9 Replies Latest reply on Mar 14, 2018 10:08 AM by Miroslav Novak

    Wildfly with Generic JMS shows error : SECURITY_EXCEPTION message=AMQ119031: Unable to validate user

    Nagaraju Chitimilla Newbie

      I'm trying to use genericjms to connect to the activemq messaging server. Below is my configuration:

       

       

      standalone-full.xml

      <mdb>

      <resource-adapter-ref resource-adapter-name="jms-ra.rar"/>

      <bean-instance-pool-ref pool-name="mdb-strict-max-pool"/>

      </mdb>

       

      <subsystem xmlns="urn:jboss:domain:messaging-activemq:3.0">

      <server name="default">

      <security-setting name="#">

      <role name="guest" send="true" consume="true" create-non-durable-queue="true" delete-non-durable-queue="true"/>

      </security-setting>

      <address-setting name="#" dead-letter-address="jms.queue.DLQ" expiry-address="jms.queue.ExpiryQueue" max-size-bytes="10485760" page-size-bytes="2097152" message-counter-history-day-limit="10"/>

      <http-connector name="http-connector" socket-binding="http" endpoint="http-acceptor"/>

      <http-connector name="http-connector-throughput" socket-binding="http" endpoint="http-acceptor-throughput">

      <param name="batch-delay" value="50"/>

      </http-connector>

      <in-vm-connector name="in-vm" server-id="0">

      <param name="buffer-pooling" value="false"/>

      </in-vm-connector>

      <http-acceptor name="http-acceptor" http-listener="default"/>

      <http-acceptor name="http-acceptor-throughput" http-listener="default">

      <param name="batch-delay" value="50"/>

      <param name="direct-deliver" value="false"/>

      </http-acceptor>

      <in-vm-acceptor name="in-vm" server-id="0">

      <param name="buffer-pooling" value="false"/>

      </in-vm-acceptor>

      <jms-queue name="ExpiryQueue" entries="java:/jms/queue/ExpiryQueue"/>

      <jms-queue name="DLQ" entries="java:/jms/queue/DLQ"/>

      <jms-queue name="com.netegrity.ims.msg.queue" entries="com.netegrity.ims.msg.queue java:jboss/exported/jms/com.netegrity.ims.msg.queue"/>

      <jms-queue name="RuntimeStatusDetailQueue" entries="RuntimeStatusDetailQueue java:jboss/exported/jms/RuntimeStatusDetailQueue"/>

      <jms-queue name="queue/wpEventQueue" entries="queue/wpEventQueue java:jboss/exported/jms/queue/wpEventQueue"/>

      <jms-queue name="queue/wpServAutoActQueue" entries="queue/wpServAutoActQueue java:jboss/exported/jms/queue/wpServAutoActQueue"/>

      <jms-queue name="queue/wpUtilQueue" entries="queue/wpUtilQueue java:jboss/exported/jms/queue/wpUtilQueue"/>

      <jms-queue name="ac_endpoint_to_server" entries="ac_endpoint_to_server java:jboss/exported/jms/ac_endpoint_to_server"/>

      <jms-queue name="ac_server_to_server" entries="ac_server_to_server java:jboss/exported/jms/ac_server_to_server"/>

      <jms-queue name="queue/snapshots" entries="queue/snapshots java:jboss/exported/jms/queue/snapshots"/>

      <jms-queue name="queue/audit" entries="queue/audit java:jboss/exported/jms/queue/audit"/>

      <jms-queue name="ac_server_to_endpoint" entries="ac_server_to_endpoint java:jboss/exported/jms/ac_server_to_endpoint"/>

      <jms-queue name="ac_server_to_server_local" entries="ac_server_to_server_local java:jboss/exported/jms/ac_server_to_server_local"/>

      <jms-topic name="ServerCommandTopic" entries="ServerCommandTopic java:jboss/exported/jms/ServerCommandTopic"/>

      <jms-topic name="ac_server_to_endpoint_broadcast" entries="ac_server_to_endpoint_broadcast"/>

      <jms-topic name="ac_server_to_server_broadcast" entries="ac_server_to_server_broadcast"/>

      <jms-topic name="ac_endpoint_to_server_broadcast" entries="ac_endpoint_to_server_broadcast"/>

      <connection-factory name="InVmConnectionFactory" entries="java:/ConnectionFactory" connectors="in-vm"/>

