October 2016 - teiid-issues - Jboss List Archives

[JBoss JIRA] (TEIID-4480) Change the default log level for command_log in the community kit to warn

by Steven Hawkins (JIRA)

[ https://issues.jboss.org/browse/TEIID-4480?page=com.atlassian.jira.plugin... ] Steven Hawkins updated TEIID-4480: ---------------------------------- Fix Version/s: 9.1 (was: 9.0.5) > Change the default log level for command_log in the community kit to warn > ------------------------------------------------------------------------- > > Key: TEIID-4480 > URL: https://issues.jboss.org/browse/TEIID-4480 > Project: Teiid > Issue Type: Quality Risk > Components: Build/Kits > Affects Versions: 9.1 > Reporter: Steven Hawkins > Assignee: Steven Hawkins > Fix For: 9.1 > > > With TEIID-3594 the product scripts were also updated to adjust the default logging level, but that was not done in the standalone-teiid.xml -- This message was sent by Atlassian JIRA (v7.2.2#72004)

8 years, 2 months

1
0
0 / 0

[JBoss JIRA] (TEIID-3755) Allow embedded to set the default authentication type

by Steven Hawkins (JIRA)

[ https://issues.jboss.org/browse/TEIID-3755?page=com.atlassian.jira.plugin... ] Steven Hawkins resolved TEIID-3755. ----------------------------------- Fix Version/s: 9.2 9.0.5 9.1.1 (was: 8.12) Resolution: Done Updated to set the authentication type on the sessionservice as well. > Allow embedded to set the default authentication type > ----------------------------------------------------- > > Key: TEIID-3755 > URL: https://issues.jboss.org/browse/TEIID-3755 > Project: Teiid > Issue Type: Enhancement > Components: Embedded > Reporter: Steven Hawkins > Assignee: Steven Hawkins > Fix For: 9.2, 9.0.5, 9.1.1 > > > There is currently not a config property to set the default authentication type. -- This message was sent by Atlassian JIRA (v7.2.2#72004)

8 years, 2 months

1
0
0 / 0

[JBoss JIRA] (TEIID-3755) Allow embedded to set the default authentication type

by Steven Hawkins (JIRA)

[ https://issues.jboss.org/browse/TEIID-3755?page=com.atlassian.jira.plugin... ] Steven Hawkins edited comment on TEIID-3755 at 10/25/16 4:09 PM: ----------------------------------------------------------------- The setting is currently only affecting the code for legacy clients. was (Author: shawkins): The setting is currently only affecting the code for legacy clients - and will not work as the GSS protocol changed. > Allow embedded to set the default authentication type > ----------------------------------------------------- > > Key: TEIID-3755 > URL: https://issues.jboss.org/browse/TEIID-3755 > Project: Teiid > Issue Type: Enhancement > Components: Embedded > Reporter: Steven Hawkins > Assignee: Steven Hawkins > Fix For: 8.12 > > > There is currently not a config property to set the default authentication type. -- This message was sent by Atlassian JIRA (v7.2.2#72004)

8 years, 2 months

1
0
0 / 0

[JBoss JIRA] (TEIID-3755) Allow embedded to set the default authentication type

by Steven Hawkins (JIRA)

[ https://issues.jboss.org/browse/TEIID-3755?page=com.atlassian.jira.plugin... ] Steven Hawkins reopened TEIID-3755: ----------------------------------- The setting is currently only affecting the code for legacy clients - and will not work as the GSS protocol changed. > Allow embedded to set the default authentication type > ----------------------------------------------------- > > Key: TEIID-3755 > URL: https://issues.jboss.org/browse/TEIID-3755 > Project: Teiid > Issue Type: Enhancement > Components: Embedded > Reporter: Steven Hawkins > Assignee: Steven Hawkins > Fix For: 8.12 > > > There is currently not a config property to set the default authentication type. -- This message was sent by Atlassian JIRA (v7.2.2#72004)

8 years, 2 months

1
0
0 / 0

[JBoss JIRA] (TEIID-4499) OData Kerberos cannot access VDB

by Steven Hawkins (JIRA)

