May 2014 - infinispan-issues - Jboss List Archives

[JBoss JIRA] (ISPN-4288) JGroups kerberos auth is not able to obtain credentials

by Vojtech Juranek (JIRA)

Vojtech Juranek created ISPN-4288: ------------------------------------- Summary: JGroups kerberos auth is not able to obtain credentials Key: ISPN-4288 URL: https://issues.jboss.org/browse/ISPN-4288 Project: Infinispan Issue Type: Bug Components: Test Suite - Server Reporter: Vojtech Juranek Assignee: Mircea Markus When trying to use kerberos for authentication between ISPN nodes (which uses JGroups authentication) I get following exception: {noformat} Caused by: java.lang.Exception: connecting to channel "clustered" failed at org.jgroups.JChannel._connect(JChannel.java:564) at org.jgroups.JChannel.connect(JChannel.java:288) at org.jgroups.JChannel.connect(JChannel.java:273) at org.infinispan.remoting.transport.jgroups.JGroupsTransport.startJGroupsChannelIfNeeded(JGroupsTransport.java:198) ... 27 more Caused by: java.lang.SecurityException: javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)] at org.jgroups.protocols.SASL.down(SASL.java:294) at org.jgroups.protocols.pbcast.STABLE.down(STABLE.java:347) at org.jgroups.protocols.pbcast.ClientGmsImpl.sendJoinMessage(ClientGmsImpl.java:243) at org.jgroups.protocols.pbcast.ClientGmsImpl.joinInternal(ClientGmsImpl.java:124) at org.jgroups.protocols.pbcast.ClientGmsImpl.join(ClientGmsImpl.java:40) at org.jgroups.protocols.pbcast.GMS.down(GMS.java:1082) at org.jgroups.protocols.FlowControl.down(FlowControl.java:340) at org.jgroups.protocols.FlowControl.down(FlowControl.java:340) at org.jgroups.protocols.FRAG2.down(FRAG2.java:136) at org.jgroups.protocols.RSVP.down(RSVP.java:142) at org.jgroups.stack.ProtocolStack.down(ProtocolStack.java:1039) at org.jgroups.JChannel.down(JChannel.java:785) at org.jgroups.JChannel._connect(JChannel.java:558) ... 30 more Caused by: javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)] at com.sun.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(GssKrb5Client.java:212) [rt.jar:1.7.0_45] at org.jgroups.auth.sasl.SaslClientContext.addHeader(SaslClientContext.java:84) at org.jgroups.protocols.SASL.down(SASL.java:289) ... 42 more Caused by: GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt) at sun.security.jgss.krb5.Krb5InitCredential.getInstance(Krb5InitCredential.java:147) [rt.jar:1.7.0_45] at sun.security.jgss.krb5.Krb5MechFactory.getCredentialElement(Krb5MechFactory.java:121) [rt.jar:1.7.0_45] at sun.security.jgss.krb5.Krb5MechFactory.getMechanismContext(Krb5MechFactory.java:187) [rt.jar:1.7.0_45] at sun.security.jgss.GSSManagerImpl.getMechanismContext(GSSManagerImpl.java:223) [rt.jar:1.7.0_45] at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:212) [rt.jar:1.7.0_45] at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:179) [rt.jar:1.7.0_45] at com.sun.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(GssKrb5Client.java:193) [rt.jar:1.7.0_45] ... 44 more {noformat} The test and setup can be downloaded [here|https://github.com/vjuranek/infinispan/tree/ISPN-4273]. Not completely sure, if it's a bug or some kerberos setup issue, but it failed also in case when I tried to use already running kerberos (not ApacheDS run in within the test). -- This message was sent by Atlassian JIRA (v6.2.3#6260)

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ISPN-4287) Allow to pass digest hash passwords in HR digest-md5 auth

by Vojtech Juranek (JIRA)

[ https://issues.jboss.org/browse/ISPN-4287?page=com.atlassian.jira.plugin.... ] Vojtech Juranek closed ISPN-4287. --------------------------------- Resolution: Done Actually implemented in https://github.com/infinispan/infinispan/pull/2557, I didn't noticed it. > Allow to pass digest hash passwords in HR digest-md5 auth > --------------------------------------------------------- > > Key: ISPN-4287 > URL: https://issues.jboss.org/browse/ISPN-4287 > Project: Infinispan > Issue Type: Feature Request > Components: Server > Reporter: Vojtech Juranek > Assignee: Mircea Markus > > WildFly by default doesn't store plain text passwords but stores them as hashes. In SASL DIGEST-MD5 auth parameter {{org.jboss.sasl.digest.pre_digested}} configures, which kind of password is requested ({{true}} for plain, {{false}} for hash). Given that WildFly use hash by default, this option should be enabled and HR client should be able to authenticate also with hashed password. -- This message was sent by Atlassian JIRA (v6.2.3#6260)

