Hi, I am porting an app from 4.2 to EAP 6. I am having trouble with remote ejb authentication. When authentication is not used, the app works fine. I have followed the examples in the links below and encountering the below errors. All relavent code is below. Please help!
https://community.jboss.org/wiki/JBossAS7RemoteEJBAuthenticationHowto
https://community.jboss.org/thread/195501?start=0&tstart=0
Client error log:
DEBUG [InitialContextFactory] Looking for jboss-naming-client.properties using classloader SystemClassLoader[112 modules]
DEBUG [InitialContextFactory] jboss.naming.client.endpoint.create.options. has the following options {}
DEBUG [InitialContextFactory] jboss.naming.client.remote.connectionprovider.create.options. has the following options {}
INFO [xnio] XNIO Version 3.0.4.GA-redhat-1
INFO [nio] XNIO NIO Implementation Version 3.0.4.GA-redhat-1
INFO [remoting] JBoss Remoting version 3.2.8.GA-redhat-1
DEBUG [nio] Started channel thread 'Remoting "config-based-naming-client-endpoint" read-1', selector sun.nio.ch.WindowsSelectorImpl@748ede42
DEBUG [nio] Started channel thread 'Remoting "config-based-naming-client-endpoint" write-1', selector sun.nio.ch.WindowsSelectorImpl@271d4c95
DEBUG [InitialContextFactory] jboss.naming.client.connect.options. has the following options {}
DEBUG [EJBClientPropertiesLoader] Looking for jboss-ejb-client.properties using classloader SystemClassLoader[112 modules]
DEBUG [EJBClientPropertiesLoader] Found jboss-ejb-client.properties using classloader SystemClassLoader[112 modules]
DEBUG [PropertiesBasedEJBClientConfiguration] endpoint.create.options. has the following options {}
DEBUG [PropertiesBasedEJBClientConfiguration] remote.connectionprovider.create.options. has the following options {org.xnio.Options.SSL_ENABLED=>false}
DEBUG [PropertiesBasedEJBClientConfiguration] remote.connection.default.connect.options. has the following options {org.xnio.Options.SASL_DISALLOWED_MECHANISMS=>[JBOSS-LOCAL-USER],org.xnio.Options.SASL_POLICY_NOPLAINTEXT=>false,org.xnio.Options.SASL_POLICY_NOANONYMOUS=>true}
DEBUG [PropertiesBasedEJBClientConfiguration] remote.connection.default.channel.options. has the following options {}
DEBUG [PropertiesBasedEJBClientConfiguration] Connection org.jboss.ejb.client.PropertiesBasedEJBClientConfiguration$RemotingConnectionConfigurationImpl@729bd2fb successfully created for connection named default
DEBUG [PropertiesBasedEJBClientConfiguration] No clusters configured in properties
DEBUG [nio] Started channel thread 'Remoting "client-endpoint" write-1', selector sun.nio.ch.WindowsSelectorImpl@7fef53b6
DEBUG [nio] Started channel thread 'Remoting "client-endpoint" read-1', selector sun.nio.ch.WindowsSelectorImpl@7fef53b6
ERROR [connection] JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
WARN [ConfigBasedEJBClientContextSelector] Could not register a EJB receiver for connection to localhost:4447
java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
at org.jboss.ejb.client.remoting.IoFutureHelper.get(IoFutureHelper.java:91)
at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.setupEJBReceivers(ConfigBasedEJBClientContextSelector.java:119)
at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.<init>(ConfigBasedEJBClientContextSelector.java:76)
at org.jboss.ejb.client.EJBClientContext.<clinit>(EJBClientContext.java:77)
at org.jboss.naming.remote.client.ejb.RemoteNamingEjbClientContextSelector.setupSelector(RemoteNamingEjbClientContextSelector.java:28)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.jboss.naming.remote.client.InitialContextFactory.setupEjbContext(InitialContextFactory.java:448)
at org.jboss.naming.remote.client.InitialContextFactory.getInitialContext(InitialContextFactory.java:145)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:307)
at javax.naming.InitialContext.init(InitialContext.java:242)
at javax.naming.InitialContext.<init>(InitialContext.java:216)
....
Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:315)
at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:214)
at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)
at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189)
at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103)
at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)
at org.xnio.nio.NioHandle.run(NioHandle.java:90)
at org.xnio.nio.WorkerThread.run(WorkerThread.java:184)
at ...asynchronous invocation...(Unknown Source)
at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:270)
at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:386)
at org.jboss.ejb.client.remoting.NetworkUtil.connect(NetworkUtil.java:151)
at org.jboss.ejb.client.remoting.NetworkUtil.connect(NetworkUtil.java:132)
at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.setupEJBReceivers(ConfigBasedEJBClientContextSelector.java:117)
... 43 more
DEBUG [ConfigBasedEJBClientContextSelector] Registered a reconnect handler in EJB client context org.jboss.ejb.client.EJBClientContext@7ca25509 for remote://localhost:4447
DEBUG [ConfigBasedEJBClientContextSelector] Registered 0 remoting EJB receivers for EJB client context org.jboss.ejb.client.EJBClientContext@7ca25509
DEBUG [RemotingConnectionEJBReceiver] Channel Channel ID dd5d308c (outbound) of Remoting connection 2125ac0e to localhost/127.0.0.1:4447 opened for context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]} Waiting for version handshake message from server
INFO [remoting] EJBCLIENT000017: Received server version 1 and marshalling strategies [river]
INFO [remoting] EJBCLIENT000013: Successful version handshake completed for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]} on channel Channel ID dd5d308c (outbound) of Remoting connection 2125ac0e to localhost/127.0.0.1:4447
DEBUG [RemotingConnectionEJBReceiver] Received module availability report for 10 modules
DEBUG [RemotingConnectionEJBReceiver] Registering module EJBModuleIdentifier{appName='', moduleName='sqljdbc4', distinctName=''} availability for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]}
DEBUG [RemotingConnectionEJBReceiver] Registering module EJBModuleIdentifier{appName='MyApplicationEAR', moduleName='My-web-TravelPlanners', distinctName=''} availability for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]}
DEBUG [RemotingConnectionEJBReceiver] Registering module EJBModuleIdentifier{appName='MyApplicationEAR', moduleName='My-web-ShortUrl', distinctName=''} availability for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]}
DEBUG [RemotingConnectionEJBReceiver] Registering module EJBModuleIdentifier{appName='MyApplicationEAR', moduleName='MyApplication-ejb', distinctName=''} availability for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]}
DEBUG [RemotingConnectionEJBReceiver] Registering module EJBModuleIdentifier{appName='MyApplicationEAR', moduleName='My-web', distinctName=''} availability for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]}
DEBUG [RemotingConnectionEJBReceiver] Registering module EJBModuleIdentifier{appName='MyApplicationEAR', moduleName='MyApplicationEAR', distinctName=''} availability for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]}
DEBUG [RemotingConnectionEJBReceiver] Registering module EJBModuleIdentifier{appName='jsr-77', moduleName='jsr-77', distinctName=''} availability for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]}
DEBUG [RemotingConnectionEJBReceiver] Registering module EJBModuleIdentifier{appName='MyApplicationEAR', moduleName='MyMy-web', distinctName=''} availability for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]}
DEBUG [RemotingConnectionEJBReceiver] Registering module EJBModuleIdentifier{appName='MyApplicationEAR', moduleName='SDR-web-Tracking', distinctName=''} availability for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]}
DEBUG [RemotingConnectionEJBReceiver] Registering module EJBModuleIdentifier{appName='MyApplicationEAR', moduleName='SDR-web-Mobile', distinctName=''} availability for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@76aa5058, receiver=Remoting connection EJB receiver [connection=Remoting connection <6c1e5086>,channel=jboss.ejb,nodename=mxl1111p2c]}
WARN [ChannelAssociation] Unsupported message received with header 0xffffffff
DEBUG [EJBClientContext] org.jboss.ejb.client.RandomDeploymentNodeSelector@5e856a7a deployment node selector selected mxl1111p2c node for appname=MyApplicationEAR,modulename=MyApplication-ejb,distinctname=
jboss-ejb-client.properties:
remote.connection.default.callback.handler.class=net.My.client.util.jndi.EjbRemoteCallBackHandler
remote.connections=default
endpoint.name=client-endpoint
remote.connection.default.port = 4447
remote.connection.default.host=localhost
remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false
remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=true
remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER
remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false
standalone-full-ha.xml:
<security-realm name="MyRealm">
<authentication>
<jaas name="MyDomain" />
</authentication>
</security-realm>
<security-domain name="MyDomain" cache-type="default">
<authentication>
<login-module code="Remoting" flag="optional">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
<module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/>
<module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/>
<module-option name="defaultUsersProperties" value="${jboss.server.config.dir}/application-users.properties"/>
<module-option name="defaultRolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/>
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
</authentication>
</security-domain>
MyEAR/META-INF/jboss-app.xml:
<jboss-app>
<security-domain>MyDomain</security-domain>
</jboss-app>
ServiceLocator.java
private void createInitialContext(String username, char[] password)
throws IOException, LoginException, NamingException {
EjbRemoteCallBackHandler.setCredential("web.rep", "12345");
Hashtable jndiProps = new Hashtable<String, Object>();
jndiProps.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");
jndiProps.put("java.naming.factory.initial","org.jboss.naming.remote.client.InitialContextFactory");
jndiProps.put(InitialContext.PROVIDER_URL, "remote://localhost:4447");
// This is an important property to set if you want to do EJB invocations via the remote-naming project
jndiProps.put("jboss.naming.client.ejb.context", true);
// needed for remote access
jndiProps.put(Context.SECURITY_PRINCIPAL, "web.rep");
jndiProps.put(Context.SECURITY_CREDENTIALS, "12345");
ic = new InitialContext(jndiProps);
}