<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<body link="#355491" alink="#4262a1" vlink="#355491" style="background: #e2e2e2; margin: 0; padding: 20px;">
<div>
        <table cellpadding="0" bgcolor="#FFFFFF" border="0" cellspacing="0" style="border: 1px solid #dadada; margin-bottom: 30px; width: 100%; -moz-border-radius: 6px; -webkit-border-radius: 6px;">
                <tbody>
                        <tr>
                                <td>
                                        <table border="0" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" style="border: solid 2px #ccc; background: #dadada; width: 100%; -moz-border-radius: 6px; -webkit-border-radius: 6px;">
                                                <tbody>
                                                        <tr>
                                                                <td bgcolor="#000000" valign="middle" height="58px" style="border-bottom: 1px solid #ccc; padding: 20px; -moz-border-radius-topleft: 3px; -moz-border-radius-topright: 3px; -webkit-border-top-right-radius: 5px; -webkit-border-top-left-radius: 5px;">
                                                                        <h1 style="color: #333333; font: bold 22px Arial, Helvetica, sans-serif; margin: 0; display: block !important;">
                                                                        <!-- To have a header image/logo replace the name below with your img tag -->
                                                                        <!-- Email clients will render the images when the message is read so any image -->
                                                                        <!-- must be made available on a public server, so that all recipients can load the image. -->
                                                                        <a href="https://community.jboss.org/index.jspa" style="text-decoration: none; color: #E1E1E1">JBoss Community</a></h1>
                                                                </td>
                                                        </tr>
                                                        <tr>
                                                                <td bgcolor="#FFFFFF" style="font: normal 12px Arial, Helvetica, sans-serif; color:#333333; padding: 20px; -moz-border-radius-bottomleft: 4px; -moz-border-radius-bottomright: 4px; -webkit-border-bottom-right-radius: 5px; -webkit-border-bottom-left-radius: 5px;"><h3 style="margin: 10px 0 5px; font-size: 17px; font-weight: normal;">
EAP 6 - EJB Remote Authentication with custom realm not working
</h3>
<span style="margin-bottom: 10px;">
created by <a href="https://community.jboss.org/people/mtt_">Bob Smith</a> in <i>JBoss AS 7 Development</i> - <a href="https://community.jboss.org/message/761957#761957">View the full discussion</a>
</span>
<hr style="margin: 20px 0; border: none; background-color: #dadada; height: 1px;">
<div class="jive-rendered-content"><p>Hi, I am porting an app from 4.2 to EAP 6.  I am having trouble with remote ejb authentication.  When authentication is not used, the app works fine.  I have followed the examples in the links below and encountering the below errors.  All relavent code is below.  Please help!</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p><a class="jive-link-external-small" href="https://community.jboss.org/docs/DOC-17602" target="_blank">https://community.jboss.org/wiki/JBossAS7RemoteEJBAuthenticationHowto</a></p><p><a class="jive-link-external-small" href="https://community.jboss.org/thread/195501?start=0&tstart=0" target="_blank">https://community.jboss.org/thread/195501?start=0&tstart=0</a></p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>Client error log:</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p> DEBUG [InitialContextFactory] Looking for jboss-naming-client.properties using classloader SystemClassLoader[112 modules]</p><p> DEBUG [InitialContextFactory] jboss.naming.client.endpoint.create.options. has the following options {}</p><p> DEBUG [InitialContextFactory] jboss.naming.client.remote.connectionprovider.create.options. has the following options {}</p><p> INFO  [xnio] XNIO Version 3.0.4.GA-redhat-1</p><p> INFO  [nio] XNIO NIO Implementation Version 3.0.4.GA-redhat-1</p><p> INFO  [remoting] JBoss Remoting version 3.2.8.GA-redhat-1</p><p> DEBUG [nio] Started channel thread 'Remoting "config-based-naming-client-endpoint" read-1', selector sun.nio.ch.WindowsSelectorImpl@748ede42</p><p> DEBUG [nio] Started channel thread 'Remoting "config-based-naming-client-endpoint" write-1', selector sun.nio.ch.WindowsSelectorImpl@271d4c95</p><p> DEBUG [InitialContextFactory] jboss.naming.client.connect.options. has the following options {}</p><p> DEBUG [EJBClientPropertiesLoader] Looking for jboss-ejb-client.properties using classloader SystemClassLoader[112 modules]</p><p> DEBUG [EJBClientPropertiesLoader] Found jboss-ejb-client.properties using classloader SystemClassLoader[112 modules]</p><p> DEBUG [PropertiesBasedEJBClientConfiguration] endpoint.create.options. has the following options {}</p><p> DEBUG [PropertiesBasedEJBClientConfiguration] remote.connectionprovider.create.options. has the following options {org.xnio.Options.SSL_ENABLED=>false}</p><p> DEBUG [PropertiesBasedEJBClientConfiguration] remote.connection.default.connect.options. has the following options {org.xnio.Options.SASL_DISALLOWED_MECHANISMS=>[JBOSS-LOCAL-USER],org.xnio.Options.SASL_POLICY_NOPLAINTEXT=>false,org.xnio.Options.SASL_POLICY_NOANONYMOUS=>true}</p><p> DEBUG [PropertiesBasedEJBClientConfiguration] remote.connection.default.channel.options. has the following options {}</p><p> DEBUG [PropertiesBasedEJBClientConfiguration] Connection org.jboss.ejb.client.PropertiesBasedEJBClientConfiguration$RemotingConnectionConfigurationImpl@729bd2fb successfully created for connection named default</p><p> DEBUG [PropertiesBasedEJBClientConfiguration] No clusters configured in properties</p><p> DEBUG [nio] Started channel thread 'Remoting "client-endpoint" write-1', selector sun.nio.ch.WindowsSelectorImpl@7fef53b6</p><p> DEBUG [nio] Started channel thread 'Remoting "client-endpoint" read-1', selector sun.nio.ch.WindowsSelectorImpl@7fef53b6</p><p> ERROR [connection] JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed</p><p> WARN  [ConfigBasedEJBClientContextSelector] Could not register a EJB receiver for connection to localhost:4447</p><p>java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed</p><p>    at org.jboss.ejb.client.remoting.IoFutureHelper.get(IoFutureHelper.java:91)</p><p>    at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.setupEJBReceivers(ConfigBasedEJBClientContextSelector.java:119)</p><p>    at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.<init>(ConfigBasedEJBClientContextSelector.java:76)</p><p>    at org.jboss.ejb.client.EJBClientContext.<clinit>(EJBClientContext.java:77)</p><p>    at org.jboss.naming.remote.client.ejb.RemoteNamingEjbClientContextSelector.setupSelector(RemoteNamingEjbClientContextSelector.java:28)</p><p>    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)</p><p>    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)</p><p>    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)</p><p>    at java.lang.reflect.Method.invoke(Method.java:601)</p><p>    at org.jboss.naming.remote.client.InitialContextFactory.setupEjbContext(InitialContextFactory.java:448)</p><p>    at org.jboss.naming.remote.client.InitialContextFactory.getInitialContext(InitialContextFactory.java:145)</p><p>    at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)</p><p>    at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:307)</p><p>    at javax.naming.InitialContext.init(InitialContext.java:242)</p><p>    at javax.naming.InitialContext.<init>(InitialContext.java:216)</p><p>    ....</p><p>Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed</p><p>    at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:315)</p><p>    at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:214)</p><p>    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)</p><p>    at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189)</p><p>    at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103)</p><p>    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)</p><p>    at org.xnio.nio.NioHandle.run(NioHandle.java:90)</p><p>    at org.xnio.nio.WorkerThread.run(WorkerThread.java:184)</p><p>    at ...asynchronous invocation...(Unknown Source)</p><p>    at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:270)</p><p>    at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:386)</p><p>    at org.jboss.ejb.client.remoting.NetworkUtil.connect(NetworkUtil.java:151)</p><p>    at org.jboss.ejb.client.remoting.NetworkUtil.connect(NetworkUtil.java:132)</p><p>    at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.setupEJBReceivers(ConfigBasedEJBClientContextSelector.java:117)</p><p>    ... 43 more</p><p> DEBUG [ConfigBasedEJBClientContextSelector] Registered a reconnect handler in EJB client context org.jboss.ejb.client.EJBClientContext@7ca25509 for remote://localhost:4447</p><p> DEBUG [ConfigBasedEJBClientContextSelector] Registered 0 remoting EJB receivers for EJB client context org.jboss.ejb.client.EJBClientContext@7ca25509</p><p> DEBUG [RemotingConnectionEJBReceiver] Channel Channel ID dd5d308c (outbound) of Remoting connection 2125ac0e to localhost/127.0.0.1:4447 opened for context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]} Waiting for version handshake message from server</p><p> INFO  [remoting] EJBCLIENT000017: Received server version 1 and marshalling strategies [river]</p><p> INFO  [remoting] EJBCLIENT000013: Successful version handshake completed for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]} on channel Channel ID dd5d308c (outbound) of Remoting connection 2125ac0e to localhost/127.0.0.1:4447</p><p> DEBUG [RemotingConnectionEJBReceiver] Received module availability report for 10 modules</p><p> DEBUG [RemotingConnectionEJBReceiver] Registering module EJBModuleIdentifier{appName='', moduleName='sqljdbc4', distinctName=''} availability for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]}</p><p> DEBUG [RemotingConnectionEJBReceiver] Registering module EJBModuleIdentifier{appName='MyApplicationEAR', moduleName='My-web-TravelPlanners', distinctName=''} availability for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]}</p><p> DEBUG [RemotingConnectionEJBReceiver] Registering module EJBModuleIdentifier{appName='MyApplicationEAR', moduleName='My-web-ShortUrl', distinctName=''} availability for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]}</p><p> DEBUG [RemotingConnectionEJBReceiver] Registering module EJBModuleIdentifier{appName='MyApplicationEAR', moduleName='MyApplication-ejb', distinctName=''} availability for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]}</p><p> DEBUG [RemotingConnectionEJBReceiver] Registering module EJBModuleIdentifier{appName='MyApplicationEAR', moduleName='My-web', distinctName=''} availability