January 2020 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFCORE-4827) Errors Missing on Invalid Configuration

by Darran Lofthouse (Jira)

Darran Lofthouse created WFCORE-4827: ---------------------------------------- Summary: Errors Missing on Invalid Configuration Key: WFCORE-4827 URL: https://issues.redhat.com/browse/WFCORE-4827 Project: WildFly Core Issue Type: Bug Components: Security Affects Versions: 11.0.0.Beta7 Reporter: Darran Lofthouse Assignee: Richard Opalka [~ropalka] I believe this is caused by the MSC refactoring. Steps, in the default host.xml for domain mode. 1. Define the following security realm: - {noformat} <security-realms> <security-realm name="ldap_security_realm"> <server-identities> <ssl> <keystore path="generated.keystore" relative-to="jboss.server.config.dir" keystore-password="password" alias="server" key-password="password" generate-self-signed-certificate-host="localhost"/> </ssl> </server-identities> <authentication> <ldap connection="testLdap" base-dn="dc=test,dc=sbc,dc=com" recursive="true"> <username-filter attribute="samaccountname"/> </ldap> </authentication> </security-realm> {noformat} 2. Define the following outbound connection: - {noformat} <outbound-connections> <ldap name="testLdap" url="ldap://localhost:636" search-dn="CN=mxxxxxx,OU=GenericID,OU=testUsers,DC=testServices,DC=test,DC=com" search-credential="passowrd" /> </outbound-connections> {noformat} 3. Update the management interfaces to: - {noformat} <management-interfaces> <http-interface security-realm="ldap_security_realm"> <http-upgrade enabled="true"/> <socket interface="management" port="${jboss.management.http.port:9990}"/> </http-interface> </management-interfaces> {noformat} The server fails to boot with just the following error: - {noformat} [Host Controller] 17:56:40,052 FATAL [org.jboss.as.host.controller] (Controller Boot Thread) WFLYHC0034: Host Controller boot has failed in an unrecoverable manner; exiting. See previous messages for details. {noformat} If the management interface is then updated to reference the ManagementRealm instead the error is now: - {noformat} [Host Controller] 18:01:48,595 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([ [Host Controller] ("host" => "master"), [Host Controller] ("core-service" => "management"), [Host Controller] ("security-realm" => "ldap_security_realm") [Host Controller] ]) - failure description: { [Host Controller] "WFLYCTL0412: Required services that are not installed:" => ["jboss.server.path.\"jboss.server.config.dir\""], [Host Controller] "WFLYCTL0180: Services with missing/unavailable dependencies" => ["org.wildfly.core.management.security.realm.ldap_security_realm.key-manager is missing [jboss.server.path.\"jboss.server.config.dir\"]"] [Host Controller] } {noformat} This error is expected as the realm defined in step 1 referenced an invalid path. I believe the error reporting should come from this method: - org.jboss.as.controller.ServiceVerificationHelper.execute(OperationContext, ModelNode) However something seems to have changes with the MSC migration. This was recently encountered debugging the bug report in https://issues.redhat.com/browse/WFCORE-4820, if you see an error "Multiple CallbackHandlerServices for the same mechanism (PLAIN)" that has been covered by WFCORE-4820. -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4820) Error: WFLYDM0042: Multiple CallbackHandlerServices for the same mechanism (PLAIN)

by Mark Sanchez (Jira)

