Martin, thanks for your answer.

I have updated my configuration a bit following the same tutorial that you posted, adding 2 more steps.

./subsystem=remoting/http-connector=http-remoting-connector:write-attribute(name=sasl-authentication-factory, value=application-sasl-authentication)

./subsystem=remoting/http-connector=http-remoting-connector:undefine-attribute(name=security-realm)

But that use default sasl authentication defined in standalone.xml A bit modified version:

               <sasl-authentication-factory name="application-sasl-authentication" sasl-server-factory="configured" security-domain="ApplicationDomain">

                 <mechanism-configuration>

                        <mechanism mechanism-name="JBOSS-LOCAL-USER" realm-mapper="local"/>

                        <mechanism mechanism-name="DIGEST-MD5">

                            <mechanism-realm realm-name="ApplicationRealm"/>

                        </mechanism>

                        <mechanism mechanism-name="PLAIN">

                    </mechanism-configuration>

                </sasl-authentication-factory>

                <sasl-authentication-factory name="management-sasl-authentication" sasl-server-factory="configured" security-domain="ManagementDomain">

                    <mechanism-configuration>

                        <mechanism mechanism-name="JBOSS-LOCAL-USER" realm-mapper="local"/>

                        <mechanism mechanism-name="DIGEST-MD5">

                            <mechanism-realm realm-name="ManagementRealm"/>

                        </mechanism>

                    </mechanism-configuration>

                </sasl-authentication-factory>

I also updated my DB storing MD5 hash for security reason (I know it's not safe, just trying to make it work somehow and later on I will change an algorithm).

DB now:

username:     Admin     Admin1                                                              Admin2

password:     admin     21232f297a57a5a743894a0e4a801fc3               MjEyMzJmMjk3YTU3YTVhNzQzODk0YTBlNGE4MDFmYzM=

description:  plain       md-5                                                                     base64(md-5)

Current Client wildfly-config.xml:

<authentication-client xmlns="urn:elytron:1.0">

    <authentication-configurations>

        <configuration name="default">

            <set-user-name name="Admin"/> //Where I change users depending on configuration

            <credentials>

                <clear-password password="admin"/>

            </credentials>

            <providers>

                <use-service-loader/>

            </providers>

        </configuration>

    </authentication-configurations>

</authentication-client>

 

 

<jboss-ejb-client xmlns="urn:jboss:wildfly-client-ejb:3.0">

<invocation-timeout seconds="100"/>

<connections>

    <connection uri="remote+http://localhost:8080"/>

</connections>

</jboss-ejb-client>

 

 

<endpoint xmlns="urn:jboss-remoting:5.0">

<connections>

    <connection destination="remote+http://localhost:8080" read-timeout="50" write-timeout="50"

                heartbeat-interval="10000"/>

</connections>

</endpoint>

Error message, CLIENT:

...

Suppressed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed:

   JBOSS-LOCAL-USER: javax.security.sasl.SaslException: JBOSS-LOCAL-USER: Server rejected authentication

   DIGEST-MD5: javax.security.sasl.SaslException: DIGEST-MD5: Server rejected authentication

at org.jboss.remoting3.remote.ClientConnectionOpenListener.allMechanismsFailed(ClientConnectionOpenListener.java:109)

at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:402)

at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:242)

at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)

at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)

at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89)

at org.xnio.nio.WorkerThread.run(WorkerThread.java:591)

at ...asynchronous invocation...(Unknown Source)

at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:571)

at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:537)

at org.jboss.remoting3.ConnectionInfo$None.getConnection(ConnectionInfo.java:82)

at org.jboss.remoting3.ConnectionInfo.getConnection(ConnectionInfo.java:55)

at org.jboss.remoting3.EndpointImpl.doGetConnection(EndpointImpl.java:488)

at org.jboss.remoting3.EndpointImpl.getConnectedIdentity(EndpointImpl.java:434)

at org.jboss.remoting3.UncloseableEndpoint.getConnectedIdentity(UncloseableEndpoint.java:52)

at org.jboss.ejb.protocol.remote.RemotingEJBDiscoveryProvider.getConnectedIdentityUsingClusterEffective(RemotingEJBDiscoveryProvider.java:311)

at org.jboss.ejb.protocol.remote.RemotingEJBDiscoveryProvider$DiscoveryAttempt.lambda$connectAndDiscover$0(RemotingEJBDiscoveryProvider.java:384)

at java.security.AccessController.doPrivileged(Native Method)

at org.jboss.ejb.protocol.remote.RemotingEJBDiscoveryProvider$DiscoveryAttempt.connectAndDiscover(RemotingEJBDiscoveryProvider.java:384)

at org.jboss.ejb.protocol.remote.RemotingEJBDiscoveryProvider.discover(RemotingEJBDiscoveryProvider.java:151)