      <connection-factory name="RemoteConnectionFactory" entries="java:jboss/exported/jms/RemoteConnectionFactory" connectors="http-connector"/>

      <connection-factory name="wpConnectionFactory" entries="jms/wpConnectionFactory wpConnectionFactory java:jboss/exported/jms/wpConnectionFactory" connectors="http-connector"/>

      <pooled-connection-factory name="jms-ra" entries="java:/ActivemqJms" connectors="in-vm" transaction="xa"/>

      </server>

      </subsystem>

       

       

      <resource-adapter id="jms-ra.rar">

      <archive>

      IdentityMinder.ear#generic-jms-ra-2.0.1.Final

      </archive>

      <!-- <module slot="main" id="org.jboss.genericjms"/> -->

      <transaction-support>XATransaction</transaction-support>

      <connection-definitions>

      <connection-definition class-name="org.jboss.resource.adapter.jms.JmsManagedConnectionFactory" jndi-name="java:/ActivemqJms" enabled="true" use-java-context="true" pool-name="ActivemqJms" use-ccm="true">

      <config-property name="SessionDefaultType">

      javax.jms.Queue

      </config-property>

      <config-property name="ConnectionFactory">

      ConnectionFactory

      </config-property>

      <config-property name="JndiParameters">

      java.naming.security.principal=guest;java.naming.factory.initial=com.ca.jms.utils.ActiveMQJndiContextFactory;java.naming.provider.url=ssl://localhost:61616?socket.enabledProtocols=TLSv1.1,TLSv1.2

      </config-property>

      <xa-pool>

      <min-pool-size>1</min-pool-size>

      <max-pool-size>150</max-pool-size>

      </xa-pool>

      <security>

      <security-domain>ActivemqRealm</security-domain>

      </security>

      <timeout>

      <blocking-timeout-millis>32000</blocking-timeout-millis>

      </timeout>

      </connection-definition>

      </connection-definitions>

      </resource-adapter>

       

       

       

      But when the wildfly server is started i could see the lost of following errors are logged in the console. I Have tried creating the user (using add-user.bat) and adding it in the server-identities definition <secret value="TjB0YWxsMHdlZA==" /> but no use.

       

       

       

       

      C:\Users\Administrator\Desktop\wildfly\wildfly-12.0.0.Final\bin>add-user.bat

       

       

      What type of user do you wish to add?

      a) Management User (mgmt-users.properties)

      b) Application User (application-users.properties)

      (a): b

       

       

      Enter the details of the new user to add.

      Using realm 'ApplicationRealm' as discovered from the existing property files.

      Username : reportserver

      User 'reportserver' already exists and is enabled, would you like to...

      a) Update the existing user password and roles

      b) Disable the existing user

      c) Type a new username

      (a): a

      Password recommendations are listed below. To modify these restrictions edit the add-user.properties configuration file.

      - The password should be different from the username

      - The password should not be one of the following restricted values {root, admin, administrator}

      - The password should contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), 1 non-alphanumeric symbol(s)

      Password :

      WFLYDM0102: Password should have at least 1 non-alphanumeric symbol.

      Are you sure you want to use the password entered yes/no? y

      Re-enter Password :

      What groups do you want this user to belong to? (Please enter a comma separated list, or leave blank for none)[guest]: guest

      Updated user 'reportserver' to file 'C:\Users\Administrator\Desktop\wildfly\wildfly-12.0.0.Final\standalone\configuration\application-users.properties'

      Updated user 'reportserver' to file 'C:\Users\Administrator\Desktop\wildfly\wildfly-12.0.0.Final\domain\configuration\application-users.properties'

      Updated user 'reportserver' with groups guest to file 'C:\Users\Administrator\Desktop\wildfly\wildfly-12.0.0.Final\standalone\configuration\application-roles.properties'

      Updated user 'reportserver' with groups guest to file 'C:\Users\Administrator\Desktop\wildfly\wildfly-12.0.0.Final\domain\configuration\application-roles.properties'

      Is this new user going to be used for one AS process to connect to another AS process?

      e.g. for a slave host controller connecting to the master or for a Remoting connection for server to server EJB calls.

      yes/no? yes

      To represent the user add the following to the server-identities definition <secret value="TjB0YWxsMHdlZA==" />

      Press any key to continue . . .