[ https://issues.redhat.com/browse/WFCORE-4820?page=com.atlassian.jira.plug... ] Mark Sanchez commented on WFCORE-4820: -------------------------------------- Darran, Is it possible for you to take our current configuration and map it to Elytron? It looks fairly complicated. Thanks Mark Sanchez > Error: WFLYDM0042: Multiple CallbackHandlerServices for the same mechanism (PLAIN) > ---------------------------------------------------------------------------------- > > Key: WFCORE-4820 > URL: https://issues.redhat.com/browse/WFCORE-4820 > Project: WildFly Core > Issue Type: Bug > Components: Management, Security > Affects Versions: 10.0.3.Final > Reporter: Mark Sanchez > Assignee: Darran Lofthouse > Priority: Major > Fix For: 11.0.0.Beta8 > > > error: > WFLYDM0042: Multiple CallbackHandlerServices for the same mechanism (PLAIN) > We get an error with the following ldap configuration. This works for version 17. > <security-realm name="ldap_security_realm"> > <server-identities> > <ssl> > <engine enabled-protocols="TLSv1.2"/> > <keystore path="/opt/app/workload/jboss/ssl_jboss/psftest2s.jboss.keystore" keystore-password="${VAULT::ssl_cert::password::1}"/> > </ssl> > </server-identities> > <authentication> > <ldap connection="testLdap" base-dn="dc=test,dc=sbc,dc=com" recursive="true"> > <username-filter attribute="samaccountname"/> > </ldap> > </authentication> > </security-realm> > </security-realms> > <outbound-connections> > <ldap name="testLdap" url="ldap://its-ad-ldap.it.test.com:636" search-dn="CN=mxxxxxx,OU=GenericID,OU=testUsers,DC=testServices,DC=test,DC=com" search-credential="${VAULT::ldap_searchdn::password::1}" security-realm="ldap_security_realm"/> > </outbound-connections> > <management-interfaces> > <http-interface security-realm="ldap_security_realm"> > <http-upgrade enabled="true"/> > <socket interface="management" port="${jboss.management.http.port:9990}"/> > </http-interface> > </management-interfaces> -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4826) Error: WFLYDM0042: Multiple CallbackHandlerServices for the same mechanism (PLAIN)

by James Perkins (Jira)

James Perkins created WFCORE-4826: ------------------------------------- Summary: Error: WFLYDM0042: Multiple CallbackHandlerServices for the same mechanism (PLAIN) Key: WFCORE-4826 URL: https://issues.redhat.com/browse/WFCORE-4826 Project: WildFly Core Issue Type: Bug Components: Management, Security Affects Versions: 10.0.3.Final Reporter: Mark Sanchez Assignee: Darran Lofthouse Fix For: 11.0.0.Beta8 error: WFLYDM0042: Multiple CallbackHandlerServices for the same mechanism (PLAIN) We get an error with the following ldap configuration. This works for version 17. <security-realm name="ldap_security_realm"> <server-identities> <ssl> <engine enabled-protocols="TLSv1.2"/> <keystore path="/opt/app/workload/jboss/ssl_jboss/psftest2s.jboss.keystore" keystore-password="${VAULT::ssl_cert::password::1}"/> </ssl> </server-identities> <authentication> <ldap connection="testLdap" base-dn="dc=test,dc=sbc,dc=com" recursive="true"> <username-filter attribute="samaccountname"/> </ldap> </authentication> </security-realm> </security-realms> <outbound-connections> <ldap name="testLdap" url="ldap://its-ad-ldap.it.test.com:636" search-dn="CN=mxxxxxx,OU=GenericID,OU=testUsers,DC=testServices,DC=test,DC=com" search-credential="${VAULT::ldap_searchdn::password::1}" security-realm="ldap_security_realm"/> </outbound-connections> <management-interfaces> <http-interface security-realm="ldap_security_realm"> <http-upgrade enabled="true"/> <socket interface="management" port="${jboss.management.http.port:9990}"/> </http-interface> </management-interfaces> -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4820) Error: WFLYDM0042: Multiple CallbackHandlerServices for the same mechanism (PLAIN)

by Darran Lofthouse (Jira)

