[jboss-user] [Installation, Configuration & Deployment] - Trouble With EncryptKeystorePasswordInTomcatConnector Wiki
OliverHrdz
do-not-reply at jboss.com
Fri Nov 10 18:12:47 EST 2006
I've tried this in both 4.0.4 and the just released 4.0.5, since this Wiki states the functionality to encrypt the keystore password in the Tomcat connector config has been "available since a long long time". It references JBAS-3369 as the task that enabled this feature.
I created an sslsecurity-service.xml file in my /deploy directory, and am certain it is configured correctly because I setup my JMS UIL2 to use it, and it starts up fine.
sslsecurity-service.xml:
| <?xml version="1.0" encoding="UTF-8"?>
|
| <server>
|
| <!-- Configures the keystore/truststore for SSL on the security domain -->
| <mbean code="org.jboss.security.plugins.JaasSecurityDomain"
| name="jboss.security:service=PBESecurityDomain">
| <constructor>
| <arg type="java.lang.String" value="SSL"/>
| </constructor>
| <!-- The location of the keystore
| resource: loads from the classloaders conf/ is the first classloader -->
| <attribute name="KeyStoreURL">resource:jbkeystore.ks</attribute>
| <attribute name="KeyStorePass">{CLASS}org.jboss.security.plugins.FilePassword:${jboss.server.home.dir}/conf/jbkeystore.pw</attribute>
| <attribute name="KeyStoreType">JCEKS</attribute>
| <attribute name="Salt">feefifofum</attribute>
| <attribute name="IterationCount">13</attribute>
| </mbean>
|
| </server>
|
section in ssl-uil2-service.xml referencing security domain:
| <!-- SSL Socket Factories -->
| <attribute name="ClientSocketFactory">org.jboss.security.ssl.ClientSocketFactory</attribute>
| <attribute name="ServerSocketFactory">org.jboss.security.ssl.DomainServerSocketFactory</attribute>
|
| <!-- Security domain - see below -->
| <attribute name="SecurityDomain">java:/jaas/SSL</attribute>
|
I did comment out the original security domain config in this file so that the new one would be used instead.
server.log:
| 2006-11-10 16:51:21,773 INFO [org.apache.catalina.startup.Embedded] (main) Catalina naming disabled
| 2006-11-10 16:51:21,923 INFO [org.apache.catalina.startup.ClusterRuleSetFactory] (main) Unable to find a cluster rule set in the classpath. Will load the default rule set.
| 2006-11-10 16:51:21,923 INFO [org.apache.catalina.startup.ClusterRuleSetFactory] (main) Unable to find a cluster rule set in the classpath. Will load the default rule set.
| 2006-11-10 16:51:22,604 ERROR [org.apache.catalina.startup.Catalina] (main) Catalina.start
| LifecycleException: Protocol handler initialization failed: java.lang.IllegalArgumentException: Failed to set security domain
| at org.apache.catalina.connector.Connector.initialize(Connector.java:1018)
| at org.jboss.web.tomcat.tc5.StandardService.initialize(StandardService.java:688)
| at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:791)
| at org.apache.catalina.startup.Catalina.load(Catalina.java:503)
| at org.apache.catalina.startup.Catalina.start(Catalina.java:543)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at org.apache.commons.modeler.BaseModelMBean.invoke(BaseModelMBean.java:503)
| at org.jboss.mx.server.RawDynamicInvoker.invoke(RawDynamicInvoker.java:164)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.web.tomcat.tc5.Tomcat5.startService(Tomcat5.java:446)
| at org.jboss.system.ServiceMBeanSupport.jbossInternalStart(ServiceMBeanSupport.java:289)
| at org.jboss.system.ServiceMBeanSupport.jbossInternalLifecycle(ServiceMBeanSupport.java:245)
| at sun.reflect.GeneratedMethodAccessor2.invoke(Unknown Source)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
| at org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:133)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
| at org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:142)
| at org.jboss.mx.interceptor.DynamicInterceptor.invoke(DynamicInterceptor.java:97)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
| at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.system.ServiceController$ServiceProxy.invoke(ServiceController.java:978)
| at $Proxy0.start(Unknown Source)
| at org.jboss.system.ServiceController.start(ServiceController.java:417)