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ISPN-4285) HotRod digest-md5 auth fails with NPE

by Tristan Tarrant (JIRA)

[ https://issues.jboss.org/browse/ISPN-4285?page=com.atlassian.jira.plugin.... ] Tristan Tarrant updated ISPN-4285: ---------------------------------- Status: Pull Request Sent (was: Open) Git Pull Request: https://github.com/infinispan/infinispan/pull/2557 > HotRod digest-md5 auth fails with NPE > ------------------------------------- > > Key: ISPN-4285 > URL: https://issues.jboss.org/browse/ISPN-4285 > Project: Infinispan > Issue Type: Bug > Components: Server > Reporter: Vojtech Juranek > Assignee: Mircea Markus > > HotRod DIGEST-MD5 auth fails with NPE when password on the server is stored as a plain text. Example realm configuration snip: > {noformat} > <authentication> > <local default-user="$local" allowed-users="*"/> > <properties path="application-users.properties" relative-to="jboss.server.config.dir" plain-text="true"/> > </authentication> > {noformat} > Full stack trace: > {noformat} > org.infinispan.client.hotrod.exceptions.TransportException:: Could not fetch transport > at org.infinispan.client.hotrod.impl.transport.tcp.TcpTransportFactory.borrowTransportFromPool(TcpTransportFactory.java:310) > at org.infinispan.client.hotrod.impl.transport.tcp.TcpTransportFactory.getTransport(TcpTransportFactory.java:185) > at org.infinispan.client.hotrod.impl.operations.FaultTolerantPingOperation.getTransport(FaultTolerantPingOperation.java:27) > at org.infinispan.client.hotrod.impl.operations.RetryOnFailureOperation.execute(RetryOnFailureOperation.java:48) > at org.infinispan.client.hotrod.impl.RemoteCacheImpl.ping(RemoteCacheImpl.java:535) > at org.infinispan.client.hotrod.RemoteCacheManager.ping(RemoteCacheManager.java:633) > at org.infinispan.client.hotrod.RemoteCacheManager.createRemoteCache(RemoteCacheManager.java:614) > at org.infinispan.client.hotrod.RemoteCacheManager.getCache(RemoteCacheManager.java:525) > at org.infinispan.client.hotrod.RemoteCacheManager.getCache(RemoteCacheManager.java:521) > at org.infinispan.server.test.client.hotrod.security.HotRodSaslAuthTestBase.initialize(HotRodSaslAuthTestBase.java:55) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:47) > at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12) > at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:44) > at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:24) > at org.jboss.arquillian.junit.Arquillian$StatementLifecycleExecutor.invoke(Arquillian.java:351) > at org.jboss.arquillian.container.test.impl.execution.ClientBeforeAfterLifecycleEventExecuter.execute(ClientBeforeAfterLifecycleEventExecuter.java:99) > at org.jboss.arquillian.container.test.impl.execution.ClientBeforeAfterLifecycleEventExecuter.on(ClientBeforeAfterLifecycleEventExecuter.java:72) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90) > at org.jboss.arquillian.core.impl.EventContextImpl.invokeObservers(EventContextImpl.java:99) > at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:81) > at org.jboss.arquillian.container.test.impl.client.ContainerEventController.createContext(ContainerEventController.java:142) > at org.jboss.arquillian.container.test.impl.client.ContainerEventController.createBeforeContext(ContainerEventController.java:124) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90) > at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:88) > at org.jboss.arquillian.test.impl.TestContextHandler.createTestContext(TestContextHandler.java:89) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90) > at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:88) > at org.jboss.arquillian.test.impl.TestContextHandler.createClassContext(TestContextHandler.java:75) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90) > at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:88) > at org.jboss.arquillian.test.impl.TestContextHandler.createSuiteContext(TestContextHandler.java:60) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90) > at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:88) > at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:135) > at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:115) > at org.jboss.arquillian.test.impl.EventTestRunnerAdaptor.before(EventTestRunnerAdaptor.java:95) > at org.jboss.arquillian.junit.Arquillian$4.evaluate(Arquillian.java:222) > at org.jboss.arquillian.junit.Arquillian.multiExecute(Arquillian.java:314) > at org.jboss.arquillian.junit.Arquillian.access$100(Arquillian.java:46) > at org.jboss.arquillian.junit.Arquillian$5.evaluate(Arquillian.java:240) > at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:271) > at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:70) > at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:50) > at org.junit.runners.ParentRunner$3.run(ParentRunner.java:238) > at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:63) > at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:236) > at org.junit.runners.ParentRunner.access$000(ParentRunner.java:53) > at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:229) > at org.jboss.arquillian.junit.Arquillian$2.evaluate(Arquillian.java:185) > at org.jboss.arquillian.junit.Arquillian.multiExecute(Arquillian.java:314) > at org.jboss.arquillian.junit.Arquillian.access$100(Arquillian.java:46) > at org.jboss.arquillian.junit.Arquillian$3.evaluate(Arquillian.java:199) > at org.junit.runners.ParentRunner.run(ParentRunner.java:309) > at org.jboss.arquillian.junit.Arquillian.run(Arquillian.java:147) > at org.junit.runners.Suite.runChild(Suite.java:127) > at org.junit.runners.Suite.runChild(Suite.java:26) > at org.junit.runners.ParentRunner$3.run(ParentRunner.java:238) > at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:63) > at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:236) > at org.junit.runners.ParentRunner.access$000(ParentRunner.java:53) > at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:229) > at org.junit.runners.ParentRunner.run(ParentRunner.java:309) > at org.junit.runner.JUnitCore.run(JUnitCore.java:160) > at org.junit.runner.JUnitCore.run(JUnitCore.java:138) > at org.apache.maven.surefire.junitcore.JUnitCoreWrapper.execute(JUnitCoreWrapper.java:62) > at org.apache.maven.surefire.junitcore.JUnitCoreProvider.invoke(JUnitCoreProvider.java:139) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at org.apache.maven.surefire.util.ReflectionUtils.invokeMethodWithArray(ReflectionUtils.java:189) > at org.apache.maven.surefire.booter.ProviderFactory$ProviderProxy.invoke(ProviderFactory.java:165) > at org.apache.maven.surefire.booter.ProviderFactory.invokeProvider(ProviderFactory.java:85) > at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:115) > at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:75) > Caused by: java.lang.NullPointerException > at org.infinispan.client.hotrod.impl.transport.AbstractTransport.writeArray(AbstractTransport.java:97) > at org.infinispan.client.hotrod.impl.operations.AuthOperation.execute(AuthOperation.java:35) > at org.infinispan.client.hotrod.impl.transport.tcp.SaslTransportObjectFactory.auth(SaslTransportObjectFactory.java:99) > at org.infinispan.client.hotrod.impl.transport.tcp.SaslTransportObjectFactory.makeObject(SaslTransportObjectFactory.java:72) > at org.infinispan.client.hotrod.impl.transport.tcp.SaslTransportObjectFactory.makeObject(SaslTransportObjectFactory.java:25) > at org.apache.commons.pool.impl.GenericKeyedObjectPool.borrowObject(GenericKeyedObjectPool.java:1220) > at org.infinispan.client.hotrod.impl.transport.tcp.TcpTransportFactory.borrowTransportFromPool(TcpTransportFactory.java:306) > ... 98 more > {noformat} -- This message was sent by Atlassian JIRA (v6.2.3#6260)

