1:50 p.m.
[
https://issues.jboss.org/browse/WFCORE-3183?page=com.atlassian.jira.plugi...
]
Jan Kalina closed WFCORE-3183.
------------------------------
Resolution: Done
Unable to connect jboss-cli.sh using GS2-KRB5-PLUS
--------------------------------------------------
Key: WFCORE-3183
URL: https://issues.jboss.org/browse/WFCORE-3183
Project: WildFly Core
Issue Type: Bug
Components: Security
Affects Versions: 3.0.0.Beta31
Reporter: Jan Kalina
Assignee: Jan Kalina
Priority: Blocker
I am unable to connect with jboss-cli.sh using GS2-KRB5-PLUS. This is not duplicity to
JBEAP-12688. In this case even SASL client is not created.
In server.log I see
{code}
17:25:10,564 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Initialized
connection from /127.0.0.1:37230 to /127.0.0.1:9993 with options
{org.jboss.remoting3.RemotingOptions.SASL_PROTOCOL=>remote}
17:25:10,564 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Accepted
connection from /127.0.0.1:37230 to localhost.localdomain/127.0.0.1:9993
17:25:10,564 TRACE [org.jboss.remoting.remote] (management I/O-2) Setting read listener
to org.jboss.remoting3.remote.ServerConnectionOpenListener$Initial@2cb6a081
17:25:10,564 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) No buffers
in queue for message header
17:25:10,564 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Allocated
fresh buffers
17:25:10,564 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) No read
bytes available
17:25:10,565 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Sent 28
bytes
17:25:10,565 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Flushed
channel
17:25:10,576 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) No buffers
in queue for message header
17:25:10,577 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Allocated
fresh buffers
17:25:10,577 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Received 56
bytes
17:25:10,577 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Received
message java.nio.HeapByteBuffer[pos=0 lim=52 cap=8192]
17:25:10,577 TRACE [org.jboss.remoting.remote.server] (management I/O-2) Received
java.nio.HeapByteBuffer[pos=0 lim=52 cap=8192]
17:25:10,577 TRACE [org.jboss.remoting.remote.server] (management I/O-2) Server received
capabilities request
17:25:10,577 TRACE [org.jboss.remoting.remote.server] (management I/O-2) Server received
capability: version 1
17:25:10,577 TRACE [org.jboss.remoting.remote.server] (management I/O-2) Server received
capability: remote endpoint name "cli-client"
17:25:10,577 TRACE [org.jboss.remoting.remote.server] (management I/O-2) Server received
capability: message close protocol supported
17:25:10,577 TRACE [org.jboss.remoting.remote.server] (management I/O-2) Server received
capability: remote version is "5.0.0.CR5-redhat-1"
17:25:10,577 TRACE [org.jboss.remoting.remote.server] (management I/O-2) Server received
capability: remote channels in is "40"
17:25:10,577 TRACE [org.jboss.remoting.remote.server] (management I/O-2) Server received
capability: remote channels out is "40"
17:25:10,577 TRACE [org.jboss.remoting.remote.server] (management I/O-2) Server received
capability: authentication service
17:25:10,580 TRACE [org.jboss.remoting.remote.server] (management I/O-2) No EXTERNAL
mechanism due to unverified SSL peer
17:25:10,583 TRACE [org.jboss.remoting.remote.server] (management I/O-2) Added mechanism
GS2-KRB5-PLUS
17:25:10,583 TRACE [org.jboss.remoting.remote.server] (management I/O-2) Added mechanism
PLAIN
17:25:10,583 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) No buffers
in queue for message header
17:25:10,583 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Allocated
fresh buffers
17:25:10,583 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) No read
bytes available
17:25:10,583 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Sent 88
bytes
17:25:10,583 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Flushed
channel
17:25:10,637 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) No buffers
in queue for message header
17:25:10,637 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Allocated
fresh buffers
17:25:10,637 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) No read
bytes available
17:25:10,637 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) No buffers
in queue for message header
17:25:10,637 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Allocated
fresh buffers
17:25:10,637 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) No read
bytes available
17:25:10,638 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) No buffers
in queue for message header
17:25:10,638 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Allocated
fresh buffers
17:25:10,638 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Received
EOF
17:25:10,638 TRACE [org.jboss.remoting.remote] (management I/O-2) Received connection
end-of-stream
17:25:10,971 INFO [org.jboss.eapqe.krbldap.utils.CustomCLIExecutor] (main) CLI executor
output:
17:25:10,971 INFO [org.jboss.eapqe.krbldap.utils.CustomCLIExecutor] (main) Failed to
connect to the controller: Unable to authenticate against controller at
localhost.localdomain:9993: Authentication failed: none of the mechanisms presented by the
server (GS2-KRB5-PLUS, PLAIN) are supported
{code}
In jboss-cli.log I see.
{code}
17:14:21,557 TRACE [org.wildfly.security] Created SaslClient [null] for mechanisms
[GS2-KRB5-PLUS]
17:14:21,557 TRACE [org.jboss.remoting.remote.connection] Connection error detail:
javax.security.sasl.SaslException: Authentication failed: none of the mechanisms presented
by the server (GS2-KRB5-PLUS, PLAIN) are supported
at
org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:438)
at
org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:242)
at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
at
org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89)
at org.xnio.nio.WorkerThread.run(WorkerThread.java:571)
17:14:21,558 DEBUG [org.jboss.remoting.remote.connection] JBREM000200: Remote connection
failed: javax.security.sasl.SaslException: Authentication failed: none of the mechanisms
presented by the server (GS2-KRB5-PLUS, PLAIN) are supported
17:14:21,559 TRACE [org.jboss.remoting.endpoint] Registered exception result:
javax.security.sasl.SaslException: Authentication failed: none of the mechanisms presented
by the server (GS2-KRB5-PLUS, PLAIN) are supported
at
org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:438)
at
org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:242)
at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
at
org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89)
at org.xnio.nio.WorkerThread.run(WorkerThread.java:571)
{code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
3216
days inactive
3216
days old
0 comments
1 participants
participants (1)
-
Jan Kalina (JIRA)