Ganesh Saithala [
https://community.jboss.org/people/ganeshment] created the discussion
"remote ejb client username is encrypted at the server(JBOSS7.1 CR1)"
To view the discussion, visit:
https://community.jboss.org/message/646881#646881
--------------------------------------------------------------
we are using remote EJB JNDI based units tests to test the code and we are evaluating
JBOSS7.1 CR1. With JBOSS7.1 CR1, username sent from the remote ejb client is encrypted at
the server, database query using the encrypted username is returning no passwords and
login is failing. We are stuck with this problem to continue evaluation of JBOSS7.1 CR1
release. Can you please suggest how to fix this issue.
I have referred the following links to get the relevant information but unsuccessful
https://issues.jboss.org/browse/AS7-2942
https://issues.jboss.org/browse/AS7-2999?page=com.atlassian.jira.plugin.s...
https://issues.jboss.org/browse/AS7-3002?page=com.atlassian.jira.plugin.s...
Server Exception :
18:54:39,652 ERROR [org.jboss.remoting.remote] (Remoting "machine1" read-1)
JBREM000200: Remote connection failed: java.io.IOException: An existing connection was
forcibly closed by the remote host
18:57:45,423 DEBUG [org.jboss.security.plugins.JBossAuthenticationManager.iS3Login]
(pool-9-thread-2) CallbackHandler:
mailto:org.jboss.security.auth.callback.JBossCallbackHandler@10d0fc9
org.jboss.security.auth.callback.JBossCallbackHandler@10d0fc9
18:57:45,423 TRACE [org.jboss.security.plugins.JBossAuthenticationManager.iS3Login]
(pool-9-thread-2) Begin isValid, principal:a82aa6a4-cf24-4ab0-ab3e-54037d8db4d5
18:57:45,423 TRACE [org.jboss.security.plugins.JBossAuthenticationManager.iS3Login]
(pool-9-thread-2) defaultLogin, principal=a82aa6a4-cf24-4ab0-ab3e-54037d8db4d5
18:57:45,423 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] (pool-9-thread-2)
Begin getAppConfigurationEntry(iS3Login), size=4
18:57:45,423 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] (pool-9-thread-2)
End getAppConfigurationEntry(iS3Login), authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: org.jboss.security.auth.spi.DatabaseServerLoginModule
ControlFlag: LoginModuleControlFlag: sufficient
Options:
name=hashAlgorithm, value=SHA-256
name=principalsQuery, value=select password from sessionuser where name=?
name=hashEncoding, value=base64
name=dsJndiName, value=java:/jdbc/exampleds
name=rolesQuery, value=select role, 'Roles' from sessionrole where name=?
[1]
LoginModule Class: org.jboss.security.auth.spi.LdapLoginModule
ControlFlag: LoginModuleControlFlag: sufficient
Options:
name=java.naming.provider.url, value=ldap://ldap.xxx.xxx.com:123/
name=principalDNSuffix, value=,OU=xxx,OU=Americas,DC=xxx,DC=xxx,DC=com
name=principalDNPrefix, value=CN=
18:57:45,423 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule]
(pool-9-thread-2) initialize
18:57:45,423 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule]
(pool-9-thread-2) Security domain: iS3Login
18:57:45,423 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule]
(pool-9-thread-2) Password hashing activated: algorithm = SHA-256, encoding = base64,
charset = {default}, callback = null, storeCallback = null
18:57:45,423 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule]
(pool-9-thread-2) DatabaseServerLoginModule, dsJndiName=java:/jdbc/exampleds
18:57:45,423 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule]
(pool-9-thread-2) principalsQuery=select password from sessionuser where name=?
18:57:45,423 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule]
(pool-9-thread-2) rolesQuery=select role, 'Roles' from sessionrole where name=?
18:57:45,423 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule]
(pool-9-thread-2) suspendResume=true
18:57:45,423 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule]
(pool-9-thread-2) login
18:57:45,423 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule]
(pool-9-thread-2) suspendAnyTransaction
18:57:45,423 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule]
(pool-9-thread-2) Excuting query: select password from sessionuser where name=?, with
username: a82aa6a4-cf24-4ab0-ab3e-54037d8db4d5
18:57:45,423 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule]
(pool-9-thread-2) Query returned no matches from db
18:57:45,423 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule]
(pool-9-thread-2) resumeAnyTransaction
18:57:45,423 TRACE [org.jboss.security.auth.spi.LdapLoginModule] (pool-9-thread-2)
initialize
18:57:45,423 TRACE [org.jboss.security.auth.spi.LdapLoginModule] (pool-9-thread-2)
Security domain: iS3Login
18:57:45,423 TRACE [org.jboss.security.auth.spi.LdapLoginModule] (pool-9-thread-2) login
18:57:45,423 TRACE [org.jboss.security.auth.spi.LdapLoginModule] (pool-9-thread-2) Logging
into LDAP server, env={java.naming.provider.url=ldap://ldap.xxx.xxx.com:123/,
java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory,
jboss.security.security_domain=iS3Login, principalDNPrefix=CN=,
principalDNSuffix=,OU=xxx,OU=Americas,DC=xxx,DC=xxx,DC=com,
java.naming.security.authentication=simple,
java.naming.security.principal=CN=a82aa6a4-cf24-4ab0-ab3e-54037d8db4d5,OU=xxx,OU=Americas,DC=xxx,DC=xxx,DC=com,
java.naming.security.credentials=***}
18:57:45,423 DEBUG [org.jboss.security.auth.spi.LdapLoginModule] (pool-9-thread-2) Bad
password for username=a82aa6a4-cf24-4ab0-ab3e-54037d8db4d5
18:57:45,423 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule]
(pool-9-thread-2) abort
18:57:45,423 TRACE [org.jboss.security.auth.spi.LdapLoginModule] (pool-9-thread-2) abort
18:57:45,423 TRACE [org.jboss.security.plugins.JBossAuthenticationManager.iS3Login]
(pool-9-thread-2) Login failure: javax.security.auth.login.FailedLoginException: PB00019:
Processing Failed:No matching username found in Principals
at
org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(DatabaseServerLoginModule.java:186)