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ISPN-4287) Allow to pass digest hash passwords in HR digest-md5 auth

by Vojtech Juranek (JIRA)

Vojtech Juranek created ISPN-4287: ------------------------------------- Summary: Allow to pass digest hash passwords in HR digest-md5 auth Key: ISPN-4287 URL: https://issues.jboss.org/browse/ISPN-4287 Project: Infinispan Issue Type: Feature Request Components: Server Reporter: Vojtech Juranek Assignee: Mircea Markus WildFly by default doesn't store plain text passwords but stores them as hashes. In SASL DIGEST-MD5 auth parameter {{org.jboss.sasl.digest.pre_digested}} configures, which kind of password is requested ({{true}} for plain, {{false}} for hash). Given that WildFly use hash by default, this option should be enabled and HR client should be able to authenticate also with hashed password. -- This message was sent by Atlassian JIRA (v6.2.3#6260)

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ISPN-4284) HotRod digest-md5 auth provides wrong callback

by Vojtech Juranek (JIRA)

[ https://issues.jboss.org/browse/ISPN-4284?page=com.atlassian.jira.plugin.... ] Vojtech Juranek commented on ISPN-4284: --------------------------------------- For the record, it seems this issue can be workaround by setting SASL property {{org.jboss.sasl.digest.pre_digested}} {noformat} <property name="org.jboss.sasl.digest.pre_digested">true</property> {noformat} (unable to verify whole scenario as I'm hitting [ISPN-4285|https://issues.jboss.org/browse/ISPN-4285] also in this case) > HotRod digest-md5 auth provides wrong callback > ---------------------------------------------- > > Key: ISPN-4284 > URL: https://issues.jboss.org/browse/ISPN-4284 > Project: Infinispan > Issue Type: Bug > Components: Server > Reporter: Vojtech Juranek > Assignee: Tristan Tarrant > > HotRod DIGEST-MD5 auth fails with > {noformat} > ERROR [org.infinispan.server.hotrod.HotRodDecoder] (HotRodServerWorker-12) ISPN005009: Unexpected error before any request parameters read: io.netty.handler.codec.DecoderException: or > g.infinispan.server.hotrod.HotRodException: javax.security.sasl.SaslException: DIGEST-MD5: Cannot perform callback to acquire password [Caused by javax.security.auth.callback.UnsupportedCallbackException] > at io.netty.handler.codec.ReplayingDecoder.callDecode(ReplayingDecoder.java:417) [netty-all-4.0.18.Final.jar:4.0.18.Final] > at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:141) [netty-all-4.0.18.Final.jar:4.0.18.Final] > at org.infinispan.server.core.AbstractProtocolDecoder.channelRead(AbstractProtocolDecoder.scala:470) [infinispan.jar:7.0.0-SNAPSHOT] > at io.netty.channel.DefaultChannelHandlerContext.invokeChannelRead(DefaultChannelHandlerContext.java:341) [netty-all-4.0.18.Final.jar:4.0.18.Final] > at io.netty.channel.DefaultChannelHandlerContext.fireChannelRead(DefaultChannelHandlerContext.java:327) [netty-all-4.0.18.Final.jar:4.0.18.Final] > at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:785) [netty-all-4.0.18.Final.jar:4.0.18.Final] > at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:116) [netty-all-4.0.18.Final.jar:4.0.18.Final] > at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:494) [netty-all-4.0.18.Final.jar:4.0.18.Final] > at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:461) [netty-all-4.0.18.Final.jar:4.0.18.Final] > at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:378) [netty-all-4.0.18.Final.jar:4.0.18.Final] > at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:350) [netty-all-4.0.18.Final.jar:4.0.18.Final] > at io.