       

       

      C:\Users\Administrator\Desktop\wildfly\wildfly-12.0.0.Final\bin>

       

       

      Exception:

       

      16:03:25,270 ERROR [org.apache.activemq.artemis.core.server] (Thread-1 (ActiveMQ-remoting-threads-ActiveMQServerImpl::serverUUID=6aac8df9-23bb-11e8-b3f7-0200bc2022cb-106784407)) AMQ224018: Failed to create session: ActiveMQSecurityException[errorType=SECURITY_EXCEPTION message=AMQ119031: Unable to validate user]

              at org.apache.activemq.artemis.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:144)

              at org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl.createSession(ActiveMQServerImpl.java:1283)

              at org.apache.activemq.artemis.core.protocol.core.impl.ActiveMQPacketHandler.handleCreateSession(ActiveMQPacketHandler.java:158)

              at org.apache.activemq.artemis.core.protocol.core.impl.ActiveMQPacketHandler.handlePacket(ActiveMQPacketHandler.java:81)

              at org.apache.activemq.artemis.core.protocol.core.impl.ChannelImpl.handlePacket(ChannelImpl.java:633)

              at org.apache.activemq.artemis.core.protocol.core.impl.RemotingConnectionImpl.doBufferReceived(RemotingConnectionImpl.java:379)

              at org.apache.activemq.artemis.core.protocol.core.impl.RemotingConnectionImpl.bufferReceived(RemotingConnectionImpl.java:362)

              at org.apache.activemq.artemis.core.remoting.server.impl.RemotingServiceImpl$DelegatingBufferHandler.bufferReceived(RemotingServiceImpl.java:621)

              at org.apache.activemq.artemis.core.remoting.impl.invm.InVMConnection$1.run(InVMConnection.java:196)

              at org.apache.activemq.artemis.utils.OrderedExecutorFactory$OrderedExecutor$ExecutorTask.run(OrderedExecutorFactory.java:122)

              at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)

              at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)

              at java.lang.Thread.run(Thread.java:745)

       

       

      16:03:25,272 ERROR [org.apache.activemq.artemis.core.server] (Thread-10 (ActiveMQ-remoting-threads-ActiveMQServerImpl::serverUUID=6aac8df9-23bb-11e8-b3f7-0200bc2022cb-106784407)) AMQ224018: Failed to create session: ActiveMQSecurityException[errorType=SECURITY_EXCEPTION message=AMQ119031: Unable to validate user]

              at org.apache.activemq.artemis.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:144)

              at org.apache.activemq.artemis.core.server.impl.ActiveMQServerImpl.createSession(ActiveMQServerImpl.java:1283)

              at org.apache.activemq.artemis.core.protocol.core.impl.ActiveMQPacketHandler.handleCreateSession(ActiveMQPacketHandler.java:158)

              at org.apache.activemq.artemis.core.protocol.core.impl.ActiveMQPacketHandler.handlePacket(ActiveMQPacketHandler.java:81)

              at org.apache.activemq.artemis.core.protocol.core.impl.ChannelImpl.handlePacket(ChannelImpl.java:633)

              at org.apache.activemq.artemis.core.protocol.core.impl.RemotingConnectionImpl.doBufferReceived(RemotingConnectionImpl.java:379)

              at org.apache.activemq.artemis.core.protocol.core.impl.RemotingConnectionImpl.bufferReceived(RemotingConnectionImpl.java:362)

              at org.apache.activemq.artemis.core.remoting.server.impl.RemotingServiceImpl$DelegatingBufferHandler.bufferReceived(RemotingServiceImpl.java:621)

              at org.apache.activemq.artemis.core.remoting.impl.invm.InVMConnection$1.run(InVMConnection.java:196)

              at org.apache.activemq.artemis.utils.OrderedExecutorFactory$OrderedExecutor$ExecutorTask.run(OrderedExecutorFactory.java:122)

              at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)

              at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)

              at java.lang.Thread.run(Thread.java:745)

        • 1. Re: Wildfly with Generic JMS shows error : SECURITY_EXCEPTION message=AMQ119031: Unable to validate user
          Miroslav Novak Master

          Hi,

           

          do not use generic JMS RA to connect to Artemis in WF12. For this purpose there is Artemis RA which can be configured in <pooled-connection-factory ... /> in messaging-actvemq subsystem. By default in standalone-full.xml configuration it's configured to connect to "in-vm" Artemis broker.