[ https://issues.jboss.org/browse/TEIID-4499?page=com.atlassian.jira.plugin... ] Steven Hawkins commented on TEIID-4499: --------------------------------------- I think the resolution here is to improve the error message and to make sure the documentation mentions that PassthroughAuthentication must be used in this scenario. > OData Kerberos cannot access VDB > -------------------------------- > > Key: TEIID-4499 > URL: https://issues.jboss.org/browse/TEIID-4499 > Project: Teiid > Issue Type: Bug > Components: OData > Affects Versions: 8.12.6.6_3 > Reporter: Jan Stastny > Assignee: Ramesh Reddy > Priority: Critical > Fix For: 9.2, 9.0.5, 9.1.1 > > > When configured odata war for Kerberos using https://teiid.gitbooks.io/documents/content/security/Kerberos_support_thr... an error occurs when accessing a vdb, which is also secured by Kerberos. > The error is following: > {code:plain} > 11:44:53,360 WARN [org.teiid.ODATA] (http-127.0.0.1:8080-1) TEIID16047 Could not process OData 4 request: 08001 TEIID40055 org.teiid.core.TeiidException: TEIID40055 org.teiid.net.ConnectionException: TEIID40055 Wrong logon method is being used. Server is not set up for GSS based authentication.: org.teiid.core.TeiidProcessingException: 08001 TEIID40055 org.teiid.core.TeiidException: TEIID40055 org.teiid.net.ConnectionException: TEIID40055 Wrong logon method is being used. Server is not set up for GSS based authentication. > at org.teiid.olingo.web.ODataFilter.internalDoFilter(ODataFilter.java:233) [teiid-olingo-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > at org.teiid.olingo.web.ODataFilter.doFilter(ODataFilter.java:100) [teiid-olingo-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:231) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.jboss.security.negotiation.NegotiationAuthenticator$WrapperValve.invoke(NegotiationAuthenticator.java:492) [jboss-negotiation-common-2.3.11.Final-redhat-1.jar:2.3.11.Final-redhat-1] > at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:512) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web-7.5.9.Final-redhat-2.jar:7.5.9.Final-redhat-2] > at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:150) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:854) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:654) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_102] > Caused by: org.teiid.jdbc.TeiidSQLException: TEIID40055 org.teiid.core.TeiidException: TEIID40055 org.teiid.net.ConnectionException: TEIID40055 Wrong logon method is being used. Server is not set up for GSS based authentication. > at org.teiid.jdbc.TeiidSQLException.create(TeiidSQLException.java:135) > at org.teiid.jdbc.TeiidSQLException.create(TeiidSQLException.java:71) > at org.teiid.jdbc.EmbeddedProfile.connect(EmbeddedProfile.java:55) > at org.teiid.jdbc.TeiidDriver.connect(TeiidDriver.java:105) > at org.teiid.olingo.service.LocalClient.buildConnection(LocalClient.java:119) [teiid-olingo-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > at org.teiid.olingo.service.LocalClient.open(LocalClient.java:89) [teiid-olingo-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > at org.teiid.olingo.web.ODataFilter.internalDoFilter(ODataFilter.java:226) [teiid-olingo-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > ... 