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:116) [netty-all-4.0.18.Final.jar:4.0.18.Final] > at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_45] > Caused by: org.infinispan.server.hotrod.HotRodException: javax.security.sasl.SaslException: DIGEST-MD5: Cannot perform call16:23:08,225 WARN [Codec20] (main) ISPN004005: Error received from the server: io.net > ty.handler.codec.DecoderException: org.infinispan.server.hotrod.HotRodException: javax.security.sasl.SaslException: DIGEST-MD5: Cannot perform callback to acquire password [Caused by javax.security.auth.callba > ck.UnsupportedCallbackException] > back to acquire password [Caused by javax.security.auth.callback.UnsupportedCallbackException] > at org.infinispan.server.hotrod.HotRodDecoder.createServerException(HotRodDecoder.scala:193) [infinispan.jar:7.0.0-SNAPSHOT] > at org.infinispan.server.core.AbstractProtocolDecoder.secureDecodeDispatch(AbstractProtocolDecoder.scala:117) [infinispan.jar:7.0.0-SNAPSHOT] > at org.infinispan.server.core.AbstractProtocolDecoder.decode(AbstractProtocolDecoder.scala:58) [infinispan.jar:7.0.0-SNAPSHOT] > at io.netty.handler.codec.ReplayingDecoder.callDecode(ReplayingDecoder.java:362) [netty-all-4.0.18.Final.jar:4.0.18.Final] > ... 12 more > Caused by: javax.security.sasl.SaslException: DIGEST-MD5: Cannot perform callback to acquire password [Caused by javax.security.auth.callback.UnsupportedCallbackException] > at org.jboss.sasl.digest.DigestMD5Server.validateClientResponse(DigestMD5Server.java:600) [jboss-sasl-1.0.3.Final.jar:1.0.3.Final] > at org.jboss.sasl.digest.DigestMD5Server.evaluateResponse(DigestMD5Server.java:253) [jboss-sasl-1.0.3.Final.jar:1.0.3.Final] > at org.infinispan.server.hotrod.Decoder2x$.customReadHeader(Decoder2x.scala:214) [infinispan.jar:7.0.0-SNAPSHOT] > at org.infinispan.server.hotrod.HotRodDecoder.customDecodeHeader(HotRodDecoder.scala:139) [infinispan.jar:7.0.0-SNAPSHOT] > at org.infinispan.server.core.AbstractProtocolDecoder.decodeHeader(AbstractProtocolDecoder.scala:147) [infinispan.jar:7.0.0-SNAPSHOT] > at org.infinispan.server.core.AbstractProtocolDecoder.secureDecodeDispatch(AbstractProtocolDecoder.scala:95) [infinispan.jar:7.0.0-SNAPSHOT] > ... 14 more > Caused by: javax.security.auth.callback.UnsupportedCallbackException > at org.jboss.as.domain.management.security.PropertiesCallbackHandler.handle(PropertiesCallbackHandler.java:164) [jboss-as-domain-management-7.2.0.Final.jar:7.2.0.Final] > at org.jboss.as.domain.management.security.SecurityRealmService$1.handle(SecurityRealmService.java:168) [jboss-as-domain-management-7.2.0.Final.jar:7.2.0.Final] > at org.infinispan.server.endpoint.subsystem.EndpointServerAuthenticationProvider$RealmAuthorizingCallbackHandler.handle(EndpointServerAuthenticationProvider.java:74) [infinispan-server-endpoints-7.0.0- > SNAPSHOT.jar:7.0.0-SNAPSHOT] > at org.jboss.sasl.digest.DigestMD5Server.validateClientResponse(DigestMD5Server.java:594) [jboss-sasl-1.0.3.Final.jar:1.0.3.Final] > ... 19 more > {noformat} > Instead of {{DigestHashCallback}} is provided {{PasswordCallback}} whichi results into above {{UnsupportedCallbackException}} if password is not stored in plain on server. -- This message was sent by Atlassian JIRA (v6.2.3#6260)