at org.jboss.ejb.protocol.remote.RemoteEJBDiscoveryConfigurator.lambda$configure$0(RemoteEJBDiscoveryConfigurator.java:42)

at org.wildfly.discovery.ConfiguredProvider.discover(ConfiguredProvider.java:45)

at org.wildfly.discovery.Discovery.discover(Discovery.java:100)

at org.jboss.ejb.client.DiscoveryEJBClientInterceptor.discover(DiscoveryEJBClientInterceptor.java:242)

at org.jboss.ejb.client.DiscoveryEJBClientInterceptor.doAnyDiscovery(DiscoveryEJBClientInterceptor.java:371)

at org.jboss.ejb.client.DiscoveryEJBClientInterceptor.executeDiscovery(DiscoveryEJBClientInterceptor.java:305)

at org.jboss.ejb.client.DiscoveryEJBClientInterceptor.handleInvocation(DiscoveryEJBClientInterceptor.java:95)

at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:491)

at org.jboss.ejb.client.NamingEJBClientInterceptor.handleInvocation(NamingEJBClientInterceptor.java:64)

at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:491)

at org.jboss.ejb.client.TransactionInterceptor.handleInvocation(TransactionInterceptor.java:165)

at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:491)

at org.wildfly.common.context.Contextual.runExConsumer(Contextual.java:203)

at org.jboss.ejb.client.EJBClientInvocationContext.sendRequestInitial(EJBClientInvocationContext.java:327)

at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:173)

... 27 more

Suppressed: javax.security.sasl.SaslException: JBOSS-LOCAL-USER: Server rejected authentication

at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.handleEvent(ClientConnectionOpenListener.java:736)

at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.handleEvent(ClientConnectionOpenListener.java:578)

at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)

at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)

at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89)

at org.xnio.nio.WorkerThread.run(WorkerThread.java:591)

Suppressed: javax.security.sasl.SaslException: DIGEST-MD5: Server rejected authentication

at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.handleEvent(ClientConnectionOpenListener.java:736)

at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.handleEvent(ClientConnectionOpenListener.java:578)

at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)

at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)

at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89)

at org.xnio.nio.WorkerThread.run(WorkerThread.java:591)

Error message, server:

(...)

2019-01-17 10:15:56,241 TRACE [org.jboss.remoting.remote.server] (default task-1) Server sending authentication rejected: javax.security.sasl.SaslException: ELY05014: Authentication mechanism authorization failed: "Admin1" running as "Admin1"

at org.wildfly.security.elytron-private@1.7.0.Final//org.wildfly.security.sasl.localuser.LocalUserServer.evaluateMessage(LocalUserServer.java:256)

at org.wildfly.security.elytron-private@1.7.0.Final//org.wildfly.security.sasl.util.AbstractSaslParticipant.evaluateMessage(AbstractSaslParticipant.java:199)

at org.wildfly.security.elytron-private@1.7.0.Final//org.wildfly.security.sasl.util.AbstractSaslServer.evaluateResponse(AbstractSaslServer.java:68)

at org.wildfly.security.elytron-private@1.7.0.Final//org.wildfly.security.sasl.util.AuthenticationCompleteCallbackSaslServerFactory$1.evaluateResponse(AuthenticationCompleteCallbackSaslServerFactory.java:58)

at org.wildfly.security.elytron-private@1.7.0.Final//org.wildfly.security.sasl.util.AuthenticationTimeoutSaslServerFactory$DelegatingTimeoutSaslServer.evaluateResponse(AuthenticationTimeoutSaslServerFactory.java:106)

at org.wildfly.security.elytron-private@1.7.0.Final//org.wildfly.security.sasl.util.SecurityIdentitySaslServerFactory$1.evaluateResponse(SecurityIdentitySaslServerFactory.java:59)

at org.jboss.xnio@3.6.5.Final//org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:245)

at org.jboss.xnio@3.6.5.Final//org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:217)

at org.jboss.remoting@5.0.8.Final//org.jboss.remoting3.remote.ServerConnectionOpenListener$AuthStepRunnable.run(ServerConnectionOpenListener.java:486)

at org.jboss.remoting@5.0.8.Final//org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:949)

at org.jboss.threads@2.3.2.Final//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)

at org.jboss.threads@2.3.2.Final//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)

at org.jboss.threads@2.3.2.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)

at org.jboss.threads@2.3.2.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)

at java.base/java.lang.Thread.run(Thread.java:834)

(...)

