[Security & JAAS/JBoss] - JBoss Negotiation SPNEGO Problem
by hr_aru
Hi All,
since a week I am trying to configure SSO in JBoss. I tried the User Guide for JBoss Negotiation, a couple of Howtos found by google, and a few more.
Im a little bit frustrated now and i think im going to change my job. Iceman is a nice job I think.
Okay seriously:
I have a win2008 SP2 AD Domain and 2 Win XP SP2 Client.
AD: pdc.test.net
Jboss webserver.test.net with jboss-4.2.3.GA
I add a new User "webserver" to the AD.
I also done the following commands successful:
setspn -a HTTP/webserver.test.net
ktpass -princ HTTP/webserver.test.net(a)TES.NET -mapuser webserver -pass "Password
ktab.exe -k c:\webserver.host.keytab -a HTTP/webserver.test.net
Kinit works on the AD and Webserver Server.
I look at the User properties for the User "webserver" and the Account Name change into HTTP/webserver.test.net. I also can see that delegation in allowed at the Delegation tab.
The Webserver:
The jboss-negotiation-2.0.3.GA.jar is stored in default/lib
I configured the properties-service.xml, the jboss-service.xml, login.xml
So if I running the Server and start my Firefox 3.10 or the Ie7 (configured for sso) and click the Basic Negotiation i just get to see is
"Warning, this is: NTLM Negotiation
| WWW-Authenticate - Negotiate TlRMTVNTUAABAAAAB7IIogQABAAxAAAACQAJACgAAAAFASgKAAAAD1dFQlNFUlZFUlRFU1Q=
|
| NTLM - Negotiate_Message
| Warning, this is NTLM, only SPNEGO is supported!
| Negotiate Flags - (encryption56Bit)(sessionKeyExchange128Bit)(negotiateVersion)(ntlm2)(alwaysSign)(oemWorkstationSupplied)(oemDomainSupplied)(ntlm)(requestTarget)(oem)(unicode)
|
| Jboss:
|
|
11:55:48,494 INFO [BasicNegotiationServlet] Authorization header received - decoding token.
| 11:55:48,509 INFO [NTLMNegotiationServlet] Authorization header received - decoding token.
| 11:55:48,509 INFO [NTLMNegotiationServlet] Using existing message.
If I click on SecurityDomainTest it works. I get a Ticket. So Kerberos works (or not), but its look like i dont get a SPNEGO Ticket.
With wfetch.exe i get the same Result.
I tested the Troubleshooting Things list in the Userguide but I did not get more Informations. So any Ideas?
P.S. I know my english isn t perfekt.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4247226#4247226
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4247226
15 years, 6 months
[EJB 3.0] - JBOSS5.1.x :: Does EJB3 MDB has a dependency on EJBTimerServ
by preetam_pict
hi all,
i have removed ejb timer service from my jboss 5.1.x since i want to get rid of not needed service of jboss. ( i am trying to trim my jboss default instance)
i have removed following files
1. remove hdscanner-jboss-beans.xml
2. remove ejb2-timer-service.xml
3. remove ejb3-timerservice-jboss-beans.xml
4. remove profileservice-jboss-beans.xml
5. remove profileservice-secured.jar
6. remove schedule-manager-service.xml
7. remove scheduler-service.xml
8. remove uuid-key-generator.sar
9. remove quartz-ra.rar
10. http-invoker.sar
now when i deploy my ear which has couple of MDBs i am getting deployment errors ... though i don't use ejb timer service in my mdb.
so is there any dependency of MDB on EJBTimerService?
how can i remove this dependency?