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ISPN-4286) Two concurrent putIfAbsent operations can both return null during rebalance

by Dan Berindei (JIRA)

Dan Berindei created ISPN-4286: ---------------------------------- Summary: Two concurrent putIfAbsent operations can both return null during rebalance Key: ISPN-4286 URL: https://issues.jboss.org/browse/ISPN-4286 Project: Infinispan Issue Type: Bug Components: Core, State Transfer Affects Versions: 6.0.2.Final Reporter: Dan Berindei Assignee: Dan Berindei Fix For: 7.0.0.Final If the cache topology changes while executing a putIfAbsent operation, the old primary owner will throw an OutdatedTopologyException, and the originator will retry on the new owner. When retrying the PutKeyValueCommand on the new primary owner, we compare the current value with the command's new value. If they are equal, we assume that the initial command wrote the old value, and we return {{null}}. However, the value might have been written by another putIfAbsent operation. So we could have two {{putIfAbsent(k, v)}} operations, both returning {{null}}. {code} A is the originator, B is the primary owner, k = null A -> B: putIfAbsent(k, v1) B dies before writing v, C is now primary owner D -> C: putIfAbsent(k, v1) // another put operation from D, with the same value C -> D: null // correct A -> C: retry_putIfAbsent(k, v1) C -> A: null // C assumes A is overwriting its own value, so it's also returning null {code} -- This message was sent by Atlassian JIRA (v6.2.3#6260)

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ISPN-4285) HotRod digest-md5 auth fails with NPE

by Vojtech Juranek (JIRA)

