3 Replies Latest reply on Aug 25, 2014 7:37 AM by Nicky Mølholm

    Problems using: The "helloworld-jms" quickstart using a custom security realm

    Nicky Mølholm Newbie

      Hi all,

       

      I use Wildfly AS v 8.1.0.Final. On JDK 7. On Mac OS.

       

      I have successfully downloaded and tested: https://github.com/wildfly/quickstart/tree/master/helloworld-jms

       

      I have failed in attempting to make this example run against a custom "security realm" that using <jaas name=".." /> points to a custom "security domain". This custom security domain uses a builtin properties login module in Wildfly to point to a few users and roles definition files.

       

      The application when run with "mvn clean compile exec:java" gives the following error:

       

      aug 22, 2014 2:58:22 PM org.xnio.Xnio <clinit>
      INFO: XNIO version 3.2.2.Final
      aug 22, 2014 2:58:22 PM org.xnio.nio.NioXnio <clinit>
      INFO: XNIO NIO Implementation Version 3.2.2.Final
      aug 22, 2014 2:58:22 PM org.jboss.remoting3.EndpointImpl <clinit>
      INFO: JBoss Remoting version 4.0.3.Final
      aug 22, 2014 2:58:22 PM org.jboss.as.quickstarts.jms.HelloWorldJMSClient main
      INFO: Attempting to acquire connection factory "jms/RemoteConnectionFactory"
      aug 22, 2014 2:58:23 PM org.jboss.remoting3.remote.RemoteConnection handleException
      ERROR: JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed:
      aug 22, 2014 2:58:23 PM org.jboss.as.quickstarts.jms.HelloWorldJMSClient main
      SEVERE: Failed to connect to any server. Servers tried: [http-remoting://127.0.0.1:8080 (Authentication failed: all available authentication mechanisms failed:)]
      

       

      The source code hasn't been changed at all. Only the standalone-full.xml file has been altered to include the new stuff. Like this:

      ...

      <management>

              <security-realms>

                   <security-realm name="MyRealm">

                       <authentication>

                           <jaas name="MyDomain" />

                       </authentication>

                   </security-realm>

             </security-realms>

      </management>

      ...

      <subsystem xmlns="urn:jboss:domain:remoting:2.0">

                <endpoint worker="default" />

                <http-connector name="http-remoting-connector" connector-ref="default" security-realm="MyRealm" />

      </subsystem>

      ...

      <subsystem xmlns="urn:jboss:domain:messaging:2.0">

                  ....

                  <security-domain>MyDomain</security-domain>

                   ...

      </subsystem>

      ...

      <subsystem xmlns="urn:jboss.domain:security:2.0">

                <security-domains>

                ...

                     <security-domain name="MyDomain " cache-type="default">

                          <authentication>

                               <login-module code="Remoting" flag="optional"><module-option name="password-stacking" value="useFirstPass"/></login-module>

                               <login-module code="RealmDirect" flag="optional"><module-option name="password-stacking" value="useFirstPass"/></login-module>

                                <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required"> 

                                    <module-option name="usersProperties" value="${jboss.server.config.dir}/application-users-MyDomain.properties"/>

                                    <module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles-MyDomain.properties"/>

                                    <module-option name="defaultUsersProperties" value="${jboss.server.config.dir}/application-users-MyDomain.properties"/>

                                    <module-option name="defaultRolesProperties" value="${jboss.server.config.dir}/application-roles-MyDomain.properties"/>

                                    <module-option name="password-stacking" value="true"/>

                                </login-module>

                          </authentication>

                     </security-domain>

                ...

                </security-domains>

      </subsystem>

       

      Do any of you guys have an idea about what I have forgotten ?