[JBoss JIRA] (ELY-1826) Cannot connect to management interface with Java Security Manager enabled

Wednesday, 19 June 2019

     [
https://issues.jboss.org/browse/ELY-1826?page=com.atlassian.jira.plugin.s...
]

Ingo Weiss updated ELY-1826:
----------------------------
    Labels: downstream_dependency  (was: )

...
 Cannot connect to management interface with Java Security Manager
enabled
 -------------------------------------------------------------------------

                 Key: ELY-1826
                 URL: https://issues.jboss.org/browse/ELY-1826
             Project: WildFly Elytron
          Issue Type: Bug
          Components: Security Manager
    Affects Versions: 1.6.2.Final
            Reporter: Ilia Vassilev
            Assignee: Ilia Vassilev
            Priority: Major
              Labels: downstream_dependency
             Fix For: 1.6.3.Final

 When JBoss EAP is configured to authenticate management interfaces with LDAPS and RBAC
enabled authentication works unless the security manager is enabled. When security manager
is enabled the exception [1] occurs in console and exception [2] is logged in server.log
 [1]
 {code}
 "Failed to connect to the controller: Unable to authenticate against controller at
... Authentication failed: all available authentication mechanisms failed: PLAIN:
javax.security.sasl.SaslException: PLAIN: Server rejected authentication"
 {code}
 [2]
 {code}
 2019-05-15 09:30:45,434 DEBUG [org.wildfly.security] (management task-3) Could not create
[class javax.naming.ldap.InitialLdapContext]. Failed to connect to LDAP server.:
javax.naming.CommunicationException: myldap.mydomain:636 [Root exception is
java.lang.ClassNotFoundException:
org/wildfly/security/auth/realm/ldap/ThreadLocalSSLSocketFactory]
 	at com.sun.jndi.ldap.Connection.<init>(Connection.java:238)
 	at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137)
 	at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1609)
 	at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2749)
 	at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319)
 	at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192)
 	at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210)
 	at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153)
 	at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83)
 	at org.jboss.as.naming.InitialContext.getDefaultInitCtx(InitialContext.java:116)
 	at org.jboss.as.naming.InitialContext.init(InitialContext.java:101)
 	at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154)
 	...
 	at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:245)
 	at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:217)
 	at
org.jboss.remoting3.remote.ServerConnectionOpenListener$AuthStepRunnable.run(ServerConnectionOpenListener.java:486)
 	at
org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:949)
 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
 	at java.lang.Thread.run(Thread.java:748)
 Caused by: java.lang.ClassNotFoundException:
org/wildfly/security/auth/realm/ldap/ThreadLocalSSLSocketFactory
 	at java.lang.Class.forName0(Native Method)
 	at java.lang.Class.forName(Class.java:348)
 	at com.sun.jndi.ldap.VersionHelper12.loadClass(VersionHelper12.java:72)
 	at com.sun.jndi.ldap.Connection.createSocket(Connection.java:293)
 	at com.sun.jndi.ldap.Connection.<init>(Connection.java:215)
 	... 42 more
 {code} 

--
This message was sent by Atlassian Jira
(v7.12.1#712002)

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006