0 Replies Latest reply on Aug 29, 2017 2:57 AM by Himanshu Singh

    EJB invocations from a remote client using JAAS

    Himanshu Singh Newbie

      SERVER: Jboss 6.2 eap

       

      I have a client application which is used to invoke an EJB at my JBoss Server. Everything was working properly when my jboss-ejb-client-property was something like this:

       

      jboos-ejb-client.properties

      endpoint.name=client-endpoint

      remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false

      remote.connections=default

      remote.connection.default.hostname=<server ip>

      remote.connection.default.port =4447

      remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false

      remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false

      remote.connection.default.username=testuser3

      remote.connection.default.password=<plain pass>

       

      But here the password is sent as plain text which is not secure, thereby I want to send password in encrypted form. So I used Jaas to achieve it. For it I followed the steps as given at: http://middlewaremagic.com/jboss/?p=2193

       

      Currently changes at my standalone.xml are

       

      <security-realm name="ApplicationRealm">

                      <authentication>

      <jaas name="JaasDomain"/>

                          <local default-user="$local" allowed-users="*"/>

                      </authentication>

                      <authorization>

                          <properties path="application-roles.properties" relative-to="jboss.server.config.dir"/>

                      </authorization>

      </security-realm>

      -----------------------------------------------------------

        <security-domain name="JaasDomain">

                          <authentication>

                              <login-module code="Database" flag="required">

                                  <module-option name="dsJndiName" value="java:jboss/loanmgmtcab"/>

                                  <module-option name="UsersQuery" value="select password from  USERS_TB where user_name=?"/>

                                  <module-option name="rolesQuery" value="select user_role, 'Roles' from  USERROLES_TB where  user_name=?"/>

                                  <module-option name="password-stacking" value="useFirstPass"/>

                                  <module-option name="hashAlgorithm" value="MD5"/>

                                  <module-option name="hashEncoding" value="hex"/>

                              </login-module>

                              <login-module code="org.jboss.security.auth.spi.RoleMappingLoginModule" flag="optional">

                                  <module-option name="rolesProperties" value="$(jboss.server.config.dir)/application-roles.properties"/>

                                  <module-option name="replaceRole" value="false"/>

                              </login-module>

                          </authentication>

        </security-domain>

       

      But still can't connect to it. getting error as below:-

       

      [NGEjbClient] execute() before getServiceHandler

      [NGEjbClient] getServiceHandler() started !!

      [NGEjbClient] getServiceHandler() commandType >> Client

      [NGEjbClient] getServiceHandler() No entry in Map

      [NGEjbClient] getServiceHandler() creating new context ...

      [NGEjbClient] getServiceHandler() creating new context ...

      [NGEjbClient] getServiceHandler() context created successfully ...

      [NGEjbClient] getServiceHandler() lookup home ...

      [NGEjbClient] getServiceHandler() BEFORE lookup home ...

      INFO [main] (EJBClient.java45) - JBoss EJB Client version 1.0.24.Final-redhat-1

      [NGEjbClient] getServiceHandler() AFTER lookup home ...

      [NGEjbClient] getServiceHandler() home >> Proxy for remote EJB EJBHomeLocator{appName='', moduleName='wfs_ejb', distinctName='', beanName='WFClientServiceHandlerBean', view='interface com.newgen.omni.jts.txn.WFClientServiceHandlerHome'}

      [NGEjbClient] getServiceHandler() txnInfo.getSHHome >> com.newgen.omni.jts.txn.WFClientServiceHandlerHome

      [NGEjbClient] getServiceHandler() serviceHandlerHome >> Proxy for remote EJB EJBHomeLocator{appName='', moduleName='wfs_ejb', distinctName='', beanName='WFClientServiceHandlerBean', view='interface com.newgen.omni.jts.txn.WFClientServiceHandlerHome'}

      [NGEjbClient] getServiceHandler() putting into map ... Proxy for remote EJB EJBHomeLocator{appName='', moduleName='wfs_ejb', distinctName='', beanName='WFClientServiceHandlerBean', view='interface com.newgen.omni.jts.txn.WFClientServiceHandlerHome'}

      [NGEjbClient] getServiceHandler() creating remote for class >> com.newgen.omni.jts.txn.WFClientServiceHandlerHome

      [NGEjbClient] getServiceHandler() BEFORE create remote ...

      ERROR [Remoting "config-based-ejb-client-endpoint" read-1] (RemoteConnection.java105) - JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed

      WARN [main] (ConfigBasedEJBClientContextSelector.java155) - Could not register a EJB receiver for connection to 13.76.142.248:4447

      java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed

      at org.jboss.ejb.client.remoting.IoFutureHelper.get(IoFutureHelper.java:92)

      at org.jboss.ejb.client.remoting.ConnectionPool.getConnection(ConnectionPool.java:77)

      at org.jboss.ejb.client.remoting.RemotingConnectionManager.getConnection(RemotingConnectionManager.java:51)

      at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.setupEJBReceivers(ConfigBasedEJBClientContextSelector.java:146)

      at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.getCurrent(ConfigBasedEJBClientContextSelector.java:115)

      at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.getCurrent(ConfigBasedEJBClientContextSelector.java:47)

      at org.jboss.ejb.client.EJBClientContext.getCurrent(EJBClientContext.java:271)

      at org.jboss.ejb.client.EJBClientContext.requireCurrent(EJBClientContext.java:281)

      at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:176)

      at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:144)

      at com.sun.proxy.$Proxy2.create(Unknown Source)

      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)

      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

      at java.lang.reflect.Method.invoke(Method.java:483)

      at com.newgen.omni.wf.util.app.NGEjbClient$AppServerCache.getServiceHandler(NGEjbClient.java:1647)

      at com.newgen.omni.wf.util.app.NGEjbClient.execute(NGEjbClient.java:766)

      at com.newgen.omni.wf.util.app.NGEjbClient.makeCall(NGEjbClient.java:414)

      at com.newgen.omni.wf.util.app.NGEjbClient.makeCall(NGEjbClient.java:357)

      at com.newgen.dmsapi.WFExecute.execute(WFExecute.java:18)

      at com.newgen.dmsapi.WFGeneral.WMConnect(WFGeneral.java:50)

      at Tester.Tester.main(Tester.java:87)

      Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed

      at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:417)

      at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:229)

      at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

      at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189)

      at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103)

      at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

      at org.xnio.nio.NioHandle.run(NioHandle.java:90)

      at org.xnio.nio.WorkerThread.run(WorkerThread.java:187)

      at ...asynchronous invocation...(Unknown Source)

      at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:270)

      at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:386)

      at org.jboss.ejb.client.remoting.EndpointPool$PooledEndpoint.connect(EndpointPool.java:182)

      at org.jboss.ejb.client.remoting.NetworkUtil.connect(NetworkUtil.java:152)

      at org.jboss.ejb.client.remoting.NetworkUtil.connect(NetworkUtil.java:133)

      at org.jboss.ejb.client.remoting.ConnectionPool.getConnection(ConnectionPool.java:75)

      ... 20 more

      ERROR [Remoting "config-based-ejb-client-endpoint" read-1] (RemoteConnection.java105) - JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed

      [NGEjbClient] getServiceHandler() Exception !!

      java.lang.reflect.InvocationTargetException