Re: Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?

damian.petrecki Jan 29, 2014 2:48 AM (in response to darrenjones)

Thanks for Your answer. Now I have exception, during lookup:

java.lang.RuntimeException: Operation failed with status WAITING
    at org.jboss.ejb.client.remoting.IoFutureHelper.get(IoFutureHelper.java:94)
    at org.jboss.ejb.client.remoting.ConnectionPool.getConnection(ConnectionPool.java:77)
    at org.jboss.ejb.client.remoting.RemotingConnectionManager.getConnection(RemotingConnectionManager.java:51)
    at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.setupEJBReceivers(ConfigBasedEJBClientContextSelector.java:155)
    at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.getCurrent(ConfigBasedEJBClientContextSelector.java:115)
    at org.jboss.ejb.client.naming.ejb.EjbNamingContext.createIdentifiableEjbClientContext(EjbNamingContext.java:258)
    at org.jboss.ejb.client.naming.ejb.EjbNamingContext.setupScopedEjbClientContextIfNeeded(EjbNamingContext.java:123)
    at org.jboss.ejb.client.naming.ejb.EjbNamingContext.<init>(EjbNamingContext.java:98)
    at org.jboss.ejb.client.naming.ejb.ejbURLContextFactory.getObjectInstance(ejbURLContextFactory.java:38)
    at javax.naming.spi.NamingManager.getURLObject(NamingManager.java:601)
    at javax.naming.spi.NamingManager.getURLContext(NamingManager.java:550)
    at javax.naming.InitialContext.getURLOrDefaultInitCtx(InitialContext.java:339)
    at javax.naming.InitialContext.lookup(InitialContext.java:411)

I'm still fighting but also losing hope...

13. Re: Re: Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?

darrenjones Jan 29, 2014 3:52 AM (in response to damian.petrecki)

I remember seeing that exception. If your client is running on Windows, it might be this issue I reported in XNIO (not due for a fix until xnio 3.2.1 and I don't know if that'll make it into WildFly 8.0.0 final):

[XNIO-221] Hang in WindowsSelectorImpl.select() when establishing SSL Connection - JBoss Issue Tracker

Something to try is running your client using xnio 3.2.0.Beta3 (not the Beta4 that ships with WildFly 8 CR1).

Of course it might be something else - I don't have much advice to offer on debugging the XNIO code.
Actions
14. Re: Re: Re: How to use SSL/TLS encryption and database authorization/authentication to call EJB in WildFly 8 CR1?

damian.petrecki Jan 29, 2014 4:41 AM (in response to darrenjones)

I'm using Ubuntu client and Ubuntu Server, so I think I have to face something else.
I've got "RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty" now, so my "System.setPropety" isn't the best way to configure keystores.
Actions

1 2 3 Previous Next

Go to original post