16 more > Caused by: org.teiid.core.TeiidException: TEIID40055 org.teiid.core.TeiidException: TEIID40055 org.teiid.net.ConnectionException: TEIID40055 Wrong logon method is being used. Server is not set up for GSS based authentication. > at org.teiid.core.util.ReflectionHelper.create(ReflectionHelper.java:308) [teiid-common-core-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > at org.teiid.jdbc.ModuleHelper.createFromModule(ModuleHelper.java:53) > at org.teiid.jdbc.EmbeddedProfile.createServerConnection(EmbeddedProfile.java:60) > at org.teiid.jdbc.EmbeddedProfile.connect(EmbeddedProfile.java:50) > ... 20 more > Caused by: org.teiid.core.TeiidException: TEIID40055 org.teiid.net.ConnectionException: TEIID40055 Wrong logon method is being used. Server is not set up for GSS based authentication. > at org.teiid.core.util.ReflectionHelper.create(ReflectionHelper.java:345) [teiid-common-core-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > at org.teiid.core.util.ReflectionHelper.create(ReflectionHelper.java:306) [teiid-common-core-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > ... 23 more > Caused by: org.teiid.net.ConnectionException: TEIID40055 Wrong logon method is being used. Server is not set up for GSS based authentication. > at org.teiid.transport.LocalServerConnection.authenticate(LocalServerConnection.java:146) > at org.teiid.transport.LocalServerConnection.<init>(LocalServerConnection.java:106) > at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) [rt.jar:1.8.0_102] > at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) [rt.jar:1.8.0_102] > at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) [rt.jar:1.8.0_102] > at java.lang.reflect.Constructor.newInstance(Constructor.java:423) [rt.jar:1.8.0_102] > at org.teiid.core.util.ReflectionHelper.create(ReflectionHelper.java:343) [teiid-common-core-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > ... 24 more > Caused by: org.teiid.client.security.LogonException: TEIID40055 Wrong logon method is being used. Server is not set up for GSS based authentication. > at org.teiid.transport.LogonImpl.logon(LogonImpl.java:119) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.8.0_102] > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) [rt.jar:1.8.0_102] > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.8.0_102] > at java.lang.reflect.Method.invoke(Method.java:498) [rt.jar:1.8.0_102] > at org.teiid.transport.LocalServerConnection$1$1.call(LocalServerConnection.java:180) > at java.util.concurrent.FutureTask.run(FutureTask.java:266) [rt.jar:1.8.0_102] > at org.teiid.dqp.internal.process.DQPWorkContext.runInContext(DQPWorkContext.java:276) > at org.teiid.dqp.internal.process.DQPWorkContext.runInContext(DQPWorkContext.java:260) > at org.teiid.transport.LocalServerConnection$1.invoke(LocalServerConnection.java:178) > at com.sun.proxy.