[ https://issues.jboss.org/browse/ISPN-4285?page=com.atlassian.jira.plugin.... ] Vojtech Juranek commented on ISPN-4285: --------------------------------------- It seems it's present always, no matter if {{plain-text="true"}} is set or not. > HotRod digest-md5 auth fails with NPE > ------------------------------------- > > Key: ISPN-4285 > URL: https://issues.jboss.org/browse/ISPN-4285 > Project: Infinispan > Issue Type: Bug > Components: Server > Reporter: Vojtech Juranek > Assignee: Mircea Markus > > HotRod DIGEST-MD5 auth fails with NPE when password on the server is stored as a plain text. Example realm configuration snip: > {noformat} > <authentication> > <local default-user="$local" allowed-users="*"/> > <properties path="application-users.properties" relative-to="jboss.server.config.dir" plain-text="true"/> > </authentication> > {noformat} > Full stack trace: > {noformat} > org.infinispan.client.hotrod.exceptions.TransportException:: Could not fetch transport > at org.infinispan.client.hotrod.impl.transport.tcp.TcpTransportFactory.borrowTransportFromPool(TcpTransportFactory.java:310) > at org.infinispan.client.hotrod.impl.transport.tcp.TcpTransportFactory.getTransport(TcpTransportFactory.java:185) > at org.infinispan.client.hotrod.impl.operations.FaultTolerantPingOperation.getTransport(FaultTolerantPingOperation.java:27) > at org.infinispan.client.hotrod.impl.operations.RetryOnFailureOperation.execute(RetryOnFailureOperation.java:48) > at org.infinispan.client.hotrod.impl.RemoteCacheImpl.ping(RemoteCacheImpl.java:535) > at org.infinispan.client.hotrod.RemoteCacheManager.ping(RemoteCacheManager.java:633) > at org.infinispan.client.hotrod.RemoteCacheManager.createRemoteCache(RemoteCacheManager.java:614) > at org.infinispan.client.hotrod.RemoteCacheManager.getCache(RemoteCacheManager.java:525) > at org.infinispan.client.hotrod.RemoteCacheManager.getCache(RemoteCacheManager.java:521) > at org.infinispan.server.test.client.hotrod.security.HotRodSaslAuthTestBase.initialize(HotRodSaslAuthTestBase.java:55) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:47) > at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12) > at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:44) > at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:24) > at org.jboss.arquillian.junit.Arquillian$StatementLifecycleExecutor.invoke(Arquillian.java:351) > at org.jboss.arquillian.container.test.impl.execution.ClientBeforeAfterLifecycleEventExecuter.execute(ClientBeforeAfterLifecycleEventExecuter.java:99) > at org.jboss.arquillian.container.test.impl.execution.ClientBeforeAfterLifecycleEventExecuter.on(ClientBeforeAfterLifecycleEventExecuter.java:72) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90) > at org.jboss.arquillian.core.impl.EventContextImpl.invokeObservers(EventContextImpl.java:99) > at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:81) > at org.jboss.arquillian.container.test.impl.client.ContainerEventController.createContext(ContainerEventController.java:142) > at org.jboss.arquillian.container.test.impl.client.ContainerEventController.createBeforeContext(ContainerEventController.java:124) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90) > at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:88) > at org.jboss.arquillian.test.impl.TestContextHandler.createTestContext(TestContextHandler.java:89) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90) > at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:88) > at org.jboss.arquillian.test.impl.TestContextHandler.createClassContext(TestContextHandler.java:75) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90) > at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:88) > at org.jboss.arquillian.test.impl.TestContextHandler.createSuiteContext(TestContextHandler.java:60) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at org.jboss.arquillian.core.impl.ObserverImpl.invoke(ObserverImpl.java:90) > at org.jboss.arquillian.core.impl.EventContextImpl.proceed(EventContextImpl.java:88) > at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:135) > at org.jboss.arquillian.core.impl.ManagerImpl.fire(ManagerImpl.java:115) > at org.jboss.arquillian.test.impl.EventTestRunnerAdaptor.before(EventTestRunnerAdaptor.java:95) > at org.jboss.arquillian.junit.Arquillian$4.evaluate(Arquillian.java:222) > at org.jboss.arquillian.junit.Arquillian.multiExecute(Arquillian.java:314) > at org.jboss.arquillian.junit.Arquillian.access$100(Arquillian.java:46) > at org.jboss.arquillian.junit.Arquillian$5.evaluate(Arquillian.java:240) > at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:271) > at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:70) > at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:50) > at org.junit.runners.ParentRunner$3.run(ParentRunner.java:238) > at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:63) > at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:236) > at org.junit.runners.ParentRunner.access$000(ParentRunner.java:53) > at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:229) > at org.jboss.arquillian.junit.Arquillian$2.evaluate(Arquillian.java:185) > at org.jboss.arquillian.junit.Arquillian.multiExecute(Arquillian.java:314) > at org.jboss.arquillian.junit.Arquillian.access$100(Arquillian.java:46) > at org.jboss.arquillian.junit.Arquillian$3.evaluate(Arquillian.java:199) > at org.junit.runners.ParentRunner.run(ParentRunner.java:309) > at org.jboss.arquillian.junit.Arquillian.run(Arquillian.java:147) > at org.junit.runners.Suite.runChild(Suite.java:127) > at org.junit.runners.Suite.runChild(Suite.java:26) > at org.junit.runners.ParentRunner$3.run(ParentRunner.java:238) > at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:63) > at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:236) > at org.junit.runners.ParentRunner.access$000(ParentRunner.java:53) > at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:229) > at org.junit.runners.ParentRunner.run(ParentRunner.java:309) > at org.junit.runner.JUnitCore.run(JUnitCore.java:160) > at org.junit.runner.JUnitCore.run(JUnitCore.java:138) > at org.apache.maven.surefire.junitcore.JUnitCoreWrapper.execute(JUnitCoreWrapper.java:62) > at org.apache.maven.surefire.junitcore.JUnitCoreProvider.invoke(JUnitCoreProvider.java:139) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at org.apache.maven.surefire.util.ReflectionUtils.invokeMethodWithArray(ReflectionUtils.java:189) > at org.apache.maven.surefire.booter.ProviderFactory$ProviderProxy.invoke(ProviderFactory.java:165) > at org.apache.maven.surefire.booter.ProviderFactory.invokeProvider(ProviderFactory.java:85) > at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:115) > at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:75) > Caused by: java.lang.NullPointerException > at org.infinispan.client.hotrod.impl.transport.AbstractTransport.writeArray(AbstractTransport.java:97) > at org.infinispan.client.hotrod.impl.operations.AuthOperation.execute(AuthOperation.java:35) > at org.infinispan.client.hotrod.impl.transport.tcp.SaslTransportObjectFactory.auth(SaslTransportObjectFactory.java:99) > at org.infinispan.client.hotrod.impl.transport.tcp.SaslTransportObjectFactory.makeObject(SaslTransportObjectFactory.java:72) > at org.infinispan.client.hotrod.impl.transport.tcp.SaslTransportObjectFactory.makeObject(SaslTransportObjectFactory.java:25) > at org.apache.commons.pool.impl.GenericKeyedObjectPool.borrowObject(GenericKeyedObjectPool.java:1220) > at org.infinispan.client.hotrod.impl.transport.tcp.TcpTransportFactory.borrowTransportFromPool(TcpTransportFactory.java:306) > ... 98 more > {noformat} -- This message was sent by Atlassian JIRA (v6.2.3#6260)

