5 Replies Latest reply on Sep 9, 2014 5:39 PM by H B

    Switch identity using Teiid local connection and PassthroughAuthentication is not working in Teiid 8.7

    H B Newbie

      We connect to Teiid using local connection and PassthroughAuthentication=true. In Teiid 8.7, switching Identity is not working, generating following errors after a second user tried to connect to Teiid:

       

      09:11:04,655 INFO  [org.teiid.SECURITY] (http-/0.0.0.0:8080-2) TEIID40115 Local pass-through connection implicitly closing session 1I4iq/wGO27I so that the connection can be used in a different security context.

      09:11:04,655 INFO  [org.teiid.SECURITY] (http-/0.0.0.0:8080-2) TEIID40115 Local pass-through connection implicitly closing session 1I4iq/wGO27I so that the connection can be used in a different security context.

      09:11:04,658 SEVERE [org.teiid.SECURITY] (http-/0.0.0.0:8080-2) TEIID40087 Passthrough authentication failed. No authentication information found.


      To reproduce same issue:

      (1) Connect to Teiid using local connection and set  PassthroughAuthentication=true;

      (2) Added following security domain:

           <security-domain name="test-security-domain" cache-type="default">

                          <authentication>

                              <login-module code="UsersRoles" flag="required">

                                  <module-option name="usersProperties" value="${jboss.server.config.dir}/test-security-users.properties"/>

                                  <module-option name="rolesProperties" value="${jboss.server.config.dir}/test-security-roles.properties"/>

                                  <module-option name="password-stacking" value="useFirstPass"/>

                              </login-module>

                          </authentication>

           </security-domain>

      (3) Set following in standalone-xx.xml

           <transport name="embedded">

                      <authentication security-domain="test-security-domain"/>

                  </transport>

                  <transport name="jdbc" socket-binding="teiid-jdbc" protocol="teiid">

                      <authentication security-domain="test-security-domain"/>

                  </transport>

                  <transport name="odbc" socket-binding="teiid-odbc" protocol="pg">

                      <authentication security-domain="test-security-domain"/>

            </transport>

      (4) Connect to Teiid using first user, successful

      (5) Connect to Teiid using a different user, a passthrough authentication failed error is generated from teiid.

       

      I tried same test case against Teiid 8.4, different users were able to connect teiid without any issue.

       

      Any help is much appreciated.

       

      Thanks,

      Haifen