[JBoss JIRA] (ISPN-3933) Preloading and Shared options can not be enabled on a JDBCCachestore via configuration files
by Eric van Lydegraf (JIRA)
[ https://issues.jboss.org/browse/ISPN-3933?page=com.atlassian.jira.plugin.... ]
Eric van Lydegraf commented on ISPN-3933:
-----------------------------------------
Here's a workaround for this bug
{code:title=FixInfinispanDirectoryProvider.java|borderStyle=solid}
public class FixInfinispanDirectoryProvider
extends InfinispanDirectoryProvider
{
@Override
public void initialize(String directoryProviderName, Properties properties, BuildContext context)
{
super.initialize(directoryProviderName, properties, context);
String indexName = InfinispanIntegration.getMetadataCacheName(properties);
Configuration cacheConfig = getCacheManager().getCacheConfiguration(indexName);
List<StoreConfiguration> cacheStoreConfigs = cacheConfig.persistence().stores();
for (StoreConfiguration storeConfig : cacheStoreConfigs)
{
Field preloadField = ReflectionUtils.findField(AbstractStoreConfiguration.class, "preload");
ReflectionUtils.makeAccessible(preloadField);
ReflectionUtils.setField(preloadField, storeConfig, Boolean.TRUE);
}
}
}
{code}
> Preloading and Shared options can not be enabled on a JDBCCachestore via configuration files
> --------------------------------------------------------------------------------------------
>
> Key: ISPN-3933
> URL: https://issues.jboss.org/browse/ISPN-3933
> Project: Infinispan
> Issue Type: Bug
> Components: Loaders and Stores
> Affects Versions: 6.0.0.Final, 6.0.1.Final
> Reporter: Sanne Grinovero
> Assignee: Sanne Grinovero
> Priority: Critical
> Labels: 630
> Fix For: 7.0.0.Alpha1, 7.0.0.Final
>
>
> The configuration schema doesn't allow to enable the "preload" attribute of a JDBCCacheStore.
> I classify this as critical as the JDBCCacheStore is the only viable solution for a shared cachestore, and the Lucene Directory requires "preload" to be activated.
--
This message was sent by Atlassian JIRA
(v6.2.3#6260)
10 years, 5 months
[JBoss JIRA] (ISPN-4285) HotRod digest-md5 auth fails with NPE
by Galder Zamarreño (JIRA)
[ https://issues.jboss.org/browse/ISPN-4285?page=com.atlassian.jira.plugin.... ]
Galder Zamarreño updated ISPN-4285:
-----------------------------------
Status: Resolved (was: Pull Request Sent)
Assignee: Tristan Tarrant (was: Mircea Markus)
Fix Version/s: 7.0.0.Beta1
Resolution: Done
> HotRod digest-md5 auth fails with NPE
> -------------------------------------
>
> Key: ISPN-4285
> URL: https://issues.jboss.org/browse/ISPN-4285
> Project: Infinispan
> Issue Type: Bug
> Components: Server
> Reporter: Vojtech Juranek
> Assignee: Tristan Tarrant
> Fix For: 7.0.0.Beta1
>
>
> HotRod DIGEST-MD5 auth fails with NPE when password on the server is stored as a plain text. Example realm configuration snip:
> {noformat}
> <authentication>
> <local default-user="$local" allowed-users="*"/>
> <properties path="application-users.properties" relative-to="jboss.server.config.dir" plain-text="true"/>
> </authentication>
> {noformat}
> Full stack trace:
> {noformat}
> org.infinispan.client.hotrod.exceptions.TransportException:: Could not fetch transport
> at org.infinispan.client.hotrod.impl.transport.tcp.TcpTransportFactory.borrowTransportFromPool(TcpTransportFactory.java:310)
> at org.infinispan.client.hotrod.impl.transport.tcp.TcpTransportFactory.getTransport(TcpTransportFactory.java:185)
> at org.infinispan.client.hotrod.impl.operations.FaultTolerantPingOperation.getTransport(FaultTolerantPingOperation.java:27)
> at org.infinispan.client.hotrod.impl.operations.RetryOnFailureOperation.execute(RetryOnFailureOperation.java:48)
> at org.infinispan.client.hotrod.impl.RemoteCacheImpl.ping(RemoteCacheImpl.java:535)
> at org.infinispan.client.hotrod.RemoteCacheManager.ping(RemoteCacheManager.java:633)
