3 Replies Latest reply on Feb 13, 2015 3:59 AM by valsaraj007

    WildFly 8.2 JNDI remote - ERROR: JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed:

    java.todd
    java.todd Dec 18, 2014 4:06 PM

      I have a client application that is attempting to connect to a WildFly 8.2 server using remote JNDI to EJB's with the following client context properties:

       

        Properties props = new Properties();

        props.put(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.naming.remote.client.InitialContextFactory");

        props.put(Context.PROVIDER_URL, "http-remoting://localhost:8080");

        props.put(Context.SECURITY_PRINCIPAL, userName);

        props.put(Context.SECURITY_CREDENTIALS, password);

        props.put("jboss.naming.client.ejb.context", true);

        context = new InitialContext(props);

       

      When attempting to connect, I get the following in the client's console:

       

      ERROR: JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed:

       

      The WildFly server is currently configured to use the standard ApplicationRealm. Any suggestions?

        • 1. Re: WildFly 8.2 JNDI remote - ERROR: JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed:
          jaysensharma
          jaysensharma Dec 18, 2014 9:51 PM (in response to java.todd)

          Code looks correct.  Have you created  user in the ApplicationRealm using  add-user.sh (add-user.bat) script?

            • Actions
          • 2. Re: Re: WildFly 8.2 JNDI remote - ERROR: JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed:
            java.todd
            java.todd Dec 19, 2014 9:25 AM (in response to jaysensharma)

            Thank you for the response. I did set up the user using the 'add-user' script. I've tried setting up the ApplicationRealm two ways: First, the default way using the standard application user/role files. When I do that, I get the response you see above.

             

            The other way I've tried it is ultimately how I want to have it set up: using a database security domain. When I try that approach, I get an 'Invalid User' response on the server. Here's the server-side exception:

             

            08:07:33,517 ERROR [org.jboss.as.ejb3.invocation] (EJB default - 1) JBAS014134: EJB Invocation failed on component LoginFacade for method public abstract java.util.Properties shared.interfaces.main.LoginFacade.getApplicationProperties(): javax.ejb.EJBAccessException: JBAS013323: Invalid User

              at org.jboss.as.ejb3.security.SecurityContextInterceptor$1.run(SecurityContextInterceptor.java:66) [wildfly-ejb3-8.2.0.Final.jar:8.2.0.Final]

              at org.jboss.as.ejb3.security.SecurityContextInterceptor$1.run(SecurityContextInterceptor.java:46) [wildfly-ejb3-8.2.0.Final.jar:8.2.0.Final]

              at org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:92) [wildfly-ejb3-8.2.0.Final.jar:8.2.0.Final]

              at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)

              at org.jboss.as.ejb3.component.interceptors.ShutDownInterceptorFactory$1.processInvocation(ShutDownInterceptorFactory.java:64) [wildfly-ejb3-8.2.0.Final.jar:8.2.0.Final]

              at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)

              at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:59) [wildfly-ejb3-8.2.0.Final.jar:8.2.0.Final]

              at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)

              at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50)

              at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)

              at org.jboss.as.ejb3.component.interceptors.AdditionalSetupInterceptor.processInvocation(AdditionalSetupInterceptor.java:55) [wildfly-ejb3-8.2.0.Final.jar:8.2.0.Final]

              at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)

              at org.jboss.invocation.ContextClassLoaderInterceptor.processInvocation(ContextClassLoaderInterceptor.java:64)

              at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)

              at org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:326)

              at org.wildfly.security.manager.WildFlySecurityManager.doChecked(WildFlySecurityManager.java:448)

              at org.jboss.invocation.AccessCheckingInterceptor.processInvocation(AccessCheckingInterceptor.java:61)

              at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)

              at org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:326)

              at org.jboss.invocation.PrivilegedWithCombinerInterceptor.processInvocation(PrivilegedWithCombinerInterceptor.java:80)

              at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:309)

              at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)

              at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:185)

              at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.invokeMethod(MethodInvocationMessageHandler.java:330) [wildfly-ejb3-8.2.0.Final.jar:8.2.0.Final]

              at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.access$100(MethodInvocationMessageHandler.java:70) [wildfly-ejb3-8.2.0.Final.jar:8.2.0.Final]

              at org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler$1.run(MethodInvocationMessageHandler.java:203) [wildfly-ejb3-8.2.0.Final.jar:8.2.0.Final]

              at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) [rt.jar:1.8.0_25]

              at java.util.concurrent.FutureTask.run(FutureTask.java:266) [rt.jar:1.8.0_25]

              at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [rt.jar:1.8.0_25]

              at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [rt.jar:1.8.0_25]

              at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_25]

              at org.jboss.threads.JBossThread.run(JBossThread.java:122)

