-
1. Re: Remote login in WildFly-8.2
dlofthouse Apr 17, 2015 10:19 AM (in response to valsaraj007)Local authentication is kicking in as you are running the client locally, either run your client from a truly remote machine or remove local authentication from the ApplicationRealm definition.
-
2. Re: Remote login in WildFly-8.2
mpritt Apr 17, 2015 4:17 PM (in response to dlofthouse)1 of 1 people found this helpfulI'm having the same issue and I've removed the local authentication from the ApplicationRealm definition, and that still doesn't work for me (i.e. I've commented out the line
<local default-user="$local" allowed-users="*" skip-group-loading="true"/>
in the standalone.xml file). I've also been trying to use the ClientLoginModule and LoginContext and I still don't see the principal created in the client passed to the server.
-
3. Re: Remote login in WildFly-8.2
valsaraj007 Apr 18, 2015 5:05 AM (in response to dlofthouse)Hi dlofthouse,
I don't understand properly. Can you share some sample of what need to be changed? Which model you suggest for remote login, remote EJB? I logged in and accessed EJB using remote EJB model but since the principal is $local, it didn't work as expected.
Thanks!
-
-
5. Re: Remote login in WildFly-8.2
mpritt Apr 18, 2015 6:48 PM (in response to valsaraj007)No, I wouldn't get that far at all with the server...it threw the following exception on the client:
java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: the server presented no authentication mechanisms
at org.jboss.ejb.client.remoting.IoFutureHelper.get(IoFutureHelper.java:92)
at org.jboss.ejb.client.remoting.ConnectionPool.getConnection(ConnectionPool.java:77)
at org.jboss.ejb.client.remoting.RemotingConnectionManager.getConnection(RemotingConnectionManager.java:51)
at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.setupEJBReceivers(ConfigBasedEJBClientContextSelector.java:155)
at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.getCurrent(ConfigBasedEJBClientContextSelector.java:115)
at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.getCurrent(ConfigBasedEJBClientContextSelector.java:47)
at org.jboss.ejb.client.EJBClientContext.getCurrent(EJBClientContext.java:271)
at org.jboss.ejb.client.EJBClientContext.requireCurrent(EJBClientContext.java:281)
at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:176)
at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:144)
at com.sun.proxy.$Proxy0.add(Unknown Source)
at org.jboss.as.quickstarts.ejb.remote.client.RemoteEJBClient.invokeStatelessBean(RemoteEJBClient.java:162)
at org.jboss.as.quickstarts.ejb.remote.client.RemoteEJBClient.main(RemoteEJBClient.java:142)
Caused by: javax.security.sasl.SaslException: Authentication failed: the server presented no authentication mechanisms
at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:388)
at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:242)
at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:199)
at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:113)
at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
at org.xnio.ChannelListeners$DelegatingChannelListener.handleEvent(ChannelListeners.java:1092)
at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:88)
at org.xnio.nio.WorkerThread.run(WorkerThread.java:539)
at ...asynchronous invocation...(Unknown Source)
at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:272)
at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:388)
at org.jboss.ejb.client.remoting.EndpointPool$PooledEndpoint.connect(EndpointPool.java:187)
at org.jboss.ejb.client.remoting.NetworkUtil.connect(NetworkUtil.java:153)
at org.jboss.ejb.client.remoting.NetworkUtil.connect(NetworkUtil.java:133)
at org.jboss.ejb.client.remoting.ConnectionPool.getConnection(ConnectionPool.java:75)
... 11 more
-
6. Re: Remote login in WildFly-8.2
valsaraj007 Apr 20, 2015 1:15 AM (in response to mpritt)Hi Michael,
Can you share the content of jboss-ejb-client.properties in your classpath?
Thanks!