[picketbox-4.0.6.Beta2.jar:4.0.6.Beta2]
at
org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:248)
[picketbox-4.0.6.Beta2.jar:4.0.6.Beta2]
at sun.reflect.GeneratedMethodAccessor10.invoke(Unknown Source) [:1.6.0_29]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[:1.6.0_29]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_29]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) [:1.6.0_29]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_29]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_29]
at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_29]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_29]
at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_29]
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:402)
[picketbox-4.0.6.Beta2.jar:4.0.6.Beta2]
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.proceedWithJaasLogin(JaasSecurityManagerBase.java:341)
[picketbox-4.0.6.Beta2.jar:4.0.6.Beta2]
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:329)
[picketbox-4.0.6.Beta2.jar:4.0.6.Beta2]
at
org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:207)
[picketbox-4.0.6.Beta2.jar:4.0.6.Beta2]
at
org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:267)
[jboss-as-security-7.1.0.CR1.jar:7.1.0.CR1]
at
org.jboss.as.security.service.SimpleSecurityManager.push(SimpleSecurityManager.java:234)
[jboss-as-security-7.1.0.CR1.jar:7.1.0.CR1]
at
org.jboss.as.ejb3.security.SecurityContextInterceptor$1.run(SecurityContextInterceptor.java:49)
[jboss-as-ejb3-7.1.0.CR1.jar:7.1.0.CR1]
at
org.jboss.as.ejb3.security.SecurityContextInterceptor$1.run(SecurityContextInterceptor.java:45)
[jboss-as-ejb3-7.1.0.CR1.jar:7.1.0.CR1]
at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_29]
at
org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:74)
[jboss-as-ejb3-7.1.0.CR1.jar:7.1.0.CR1]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
[jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at
org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50)
[jboss-as-ee-7.1.0.CR1.jar:7.1.0.CR1]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
[jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ee.component.TCCLInterceptor.processInvocation(TCCLInterceptor.java:45)
[jboss-as-ee-7.1.0.CR1.jar:7.1.0.CR1]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
[jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at
org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:57)
[jboss-as-ejb3-7.1.0.CR1.jar:7.1.0.CR1]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
[jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)
[jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:165)
[jboss-as-ee-7.1.0.CR1.jar:7.1.0.CR1]
at
org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.invokeMethod(MethodInvocationMessageHandler.java:283)
[jboss-as-ejb3-7.1.0.CR1.jar:7.1.0.CR1]
at
org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.access$200(MethodInvocationMessageHandler.java:61)
[jboss-as-ejb3-7.1.0.CR1.jar:7.1.0.CR1]
at
org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler$1.run(MethodInvocationMessageHandler.java:191)
[jboss-as-ejb3-7.1.0.CR1.jar:7.1.0.CR1]
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441) [:1.6.0_29]
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303) [:1.6.0_29]
at java.util.concurrent.FutureTask.run(FutureTask.java:138) [:1.6.0_29]
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
[:1.6.0_29]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
[:1.6.0_29]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_29]
at org.jboss.threads.JBossThread.run(JBossThread.java:122)
18:57:45,439 TRACE [org.jboss.security.plugins.JBossAuthenticationManager.iS3Login]
(pool-9-thread-2) End isValid, false
18:57:45,439 ERROR [org.jboss.ejb3.invocation] (pool-9-thread-2) JBAS014134: EJB
Invocation failed on component SessionBean for method public abstract
java.security.Principal demo.SessionBeanInterface.getPrincipal():
javax.ejb.EJBAccessException: Invalid User
at
org.jboss.as.ejb3.security.SecurityContextInterceptor$1.run(SecurityContextInterceptor.java:54)
at
org.jboss.as.ejb3.security.SecurityContextInterceptor$1.run(SecurityContextInterceptor.java:45)
at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_29]
at
org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:74)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at
org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.as.ee.component.TCCLInterceptor.processInvocation(TCCLInterceptor.java:45)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at
org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:57)
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)
at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:165)
at
org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.invokeMethod(MethodInvocationMessageHandler.java:283)
at
org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler.access$200(MethodInvocationMessageHandler.java:61)
at
org.jboss.as.ejb3.remote.protocol.versionone.MethodInvocationMessageHandler$1.run(MethodInvocationMessageHandler.java:191)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441) [:1.6.0_29]
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303) [:1.6.0_29]
at java.util.concurrent.FutureTask.run(FutureTask.java:138) [:1.6.0_29]
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
[:1.6.0_29]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
[:1.6.0_29]
at java.lang.Thread.run(Thread.java:662) [:1.6.0_29]
at org.jboss.threads.JBossThread.run(JBossThread.java:122)
[jboss-threads-2.0.0.GA.jar:2.0.0.GA]
--------------------------------------------------------------
Reply to this message by going to Community
[
https://community.jboss.org/message/646881#646881]
Start a new discussion in JBoss AS 7 Development at Community
[
https://community.jboss.org/choose-container!input.jspa?contentType=1&...]