$Proxy81.logon(Unknown Source) > at org.teiid.transport.LocalServerConnection.authenticate(LocalServerConnection.java:142) > ... 30 more > {code} > Authentication of the user succeeded: > {code:plain} > principal is dv(a)EXAMPLE.COM > Will use keytab > Commit Succeeded > {code} > Authentication of the server succeeded: > {code:plain} > 11:44:52,873 INFO [stdout] (http-127.0.0.1:8080-1) Acquire TGT from Cache > 11:44:52,874 INFO [stdout] (http-127.0.0.1:8080-1) Principal is HTTP/localhost(a)EXAMPLE.COM > 11:44:52,874 INFO [stdout] (http-127.0.0.1:8080-1) null credentials from Ticket Cache > 11:44:53,234 INFO [stdout] (http-127.0.0.1:8080-1) principal is HTTP/localhost(a)EXAMPLE.COM > 11:44:53,234 INFO [stdout] (http-127.0.0.1:8080-1) Will use keytab > 11:44:53,236 INFO [stdout] (http-127.0.0.1:8080-1) Commit Succeeded > {code} > Initial request: > {code:plain} > 12:44:52,325 DEBUG [MainClientExec] Opening connection {}->http://localhost:8080 > 12:44:52,327 DEBUG [DefaultHttpClientConnectionOperator] Connecting to localhost/127.0.0.1:8080 > 12:44:52,328 DEBUG [DefaultHttpClientConnectionOperator] Connection established 127.0.0.1:47980<->127.0.0.1:8080 > 12:44:52,328 DEBUG [MainClientExec] Executing request GET /odata4/kerberos_teiid/BQT1/smalla HTTP/1.1 > 12:44:52,328 DEBUG [MainClientExec] Target auth state: UNCHALLENGED > 12:44:52,329 DEBUG [MainClientExec] Proxy auth state: UNCHALLENGED > 12:44:52,330 DEBUG [headers] http-outgoing-0 >> GET /odata4/kerberos_teiid/BQT1/smalla HTTP/1.1 > 12:44:52,330 DEBUG [headers] http-outgoing-0 >> Host: localhost:8080 > 12:44:52,330 DEBUG [headers] http-outgoing-0 >> Connection: Keep-Alive > 12:44:52,330 DEBUG [headers] http-outgoing-0 >> User-Agent: Apache-HttpClient/4.5.2 (Java/1.8.0_51) > 12:44:52,330 DEBUG [headers] http-outgoing-0 >> Accept-Encoding: gzip,deflate > 12:44:52,330 DEBUG [wire] http-outgoing-0 >> "GET /odata4/kerberos_teiid/BQT1/smalla HTTP/1.1[\r][\n]" > 12:44:52,330 DEBUG [wire] http-outgoing-0 >> "Host: localhost:8080[\r][\n]" > 12:44:52,331 DEBUG [wire] http-outgoing-0 >> "Connection: Keep-Alive[\r][\n]" > 12:44:52,331 DEBUG [wire] http-outgoing-0 >> "User-Agent: Apache-HttpClient/4.5.2 (Java/1.8.0_51)[\r][\n]" > 12:44:52,331 DEBUG [wire] http-outgoing-0 >> "Accept-Encoding: gzip,deflate[\r][\n]" > 12:44:52,331 DEBUG [wire] http-outgoing-0 >> "[\r][\n]" > {code} > Negotiate request from server: > {code:plain} > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "HTTP/1.1 