proper place for AUTH in jgroups-channelfactory-stacks.xml

mcconnma Oct 5, 2009 2:36 PM

I have a out-of-the-box (jboss-5.0.1.GA) 2 node cluster setup (using the 'all' config). I've added the following AUTH protocol to the UDP stack in jgroups-channel-factory-stacks.xml, with limited success:

<pbcast.STABLE stability_delay="1000" desired_avg_gossip="50000"
<AUTH auth_class="org.jgroups.auth.MD5Token" token_hash="MD5" auth_value="mysharedsecret">
<pbcast.GMS print_local_addr="true" join_timeout="3000" ...

I've verified that the AUTH is working by changing the auth_value before starting the nodes. If I bring the nodes up one at a time, they pass AUTH and form a cluster. If I bring one node down, the other node detects failure, and if change the auth_value on the one brought down, and then restart, I see the Security Exception thrown on that node, however, looking at the logs after the that Security Exception, I am seeing that both nodes stilll think that it is still a 2 node cluster:

GroupMember] New Members : 1 ([10.11.14.69:2595])
GroupMember] All Members : 2 ([10.11.14.58:45930, 10.11.14.69:2595])

If the Security Exception is thrown, I wouldn't expect the nodes to think it is a 2 node cluster in this case.

So, where is the proper place to put the AUTH protocol? I've tried several different locations, but with same results ...

1. Re: proper place for AUTH in jgroups-channelfactory-stacks.x

brian.stansberry Oct 5, 2009 3:44 PM (in response to mcconnma)

Your logging is coming from the JBoss Messaging channels, which do not use the "udp" protocol stack. They use "jbm-control" and "jbm-data" lower down in the same file. So you'll need to add AUTH there as well.
Actions
2. Re: proper place for AUTH in jgroups-channelfactory-stacks.x

mcconnma Oct 6, 2009 6:04 AM (in response to mcconnma)

Thanks Brian!, confirmed, by adding the AUTH to those 2 additional stacks, the observed behavior is as expected.
Actions

Go to original post