> at org.infinispan.client.hotrod.RemoteCacheManager.createRemoteCache(RemoteCacheManager.java:614)
> at org.infinispan.client.hotrod.RemoteCacheManager.getCache(RemoteCacheManager.java:525)
> at org.infinispan.client.hotrod.RemoteCacheManager.getCache(RemoteCacheManager.java:521)
> at org.infinispan.server.test.client.hotrod.security.HotRodSaslAuthTestBase.initialize(HotRodSaslAuthTestBase.java:55)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:47)
> at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
> at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:44)
> at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:24)
> at org.jboss.arquillian.junit.Arquillian$StatementLifecycleExecutor.invoke(Arquillian.java:351)
> at org.jboss.arquillian.container.test.impl.execution.ClientBeforeAfterLifecycleEventExecuter.execute(ClientBeforeAfterLifecycleEventExecuter.java:99)
> at org.jboss.arquillian.container.test.impl.execution.ClientBeforeAfterLifecycleEventExecuter.on(ClientBeforeAfterLifecycleEventExecuter.java:72)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90)
> at org.jboss.arquillian.core.impl.EventContextImpl.invokeObservers(EventContextImpl.java:99)
> at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:81)
> at org.jboss.arquillian.container.test.impl.client.ContainerEventController.createContext(ContainerEventController.java:142)
> at org.jboss.arquillian.container.test.impl.client.ContainerEventController.createBeforeContext(ContainerEventController.java:124)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90)
> at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:88)
> at org.jboss.arquillian.test.impl.TestContextHandler.createTestContext(TestContextHandler.java:89)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90)
> at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:88)
> at org.jboss.arquillian.test.impl.TestContextHandler.createClassContext(TestContextHandler.java:75)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90)
> at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:88)
> at org.jboss.arquillian.test.impl.TestContextHandler.createSuiteContext(TestContextHandler.java:60)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90)
> at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:88)
> at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:135)
> at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:115)
> at org.jboss.arquillian.test.impl.EventTestRunnerAdaptor.before(EventTestRunnerAdaptor.java:95)
> at org.jboss.arquillian.junit.Arquillian$4.evaluate(Arquillian.java:222)
> at org.jboss.arquillian.junit.Arquillian.multiExecute(Arquillian.java:314)
> at org.jboss.arquillian.junit.Arquillian.access$100(Arquillian.java:46)
> at org.jboss.arquillian.junit.Arquillian$5.evaluate(Arquillian.java:240)
> at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:271)
> at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:70)
> at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:50)
> at org.junit.runners.ParentRunner$3.run(ParentRunner.java:238)
> at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:63)
> at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:236)
> at org.junit.runners.ParentRunner.access$000(ParentRunner.java:53)
> at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:229)
> at org.jboss.arquillian.junit.Arquillian$2.evaluate(Arquillian.java:185)
> at org.jboss.arquillian.junit.Arquillian.multiExecute(Arquillian.java:314)
> at org.jboss.arquillian.junit.Arquillian.access$100(Arquillian.java:46)
> at org.jboss.arquillian.junit.Arquillian$3.evaluate(Arquillian.java:199)
> at org.junit.runners.ParentRunner.run(ParentRunner.java:309)
> at org.jboss.arquillian.junit.Arquillian.run(Arquillian.java:147)
> at org.junit.runners.Suite.runChild(Suite.java:127)
> at org.junit.runners.Suite.runChild(Suite.java:26)