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ISPN-4284) HotRod digest-md5 auth provides wrong callback

by Tristan Tarrant (JIRA)

[ https://issues.jboss.org/browse/ISPN-4284?page=com.atlassian.jira.plugin.... ] Tristan Tarrant updated ISPN-4284: ---------------------------------- Status: Pull Request Sent (was: Open) Git Pull Request: https://github.com/infinispan/infinispan/pull/2557 > HotRod digest-md5 auth provides wrong callback > ---------------------------------------------- > > Key: ISPN-4284 > URL: https://issues.jboss.org/browse/ISPN-4284 > Project: Infinispan > Issue Type: Bug > Components: Server > Reporter: Vojtech Juranek > Assignee: Tristan Tarrant > > HotRod DIGEST-MD5 auth fails with > {noformat} > ERROR [org.infinispan.server.hotrod.HotRodDecoder] (HotRodServerWorker-12) ISPN005009: Unexpected error before any request parameters read: io.netty.handler.codec.DecoderException: or > g.infinispan.server.hotrod.HotRodException: javax.security.sasl.SaslException: DIGEST-MD5: Cannot perform callback to acquire password [Caused by javax.security.auth.callback.UnsupportedCallbackException] > at io.netty.handler.codec.ReplayingDecoder.callDecode(ReplayingDecoder.java:417) [netty-all-4.0.18.Final.jar:4.0.18.Final] > at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:141) [netty-all-4.0.18.Final.jar:4.0.18.Final] > at org.infinispan.server.core.AbstractProtocolDecoder.channelRead(AbstractProtocolDecoder.scala:470) [infinispan.jar:7.0.0-SNAPSHOT] > at io.netty.channel.DefaultChannelHandlerContext.invokeChannelRead(DefaultChannelHandlerContext.java:341) [netty-all-4.0.18.Final.jar:4.0.18.Final] > at io.netty.channel.DefaultChannelHandlerContext.fireChannelRead(DefaultChannelHandlerContext.java:327) [netty-all-4.0.18.Final.jar:4.0.18.Final] > at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:785) [netty-all-4.0.18.Final.jar:4.0.18.Final] > at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:116) [netty-all-4.0.18.Final.jar:4.0.18.Final] > at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:494) [netty-all-4.0.18.Final.jar:4.0.18.Final] > at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:461) [netty-all-4.0.18.Final.jar:4.0.18.Final] > at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:378) [netty-all-4.0.18.Final.jar:4.0.18.Final] > at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:350) [netty-all-4.0.18.Final.jar:4.0.18.Final] > at io.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:116) [netty-all-4.0.18.Final.jar:4.0.18.Final] > at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_45] > Caused by: org.infinispan.server.hotrod.HotRodException: javax.security.sasl.SaslException: DIGEST-MD5: Cannot perform call16:23:08,225 WARN [Codec20] (main) ISPN004005: Error received from the server: io.net > ty.handler.codec.DecoderException: org.infinispan.server.hotrod.HotRodException: javax.security.sasl.SaslException: DIGEST-MD5: Cannot perform callback to acquire password [Caused by javax.security.auth.callba > ck.UnsupportedCallbackException] > back to acquire password [Caused by javax.security.auth.callback.UnsupportedCallbackException] > at org.infinispan.server.hotrod.HotRodDecoder.createServerException(HotRodDecoder.scala:193) [infinispan.jar:7.0.0-SNAPSHOT] > at org.infinispan.server.core.AbstractProtocolDecoder.secureDecodeDispatch(AbstractProtocolDecoder.scala:117) [infinispan.jar:7.0.0-SNAPSHOT] > at org.infinispan.server.core.AbstractProtocolDecoder.decode(AbstractProtocolDecoder.scala:58) [infinispan.jar:7.0.0-SNAPSHOT] > at io.netty.handler.codec.ReplayingDecoder.callDecode(ReplayingDecoder.java:362) [netty-all-4.0.18.Final.jar:4.0.18.Final] > ... 12 more > Caused by: javax.security.sasl.SaslException: DIGEST-MD5: Cannot perform callback to acquire password [Caused by javax.security.auth.callback.UnsupportedCallbackException] > at org.jboss.sasl.digest.DigestMD5Server.validateClientResponse(DigestMD5Server.java:600) [jboss-sasl-1.0.3.Final.jar:1.0.3.Final] > at org.jboss.sasl.digest.DigestMD5Server.evaluateResponse(DigestMD5Server.java:253) [jboss-sasl-1.0.3.Final.jar:1.0.3.Final] > at org.infinispan.server.hotrod.Decoder2x$.customReadHeader(Decoder2x.scala:214) [infinispan.jar:7.0.0-SNAPSHOT] > at org.infinispan.server.hotrod.HotRodDecoder.customDecodeHeader(HotRodDecoder.scala:139) [infinispan.jar:7.0.0-SNAPSHOT] > at org.infinispan.server.core.AbstractProtocolDecoder.decodeHeader(AbstractProtocolDecoder.scala:147) [infinispan.jar:7.0.0-SNAPSHOT] > at org.infinispan.server.core.AbstractProtocolDecoder.secureDecodeDispatch(AbstractProtocolDecoder.scala:95) [infinispan.jar:7.0.0-SNAPSHOT] > ... 14 more > Caused by: javax.security.auth.callback.UnsupportedCallbackException > at org.jboss.as.domain.management.security.PropertiesCallbackHandler.handle(PropertiesCallbackHandler.java:164) [jboss-as-domain-management-7.2.0.Final.jar:7.2.0.Final] > at org.jboss.as.domain.management.security.SecurityRealmService$1.handle(SecurityRealmService.java:168) [jboss-as-domain-management-7.2.0.Final.jar:7.2.0.Final] > at org.infinispan.server.endpoint.subsystem.EndpointServerAuthenticationProvider$RealmAuthorizingCallbackHandler.handle(EndpointServerAuthenticationProvider.java:74) [infinispan-server-endpoints-7.0.0- > SNAPSHOT.jar:7.0.0-SNAPSHOT] > at org.jboss.sasl.digest.DigestMD5Server.validateClientResponse(DigestMD5Server.java:594) [jboss-sasl-1.0.3.Final.jar:1.0.3.Final] > ... 19 more > {noformat} > Instead of {{DigestHashCallback}} is provided {{PasswordCallback}} whichi results into above {{UnsupportedCallbackException}} if password is not stored in plain on server. -- This message was sent by Atlassian JIRA (v6.2.3#6260)

