[teiid-issues] [JBoss JIRA] (TEIID-3569) OData servlet throws TEIID10036/TEIID40087 when disabling security
Ramesh Reddy (JIRA)
issues at jboss.org
Wed Jul 15 16:54:03 EDT 2015
[ https://issues.jboss.org/browse/TEIID-3569?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13089880#comment-13089880 ]
Ramesh Reddy commented on TEIID-3569:
-------------------------------------
Providing a way to set JDBC connection properties through servlet init properties; thus if passthough needs to be false, it can be set as init property in web.xml,
{code}
<context-param>
<param-name>PassthroughAuthentication</param-name>
<param-value>false</param-value>
</context-param>
{code}
if property is set this property will default to true as before. This also gives way to set any additional JDBC connection properties if needed. So to recap how to do this
- Open the OData WAR file. Edit the "web.xml " and comment the HTTP Basic authorization specific content, as shown in first comment
- Add
{code}
<context-param>
<param-name>PassthroughAuthentication</param-name>
<param-value>false</param-value>
</context-param>
{code}
- Then edit "jboss-web.xml" and comment out or remove line "<security-domain>java:/jaas/teiid-security</security-domain>"
- save the war file with updated contents.
- Edit the standalone-teiid.xml, in the "teiid" subsystem, for "odata" transport define it as
{code}
<transport name="odata">
<authentication security-domain="teiid-security-odata"/>
</transport>
{code}
Then in the security-domains subsystems add a security domain for "teiid-security-odata" as
{code}
<security-domain name="teiid-security-odata" cache-type="default">
<authentication>
<login-module code="org.jboss.security.auth.spi.SimpleUsersLoginModule" flag="sufficient">
<module-option name="unauthenticatedIdentity" value="guest"/>
</login-module>
</authentication>
</security-domain>
{code}
restart the server and HTTP Basic is removed from the odata calls.
> OData servlet throws TEIID10036/TEIID40087 when disabling security
> ------------------------------------------------------------------
>
> Key: TEIID-3569
> URL: https://issues.jboss.org/browse/TEIID-3569
> Project: Teiid
> Issue Type: Enhancement
> Components: OData
> Affects Versions: 8.7.1
> Reporter: Hisanobu Okuda
> Assignee: Ramesh Reddy
> Fix For: 8.7.1.6_2, 8.12
>
>
> When I disable security for teiid-odata-8.7.1.redhat-8.war modifying web.xml as follows:-
> {code}
> <!--
> <security-constraint>
> <display-name>require valid user</display-name>
> <web-resource-collection>
> <web-resource-name>Teiid Rest Application</web-resource-name>
> <url-pattern>/*</url-pattern>
> </web-resource-collection>
> <auth-constraint>
> <role-name>odata</role-name>
> </auth-constraint>
> </security-constraint>
> <login-config>
> <auth-method>BASIC</auth-method>
> <realm-name>yourdomain.com</realm-name>
> </login-config>
> -->
> </web-app>
> {code}
> The OData servlet thowrs an exception:-
> {code}
> 10:47:51,578 SEVERE [org.teiid.jdbc] (http-/127.0.0.1:8080-2) Could not create connection: org.teiid.jdbc.TeiidSQLException: TEIID10036 org.teiid.core.TeiidException: TEIID10036 org.teiid.net.ConnectionException: TEIID40087 Passthrough authentication failed. No auth[6/1654]
> on information found.