> at org.junit.runners.ParentRunner$3.run(ParentRunner.java:238)
> at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:63)
> at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:236)
> at org.junit.runners.ParentRunner.access$000(ParentRunner.java:53)
> at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:229)
> at org.junit.runners.ParentRunner.run(ParentRunner.java:309)
> at org.junit.runner.JUnitCore.run(JUnitCore.java:160)
> at org.junit.runner.JUnitCore.run(JUnitCore.java:138)
> at org.apache.maven.surefire.junitcore.JUnitCoreWrapper.execute(JUnitCoreWrapper.java:62)
> at org.apache.maven.surefire.junitcore.JUnitCoreProvider.invoke(JUnitCoreProvider.java:139)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at org.apache.maven.surefire.util.ReflectionUtils.invokeMethodWithArray(ReflectionUtils.java:189)
> at org.apache.maven.surefire.booter.ProviderFactory$ProviderProxy.invoke(ProviderFactory.java:165)
> at org.apache.maven.surefire.booter.ProviderFactory.invokeProvider(ProviderFactory.java:85)
> at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:115)
> at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:75)
> Caused by: java.lang.NullPointerException
> at org.infinispan.client.hotrod.impl.transport.AbstractTransport.writeArray(AbstractTransport.java:97)
> at org.infinispan.client.hotrod.impl.operations.AuthOperation.execute(AuthOperation.java:35)
> at org.infinispan.client.hotrod.impl.transport.tcp.SaslTransportObjectFactory.auth(SaslTransportObjectFactory.java:99)
> at org.infinispan.client.hotrod.impl.transport.tcp.SaslTransportObjectFactory.makeObject(SaslTransportObjectFactory.java:72)
> at org.infinispan.client.hotrod.impl.transport.tcp.SaslTransportObjectFactory.makeObject(SaslTransportObjectFactory.java:25)
> at org.apache.commons.pool.impl.GenericKeyedObjectPool.borrowObject(GenericKeyedObjectPool.java:1220)
> at org.infinispan.client.hotrod.impl.transport.tcp.TcpTransportFactory.borrowTransportFromPool(TcpTransportFactory.java:306)
> ... 98 more
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.2.3#6260)
10 years, 5 months
[JBoss JIRA] (ISPN-4284) HotRod digest-md5 auth provides wrong callback
by Galder Zamarreño (JIRA)
[ https://issues.jboss.org/browse/ISPN-4284?page=com.atlassian.jira.plugin.... ]
Galder Zamarreño updated ISPN-4284:
-----------------------------------
Status: Resolved (was: Pull Request Sent)
Fix Version/s: 7.0.0.Beta1
Resolution: Done
> HotRod digest-md5 auth provides wrong callback
> ----------------------------------------------
>
> Key: ISPN-4284
> URL: https://issues.jboss.org/browse/ISPN-4284
> Project: Infinispan
> Issue Type: Bug
> Components: Server
> Reporter: Vojtech Juranek
> Assignee: Tristan Tarrant
> Fix For: 7.0.0.Beta1
>
>
> HotRod DIGEST-MD5 auth fails with
> {noformat}
> ERROR [org.infinispan.server.hotrod.HotRodDecoder] (HotRodServerWorker-12) ISPN005009: Unexpected error before any request parameters read: io.netty.handler.codec.DecoderException: or
> g.infinispan.server.hotrod.HotRodException: javax.security.sasl.SaslException: DIGEST-MD5: Cannot perform callback to acquire password [Caused by javax.security.auth.callback.UnsupportedCallbackException]
> at io.netty.handler.codec.ReplayingDecoder.callDecode(ReplayingDecoder.java:417) [netty-all-4.0.18.Final.jar:4.0.18.Final]
> at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:141) [netty-all-4.0.18.Final.jar:4.0.18.Final]
> at org.infinispan.server.core.AbstractProtocolDecoder.channelRead(AbstractProtocolDecoder.scala:470) [infinispan.jar:7.0.0-SNAPSHOT]
> at io.netty.channel.DefaultChannelHandlerContext.invokeChannelRead(DefaultChannelHandlerContext.java:341) [netty-all-4.0.18.Final.jar:4.0.18.Final]
> at io.netty.channel.DefaultChannelHandlerContext.fireChannelRead(DefaultChannelHandlerContext.java:327) [netty-all-4.0.18.Final.jar:4.0.18.Final]