           

          Thanks,

          Mirek

          • 2. Re: Wildfly with Generic JMS shows error : SECURITY_EXCEPTION message=AMQ119031: Unable to validate user
            Nagaraju Chitimilla Newbie

            Hi mnovak

            Thanks for your replay. But we are trying to connect to the external activemq using generic JMS. If this is not the way can you please direct me to the proper documentation where we can integrate wildfly 12 with external activemq?

             

            Thanks in Advance.

            Nagaraju

            • 3. Re: Wildfly with Generic JMS shows error : SECURITY_EXCEPTION message=AMQ119031: Unable to validate user
              Miroslav Novak Master

              Use pooled-connection-factory (ActiveMQ Artemis RA) for this case as well. Just configure remote-connector pointing to external broker in pooled-connection-factory. It shoud look like:

               

              <subsystem xmlns="urn:jboss:domain:messaging-activemq:3.0">
              ...
                  <remote-connector name="remote-messaging" socket-binding="external-messaging-broker"/>
                  <pooled-connection-factory name="activemq-ra" connectors="remote-messaging" ... ">
              ...
              </subsystem>
              
              <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
              ....
                      <outbound-socket-binding name="external-messaging-broker">
                          <remote-destination host="<broker_ip>" port="616161"/>
                      </outbound-socket-binding>
              ...
              
              • 4. Re: Wildfly with Generic JMS shows error : SECURITY_EXCEPTION message=AMQ119031: Unable to validate user
                Nagaraju Chitimilla Newbie

                Hi mnovak

                 

                I have updated the standalone-full.xml to point to the external activemq using the remote-connector. Following is my updated configuration:

                <subsystem xmlns="urn:jboss:domain:messaging-activemq:3.0">
                            <server name="default">
                                ...
                <remote-connector name="remote-messaging" socket-binding="external-messaging-broker">
                <param name="enabled-protocols" value="TLSv1.1,TLSv1.2"/>
                <param name="key-store-path" value="C:/ActiveMQ/conf/keystore.p12"/>
                <param name="key-store-password" value="N0tall0wed"/>
                <param name="trust-store-path" value="C:/ActiveMQ/conf/keystore.p12"/>
                <param name="trust-store-password" value="N0tall0wed"/>
                <param name="ssl-enabled" value="true"/>
                </remote-connector>
                                ...
                                <pooled-connection-factory name="activemq-ra" entries="java:/ActivemqJms" connectors="remote-messaging" transaction="xa" user="reportserver" password="N0tall0wed"/>
                            </server>
                </subsystem>
                <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
                ...
                <outbound-socket-binding name="external-messaging-broker">  
                <remote-destination host="localhost" port="61616"/>  
                </outbound-socket-binding>
                </socket-binding-group>
                ...
                

                 

                I have provided keystore details as i need to connect on ssl port (i.e. ssl://localhost:61616?socket.enabledProtocols=TLSv1.1,TLSv1.2). But still i'm getting the following exception at the time of server startup.

                 