[ https://issues.redhat.com/browse/WFCORE-4820?page=com.atlassian.jira.plug... ] Darran Lofthouse updated WFCORE-4820: ------------------------------------- Fix Version/s: 11.0.0.Beta8 > Error: WFLYDM0042: Multiple CallbackHandlerServices for the same mechanism (PLAIN) > ---------------------------------------------------------------------------------- > > Key: WFCORE-4820 > URL: https://issues.redhat.com/browse/WFCORE-4820 > Project: WildFly Core > Issue Type: Bug > Components: Management, Security > Affects Versions: 10.0.3.Final > Reporter: Mark Sanchez > Assignee: Darran Lofthouse > Priority: Major > Fix For: 11.0.0.Beta8 > > > error: > WFLYDM0042: Multiple CallbackHandlerServices for the same mechanism (PLAIN) > We get an error with the following ldap configuration. This works for version 17. > <security-realm name="ldap_security_realm"> > <server-identities> > <ssl> > <engine enabled-protocols="TLSv1.2"/> > <keystore path="/opt/app/workload/jboss/ssl_jboss/psftest2s.jboss.keystore" keystore-password="${VAULT::ssl_cert::password::1}"/> > </ssl> > </server-identities> > <authentication> > <ldap connection="testLdap" base-dn="dc=test,dc=sbc,dc=com" recursive="true"> > <username-filter attribute="samaccountname"/> > </ldap> > </authentication> > </security-realm> > </security-realms> > <outbound-connections> > <ldap name="testLdap" url="ldap://its-ad-ldap.it.test.com:636" search-dn="CN=mxxxxxx,OU=GenericID,OU=testUsers,DC=testServices,DC=test,DC=com" search-credential="${VAULT::ldap_searchdn::password::1}" security-realm="ldap_security_realm"/> > </outbound-connections> > <management-interfaces> > <http-interface security-realm="ldap_security_realm"> > <http-upgrade enabled="true"/> > <socket interface="management" port="${jboss.management.http.port:9990}"/> > </http-interface> > </management-interfaces> -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-13042) Jaeger tracer sender-binding isn't configurable

by Emmanuel Hugonnet (Jira)

[ https://issues.redhat.com/browse/WFLY-13042?page=com.atlassian.jira.plugi... ] Emmanuel Hugonnet updated WFLY-13042: ------------------------------------- Priority: Blocker (was: Major) > Jaeger tracer sender-binding isn't configurable > ----------------------------------------------- > > Key: WFLY-13042 > URL: https://issues.redhat.com/browse/WFLY-13042 > Project: WildFly > Issue Type: Bug > Components: MP OpenTracing > Affects Versions: 19.0.0.Beta1 > Reporter: Emmanuel Hugonnet > Assignee: Emmanuel Hugonnet > Priority: Blocker > > When configuring a jaeger tracer sender-binding parameter the server will no longer boot because of a NullPointerException in JaegerTracerConfiguration -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-13042) Jaeger tracer sender-binding isn't configurable

by Emmanuel Hugonnet (Jira)

[ https://issues.redhat.com/browse/WFLY-13042?page=com.atlassian.jira.plugi... ] Emmanuel Hugonnet updated WFLY-13042: ------------------------------------- Description: When configuring a jaeger tracer sender-binding parameter the server will no longer boot because of a NullPointerException in JaegerTracerConfiguration thus failing the boot of the server. (was: When configuring a jaeger tracer sender-binding parameter the server will no longer boot because of a NullPointerException in JaegerTracerConfiguration) > Jaeger tracer sender-binding isn't configurable > ----------------------------------------------- > > Key: WFLY-13042 > URL: https://issues.redhat.com/browse/WFLY-13042 > Project: WildFly > Issue Type: Bug > Components: MP OpenTracing > Affects Versions: 19.0.0.Beta1 > Reporter: Emmanuel Hugonnet > Assignee: Emmanuel Hugonnet > Priority: Blocker > > When configuring a jaeger tracer sender-binding parameter the server will no longer boot because of a NullPointerException in JaegerTracerConfiguration thus failing the boot of the server. -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-13042) Jaeger tracer sender-binding isn't configurable

by Emmanuel Hugonnet (Jira)

Emmanuel Hugonnet created WFLY-13042: ---------------------------------------- Summary: Jaeger tracer sender-binding isn't configurable Key: WFLY-13042 URL: https://issues.redhat.com/browse/WFLY-13042 Project: WildFly Issue Type: Bug Components: MP OpenTracing Affects Versions: 19.0.0.Beta1 Reporter: Emmanuel Hugonnet Assignee: Emmanuel Hugonnet When configuring a jaeger tracer sender-binding parameter the server will no longer boot because of a NullPointerException in JaegerTracerConfiguration -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4820) Error: WFLYDM0042: Multiple CallbackHandlerServices for the same mechanism (PLAIN)

by Darran Lofthouse (Jira)