-
7. Re: Remote login in WildFly-8.2
valsaraj007 Apr 20, 2015 1:26 AM (in response to dlofthouse)Hi Darran,
Here is the content of jboss-ejb-client.properties in my class path:
remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false
remote.connections=default
remote.connection.default.host=localhost
remote.connection.default.port = 8080
remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false
In my client class:
public InitialContext getCtx() {
if (ctx == null) {
try {
final Hashtable<String, String> jndiProperties = new Hashtable<>();
jndiProperties.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");
ctx = new InitialContext(jndiProperties);
} catch (NamingException ex) {
throw new RuntimeException("Could not create initial context using supplied context properties", ex);
}
}
return ctx;
}
public AppUser login(String uid, String password) {
// Login now
logger.info("Attempting to log in");
System.setProperty(JAAS_LOGIN_CONFIG_PROPERTY, "app.auth");
UsernamePasswordHandler handler = new UsernamePasswordHandler(uid, password.toCharArray());
try {
lc = new LoginContext("appLDAP", handler);
lc.login();
AppUser user = getAppBean().loginUser(uid, new Date());
logger.info("User logged in as:" + lc.getSubject().getPrincipals());
this.uid = uid;
return user;
} catch (Exception ex) {
throw new RuntimeException("Failed to login: " + uid, ex);
}
}
In the EJB:
public AppUser loginUser( String principal, Date now) {
// Verify that we have a subject to work with
if (!principal.equals(ejbContext.getCallerPrincipal().getName())) {
throw new IllegalStateException("[EJB]Principal not propagated to EJB");
}
.............................
...........................
return user;
}
This code worked fine in JBoss 4.2.2.GA but in WildFly 8.2.0 it is throwing exception from EJB: throw new IllegalStateException("[EJB]Principal not propagated to EJB");
It would be great if you can point out what's wrong or any suggestion or sample to make it working in WildFly.
Thanks!
-
8. Re: Remote login in WildFly-8.2
valsaraj007 Apr 20, 2015 6:38 AM (in response to valsaraj007)Hi Darran,
I referred your solution here: https://developer.jboss.org/message/719442#719442
When I added this property, I got EJB Receiver not available error.
remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false
remote.connections=default
remote.connection.default.host=localhost
remote.connection.default.port = 8080
remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false
remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER
remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false
<subsystem xmlns="urn:jboss:domain:remoting:2.0">
<endpoint worker="default"/>
<http-connector name="http-remoting-connector" connector-ref="default" security-realm="SSLRealm"/>
</subsystem>
What is the cause this error?
Thanks!
-
9. Re: Remote login in WildFly-8.2
mpritt Apr 20, 2015 11:14 AM (in response to valsaraj007)valsaraj,
Here are my jboss-ejb-client.properties file.
remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false
remote.connections=default
remote.connection.default.host=localhost
remote.connection.default.port = 8080
remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false
-
10. Re: Remote login in WildFly-8.2
mpritt Apr 20, 2015 12:39 PM (in response to mpritt)1 of 1 people found this helpfulHi Valsaraj,
I got the principal passed using the following article: http://blog.jonasbandi.net/2013/08/jboss-remote-ejb-invocation-unexpected.html
I believe the key is using the PropertiesBasedEJBClientConfiguration and setting a new ConfigBasedEJBClientContextSelector for the EJBClientContext. I'm still learning about why this all works, so read that article and give it a shot.
Mike
-
11. Re: Remote login in WildFly-8.2
valsaraj007 Apr 21, 2015 1:09 AM (in response to mpritt)Thanks Micheal! Let me go through it.
So you have used above jboss-ejb-client.properties file and the following code?
/////////////////////////////////////////////
// Using the proprietary JBoss EJB Client API
final Properties ejbProperties = new Properties();
ejbProperties.put("remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "false");
ejbProperties.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");
ejbProperties.put("remote.connections", "1");
ejbProperties.put("remote.connection.1.host", "localhost");
ejbProperties.put("remote.connection.1.port", "4447");
//ejbProperties.put("remote.connection.1.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS", "JBOSS-LOCAL-USER"); // needed for forcing authentication over remoting (i.e. if you have a custom login module)
//ejbProperties.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", "false"); // needed for a login module that requires the password in plaintext
ejbProperties.put("remote.connection.1.username", "ejbuser");
ejbProperties.put("remote.connection.1.password", "ejbuser123!");
//ejbProperties.put("org.jboss.ejb.client.scoped.context", "true"); // Not needed when EJBClientContext.setSelector is called programatically. ATTENTION: Client-Interceptor registration below does not work with this property! BUG?