> at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:785) [netty-all-4.0.18.Final.jar:4.0.18.Final]
> at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:116) [netty-all-4.0.18.Final.jar:4.0.18.Final]
> at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:494) [netty-all-4.0.18.Final.jar:4.0.18.Final]
> at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:461) [netty-all-4.0.18.Final.jar:4.0.18.Final]
> at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:378) [netty-all-4.0.18.Final.jar:4.0.18.Final]
> at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:350) [netty-all-4.0.18.Final.jar:4.0.18.Final]
> at io.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:116) [netty-all-4.0.18.Final.jar:4.0.18.Final]
> at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_45]
> Caused by: org.infinispan.server.hotrod.HotRodException: javax.security.sasl.SaslException: DIGEST-MD5: Cannot perform call16:23:08,225 WARN [Codec20] (main) ISPN004005: Error received from the server: io.net
> ty.handler.codec.DecoderException: org.infinispan.server.hotrod.HotRodException: javax.security.sasl.SaslException: DIGEST-MD5: Cannot perform callback to acquire password [Caused by javax.security.auth.callba
> ck.UnsupportedCallbackException]
> back to acquire password [Caused by javax.security.auth.callback.UnsupportedCallbackException]
> at org.infinispan.server.hotrod.HotRodDecoder.createServerException(HotRodDecoder.scala:193) [infinispan.jar:7.0.0-SNAPSHOT]
> at org.infinispan.server.core.AbstractProtocolDecoder.secureDecodeDispatch(AbstractProtocolDecoder.scala:117) [infinispan.jar:7.0.0-SNAPSHOT]
> at org.infinispan.server.core.AbstractProtocolDecoder.decode(AbstractProtocolDecoder.scala:58) [infinispan.jar:7.0.0-SNAPSHOT]
> at io.netty.handler.codec.ReplayingDecoder.callDecode(ReplayingDecoder.java:362) [netty-all-4.0.18.Final.jar:4.0.18.Final]
> ... 12 more
> Caused by: javax.security.sasl.SaslException: DIGEST-MD5: Cannot perform callback to acquire password [Caused by javax.security.auth.callback.UnsupportedCallbackException]
> at org.jboss.sasl.digest.DigestMD5Server.validateClientResponse(DigestMD5Server.java:600) [jboss-sasl-1.0.3.Final.jar:1.0.3.Final]
> at org.jboss.sasl.digest.DigestMD5Server.evaluateResponse(DigestMD5Server.java:253) [jboss-sasl-1.0.3.Final.jar:1.0.3.Final]
> at org.infinispan.server.hotrod.Decoder2x$.customReadHeader(Decoder2x.scala:214) [infinispan.jar:7.0.0-SNAPSHOT]
> at org.infinispan.server.hotrod.HotRodDecoder.customDecodeHeader(HotRodDecoder.scala:139) [infinispan.jar:7.0.0-SNAPSHOT]
> at org.infinispan.server.core.AbstractProtocolDecoder.decodeHeader(AbstractProtocolDecoder.scala:147) [infinispan.jar:7.0.0-SNAPSHOT]
> at org.infinispan.server.core.AbstractProtocolDecoder.secureDecodeDispatch(AbstractProtocolDecoder.scala:95) [infinispan.jar:7.0.0-SNAPSHOT]
> ... 14 more
> Caused by: javax.security.auth.callback.UnsupportedCallbackException
> at org.jboss.as.domain.management.security.PropertiesCallbackHandler.handle(PropertiesCallbackHandler.java:164) [jboss-as-domain-management-7.2.0.Final.jar:7.2.0.Final]
> at org.jboss.as.domain.management.security.SecurityRealmService$1.handle(SecurityRealmService.java:168) [jboss-as-domain-management-7.2.0.Final.jar:7.2.0.Final]
> at org.infinispan.server.endpoint.subsystem.EndpointServerAuthenticationProvider$RealmAuthorizingCallbackHandler.handle(EndpointServerAuthenticationProvider.java:74) [infinispan-server-endpoints-7.0.0-
> SNAPSHOT.jar:7.0.0-SNAPSHOT]
> at org.jboss.sasl.digest.DigestMD5Server.validateClientResponse(DigestMD5Server.java:594) [jboss-sasl-1.0.3.Final.jar:1.0.3.Final]
> ... 19 more
> {noformat}
> Instead of {{DigestHashCallback}} is provided {{PasswordCallback}} whichi results into above {{UnsupportedCallbackException}} if password is not stored in plain on server.