[ https://issues.redhat.com/browse/WFCORE-4820?page=com.atlassian.jira.plug... ] Darran Lofthouse updated WFCORE-4820: ------------------------------------- Steps to Reproduce: *Scenario One* The minimal steps to reproduce are to add the following entries to the default host.xml and then start domain mode. {noformat} <security-realm name="ldap_security_realm"> <authentication> <ldap connection="testLdap" base-dn="dc=test,dc=sbc,dc=com" recursive="true"> <username-filter attribute="samaccountname"/> </ldap> </authentication> </security-realm> <outbound-connections> <ldap name="testLdap" url="ldap://localhost:636" search-dn="CN=mxxxxxx,OU=GenericID,OU=testUsers,DC=testServices,DC=test,DC=com" search-credential="passowrd" /> </outbound-connections> {noformat} This results in the error: - {noformat} [Host Controller] 17:05:25,154 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-8) MSC000001: Failed to start service org.wildfly.core.management.security.realm.ldap_security_realm: org.jboss.msc.service.StartException in service org.wildfly.core.management.security.realm.ldap_security_realm: WFLYDM0042: Multiple CallbackHandlerServices for the same mechanism (PLAIN) [Host Controller] at org.jboss.as.domain.management.security.SecurityRealmService.start(SecurityRealmService.java:226) [Host Controller] at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1739) {noformat} *Scenario Two* A second scenario can be triggerd by defining the security realm as: - {noformat} <security-realm name="ldap_security_realm"> <server-identities> <ssl> <keystore path="generated.keystore" relative-to="jboss.server.config.dir" keystore-password="password" alias="server" key-password="password" generate-self-signed-certificate-host="localhost"/> </ssl> </server-identities> <authentication> <ldap connection="testLdap" base-dn="dc=test,dc=sbc,dc=com" recursive="true"> <username-filter attribute="samaccountname"/> </ldap> </authentication> </security-realm> {noformat} With the same outbound connection as in the first scenario. The management-interfaces should be updated to: - {noformat} <management-interfaces> <http-interface security-realm="ldap_security_realm"> <http-upgrade enabled="true"/> <socket interface="management" port="${jboss.management.http.port:9990}"/> </http-interface> </management-interfaces> {noformat} This results in no clear error. {noformat} [Host Controller] 17:09:12,854 FATAL [org.jboss.as.host.controller] (Controller Boot Thread) WFLYHC0034: Host Controller boot has failed in an unrecoverable manner; exiting. See previous messages for details. {noformat} This scenario should actually be logging an error similar to the following as the realm is referencing a path which is not defined. {noformat} [Host Controller] 17:08:41,763 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([ [Host Controller] ("host" => "master"), [Host Controller] ("core-service" => "management"), [Host Controller] ("security-realm" => "ldap_security_realm") [Host Controller] ]) - failure description: { [Host Controller] "WFLYCTL0412: Required services that are not installed:" => ["jboss.server.path.\"jboss.server.config.dir\""], [Host Controller] "WFLYCTL0180: Services with missing/unavailable dependencies" => ["org.wildfly.core.management.security.realm.ldap_security_realm.key-manager is missing [jboss.server.path.\"jboss.server.config.dir\"]"] {noformat} In the last scenario if jboss.server.config.dir is replaced with jboss.domain.config.dir in the realm then the error reported in the first scenario is again reported. was: *Scenario One* The minimal steps to reproduce are to add the following entries to the default host.xml and then start domain mode. {noformat} <security-realm name="ldap_security_realm"> <authentication> <ldap connection="testLdap" base-dn="dc=test,dc=sbc,dc=com" recursive="true"> <username-filter attribute="samaccountname"/> </ldap> </authentication> </security-realm> <outbound-connections> <ldap name="testLdap" url="ldap://localhost:636" search-dn="CN=mxxxxxx,OU=GenericID,OU=testUsers,DC=testServices,DC=test,DC=com" search-credential="passowrd" /> </outbound-connections> {noformat} This results in the error: - {noformat} [Host Controller] 17:05:25,154 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-8) MSC000001: Failed to start service org.wildfly.core.management.security.realm.ldap_security_realm: org.jboss.msc.service.StartException in service org.wildfly.core.management.security.realm.ldap_security_realm: WFLYDM0042: Multiple CallbackHandlerServices for the same mechanism (PLAIN) [Host Controller] at org.jboss.as.domain.management.security.SecurityRealmService.start(SecurityRealmService.java:226) [Host Controller] at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1739) {noformat} *Scenario Two* A second scenario can be triggerd by defining the security realm as: - {noformat} <security-realm name="ldap_security_realm"> <server-identities> <ssl> <keystore path="generated.keystore" relative-to="jboss.server.config.dir" keystore-password="password" alias="server" key-password="password" generate-self-signed-certificate-host="localhost"/> </ssl> </server-identities> <authentication> <ldap connection="testLdap" base-dn="dc=test,dc=sbc,dc=com" recursive="true"> <username-filter attribute="samaccountname"/> </ldap> </authentication> </security-realm> {noformat} With the same outbound connection as in the first scenario. The management-interfaces should be updated to: - {noformat} <management-interfaces> <http-interface security-realm="ldap_security_realm"> <http-upgrade enabled="true"/> <socket interface="management" port="${jboss.management.http.port:9990}"/> </http-interface> </management-interfaces> {noformat} This results in no clear error. {noformat} [Host Controller] 17:09:12,854 FATAL [org.jboss.as.host.controller] (Controller Boot Thread) WFLYHC0034: Host Controller boot has failed in an unrecoverable manner; exiting. See previous messages for details. {noformat} This scenario should actually be logging an error similar to the following as the realm is referencing a path which is not defined. {noformat} [Host Controller] 17:08:41,763 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([ [Host Controller] ("host" => "master"), [Host Controller] ("core-service" => "management"), [Host Controller] ("security-realm" => "ldap_security_realm") [Host Controller] ]) - failure description: { [Host Controller] "WFLYCTL0412: Required services that are not installed:" => ["jboss.server.path.\"jboss.server.config.dir\""], [Host Controller] "WFLYCTL0180: Services with missing/unavailable dependencies" => ["org.wildfly.core.management.security.realm.ldap_security_realm.key-manager is missing [jboss.server.path.\"jboss.server.config.dir\"]"] {noformat} > Error: WFLYDM0042: Multiple CallbackHandlerServices for the same mechanism (PLAIN) > ---------------------------------------------------------------------------------- > > Key: WFCORE-4820 > URL: https://issues.redhat.com/browse/WFCORE-4820 > Project: WildFly Core > Issue Type: Bug > Components: Management, Security > Affects Versions: 10.0.3.Final > Reporter: Mark Sanchez > Assignee: Darran Lofthouse > Priority: Major > > error: > WFLYDM0042: Multiple CallbackHandlerServices for the same mechanism (PLAIN) > We get an error with the following ldap configuration. This works for version 17. > <security-realm name="ldap_security_realm"> > <server-identities> > <ssl> > <engine enabled-protocols="TLSv1.2"/> > <keystore path="/opt/app/workload/jboss/ssl_jboss/psftest2s.jboss.keystore" keystore-password="${VAULT::ssl_cert::password::1}"/> > </ssl> > </server-identities> > <authentication> > <ldap connection="testLdap" base-dn="dc=test,dc=sbc,dc=com" recursive="true"> > <username-filter attribute="samaccountname"/> > </ldap> > </authentication> > </security-realm> > </security-realms> > <outbound-connections> > <ldap name="testLdap" url="ldap://its-ad-ldap.it.test.com:636" search-dn="CN=mxxxxxx,OU=GenericID,OU=testUsers,DC=testServices,DC=test,DC=com" search-credential="${VAULT::ldap_searchdn::password::1}" security-realm="ldap_security_realm"/> > </outbound-connections> > <management-interfaces> > <http-interface security-realm="ldap_security_realm"> > <http-upgrade enabled="true"/> > <socket interface="management" port="${jboss.management.http.port:9990}"/> > </http-interface> > </management-interfaces> -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4820) Error: WFLYDM0042: Multiple CallbackHandlerServices for the same mechanism (PLAIN)