> at org.teiid.jdbc.TeiidSQLException.create(TeiidSQLException.java:135) [teiid-client-8.7.1.redhat-8.jar:8.7.1.redhat-8]
> at org.teiid.jdbc.TeiidSQLException.create(TeiidSQLException.java:71) [teiid-client-8.7.1.redhat-8.jar:8.7.1.redhat-8]
> at org.teiid.jdbc.EmbeddedProfile.connect(EmbeddedProfile.java:55) [teiid-client-8.7.1.redhat-8.jar:8.7.1.redhat-8]
> at org.teiid.jdbc.TeiidDriver.connect(TeiidDriver.java:105) [teiid-client-8.7.1.redhat-8.jar:8.7.1.redhat-8]
> at org.teiid.odata.LocalClient.getConnection(LocalClient.java:121) [classes:]
> at org.teiid.odata.LocalClient.getVDB(LocalClient.java:94) [classes:]
> at org.teiid.odata.LocalClient.getMetadata(LocalClient.java:425) [classes:]
> at org.teiid.odata.TeiidProducer.getMetadata(TeiidProducer.java:69) [classes:]
> at org.odata4j.producer.resources.EntitiesRequestResource.getEntitiesImpl(EntitiesRequestResource.java:350) [odata4j-core-0.8.0.redhat-2.jar:]
> at org.odata4j.producer.resources.EntitiesRequestResource.getEntities(EntitiesRequestResource.java:266) [odata4j-core-0.8.0.redhat-2.jar:]
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_45]
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_45]
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_45]
> at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_45]
> at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:167) [resteasy-jaxrs-2.3.8.SP4-redhat-2.jar:]
> at org.jboss.resteasy.core.ResourceMethod.invokeOnTarget(ResourceMethod.java:269) [resteasy-jaxrs-2.3.8.SP4-redhat-2.jar:]
> at org.jboss.resteasy.core.ResourceMethod.invoke(ResourceMethod.java:227) [resteasy-jaxrs-2.3.8.SP4-redhat-2.jar:]
> at org.jboss.resteasy.core.ResourceMethod.invoke(ResourceMethod.java:216) [resteasy-jaxrs-2.3.8.SP4-redhat-2.jar:]
> at org.jboss.resteasy.core.SynchronousDispatcher.getResponse(SynchronousDispatcher.java:542) [resteasy-jaxrs-2.3.8.SP4-redhat-2.jar:]
> at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:524) [resteasy-jaxrs-2.3.8.SP4-redhat-2.jar:]
> at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:126) [resteasy-jaxrs-2.3.8.SP4-redhat-2.jar:]
> at org.teiid.odata.ODataServletContainerDispatcher.service(ODataServletContainerDispatcher.java:118) [classes:]
> at org.teiid.odata.ODataServlet.service(ODataServlet.java:65) [classes:]
> at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:50) [resteasy-jaxrs-2.3.8.SP4-redhat-2.jar:]
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.2.Final-redhat-1.jar:1.0.2.Final-redhat-1]
> at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:295) [jbossweb-7.4.10.Final-redhat-1.jar:7.4.10.Final-redhat-1]
> at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.4.10.Final-redhat-1.jar:7.4.10.Final-redhat-1]
> at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:231) [jbossweb-7.4.10.Final-redhat-1.jar:7.4.10.Final-redhat-1]
> at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149) [jbossweb-7.4.10.Final-redhat-1.jar:7.4.10.Final-redhat-1]
> at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web-7.4.3.Final-redhat-2.jar:7.4.3.Final-redhat-2]
> at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145) [jbossweb-7.4.10.Final-redhat-1.jar:7.4.10.Final-redhat-1]
> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb-7.4.10.Final-redhat-1.jar:7.4.10.Final-redhat-1]
> at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb-7.4.10.Final-redhat-1.jar:7.4.10.Final-redhat-1]
> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344) [jbossweb-7.4.10.Final-redhat-1.jar:7.4.10.Final-redhat-1]
> at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856) [jbossweb-7.4.10.Final-redhat-1.jar:7.4.10.Final-redhat-1]
> at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653) [jbossweb-7.4.10.Final-redhat-1.jar:7.4.10.Final-redhat-1]
> at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926) [jbossweb-7.4.10.Final-redhat-1.jar:7.4.10.Final-redhat-1]
> at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_45]
> Caused by: org.teiid.core.TeiidException: TEIID10036 org.teiid.core.TeiidException: TEIID10036 org.teiid.net.ConnectionException: TEIID40087 Passthrough authentication failed. No authentication information found.
> at org.teiid.core.util.ReflectionHelper.create(ReflectionHelper.java:292) [teiid-common-core-8.7.1.redhat-8.jar:8.7.1.redhat-8]
> at org.teiid.jdbc.ModuleHelper.createFromModule(ModuleHelper.java:53) [teiid-client-8.7.1.redhat-8.jar:8.7.1.redhat-8]
> at org.teiid.jdbc.EmbeddedProfile.createServerConnection(EmbeddedProfile.java:60) [teiid-client-8.7.1.redhat-8.jar:8.7.1.redhat-8]
> at org.teiid.jdbc.EmbeddedProfile.connect(EmbeddedProfile.java:50) [teiid-client-8.7.1.redhat-8.jar:8.7.1.redhat-8]
> ... 35 more
> Caused by: org.teiid.core.TeiidException: TEIID10036 org.teiid.net.ConnectionException: TEIID40087 Passthrough authentication failed. No authentication information found.