                19:01:22,197 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 68) MSC000001: Failed to start service jboss.raactivator.activemq-ra: org.jboss.msc.service.StartException in service jboss.raactivator.activemq-ra: WFLYJCA0046: Failed to start RA deployment [activemq-ra]
                        at org.jboss.as.connector.services.resourceadapters.deployment.AbstractResourceAdapterDeploymentService$2.run(AbstractResourceAdapterDeploymentService.java:332)
                        at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
                        at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
                        at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
                        at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)
                        at java.lang.Thread.run(Thread.java:745)
                        at org.jboss.threads.JBossThread.run(JBossThread.java:485)
                Caused by: org.jboss.jca.deployers.common.DeployException: WFLYJCA0072: Deployment org.wildfly.extension.messaging.activemq.ActiveMQResourceAdapter failed
                        at org.jboss.as.connector.services.resourceadapters.deployment.AbstractResourceAdapterDeploymentService$AbstractWildFlyRaDeployer.initAndInject(AbstractResourceAdapterDeploymentService.java:596)
                        at org.jboss.jca.deployers.common.AbstractResourceAdapterDeployer.createObjectsAndInjectValue(AbstractResourceAdapterDeployer.java:1242)
                        at org.jboss.as.connector.services.resourceadapters.ResourceAdapterActivatorService$ResourceAdapterActivator.doDeploy(ResourceAdapterActivatorService.java:171)
                        at org.jboss.as.connector.services.resourceadapters.ResourceAdapterActivatorService.start(ResourceAdapterActivatorService.java:115)
                        at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1714)
                        at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1693)
                        at org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1540)
                        at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
                        at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
                        at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
                        at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1364)
                        at java.lang.Thread.run(Thread.java:745)
                Caused by: java.lang.reflect.InvocationTargetException
                        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
                        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
                        at java.lang.reflect.Method.invoke(Method.java:498)
                        at org.jboss.as.connector.util.Injection.inject(Injection.java:131)
                        at org.jboss.as.connector.util.Injection.inject(Injection.java:87)
                        at org.jboss.as.connector.services.resourceadapters.deployment.AbstractResourceAdapterDeploymentService$AbstractWildFlyRaDeployer.initAndInject(AbstractResourceAdapterDeploymentService.java:583)
                        ... 11 more
                Caused by: java.lang.IllegalArgumentException: Invalid expression TLSv1.2 at enabledProtocols=TLSv1.1,TLSv1.2;trustStorePassword=N0tall0wed;keyStorePassword=N0tall0wed;port=61616;localAddress=0.0.0.0;sslEnabled=true;host=localhost;trustStorePath=C:/ActiveMQ/conf/keystore.p12;keyStorePath=C:/ActiveMQ/conf/keystore.p12
                        at org.apache.activemq.artemis.ra.ActiveMQRaUtils.parseConfig(ActiveMQRaUtils.java:205)
                        at org.apache.activemq.artemis.ra.ActiveMQResourceAdapter.setConnectionParameters(ActiveMQResourceAdapter.java:342)
                        ... 18 more

                 

                Do you have any idea about it?

                 

                Thanks in advance

                -Nagaraju

                • 5. Re: Wildfly with Generic JMS shows error : SECURITY_EXCEPTION message=AMQ119031: Unable to validate user
                  Miroslav Novak Master

                  It appears to be a bug in ActiveMQRaUtils.parseConfig() as it cannot parse when two protocols are specified. Like in "enabledProtocols=TLSv1.1,TLSv1.2;". If you specify just one then it will work. Do you think that you might create new WFLY jira in JBoss Issue Tracker , please? I might create it instead of you if you want but I don't want to take the credit :-)

                   

                  Thanks,

                  Mirek

                  • 6. Re: Wildfly with Generic JMS shows error : SECURITY_EXCEPTION message=AMQ119031: Unable to validate user
                    Nagaraju Chitimilla Newbie

                    Thanks mnovak, I have created a JIRA for this issue. [WFLY-10014] Unable to configure comma delimited enabled-protocols in remote-connector - JBoss Issue Tracker

                     

                    As to proceed further, i have provided only one protocol i.e TLSv1.2 for the enabledProtocols property. Now i'm getting the following exception:

                     

                    20:54:19,276 ERROR [org.apache.activemq.artemis.core.client] (Thread-5 (ActiveMQ-client-netty-threads)) AMQ214013: Failed to decode packet: java.lang.IllegalArgumentException: AMQ119032: Invalid type: 1
                            at org.apache.activemq.artemis.core.protocol.core.impl.PacketDecoder.decode(PacketDecoder.java:424)
                            at org.apache.activemq.artemis.core.protocol.ClientPacketDecoder.decode(ClientPacketDecoder.java:60)
                            at org.apache.activemq.artemis.core.protocol.ClientPacketDecoder.decode(ClientPacketDecoder.java:39)
                            at org.apache.activemq.artemis.core.protocol.core.impl.RemotingConnectionImpl.bufferReceived(RemotingConnectionImpl.java:355)
                            at org.apache.activemq.artemis.core.client.impl.ClientSessionFactoryImpl$DelegatingBufferHandler.bufferReceived(ClientSessionFactoryImpl.java:1143)
                            at org.apache.activemq.artemis.core.remoting.impl.netty.ActiveMQChannelHandler.channelRead(ActiveMQChannelHandler.java:69)
                            at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362)
                            at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:348)
                            at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:340)
                            at io.netty.handler.codec.ByteToMessageDecoder.fireChannelRead(ByteToMessageDecoder.java:293)
                            at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:267)
                            at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362)
                            at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:348)
                            at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:340)
                            at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1240)
                            at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1041)
                            at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:411)
                            at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:248)
                            at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362)
                            at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:348)
                            at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:340)
                            at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1334)
                            at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362)
                            at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:348)
                            at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:926)
                            at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:134)
                            at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:624)
                            at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:559)
                            at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:476)
                            at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:438)
                            at io.netty.util.concurrent.SingleThreadEventExecutor$5.run(SingleThreadEventExecutor.java:858)
                            at java.lang.Thread.run(Thread.java:745)

                    Thanks in Advance.