by Darran Lofthouse (Jira)

[ https://issues.redhat.com/browse/WFCORE-4820?page=com.atlassian.jira.plug... ] Darran Lofthouse updated WFCORE-4820: ------------------------------------- Steps to Reproduce: *Scenario One* The minimal steps to reproduce are to add the following entries to the default host.xml and then start domain mode. {noformat} <security-realm name="ldap_security_realm"> <authentication> <ldap connection="testLdap" base-dn="dc=test,dc=sbc,dc=com" recursive="true"> <username-filter attribute="samaccountname"/> </ldap> </authentication> </security-realm> <outbound-connections> <ldap name="testLdap" url="ldap://localhost:636" search-dn="CN=mxxxxxx,OU=GenericID,OU=testUsers,DC=testServices,DC=test,DC=com" search-credential="passowrd" /> </outbound-connections> {noformat} This results in the error: - {noformat} [Host Controller] 17:05:25,154 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-8) MSC000001: Failed to start service org.wildfly.core.management.security.realm.ldap_security_realm: org.jboss.msc.service.StartException in service org.wildfly.core.management.security.realm.ldap_security_realm: WFLYDM0042: Multiple CallbackHandlerServices for the same mechanism (PLAIN) [Host Controller] at org.jboss.as.domain.management.security.SecurityRealmService.start(SecurityRealmService.java:226) [Host Controller] at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1739) {noformat} *Scenario Two* A second scenario can be triggerd by defining the security realm as: - {noformat} <security-realm name="ldap_security_realm"> <server-identities> <ssl> <keystore path="generated.keystore" relative-to="jboss.server.config.dir" keystore-password="password" alias="server" key-password="password" generate-self-signed-certificate-host="localhost"/> </ssl> </server-identities> <authentication> <ldap connection="testLdap" base-dn="dc=test,dc=sbc,dc=com" recursive="true"> <username-filter attribute="samaccountname"/> </ldap> </authentication> </security-realm> {noformat} With the same outbound connection as in the first scenario. The management-interfaces should be updated to: - {noformat} <management-interfaces> <http-interface security-realm="ldap_security_realm"> <http-upgrade enabled="true"/> <socket interface="management" port="${jboss.management.http.port:9990}"/> </http-interface> </management-interfaces> {noformat} This results in no clear error. {noformat} [Host Controller] 17:09:12,854 FATAL [org.jboss.as.host.controller] (Controller Boot Thread) WFLYHC0034: Host Controller boot has failed in an unrecoverable manner; exiting. See previous messages for details. {noformat} This scenario should actually be logging an error similar to the following as the realm is referencing a path which is not defined. {noformat} [Host Controller] 17:08:41,763 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([ [Host Controller] ("host" => "master"), [Host Controller] ("core-service" => "management"), [Host Controller] ("security-realm" => "ldap_security_realm") [Host Controller] ]) - failure description: { [Host Controller] "WFLYCTL0412: Required services that are not installed:" => ["jboss.server.path.\"jboss.server.config.dir\""], [Host Controller] "WFLYCTL0180: Services with missing/unavailable dependencies" => ["org.wildfly.core.management.security.realm.ldap_security_realm.key-manager is missing [jboss.server.path.\"jboss.server.config.dir\"]"] {noformat} was: *Scenario One* The minimal steps to reproduce are to add the following entries to the default host.xml and then start domain mode. {noformat} <security-realm name="ldap_security_realm"> <authentication> <ldap connection="testLdap" base-dn="dc=test,dc=sbc,dc=com" recursive="true"> <username-filter attribute="samaccountname"/> </ldap> </authentication> </security-realm> <outbound-connections> <ldap name="testLdap" url="ldap://localhost:636" search-dn="CN=mxxxxxx,OU=GenericID,OU=testUsers,DC=testServices,DC=test,DC=com" search-credential="passowrd" /> </outbound-connections> {noformat} This results in the error: - {noformat} [Host Controller] 17:05:25,154 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-8) MSC000001: Failed to start service org.wildfly.core.management.security.realm.ldap_security_realm: org.jboss.msc.service.StartException in service org.wildfly.core.management.security.realm.ldap_security_realm: WFLYDM0042: Multiple CallbackHandlerServices for the same mechanism (PLAIN) [Host Controller] at org.jboss.as.domain.management.security.SecurityRealmService.start(SecurityRealmService.java:226) [Host Controller] at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1739) {noformat} *Scenario Two* A second scenario can be triggerd by defining the security realm as: - {noformat} <security-realm name="ldap_security_realm"> <server-identities> <ssl> <keystore path="generated.keystore" relative-to="jboss.server.config.dir" keystore-password="password" alias="server" key-password="password" generate-self-signed-certificate-host="localhost"/> </ssl> </server-identities> <authentication> <ldap connection="testLdap" base-dn="dc=test,dc=sbc,dc=com" recursive="true"> <username-filter attribute="samaccountname"/> </ldap> </authentication> </security-realm> {noformat} With the same outbound connection as in the first scenario. The management-interfaces should be updated to: - {noformat} <management-interfaces> <http-interface security-realm="ldap_security_realm"> <http-upgrade enabled="true"/> <socket interface="management" port="${jboss.management.http.port:9990}"/> </http-interface> </management-interfaces> {noformat} This results in no clear error. {noformat} [Host Controller] 17:09:12,854 FATAL [org.jboss.as.host.controller] (Controller Boot Thread) WFLYHC0034: Host Controller boot has failed in an unrecoverable manner; exiting. See previous messages for details. {noformat} > Error: WFLYDM0042: Multiple CallbackHandlerServices for the same mechanism (PLAIN) > ---------------------------------------------------------------------------------- > > Key: WFCORE-4820 > URL: https://issues.redhat.com/browse/WFCORE-4820 > Project: WildFly Core > Issue Type: Bug > Components: Management, Security > Affects Versions: 10.0.3.Final > Reporter: Mark Sanchez > Assignee: Darran Lofthouse > Priority: Major > > error: > WFLYDM0042: Multiple CallbackHandlerServices for the same mechanism (PLAIN) > We get an error with the following ldap configuration. This works for version 17. > <security-realm name="ldap_security_realm"> > <server-identities> > <ssl> > <engine enabled-protocols="TLSv1.2"/> > <keystore path="/opt/app/workload/jboss/ssl_jboss/psftest2s.jboss.keystore" keystore-password="${VAULT::ssl_cert::password::1}"/> > </ssl> > </server-identities> > <authentication> > <ldap connection="testLdap" base-dn="dc=test,dc=sbc,dc=com" recursive="true"> > <username-filter attribute="samaccountname"/> > </ldap> > </authentication> > </security-realm> > </security-realms> > <outbound-connections> > <ldap name="testLdap" url="ldap://its-ad-ldap.it.test.com:636" search-dn="CN=mxxxxxx,OU=GenericID,OU=testUsers,DC=testServices,DC=test,DC=com" search-credential="${VAULT::ldap_searchdn::password::1}" security-realm="ldap_security_realm"/> > </outbound-connections> > <management-interfaces> > <http-interface security-realm="ldap_security_realm"> > <http-upgrade enabled="true"/> > <socket interface="management" port="${jboss.management.http.port:9990}"/> > </http-interface> > </management-interfaces> -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 3 months