final EJBClientConfiguration ejbClientConfiguration = new PropertiesBasedEJBClientConfiguration(ejbProperties);
final ConfigBasedEJBClientContextSelector selector = new ConfigBasedEJBClientContextSelector(ejbClientConfiguration);
EJBClientContext.setSelector(selector);
EJBClientContext.getCurrent().registerInterceptor(0, new ClientInterceptor());
final Context ejbContext = new InitialContext(ejbProperties);
final HelloWorld ejbHelloWorld = (HelloWorld) ejbContext.lookup("ejb:ejbremote-ear/ejbremote-ejb/HelloWorldBean!"+ HelloWorld.class.getName());
System.out.println(ejbHelloWorld.sayHello());
-
12. Re: Remote login in WildFly-8.2
valsaraj007 Apr 21, 2015 6:01 AM (in response to mpritt)Hi Michael,
I have removed jboss-ejb-client.properties file and used programmatic login method as suggested in the link.
final Properties ejbProperties = new Properties();
ejbProperties.put("remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "false");
ejbProperties.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");
ejbProperties.put("remote.connections", "default");
ejbProperties.put("remote.connection.default.host", "localhost");
ejbProperties.put("remote.connection.default.port", "8080");
ejbProperties.put("remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS", "JBOSS-LOCAL-USER"); // needed for forcing authentication over remoting (i.e. if you have a custom login module)
ejbProperties.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", "false"); // needed for a login module that requires the password in plaintext
ejbProperties.put("remote.connection.default.username", "appUser");
ejbProperties.put("remote.connection.default.password", "plain-password");
//ejbProperties.put("org.jboss.ejb.client.scoped.context", "true"); // Not needed when EJBClientContext.setSelector is called programatically. ATTENTION: Client-Interceptor registration below does not work with this property! BUG?
ctx = new InitialContext(ejbProperties);
final EJBClientConfiguration ejbClientConfiguration = new PropertiesBasedEJBClientConfiguration(ejbProperties);
final ConfigBasedEJBClientContextSelector selector = new ConfigBasedEJBClientContextSelector(ejbClientConfiguration);
EJBClientContext.setSelector(selector);
EJBClientContext.getCurrent().registerInterceptor(0, new ClientInterceptor());
But I got this error when I tried login.
ERROR [connection] JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: the server presented no authentication mechanisms
WARN [ConfigBasedEJBClientContextSelector] Could not register a EJB receiver for connection to localhost:8080
Do you have any idea how to resolve this?
Thanks!
-
13. Re: Remote login in WildFly-8.2
mpritt Apr 21, 2015 2:26 PM (in response to valsaraj007)1 of 1 people found this helpfulValsaraj,
I took your properties and got the same error as you did. However when I commented out the following line it worked and saw the principal passed to the server:
ejbProperties.put("remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS", "JBOSS-LOCAL-USER"); // needed for forcing authentication over remoting (i.e. if you have a custom login module)
Not sure why but when I did that it works.
Mike
-
14. Re: Remote login in WildFly-8.2
valsaraj007 Apr 22, 2015 2:32 AM (in response to mpritt)Hi Michael,
That's correct, when that property is removed it will work. Also, it is working even without the following code:
final EJBClientConfiguration ejbClientConfiguration = new PropertiesBasedEJBClientConfiguration(ejbProperties);
final ConfigBasedEJBClientContextSelector selector = new ConfigBasedEJBClientContextSelector(ejbClientConfiguration);
EJBClientContext.setSelector(selector);
EJBClientContext.getCurrent().registerInterceptor(0, new ClientInterceptor());
Another issue that I faced is with my custom module. Even if I removed this property it didn't work because I am using custom login module which checks permission to access EJBs. When I login from client using LoginContext, password is not reached in plain form. It is coming as character array of an object.
Thanks!