for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]}</p><p> DEBUG [RemotingConnectionEJBReceiver] Registering module EJBModuleIdentifier{appName='MyApplicationEAR', moduleName='MyApplicationEAR', distinctName=''} availability for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]}</p><p> DEBUG [RemotingConnectionEJBReceiver] Registering module EJBModuleIdentifier{appName='jsr-77', moduleName='jsr-77', distinctName=''} availability for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]}</p><p> DEBUG [RemotingConnectionEJBReceiver] Registering module EJBModuleIdentifier{appName='MyApplicationEAR', moduleName='MyMy-web', distinctName=''} availability for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]}</p><p> DEBUG [RemotingConnectionEJBReceiver] Registering module EJBModuleIdentifier{appName='MyApplicationEAR', moduleName='SDR-web-Tracking', distinctName=''} availability for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]}</p><p> DEBUG [RemotingConnectionEJBReceiver] Registering module EJBModuleIdentifier{appName='MyApplicationEAR', moduleName='SDR-web-Mobile', distinctName=''} availability for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]}</p><p> WARN  [ChannelAssociation] Unsupported message received with header 0xffffffff</p><p> DEBUG [EJBClientContext] org.jboss.ejb.client.RandomDeploymentNodeSelector@5e856a7a deployment node selector selected mxl1111p2c node for appname=MyApplicationEAR,modulename=MyApplication-ejb,distinctname=</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>jboss-ejb-client.properties:</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>remote.connection.default.callback.handler.class=net.My.client.util.jndi.EjbRemoteCallBackHandler</p><p>remote.connections=default</p><p>endpoint.name=client-endpoint</p><p>remote.connection.default.port = 4447</p><p>remote.connection.default.host=localhost</p><p>remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false</p><p>remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=true</p><p>remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER</p><p>remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>standalone-full-ha.xml:</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>          <security-realm name="MyRealm"></p><p>                <authentication></p><p>                    <jaas name="MyDomain" /></p><p>                </authentication></p><p>            </security-realm></p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>          <security-domain name="MyDomain" cache-type="default"></p><p>                    <authentication></p><p>                        <login-module code="Remoting" flag="optional"></p><p>                            <module-option name="password-stacking" value="useFirstPass"/></p><p>                        </login-module></p><p>                        <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required"></p><p>                            <module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/></p><p>                            <module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/></p><p>                            <module-option name="defaultUsersProperties" value="${jboss.server.config.dir}/application-users.properties"/></p><p>                            <module-option name="defaultRolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/></p><p>                            <module-option name="password-stacking" value="useFirstPass"/></p><p>                        </login-module></p><p>                    </authentication></p><p>                </security-domain></p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>MyEAR/META-INF/jboss-app.xml:</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p><jboss-app></p><p>    <security-domain>MyDomain</security-domain></p><p></jboss-app></p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>ServiceLocator.java</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>private void createInitialContext(String username, char[] password)</p><p>            throws IOException, LoginException, NamingException {</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>        EjbRemoteCallBackHandler.setCredential("web.rep", "12345");</p><p>        </p><p>        Hashtable jndiProps = new Hashtable<String, Object>();</p><p>        jndiProps.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");</p><p>        jndiProps.put("java.naming.factory.initial","org.jboss.naming.remote.client.InitialContextFactory");</p><p>        jndiProps.put(InitialContext.PROVIDER_URL, "remote://localhost:4447");</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>         // This is an important property to set if you want to do EJB invocations via the remote-naming project</p><p>        jndiProps.put("jboss.naming.client.ejb.context", true);</p><p>        </p><p>        // needed for remote access</p><p>        jndiProps.put(Context.SECURITY_PRINCIPAL, "web.rep");</p><p>        jndiProps.put(Context.SECURITY_CREDENTIALS, "12345");</p><p>        </p><p>        ic = new InitialContext(jndiProps);</p><p>    }</p></div>
<div style="background-color: #f4f4f4; padding: 10px; margin-top: 20px;">
<p style="margin: 0;">Reply to this message by <a href="https://community.jboss.org/message/761957#761957">going to Community</a></p>
        <p style="margin: 0;">Start a new discussion in JBoss AS 7 Development at <a href="https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2225">Community</a></p>
</div></td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</div>
</body>
</html>