                    -Nagaraju

                    • 7. Re: Wildfly with Generic JMS shows error : SECURITY_EXCEPTION message=AMQ119031: Unable to validate user
                      Miroslav Novak Master

                      Thanks for creating this jira. Looking at the discussion you did not mention whether the external broker is ActiveMQ 5.x or ActiveMQ Artemis 1.5.x/2.x. I thought that you think Artemis. Is it correct?

                      • 8. Re: Wildfly with Generic JMS shows error : SECURITY_EXCEPTION message=AMQ119031: Unable to validate user
                        Nagaraju Chitimilla Newbie

                        Forgot to mention the ActiveMQ version We are trying to connect to Active MQ 5.13.1.

                        I could see the following errors in the Active MQ log. Not understood why wildfly is trying to send 1045 MB of data.

                         

                        INFO  | jvm 1    | 2018/03/14 10:31:12 |  WARN | Transport Connection to: tcp://127.0.0.1:62422 failed: java.io.IOException: Frame size of 1045 MB larger than max allowed 100 MB
                        INFO  | jvm 1    | 2018/03/14 10:33:22 |  WARN | Transport Connection to: tcp://127.0.0.1:62457 failed: java.io.IOException: Frame size of 1045 MB larger than max allowed 100 MB
                        INFO  | jvm 1    | 2018/03/14 10:35:33 |  WARN | Transport Connection to: tcp://127.0.0.1:62494 failed: java.io.IOException: Frame size of 1045 MB larger than max allowed 100 MB
                        INFO  | jvm 1    | 2018/03/14 10:37:42 |  WARN | Transport Connection to: tcp://127.0.0.1:62537 failed: java.io.IOException: Frame size of 1045 MB larger than max allowed 100 MB
                        INFO  | jvm 1    | 2018/03/14 10:39:53 |  WARN | Transport Connection to: tcp://127.0.0.1:62578 failed: java.io.IOException: Frame size of 1045 MB larger than max allowed 100 MB
                        INFO  | jvm 1    | 2018/03/14 10:42:02 |  WARN | Transport Connection to: tcp://127.0.0.1:62626 failed: java.io.IOException: Frame size of 1045 MB larger than max allowed 100 MB

                         

                        For testing purpose my using only two queues which are available by default.

                         

                        <subsystem xmlns="urn:jboss:domain:messaging-activemq:3.0">

                           <server name="default">

                             ...

                              <remote-connector name="remote-messaging" socket-binding="external-messaging-broker">

                                 <param name="enabled-protocols" value="TLSv1.2" />

                                 <param name="key-store-path" value="C:/ActiveMQ/conf/keystore.p12" />

                                 <param name="key-store-password" value="N0tall0wed" />

                                 <param name="trust-store-path" value="C:/ActiveMQ/conf/keystore.p12" />

                                 <param name="trust-store-password" value="N0tall0wed" />

                                 <param name="ssl-enabled" value="true" />

                              </remote-connector>

                             ...

                              <jms-queue name="ExpiryQueue" entries="java:/jms/queue/ExpiryQueue" />

                              <jms-queue name="DLQ" entries="java:/jms/queue/DLQ" />

                              <connection-factory name="InVmConnectionFactory" entries="java:/ConnectionFactory" connectors="in-vm" />

                              <connection-factory name="RemoteConnectionFactory" entries="java:jboss/exported/jms/RemoteConnectionFactory" connectors="http-connector" />

                              <pooled-connection-factory name="activemq-ra" entries="java:/ActivemqJms" connectors="remote-messaging" transaction="xa" user="reportserver" password="N0tall0wed" />

                           </server>

                        </subsystem>

                        <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">

                        ...