2019-01-17 10:15:56,298 TRACE [org.jboss.remoting.remote.server] (default task-1) Server sending authentication rejected: javax.security.sasl.SaslException: ELY05051: Callback handler does not support credential acquisition [Caused by org.wildfly.security.auth.callback.FastUnsupportedCallbackException: javax.security.auth.callback.PasswordCallback@15063db4]

at org.wildfly.security.elytron-private@1.7.0.Final//org.wildfly.security.mechanism.digest.PasswordDigestObtainer.getSaltedPasswordFromPasswordCallback(PasswordDigestObtainer.java:295)

at org.wildfly.security.elytron-private@1.7.0.Final//org.wildfly.security.mechanism.digest.PasswordDigestObtainer.handleUserRealmPasswordCallbacks(PasswordDigestObtainer.java:112)

at org.wildfly.security.elytron-private@1.7.0.Final//org.wildfly.security.sasl.digest.AbstractDigestMechanism.handleUserRealmPasswordCallbacks(AbstractDigestMechanism.java:195)

at org.wildfly.security.elytron-private@1.7.0.Final//org.wildfly.security.sasl.digest.DigestSaslServer.validateDigestResponse(DigestSaslServer.java:264)

at org.wildfly.security.elytron-private@1.7.0.Final//org.wildfly.security.sasl.digest.DigestSaslServer.evaluateMessage(DigestSaslServer.java:363)

at org.wildfly.security.elytron-private@1.7.0.Final//org.wildfly.security.sasl.util.AbstractSaslParticipant.evaluateMessage(AbstractSaslParticipant.java:199)

at org.wildfly.security.elytron-private@1.7.0.Final//org.wildfly.security.sasl.digest.DigestSaslServer.evaluateResponse(DigestSaslServer.java:336)

at org.wildfly.security.elytron-private@1.7.0.Final//org.wildfly.security.sasl.util.AuthenticationCompleteCallbackSaslServerFactory$1.evaluateResponse(AuthenticationCompleteCallbackSaslServerFactory.java:58)

at org.wildfly.security.elytron-private@1.7.0.Final//org.wildfly.security.sasl.util.AuthenticationTimeoutSaslServerFactory$DelegatingTimeoutSaslServer.evaluateResponse(AuthenticationTimeoutSaslServerFactory.java:106)

at org.wildfly.security.elytron-private@1.7.0.Final//org.wildfly.security.sasl.util.SecurityIdentitySaslServerFactory$1.evaluateResponse(SecurityIdentitySaslServerFactory.java:59)

at org.jboss.xnio@3.6.5.Final//org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:245)

at org.jboss.xnio@3.6.5.Final//org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:217)

at org.jboss.remoting@5.0.8.Final//org.jboss.remoting3.remote.ServerConnectionOpenListener$AuthStepRunnable.run(ServerConnectionOpenListener.java:486)

at org.jboss.remoting@5.0.8.Final//org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:949)

at org.jboss.threads@2.3.2.Final//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)

at org.jboss.threads@2.3.2.Final//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)

at org.jboss.threads@2.3.2.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)

at org.jboss.threads@2.3.2.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)

at java.base/java.lang.Thread.run(Thread.java:834)

Caused by: org.wildfly.security.auth.callback.FastUnsupportedCallbackException: javax.security.auth.callback.PasswordCallback@15063db4

(...)

2019-01-17 10:15:56,308 TRACE [org.jboss.remoting.remote.server] (default task-1) Server sending authentication rejected: javax.security.sasl.SaslException: ELY05013: Authentication mechanism password not verified

at org.wildfly.security.elytron-private@1.7.0.Final//org.wildfly.security.sasl.plain.PlainSaslServer.evaluateResponse(PlainSaslServer.java:127)

at org.wildfly.security.elytron-private@1.7.0.Final//org.wildfly.security.sasl.util.AuthenticationCompleteCallbackSaslServerFactory$1.evaluateResponse(AuthenticationCompleteCallbackSaslServerFactory.java:58)

at org.wildfly.security.elytron-private@1.7.0.Final//org.wildfly.security.sasl.util.AuthenticationTimeoutSaslServerFactory$DelegatingTimeoutSaslServer.evaluateResponse(AuthenticationTimeoutSaslServerFactory.java:106)

at org.wildfly.security.elytron-private@1.7.0.Final//org.wildfly.security.sasl.util.SecurityIdentitySaslServerFactory$1.evaluateResponse(SecurityIdentitySaslServerFactory.java:59)

at org.jboss.xnio@3.6.5.Final//org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:245)

at org.jboss.xnio@3.6.5.Final//org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:217)

at org.jboss.remoting@5.0.8.Final//org.jboss.remoting3.remote.ServerConnectionOpenListener$AuthStepRunnable.run(ServerConnectionOpenListener.java:486)

at org.jboss.remoting@5.0.8.Final//org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:949)

at org.jboss.threads@2.3.2.Final//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)

at org.jboss.threads@2.3.2.Final//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)

at org.jboss.threads@2.3.2.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)

at org.jboss.threads@2.3.2.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)

at java.base/java.lang.Thread.run(Thread.java:834)