             

            In the client console, I get this:

            javax.ejb.EJBException: java.io.StreamCorruptedException: Unexpected byte found when reading an object: 0

              at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:236)

              at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:181)

              at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:144)

              at com.sun.proxy.$Proxy7.getApplicationProperties(Unknown Source)

              at myclient.Main.lambda$5(Main.java:147)

              at myclient.Main$$Lambda$147/1862757255.call(Unknown Source)

              at mylibrary.AsyncTask.lambda$0(AsyncTask.java:90)

              at mylibrary.AsyncTask$$Lambda$150/1087933409.run(Unknown Source)

              at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)

              at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)

              at java.lang.Thread.run(Thread.java:745)

            Caused by: java.io.StreamCorruptedException: Unexpected byte found when reading an object: 0

              at org.jboss.marshalling.river.RiverUnmarshaller.doReadObject(RiverUnmarshaller.java:755)

              at org.jboss.marshalling.river.RiverUnmarshaller.doReadObject(RiverUnmarshaller.java:209)

              at org.jboss.marshalling.AbstractObjectInput.readObject(AbstractObjectInput.java:41)

              at org.jboss.ejb.client.remoting.ProtocolMessageHandler.readAttachments(ProtocolMessageHandler.java:55)

              at org.jboss.ejb.client.remoting.InvocationExceptionResponseHandler$MethodInvocationExceptionResultProducer.getResult(InvocationExceptionResponseHandler.java:82)

              at org.jboss.ejb.client.EJBClientInvocationContext.getResult(EJBClientInvocationContext.java:276)

              at org.jboss.ejb.client.EJBObjectInterceptor.handleInvocationResult(EJBObjectInterceptor.java:64)

              at org.jboss.ejb.client.EJBClientInvocationContext.getResult(EJBClientInvocationContext.java:290)

              at org.jboss.ejb.client.EJBHomeInterceptor.handleInvocationResult(EJBHomeInterceptor.java:88)

              at org.jboss.ejb.client.EJBClientInvocationContext.getResult(EJBClientInvocationContext.java:290)

              at org.jboss.ejb.client.TransactionInterceptor.handleInvocationResult(TransactionInterceptor.java:46)

              at org.jboss.ejb.client.EJBClientInvocationContext.getResult(EJBClientInvocationContext.java:290)

              at org.jboss.ejb.client.ReceiverInterceptor.handleInvocationResult(ReceiverInterceptor.java:129)

              at org.jboss.ejb.client.EJBClientInvocationContext.getResult(EJBClientInvocationContext.java:265)

              at org.jboss.ejb.client.EJBClientInvocationContext.awaitResponse(EJBClientInvocationContext.java:453)

              at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:202)

              ... 10 more

             

            Here's my database security domain:

            <security-domain name="MyApp">

              <authentication>

              <login-module code="Database" flag="required">

              <module-option name="dsJndiName" value="java:/jdbc/MyApp"/>

              <module-option name="principalsQuery" value="select password as 'Password' from users where loginName=?"/>

              <module-option name="rolesQuery" value="select groupName as 'Role', 'Roles' as 'Roles' from users_groups where loginName = ?"/>

              <module-option name="hashAlgorithm" value="SHA-256"/>

              <module-option name="hashEncoding" value="hex"/>

              <module-option name="hashCharset" value="utf-8"/>

              </login-module>

              </authentication>

            </security-domain>

             

            ...and the definition of ApplicationRealm:

            <security-realm name="ApplicationRealm">

              <authentication>

              <jaas name="MyApp" />

              </authentication>

            </security-realm>

             

            In addition to this, I have an EJB set up with the annotation @SecurityDomain("MyApp"). I have confirmed that my datasource is configured correctly and the connection test passes. I realize that this is two different problems, but I have a suspicion that they are related. When debugging client-side remoting code, I can see that PLAIN is the only SASL mechanism acceptable to the server, but PLAIN isn't among the acceptable mechanisms to the client.

              • Actions
            • 3. Re: WildFly 8.2 JNDI remote - ERROR: JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed:
              valsaraj007
              valsaraj007 Feb 13, 2015 3:59 AM (in response to java.todd)

              Bug in WildFly http-remoting

              I got the same "Invalid User" error when I used custom login module. This is because the custom login module receives a password of type org.jboss.as.security.remoting.RemotingConnectionCredential@35ddbd0f and unable to login.

              I never find a solution yet.

                • Actions