thanks in advance
~pp
**************Logs**************
| 14:00:49,490 INFO [TomcatDeployment] deploy, ctxPath=/
| 14:00:49,615 INFO [TomcatDeployment] deploy, ctxPath=/jmx-console
| 14:00:50,600 INFO [JBossASKernel] Created KernelDeployment for: QueryGeneratorE
| JB.jar
| 14:00:50,615 INFO [JBossASKernel] installing bean: jboss.j2ee:ear=QueryGenerato
| rEnterprise.ear,jar=QueryGeneratorEJB.jar,name=RequestListnerMDBBean,service=EJB
| 3
| 14:00:50,615 INFO [JBossASKernel] with dependencies:
| 14:00:50,615 INFO [JBossASKernel] and demands:
| 14:00:50,615 INFO [JBossASKernel] jboss.ejb:service=EJBTimerService
| 14:00:50,615 INFO [JBossASKernel] and supplies:
| 14:00:50,615 INFO [JBossASKernel] jndi:null
| 14:00:50,615 INFO [JBossASKernel] Class:javax.jms.MessageListener
| 14:00:50,615 INFO [JBossASKernel] Added bean(jboss.j2ee:ear=QueryGeneratorEnter
| prise.ear,jar=QueryGeneratorEJB.jar,name=RequestListnerMDBBean,service=EJB3) to
| KernelDeployment of: QueryGeneratorEJB.jar
| 14:00:50,615 INFO [JBossASKernel] installing bean: jboss.j2ee:ear=QueryGenerato
| rEnterprise.ear,jar=QueryGeneratorEJB.jar,name=ResponseListnerMDBBean,service=EJ
| B3
| 14:00:50,631 INFO [JBossASKernel] with dependencies:
| 14:00:50,631 INFO [JBossASKernel] and demands:
| 14:00:50,631 INFO [JBossASKernel] jboss.ejb:service=EJBTimerService
| 14:00:50,631 INFO [JBossASKernel] and supplies:
| 14:00:50,631 INFO [JBossASKernel] jndi:null
| 14:00:50,631 INFO [JBossASKernel] Class:javax.jms.MessageListener
| 14:00:50,647 INFO [JBossASKernel] Added bean(jboss.j2ee:ear=QueryGeneratorEnter
| prise.ear,jar=QueryGeneratorEJB.jar,name=ResponseListnerMDBBean,service=EJB3) to
| KernelDeployment of: QueryGeneratorEJB.jar
| 14:00:50,943 INFO [TomcatDeployment] deploy, ctxPath=/QueryGeneratorWeb
| 14:00:51,053 ERROR [ProfileServiceBootstrap] Failed to load profile: Summary of
| incomplete deployments (SEE PREVIOUS ERRORS FOR DETAILS):
|
| DEPLOYMENTS MISSING DEPENDENCIES:
| Deployment "jboss.j2ee:ear=QueryGeneratorEnterprise.ear,jar=QueryGeneratorEJB.
| jar,name=RequestListnerMDBBean,service=EJB3" is missing the following dependenci
| es:
| Dependency "<UNKNOWN jboss.j2ee:ear=QueryGeneratorEnterprise.ear,jar=QueryGe
| neratorEJB.jar,name=RequestListnerMDBBean,service=EJB3>" (should be in state "De
| scribed", but is actually in state "** UNRESOLVED Demands 'jboss.ejb:service=EJB
| TimerService' **")
| Deployment "jboss.j2ee:ear=QueryGeneratorEnterprise.ear,jar=QueryGeneratorEJB.
| jar,name=ResponseListnerMDBBean,service=EJB3" is missing the following dependenc
| ies:
| Dependency "<UNKNOWN jboss.j2ee:ear=QueryGeneratorEnterprise.ear,jar=QueryGe
| neratorEJB.jar,name=ResponseListnerMDBBean,service=EJB3>" (should be in state "D
| escribed", but is actually in state "** UNRESOLVED Demands 'jboss.ejb:service=EJ
| BTimerService' **")
|
| DEPLOYMENTS IN ERROR:
| Deployment "<UNKNOWN jboss.j2ee:ear=QueryGeneratorEnterprise.ear,jar=QueryGene
| ratorEJB.jar,name=RequestListnerMDBBean,service=EJB3>" is in error due to the fo
| llowing reason(s): ** UNRESOLVED Demands 'jboss.ejb:service=EJBTimerService' **
| Deployment "<UNKNOWN jboss.j2ee:ear=QueryGeneratorEnterprise.ear,jar=QueryGene
| ratorEJB.jar,name=ResponseListnerMDBBean,service=EJB3>" is in error due to the f
| ollowing reason(s): ** UNRESOLVED Demands 'jboss.ejb:service=EJBTimerService' **
|
|
| 14:00:51,193 INFO [Http11Protocol] Starting Coyote HTTP/1.1 on http-TZ-TEST%2F1
| 72.16.3.186-8080
|
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4247223#4247223
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4247223
15 years, 6 months