1
0
0 / 0

[JBoss JIRA] (JGRP-2441) Changes to MembershipListener, StateListener, MessageListener

by Bela Ban (Jira)

[ https://issues.redhat.com/browse/JGRP-2441?page=com.atlassian.jira.plugin... ] Bela Ban edited comment on JGRP-2441 at 1/30/20 12:13 PM: ---------------------------------------------------------- * Merged all {{X}} Listener interfaces into {{Receiver}} * Removed {{ReceiverAdapter}} ({{Receiver}} has default methods) * Removed {{suspect()}}: this method is only an indication that a member is suspected, and as such not very useful. The subsequent {{View}} is what counts. * Replaced {{MessageListener}}, {{MembershipListener}} and {{StateListener}} with {{Receiver}} was (Author: belaban): * Merged all {{X}} Listener interfaces into {{Receiver}} * Removed {{ReceiverAdapter}} ({{Receiver}} has default methods) * Removed {{suspect()}}: this method is only an indication that a member is suspected, and as such not very useful. The subsequent {{View}} is what counts. > Changes to MembershipListener,StateListener,MessageListener > ----------------------------------------------------------- > > Key: JGRP-2441 > URL: https://issues.redhat.com/browse/JGRP-2441 > Project: JGroups > Issue Type: Task > Reporter: Bela Ban > Assignee: Bela Ban > Priority: Minor > Fix For: 5.0 > > > Investigate > * Why is MessageListener still needed? Can't we just use {{Receiver}}? > * Why does {{MessageListener}} subclass {{StateListener}}? > * Are callbacks {{block()}}, {{unblock()}} and {{suspect()}} still needed? -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 3 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira January 2020