> at org.teiid.core.util.ReflectionHelper.create(ReflectionHelper.java:329) [teiid-common-core-8.7.1.redhat-8.jar:8.7.1.redhat-8]
> at org.teiid.core.util.ReflectionHelper.create(ReflectionHelper.java:290) [teiid-common-core-8.7.1.redhat-8.jar:8.7.1.redhat-8]
> ... 38 more
> Caused by: org.teiid.net.ConnectionException: TEIID40087 Passthrough authentication failed. No authentication information found.
> at org.teiid.transport.LocalServerConnection.authenticate(LocalServerConnection.java:132) [teiid-runtime-8.7.1.redhat-8.jar:8.7.1.redhat-8]
> at org.teiid.transport.LocalServerConnection.<init>(LocalServerConnection.java:99) [teiid-runtime-8.7.1.redhat-8.jar:8.7.1.redhat-8]
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) [rt.jar:1.7.0_45]
> at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57) [rt.jar:1.7.0_45]
> at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) [rt.jar:1.7.0_45]
> at java.lang.reflect.Constructor.newInstance(Constructor.java:526) [rt.jar:1.7.0_45]
> at org.teiid.core.util.ReflectionHelper.create(ReflectionHelper.java:327) [teiid-common-core-8.7.1.redhat-8.jar:8.7.1.redhat-8]
> ... 39 more
> Caused by: org.teiid.client.security.LogonException: TEIID40087 Passthrough authentication failed. No authentication information found.
> at org.teiid.transport.LogonImpl.logon(LogonImpl.java:153) [teiid-runtime-8.7.1.redhat-8.jar:8.7.1.redhat-8]
> at org.teiid.transport.LogonImpl.logon(LogonImpl.java:117) [teiid-runtime-8.7.1.redhat-8.jar:8.7.1.redhat-8]
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_45]
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_45]
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_45]
> at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_45]
> at org.teiid.transport.LocalServerConnection$1$1.call(LocalServerConnection.java:170) [teiid-runtime-8.7.1.redhat-8.jar:8.7.1.redhat-8]
> at java.util.concurrent.FutureTask.run(FutureTask.java:262) [rt.jar:1.7.0_45]
> at org.teiid.dqp.internal.process.DQPWorkContext.runInContext(DQPWorkContext.java:274) [teiid-engine-8.7.1.redhat-8.jar:8.7.1.redhat-8]
> at org.teiid.dqp.internal.process.DQPWorkContext.runInContext(DQPWorkContext.java:258) [teiid-engine-8.7.1.redhat-8.jar:8.7.1.redhat-8]
> at org.teiid.transport.LocalServerConnection$1.invoke(LocalServerConnection.java:168) [teiid-runtime-8.7.1.redhat-8.jar:8.7.1.redhat-8]
> at com.sun.proxy.$Proxy94.logon(Unknown Source)
> at org.teiid.transport.LocalServerConnection.authenticate(LocalServerConnection.java:128) [teiid-runtime-8.7.1.redhat-8.jar:8.7.1.redhat-8]
> ... 45 more
> Caused by: javax.security.auth.login.LoginException: TEIID40087 Passthrough authentication failed. No authentication information found.
> at org.teiid.services.SessionServiceImpl.passThroughLogin(SessionServiceImpl.java:214) [teiid-runtime-8.7.1.redhat-8.jar:8.7.1.redhat-8]
> at org.teiid.services.SessionServiceImpl.createSession(SessionServiceImpl.java:169) [teiid-runtime-8.7.1.redhat-8.jar:8.7.1.redhat-8]
> at org.teiid.transport.LogonImpl.logon(LogonImpl.java:133) [teiid-runtime-8.7.1.redhat-8.jar:8.7.1.redhat-8]
> ... 57 more
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
More information about the teiid-issues
mailing list