401 Unauthorized[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "Server: Apache-Coyote/1.1[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "Pragma: No-cache[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "Cache-Control: no-cache[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "Expires: Thu, 01 Jan 1970 01:00:00 GMT+01:00[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "WWW-Authenticate: Negotiate[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "Content-Type: text/html;charset=utf-8[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "Content-Length: 996[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "Date: Mon, 10 Oct 2016 10:44:52 GMT[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "<html><head><title>JBWEB000065: HTTP Status 401 - </title><style></style> </head><body><h1>JBWEB000065: HTTP Status 401 - </h1><HR size="1" noshade="noshade"><p><b>JBWEB000309: type</b> JBWEB000067: Status report</p><p><b>JBWEB000068: message</b> <u></u></p><p><b>JBWEB000069: description</b> <u>JBWEB000121: This request requires HTTP authentication.</u></p><HR size="1" noshade="noshade"></body></html>" > 12:44:52,459 DEBUG [headers] http-outgoing-0 << HTTP/1.1 401 Unauthorized > 12:44:52,459 DEBUG [headers] http-outgoing-0 << Server: Apache-Coyote/1.1 > 12:44:52,459 DEBUG [headers] http-outgoing-0 << Pragma: No-cache > 12:44:52,460 DEBUG [headers] http-outgoing-0 << Cache-Control: no-cache > 12:44:52,460 DEBUG [headers] http-outgoing-0 << Expires: Thu, 01 Jan 1970 01:00:00 GMT+01:00 > 12:44:52,460 DEBUG [headers] http-outgoing-0 << WWW-Authenticate: Negotiate > 12:44:52,460 DEBUG [headers] http-outgoing-0 << Content-Type: text/html;charset=utf-8 > 12:44:52,460 DEBUG [headers] http-outgoing-0 << Content-Length: 996 > 12:44:52,460 DEBUG [headers] http-outgoing-0 << Date: Mon, 10 Oct 2016 10:44:52 GMT > {code} > Response to auth server: > {code:plain} > Found ticket for dv(a)EXAMPLE.COM to go to krbtgt/EXAMPLE.COM(a)EXAMPLE.COM expiring on Mon Oct 10 20:44:52 CEST 2016 > Entered Krb5Context.initSecContext with state=STATE_NEW > Service ticket not found in the subject > 12:44:52,846 DEBUG [SPNegoScheme] Sending response 'YIIEjgYGKwYBBQUCoIIEgjCCBH6gDTALBgkqhkiG9xIBAgKhBAMCAfaiggRlBIIEYWCCBF0GCSqGSIb3EgECAgEAboIETDCCBEigAwIBBaEDAgEOogcDBQAgAAAAo4IBBmGCAQIwgf+gAwIBBaEbGxlNVy5MQUIuRU5HLkJPUy5SRURIQVQuQ09NohwwGqADAgEAoRMwERsESFRUUBsJbG9jYWxob3N0o4G8MIG5oAMCARGhAwIBBKKBrASBqdJuL2wF7+W0MD1qISt66VAyhitq77SR6vLKWJnpc/Yx60ch80GepVlYdoYxee0qW+d4u6aw3p0BaOWSgSMRoDnr9bSUn+tQXNevIfKE+oUM+5lC4afhAF0PB4dcJC7z6/wLZ9drDImvyhntm9lq/yv5LW76gSbVd9SjO58ZvD3cYRJnuF3CaFhm5ol0ce84ojZdX5mVvVBUU3+Vo1rh6SSEKda+xoBkK/ykggMnMIIDI6ADAgERooIDGgSCAxaG8huKFUf6vR0wVfeI1caKfIPtGC9rDSw5DYTz1dz43F8GI9we3YG9NC6kEi1zPdA4A2dxfBqgUl+/YkBdQco4udBCwLXNmziHCS5ypypBJsFdgFzRi/9hXukmqofSGIlKVJWH3ap1ap+37Amfm6LxZuQFDyY526onGXdWoAB0Jbcpsi74Ti5x3sRGZqoF5FTwUqI0pQYI+hLDh2GeBNXBNOHqdMXNfnLFOr+LpnNhl7ROxkWsBxNPv/4MmRLPsF/cGrc924L6R4PQvP7qVjGKUxayEoBPP/go5xb2b2z+TjruspzbJ5dw1wKAOH2RGlDJ5om0PUSqaxe0h2WhL9rXBOGVONTSv7lYQ2pcgaOqR6FutB5PZGP0B73ekwhbRfrt6zxLpHzZFnrSeV9lz1U4r8Bkyxuze3cuQGcL/cNTBbhE83cbNY8VJlu4E+6LmZ9ll3vpjNq3735S6gFArsOJ38FcLO0Kqj1rZr7/r9TRsV9f8agDnWusc5lQzZc+4H0BIeAPD34ApJxGogA63/8yF1Pl3uc1Rp+a6blQHLLCRZthIpi8LVF8rSizTkTDWUrTw+X5wGDunjslrUmClW25qzGeLTZpELrJXkKFstUnL4blaPboyPk8qDecaRed+dIjteVS9CgF51AtHrO9vhWgrr41TL+H8akHfjI6Q9GIgravWLSkNrVMsrNyVAlc1hdUAovLXJFfxS3Mg0OugjG3rJhSCiQqLCuhIRL8OB4Fz4Pa24fpBG0G/Rv1RrhuQaKoxNsZxuR67zzF+v7+4PRKK39y0cqFWBf95YV4SWz7qzXmZYcaDcVhrFzp723ecWunVa6Qt5YUZ3+pkKV+NGGb95PjS7HtvXZo4ko5tJX1QI+ke4I3j3cThrWlV5y3rNC2IKiE8eRNI6rKRGdvpYLwkL0B5AkJleqGjdiqZVy6Q2w/YdHN2oTOs8qUgIVgPHJMyRLUTT872ZOWdmmHWJuIe3sVkr1RLFDV2csmYggSZCbjCczFvlmKrcn6OLqVRGN3sNm6a9Q45wZimLvIkxePHag3vvtp' back to the auth server > 12:44:52,846 DEBUG [MainClientExec] Proxy auth state: UNCHALLENGED > 12:44:52,846 DEBUG [headers] http-outgoing-0 >> GET /odata4/kerberos_teiid/BQT1/smalla HTTP/1.1 > 12:44:52,846 DEBUG [headers] http-outgoing-0 >> Host: localhost:8080 > 12:44:52,846 DEBUG [headers] http-outgoing-0 >> Connection: Keep-Alive > 12:44:52,846 DEBUG [headers] http-outgoing-0 >> User-Agent: Apache-HttpClient/4.5.2 (Java/1.8.0_51) > 12:44:52,846 DEBUG [headers] http-outgoing-0 >> Accept-Encoding: gzip,deflate > 12:44:52,846 DEBUG [headers] http-outgoing-0 >> Authorization: Negotiate YIIEjgYGKwYBBQUCoIIEgjCCBH6gDTALBgkqhkiG9xIBAgKhBAMCAfaiggRlBIIEYWCCBF0GCSqGSIb3EgECAgEAboIETDCCBEigAwIBBaEDAgEOogcDBQAgAAAAo4IBBmGCAQIwgf+gAwIBBaEbGxlNVy5MQUIuRU5HLkJPUy5SRURIQVQuQ09NohwwGqADAgEAoRMwERsESFRUUBsJbG9jYWxob3N0o4G8MIG5oAMCARGhAwIBBKKBrASBqdJuL2wF7+W0MD1qISt66VAyhitq77SR6vLKWJnpc/Yx60ch80GepVlYdoYxee0qW+d4u6aw3p0BaOWSgSMRoDnr9bSUn+tQXNevIfKE+oUM+5lC4afhAF0PB4dcJC7z6/wLZ9drDImvyhntm9lq/yv5LW76gSbVd9SjO58ZvD3cYRJnuF3CaFhm5ol0ce84ojZdX5mVvVBUU3+Vo1rh6SSEKda+xoBkK/ykggMnMIIDI6ADAgERooIDGgSCAxaG8huKFUf6vR0wVfeI1caKfIPtGC9rDSw5DYTz1dz43F8GI9we3YG9NC6kEi1zPdA4A2dxfBqgUl+/YkBdQco4udBCwLXNmziHCS5ypypBJsFdgFzRi/9hXukmqofSGIlKVJWH3ap1ap+37Amfm6LxZuQFDyY526onGXdWoAB0Jbcpsi74Ti5x3sRGZqoF5FTwUqI0pQYI+hLDh2GeBNXBNOHqdMXNfnLFOr+LpnNhl7ROxkWsBxNPv/4MmRLPsF/cGrc924L6R4PQvP7qVjGKUxayEoBPP/go5xb2b2z+TjruspzbJ5dw1wKAOH2RGlDJ5om0PUSqaxe0h2WhL9rXBOGVONTSv7lYQ2pcgaOqR6FutB5PZGP0B73ekwhbRfrt6zxLpHzZFnrSeV9lz1U4r8Bkyxuze3cuQGcL/cNTBbhE83cbNY8VJlu4E+6LmZ9ll3vpjNq3735S6gFArsOJ38FcLO0Kqj1rZr7/r9TRsV9f8agDnWusc5lQzZc+4H0BIeAPD34ApJxGogA63/8yF1Pl3uc1Rp+a6blQHLLCRZthIpi8LVF8rSizTkTDWUrTw+X5wGDunjslrUmClW25qzGeLTZpELrJXkKFstUnL4blaPboyPk8qDecaRed+dIjteVS9CgF51AtHrO9vhWgrr41TL+H8akHfjI6Q9GIgravWLSkNrVMsrNyVAlc1hdUAovLXJFfxS3Mg0OugjG3rJhSCiQqLCuhIRL8OB4Fz4Pa24fpBG0G/Rv1RrhuQaKoxNsZxuR67zzF+v7+4PRKK39y0cqFWBf95YV4SWz7qzXmZYcaDcVhrFzp723ecWunVa6Qt5YUZ3+pkKV+NGGb95PjS7HtvXZo4ko5tJX1QI+ke4I3j3cThrWlV5y3rNC2IKiE8eRNI6rKRGdvpYLwkL0B5AkJleqGjdiqZVy6Q2w/YdHN2oTOs8qUgIVgPHJMyRLUTT872ZOWdmmHWJuIe3sVkr1RLFDV2csmYggSZCbjCczFvlmKrcn6OLqVRGN3sNm6a9Q45wZimLvIkxePHag3vvtp > 12:44:52,846 DEBUG [wire] http-outgoing-0 >> "GET /odata4/kerberos_teiid/BQT1/smalla HTTP/1.1[\r][\n]" > 12:44:52,846 DEBUG [wire] http-outgoing-0 >> "Host: localhost:8080[\r][\n]" > 12:44:52,847 DEBUG [wire] http-outgoing-0 >> "Connection: Keep-Alive[\r][\n]" > 12:44:52,847 DEBUG [wire] http-outgoing-0 >> "User-Agent: Apache-HttpClient/4.5.2 (Java/1.8.0_51)[\r][\n]" > 12:44:52,847 DEBUG [wire] http-outgoing-0 >> "Accept-Encoding: gzip,deflate[\r][\n]" > 12:44:52,847 DEBUG [wire] http-outgoing-0 >> "Authorization: Negotiate YIIEjgYGKwYBBQUCoIIEgjCCBH6gDTALBgkqhkiG9xIBAgKhBAMCAfaiggRlBIIEYWCCBF0GCSqGSIb3EgECAgEAboIETDCCBEigAwIBBaEDAgEOogcDBQAgAAAAo4IBBmGCAQIwgf+gAwIBBaEbGxlNVy5MQUIuRU5HLkJPUy5SRURIQVQuQ09NohwwGqADAgEAoRMwERsESFRUUBsJbG9jYWxob3N0o4G8MIG5oAMCARGhAwIBBKKBrASBqdJuL2wF7+W0MD1qISt66VAyhitq77SR6vLKWJnpc/Yx60ch80GepVlYdoYxee0qW+d4u6aw3p0BaOWSgSMRoDnr9bSUn+tQXNevIfKE+oUM+5lC4afhAF0PB4dcJC7z6/wLZ9drDImvyhntm9lq/yv5LW76gSbVd9SjO58ZvD3cYRJnuF3CaFhm5ol0ce84ojZdX5mVvVBUU3+Vo1rh6SSEKda+xoBkK/ykggMnMIIDI6ADAgERooIDGgSCAxaG8huKFUf6vR0wVfeI1caKfIPtGC9rDSw5DYTz1dz43F8GI9we3YG9NC6kEi1zPdA4A2dxfBqgUl+/YkBdQco4udBCwLXNmziHCS5ypypBJsFdgFzRi/9hXukmqofSGIlKVJWH3ap1ap+37Amfm6LxZuQFDyY526onGXdWoAB0Jbcpsi74Ti5x3sRGZqoF5FTwUqI0pQYI+hLDh2GeBNXBNOHqdMXNfnLFOr+LpnNhl7ROxkWsBxNPv/4MmRLPsF/cGrc924L6R4PQvP7qVjGKUxayEoBPP/go5xb2b2z+TjruspzbJ5dw1wKAOH2RGlDJ5om0PUSqaxe0h2WhL9rXBOGVONTSv7lYQ2pcgaOqR6FutB5PZGP0B73ekwhbRfrt6zxLpHzZFnrSeV9lz1U4r8Bkyxuze3cuQGcL/cNTBbhE83cbNY8VJlu4E+6LmZ9ll3vpjNq3735S6gFArsOJ38FcLO0Kqj1rZr7/r9TRsV9f8agDnWusc5lQzZc+4H0BIeAPD34ApJxGogA63/8yF1Pl3uc1Rp+a6blQHLLCRZthIpi8LVF8rSizTkTDWUrTw+X5wGDunjslrUmClW25qzGeLTZpELrJXkKFstUnL4blaPboyPk8qDecaRed+dIjteVS9CgF51AtHrO9vhWgrr41TL+H8akHfjI6Q9GIgravWLSkNrVMsrNyVAlc1hdUAovLXJFfxS3Mg0OugjG3rJhSCiQqLCuhIRL8OB4Fz4Pa24fpBG0G/Rv1RrhuQaKoxNsZxuR67zzF+v7+4PRKK39y0cqFWBf95YV4SWz7qzXmZYcaDcVhrFzp723ecWunVa6Qt5YUZ3+pkKV+NGGb95PjS7HtvXZo4ko5tJX1QI+ke4I3j3cThrWlV5y3rNC2IKiE8eRNI6rKRGdvpYLwkL0B5AkJleqGjdiqZVy6Q2w/YdHN2oTOs8qUgIVgPHJMyRLUTT872ZOWdmmHWJuIe3sVkr1RLFDV2csmYggSZCbjCczFvlmKrcn6OLqVRGN3sNm6a9Q45wZimLvIkxePHag3vvtp[\r][\n]" > 12:44:52,847 DEBUG [wire] http-outgoing-0 >> "[\r][\n]" > {code} > Last server logs before error: > {code:plain} > 11:44:53,246 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (http-127.0.0.1:8080-1) Logged in 'host' LoginContext > 11:44:53,247 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (http-127.0.0.1:8080-1) Creating new GSSContext. > 11:44:53,283 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (http-127.0.0.1:8080-1) context.getCredDelegState() = true > 11:44:53,284 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (http-127.0.0.1:8080-1) context.getMutualAuthState() = true > 11:44:53,284 