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ISPN-2394) Use DataRehashedEvent to signal end of state transfer

by Dan Berindei (JIRA)

[ https://issues.jboss.org/browse/ISPN-2394?page=com.atlassian.jira.plugin.... ] Dan Berindei reassigned ISPN-2394: ---------------------------------- Assignee: Dan Berindei (was: Adrian Nistor) > Use DataRehashedEvent to signal end of state transfer > ----------------------------------------------------- > > Key: ISPN-2394 > URL: https://issues.jboss.org/browse/ISPN-2394 > Project: Infinispan > Issue Type: Task > Components: State Transfer > Affects Versions: 5.2.0.ALPHA1 > Reporter: Adrian Nistor > Assignee: Dan Berindei > > Since NBST was introduced the actual completion of state transfer happens later than the TopologyChangedEvent. In unit tests there is currently no simple way to find out when this actually happens so we resorted to some ugly polling (see TestingUtil.waitForRehashToComplete()). Also some other core components could benefit from such an event (eg. StaleTransactionCleanupService, see ISPN-2383). > The event should contain the CacheTopology that is being confirmed as stable. -- This message was sent by Atlassian JIRA (v6.2.3#6260)

10 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ISPN-1986) Make putForExternalRead return a boolean instead of void

by Pedro Ruivo (JIRA)

[ https://issues.jboss.org/browse/ISPN-1986?page=com.atlassian.jira.plugin.... ] Pedro Ruivo updated ISPN-1986: ------------------------------ Fix Version/s: 7.0.0.Beta1 (was: 7.0.0.Alpha4) > Make putForExternalRead return a boolean instead of void > -------------------------------------------------------- > > Key: ISPN-1986 > URL: https://issues.jboss.org/browse/ISPN-1986 > Project: Infinispan > Issue Type: Enhancement > Components: Core > Reporter: Galder Zamarreño > Assignee: Galder Zamarreño > Priority: Critical > Fix For: 7.0.0.Beta1, 7.0.0.Final > > > Related to ISPN-1983 and https://hibernate.onjira.com/browse/HHH-7256, I'd like to change the API of putForExternalRead() to return a boolean instead of void. > The reason for doing this is to be able to find out if the PFER did actually end up storing something or not. -- This message was sent by Atlassian JIRA (v6.2.3#6260)

10 years, 5 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

infinispan-issues May 2014