--
This message was sent by Atlassian JIRA
(v6.2.3#6260)
10 years, 5 months
[JBoss JIRA] (ISPN-4288) JGroups kerberos auth is not able to obtain credentials
by RH Bugzilla Integration (JIRA)
[ https://issues.jboss.org/browse/ISPN-4288?page=com.atlassian.jira.plugin.... ]
RH Bugzilla Integration updated ISPN-4288:
------------------------------------------
Bugzilla Update: Perform
Bugzilla References: https://bugzilla.redhat.com/show_bug.cgi?id=1097758
> JGroups kerberos auth is not able to obtain credentials
> -------------------------------------------------------
>
> Key: ISPN-4288
> URL: https://issues.jboss.org/browse/ISPN-4288
> Project: Infinispan
> Issue Type: Bug
> Components: Test Suite - Server
> Reporter: Vojtech Juranek
> Assignee: Mircea Markus
>
> When trying to use kerberos for authentication between ISPN nodes (which uses JGroups authentication) I get following exception:
> {noformat}
> Caused by: java.lang.Exception: connecting to channel "clustered" failed
> at org.jgroups.JChannel._connect(JChannel.java:564)
> at org.jgroups.JChannel.connect(JChannel.java:288)
> at org.jgroups.JChannel.connect(JChannel.java:273)
> at org.infinispan.remoting.transport.jgroups.JGroupsTransport.startJGroupsChannelIfNeeded(JGroupsTransport.java:198)
> ... 27 more
> Caused by: java.lang.SecurityException: javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)]
> at org.jgroups.protocols.SASL.down(SASL.java:294)
> at org.jgroups.protocols.pbcast.STABLE.down(STABLE.java:347)
> at org.jgroups.protocols.pbcast.ClientGmsImpl.sendJoinMessage(ClientGmsImpl.java:243)
> at org.jgroups.protocols.pbcast.ClientGmsImpl.joinInternal(ClientGmsImpl.java:124)
> at org.jgroups.protocols.pbcast.ClientGmsImpl.join(ClientGmsImpl.java:40)
> at org.jgroups.protocols.pbcast.GMS.down(GMS.java:1082)
> at org.jgroups.protocols.FlowControl.down(FlowControl.java:340)
> at org.jgroups.protocols.FlowControl.down(FlowControl.java:340)
> at org.jgroups.protocols.FRAG2.down(FRAG2.java:136)
> at org.jgroups.protocols.RSVP.down(RSVP.java:142)
> at org.jgroups.stack.ProtocolStack.down(ProtocolStack.java:1039)
> at org.jgroups.JChannel.down(JChannel.java:785)
> at org.jgroups.JChannel._connect(JChannel.java:558)
> ... 30 more
> Caused by: javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)]
> at com.sun.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(GssKrb5Client.java:212) [rt.jar:1.7.0_45]
> at org.jgroups.auth.sasl.SaslClientContext.addHeader(SaslClientContext.java:84)
> at org.jgroups.protocols.SASL.down(SASL.java:289)
> ... 42 more
> Caused by: GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)
> at sun.security.jgss.krb5.Krb5InitCredential.getInstance(Krb5InitCredential.java:147) [rt.jar:1.7.0_45]
> at sun.security.jgss.krb5.Krb5MechFactory.getCredentialElement(Krb5MechFactory.java:121) [rt.jar:1.7.0_45]
> at sun.security.jgss.krb5.Krb5MechFactory.getMechanismContext(Krb5MechFactory.java:187) [rt.jar:1.7.0_45]
> at sun.security.jgss.GSSManagerImpl.getMechanismContext(GSSManagerImpl.java:223) [rt.jar:1.7.0_45]
> at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:212) [rt.jar:1.7.0_45]
> at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:179) [rt.jar:1.7.0_45]
> at com.sun.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(GssKrb5Client.java:193) [rt.jar:1.7.0_45]
> ... 44 more
> {noformat}
> The test and setup can be downloaded [here|https://github.com/vjuranek/infinispan/tree/ISPN-4273]. Not completely sure, if it's a bug or some kerberos setup issue, but it failed also in case when I tried to use already running kerberos (not ApacheDS run in within the test).
--
This message was sent by Atlassian JIRA
(v6.2.3#6260)
10 years, 5 months
[JBoss JIRA] (ISPN-4283) Unable to setup SASL auth properties
by Galder Zamarreño (JIRA)
[ https://issues.jboss.org/browse/ISPN-4283?page=com.atlassian.jira.plugin.... ]
Galder Zamarreño updated ISPN-4283:
-----------------------------------
Status: Resolved (was: Pull Request Sent)
Fix Version/s: 7.0.0.Beta1
Resolution: Done
> Unable to setup SASL auth properties
> ------------------------------------
>
> Key: ISPN-4283
> URL: https://issues.jboss.org/browse/ISPN-4283
> Project: Infinispan
> Issue Type: Bug
> Components: Server
> Reporter: Vojtech Juranek
> Assignee: Tristan Tarrant
> Fix For: 7.0.0.Beta1
>
>
> It seems that it's not possible to setup SASL auth properies. This is needed e.g. in case of DIGEST-MD5 authentication - {{org.jboss.sasl.digest.DigestMD5Server}}, which handles this auth., expects that properties contain {{com.sun.security.sasl.digest.realm}}, otherwise default to server name as realm name. However, it seems that proprties passed to {{DigestMD5Server}} are always {{null}}. Therefore it's not possible to refer any security realm named other than server name (e.g. standard {{ApplicationRealm}}).
--
This message was sent by Atlassian JIRA
(v6.2.3#6260)
10 years, 5 months