2 Replies Latest reply on Apr 12, 2017 3:21 PM by Harry Reid

    How to add Java security jvm parameters in wildfly 10?

    Harry Reid Newbie

      Hi,

              We are upgrading from Jboss 4.3 to wildfly 10. In the old system we have an option of adding java.security parameters to point the location of krb5.ini and bsclogin.conf files like below.

       

       

      set JVM_ARGS=%JVM_ARGS% -Djava.security.auth.login.config=C:\conf\bscLogin.conf

      set JVM_ARGS=%JVM_ARGS% -Djava.security.krb5.conf=C:\conf\krb5.ini

       

      Is it possible to add that in Wildfly 10?

       

      Thanks

        • 1. Re: How to add Java security jvm parameters in wildfly 10?
          Martin Choma Expert

          Yes, as this is more jvm feature it should still work.

           

          Note, you can also configure system properties using CLI command:

           

          /system-property=java.security.krb5.conf:add(value=/path/to/krb.conf)

           

          That way it will be persisted in standalone.xml configuration.

          1 of 1 people found this helpful
          • 2. Re: How to add Java security jvm parameters in wildfly 10?
            Harry Reid Newbie

            Hi Martin,

                             I added both the parameters as system properties. But I still get an error saying Password invalid/Password required. I confirmed that the password is correct.

             

            2017-04-12 18:37:07,813 DS_Worker-8 ERROR [stderr ] com.crystaldecisions.sdk.exception.SDKException$SecurityError: Active Directory Authentication failed to log you on.

            Please contact your system administrator to make sure you are a member of a valid mapped group and try again.

            If you are not a member of the default domain, enter your user name as UserName@DNS_DomainName, and then try again. (FWM 00006)

             

            2017-04-12 18:37:07,813 DS_Worker-8 ERROR [stderr ] cause:javax.security.auth.login.FailedLoginException: PBOX00070: Password invalid/Password required

             

            2017-04-12 18:37:07,813 DS_Worker-8 ERROR [stderr ] detail:Active Directory Authentication failed to log you on. Please contact your system administrator to make sure

            you are a member of a valid mapped group and try again. If you are not a member of the default domain, enter your user name as UserName@DNS_DomainName, and then try again. (FWM 00006) PBOX00070:

            Password invalid/Password required

            2017-04-12 18:37:07,814 DS_Worker-8 ERROR [stderr ] at com.crystaldecisions.sdk.plugin.authentication.secwinad.internal.SecWinADError.ThrowException(SecWinADError.java:46)

            2017-04-12 18:37:07,814 DS_Worker-8 ERROR [stderr ] at com.crystaldecisions.sdk.plugin.authentication.secwinad.internal.SecWinADAuthentication.startKerbLogin(SecWinADAuthentication.java:380)

            2017-04-12 18:37:07,814 DS_Worker-8 ERROR [stderr ] at com.crystaldecisions.sdk.plugin.authentication.secwinad.internal.SecWinADAuthentication.startLogin(SecWinADAuthentication.java:161)

            2017-04-12 18:37:07,814 DS_Worker-8 ERROR [stderr ] at com.crystaldecisions.sdk.occa.security.internal.LogonService.doLogon(LogonService.java:977)

            2017-04-12 18:37:07,815 DS_Worker-8 ERROR [stderr ] at com.crystaldecisions.sdk.occa.security.internal.LogonService.doUserLogon(LogonService.java:874)

            2017-04-12 18:37:07,815 DS_Worker-8 ERROR [stderr ] at com.crystaldecisions.sdk.occa.security.internal.LogonService.doUserLogon(LogonService.java:805)

            2017-04-12 18:37:07,815 DS_Worker-8 ERROR [stderr ] at com.crystaldecisions.sdk.occa.security.internal.LogonService.userLogon(LogonService.java:210)

            2017-04-12 18:37:07,816 DS_Worker-8 ERROR [stderr ] at com.crystaldecisions.sdk.occa.security.internal.SecurityMgr.userLogon(SecurityMgr.java:166)

             

             

            Wondering if I have to configure anything in the security domain settings in the domain.xml file?