| at org.jboss.system.ServiceController.start(ServiceController.java:435)
| at sun.reflect.GeneratedMethodAccessor4.invoke(Unknown Source)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
| at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
| at $Proxy4.start(Unknown Source)
| at org.jboss.deployment.SARDeployer.start(SARDeployer.java:302)
| at org.jboss.deployment.MainDeployer.start(MainDeployer.java:1025)
| at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:819)
| at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:782)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
| at org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:133)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
| at org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:142)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
| at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
| at $Proxy6.deploy(Unknown Source)
| at org.jboss.deployment.scanner.URLDeploymentScanner.deploy(URLDeploymentScanner.java:421)
| at org.jboss.deployment.scanner.URLDeploymentScanner.scan(URLDeploymentScanner.java:634)
| at org.jboss.deployment.scanner.AbstractDeploymentScanner$ScannerThread.doScan(AbstractDeploymentScanner.java:263)
| at org.jboss.deployment.scanner.AbstractDeploymentScanner.startService(AbstractDeploymentScanner.java:336)
| at org.jboss.system.ServiceMBeanSupport.jbossInternalStart(ServiceMBeanSupport.java:289)
| at org.jboss.system.ServiceMBeanSupport.jbossInternalLifecycle(ServiceMBeanSupport.java:245)
| at sun.reflect.GeneratedMethodAccessor2.invoke(Unknown Source)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
| at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.system.ServiceController$ServiceProxy.invoke(ServiceController.java:978)
| at $Proxy0.start(Unknown Source)
| at org.jboss.system.ServiceController.start(ServiceController.java:417)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
| at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
| at $Proxy4.start(Unknown Source)
| at org.jboss.deployment.SARDeployer.start(SARDeployer.java:302)
| at org.jboss.deployment.MainDeployer.start(MainDeployer.java:1025)
| at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:819)
| at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:782)
| at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:766)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
| at org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:133)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
| at org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:142)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
| at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
| at $Proxy5.deploy(Unknown Source)
| at org.jboss.system.server.ServerImpl.doStart(ServerImpl.java:482)
| at org.jboss.system.server.ServerImpl.start(ServerImpl.java:362)
| at org.jboss.Main.boot(Main.java:200)
| at org.jboss.Main$1.run(Main.java:490)
| at java.lang.Thread.run(Thread.java:595)
| 2006-11-10 16:51:22,794 INFO [org.apache.catalina.startup.Catalina] (main) Initialization processed in 871 ms
| 2006-11-10 16:51:22,794 INFO [org.jboss.web.tomcat.tc5.StandardService] (main) Starting service jboss.web
| 2006-11-10 16:51:22,804 INFO [org.apache.catalina.core.StandardEngine] (main) Starting Servlet Engine: Apache Tomcat/5.5.20
| 2006-11-10 16:51:22,864 INFO [org.apache.catalina.core.StandardHost] (main) XML validation disabled
| 2006-11-10 16:51:23,946 INFO [org.apache.catalina.startup.Catalina] (main) Server startup in 1152 ms
| 2006-11-10 16:51:24,797 INFO [org.jboss.web.tomcat.tc5.TomcatDeployer] (main) deploy, ctxPath=/invoker, warUrl=.../deploy/http-invoker.sar/invoker.war/
| 2006-11-10 16:51:25,448 INFO [org.apache.catalina.loader.WebappLoader] (main) Dual registration of jndi stream handler: factory already defined
| 2006-11-10 16:51:27,571 INFO [org.jboss.web.tomcat.tc5.TomcatDeployer] (main) deploy, ctxPath=/, warUrl=.../deploy/jbossweb-tomcat55.sar/ROOT.war/
| 2006-11-10 16:51:28,032 INFO [org.jboss.resource.deployment.RARDeployment] (main) Required license terms exist, view META-INF/ra.xml in .../deploy/jboss-local-jdbc.rar