                        <outbound-socket-binding name="external-messaging-broker">

                        <remote-destination host="localhost" port="61616"/>

                        </outbound-socket-binding>

                        </socket-binding-group>

                        • 9. Re: Wildfly with Generic JMS shows error : SECURITY_EXCEPTION message=AMQ119031: Unable to validate user
                          Miroslav Novak Master

                          Ok, I should have asked first. I assumed that you mean ActiveMQ Artemis. For ActiveMQ 5.x you will need to use activemq resource adapter. I've found the latest one here:

                          http://search.maven.org/remotecontent?filepath=org/apache/activemq/activemq-rar/5.15.3/activemq-rar-5.15.3.rar

                           

                          It must be copied to $JBOSS_HOME/standalone/deployments directory and configuration changed like:

                           

                          Configuration in standalone-full.xml should looks:

                           

                          <subsystem xmlns="urn:jboss:domain:resource-adapters:5.0">
                                      <resource-adapters>
                                          <resource-adapter id="activemq-rar-5.15.3.rar">
                                              <archive>
                                                  activemq-rar-5.15.3.rar
                                              </archive>
                                              <transaction-support>XATransaction</transaction-support>
                                              <config-property name="ServerUrl">
                                                  tcp://localhost:61616?jms.rmIdFromConnectionId=true
                                              </config-property>
                                              <config-property name="UserName">
                                                  any
                                              </config-property>
                                              <config-property name="Password">
                                                  any
                                              </config-property>
                                              <connection-definitions>
                                                  <connection-definition class-name="org.apache.activemq.ra.ActiveMQManagedConnectionFactory" jndi-name="java:/jms/CF" enabled="true" use-java-context="true" pool-name="CF">
                                                      <config-property name="ServerUrl">
                                                          tcp://localhost:61616?jms.rmIdFromConnectionId=true
                                                      </config-property>
                                                      <config-property name="UserName">
                                                          any
                                                      </config-property>
                                                      <config-property name="Password">
                                                          any
                                                      </config-property>
                                                      <xa-pool>
                                                          <min-pool-size>1</min-pool-size>
                                                          <max-pool-size>200</max-pool-size>
                                                          <prefill>false</prefill>
                                                          <is-same-rm-override>false</is-same-rm-override>
                                                      </xa-pool>
                                                      <security>
                                                          <application/>
                                                      </security>
                                                      <recovery>
                                                          <recover-credential>
                                                              <user-name>any</user-name>
                                                              <password>any</password>
                                                          </recover-credential>
                                                      </recovery>
                                                  </connection-definition>
                                              </connection-definitions>
                                              <admin-objects>
                                                  <admin-object class-name="org.apache.activemq.command.ActiveMQQueue" jndi-name="java:/jms/queue/Q1" use-java-context="true" pool-name="Q1">
                                                      <config-property name="PhysicalName">
                                                          Q1
                                                      </config-property>
                                                  </admin-object>
                                                  <admin-object class-name="org.apache.activemq.command.ActiveMQQueue" jndi-name="java:/jms/queue/PQ2" use-java-context="true" pool-name="PQ2">
                                                      <config-property name="PhysicalName">
                                                          PQ2
                                                      </config-property>
                                                  </admin-object>
                                                  <admin-object class-name="org.apache.activemq.command.ActiveMQQueue" jndi-name="java:/jms/queue/Q2" use-java-context="true" pool-name="Q2">
                                                      <config-property name="PhysicalName">
                                                          Q2
                                                      </config-property>
                                                  </admin-object>
                                                  <admin-object class-name="org.apache.activemq.command.ActiveMQQueue" jndi-name="java:/jms/queue/PQ1" use-java-context="true" pool-name="PQ1">
                                                      <config-property name="PhysicalName">
                                                          PQ1
                                                      </config-property>
                                                  </admin-object>
                                                  <admin-object class-name="org.apache.activemq.command.ActiveMQTopic" jndi-name="java:/jms/topic/T1" use-java-context="true" pool-name="T1">
                                                      <config-property name="PhysicalName">
                                                          T1
                                                      </config-property>
                                                  </admin-object>
                                                  <admin-object class-name="org.apache.activemq.command.ActiveMQTopic" jndi-name="java:/jms/topic/T2" use-java-context="true" pool-name="T2">
                                                      <config-property name="PhysicalName">
                                                          T2
                                                      </config-property>
                                                  </admin-object>
                                              </admin-objects>
                                          </resource-adapter>
                                      </resource-adapters>
                          </subsystem>
                          

                           

                          There is missing the ssl config which i'm not sure how can be configured for ActiveMQ 5.x.