| 2006-11-10 16:51:32,348 INFO [org.jboss.resource.adapter.jdbc.remote.WrapperDataSourceService] (main) Bound ConnectionManager 'jboss.jca:service=DataSourceBinding,name=OracleDS' to JNDI name 'java:OracleDS'
| 2006-11-10 16:51:33,640 INFO [STDOUT] (main) com.sun.net.ssl.internal.ssl.SSLSessionContextImpl at 13a8eb1
| 2006-11-10 16:51:33,850 INFO [org.jboss.mq.il.uil2.UILServerILService] (main) JBossMQ UIL service available at : /0.0.0.0:9000
| 2006-11-10 16:51:34,010 INFO [org.jboss.mq.server.jmx.Queue.DLQ] (main) Bound to JNDI name: queue/DLQ
| 2006-11-10 16:51:34,101 INFO [org.jboss.web.tomcat.tc5.TomcatDeployer] (main) deploy, ctxPath=/jmx-console, warUrl=.../deploy/jmx-console.war/
| 2006-11-10 16:51:35,583 INFO [org.jboss.web.tomcat.tc5.TomcatDeployer] (main) deploy, ctxPath=/utilservlets, warUrl=.../tmp/deploy/tmp30167utilservlets-exp.war/
| 2006-11-10 16:51:36,113 ERROR [org.apache.coyote.http11.Http11BaseProtocol] (main) Error starting endpoint
| java.io.IOException: securityDomain is null.Set it as an attribute in the connector setting
| at org.apache.tomcat.util.net.jsse.JSSE14SocketFactory.init(JSSE14SocketFactory.java:125)
| at org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:98)
| at org.apache.tomcat.util.net.PoolTcpEndpoint.initEndpoint(PoolTcpEndpoint.java:294)
| at org.apache.tomcat.util.net.PoolTcpEndpoint.startEndpoint(PoolTcpEndpoint.java:312)
| at org.apache.coyote.http11.Http11BaseProtocol.start(Http11BaseProtocol.java:150)
| at org.apache.coyote.http11.Http11Protocol.start(Http11Protocol.java:75)
| at org.apache.catalina.connector.Connector.start(Connector.java:1089)
| at org.jboss.web.tomcat.tc5.Tomcat5.startConnectors(Tomcat5.java:590)
| at org.jboss.web.tomcat.tc5.Tomcat5.handleNotification(Tomcat5.java:627)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at org.jboss.mx.notification.NotificationListenerProxy.invoke(NotificationListenerProxy.java:153)
| at $Proxy18.handleNotification(Unknown Source)
| at org.jboss.mx.util.JBossNotificationBroadcasterSupport.handleNotification(JBossNotificationBroadcasterSupport.java:127)
| at org.jboss.mx.util.JBossNotificationBroadcasterSupport.sendNotification(JBossNotificationBroadcasterSupport.java:108)
| at org.jboss.system.server.ServerImpl.sendNotification(ServerImpl.java:908)
| at org.jboss.system.server.ServerImpl.doStart(ServerImpl.java:497)
| at org.jboss.system.server.ServerImpl.start(ServerImpl.java:362)
| at org.jboss.Main.boot(Main.java:200)
| at org.jboss.Main$1.run(Main.java:490)
| at java.lang.Thread.run(Thread.java:595)
| 2006-11-10 16:51:36,153 WARN [org.jboss.web.tomcat.tc5.Tomcat5] (main) Failed to startConnectors
| LifecycleException: service.getName(): "jboss.web"; Protocol handler start failed: java.io.IOException: securityDomain is null.Set it as an attribute in the connector setting
| at org.apache.catalina.connector.Connector.start(Connector.java:1096)
| at org.jboss.web.tomcat.tc5.Tomcat5.startConnectors(Tomcat5.java:590)
| at org.jboss.web.tomcat.tc5.Tomcat5.handleNotification(Tomcat5.java:627)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:585)
| at org.jboss.mx.notification.NotificationListenerProxy.invoke(NotificationListenerProxy.java:153)
| at $Proxy18.handleNotification(Unknown Source)
| at org.jboss.mx.util.JBossNotificationBroadcasterSupport.handleNotification(JBossNotificationBroadcasterSupport.java:127)
| at org.jboss.mx.util.JBossNotificationBroadcasterSupport.sendNotification(JBossNotificationBroadcasterSupport.java:108)
| at org.jboss.system.server.ServerImpl.sendNotification(ServerImpl.java:908)
| at org.jboss.system.server.ServerImpl.doStart(ServerImpl.java:497)
| at org.jboss.system.server.ServerImpl.start(ServerImpl.java:362)
| at org.jboss.Main.boot(Main.java:200)
| at org.jboss.Main$1.run(Main.java:490)
| at java.lang.Thread.run(Thread.java:595)
| 2006-11-10 16:51:36,153 INFO [org.jboss.system.server.Server] (main) JBoss (MX MicroKernel) [4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)] Started in 33s:698ms
|
TIA for any help!
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3985089#3985089
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3985089
More information about the jboss-user
mailing list