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (http-127.0.0.1:8080-1) context.getSrcName() = dv(a)EXAMPLE.COM > 11:44:53,284 INFO [stdout] (http-127.0.0.1:8080-1) [Krb5LoginModule]: Entering logout > 11:44:53,285 INFO [stdout] (http-127.0.0.1:8080-1) [Krb5LoginModule]: logged out Subject > 11:44:53,285 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (http-127.0.0.1:8080-1) Storing username 'dv(a)EXAMPLE.COM' and empty password > 11:44:53,304 DEBUG [org.jboss.security.negotiation.NegotiationAuthenticator] (http-127.0.0.1:8080-1) authenticated principal = GenericPrincipal[5tV-f1mRV7tGghx2rk4krdFH_1476096292858(odata,user,)] > {code} > VDB used: > {code:xml} > <vdb name="kerberos_teiid" version="1"> > <property name="security-domain" value="EXAMPLE.COM"/> > <property name="authentication-type" value="GSS"/> > . > . > . > </vdb> > {code} > Request URL: > {code:plain} > http://localhost:8080/odata4/kerberos_teiid/BQT1/smalla > {code} > Server configuration: > {code:xml} > <security-domain name="host"> > <authentication> > <login-module code="Kerberos" flag="required" module="org.jboss.security.negotiation"> > <module-option name="storeKey" value="true"/> > <module-option name="useKeyTab" value="true"/> > <module-option name="keyTab" value="${jboss.home.dir}/HTTP_localhost"/> > <module-option name="principal" value="HTTP/localhost(a)EXAMPLE.COM"/> > <module-option name="doNotPrompt" value="true"/> > <module-option name="useTicketCache" value="true"/> > <module-option name="debug" value="true"/> > <module-option name="refreshKrb5Config" value="false"/> > <module-option name="isInitiator" value="true"/> > <module-option name="addGSSCredential" value="true"/> > <module-option name="delegationCredential" value="USE"/> > <module-option name="ticketCache" value="/tmp/krb5cc_1000"/> > </login-module> > </authentication> > </security-domain> > <security-domain name="EXAMPLE.COM"> > <authentication> > <login-module code="SPNEGO" flag="requisite" module="org.jboss.security.negotiation"> > <module-option name="password-stacking" value="useFirstPass"/> > <module-option name="serverSecurityDomain" value="host"/> > </login-module> > </authentication> > <mapping> > <mapping-module code="SimpleRoles" type="role"> > <module-option name="dv(a)EXAMPLE.COM" value="user,odata"/> > </mapping-module> > </mapping> > </security-domain> > {code} > Kerberos client configuration: > {code:plain} > ClientDV { > com.sun.security.auth.module.Krb5LoginModule required > storeKey="true" > useKeyTab="true" > keyTab="${dv.test.krb.dir}/dv.keytab" > principal="dv(a)EXAMPLE.COM" > doNotPrompt="true" > refreshKrb5Config="false" > useTicketCache="true" > ticketCache="/tmp/krb5cc_1000" > debug="true"; > }; > {code} > KRB5 configuration file is passed to server by setting system-property java.security.krb5.conf: > {code:xml} > <system-properties> > <property name="java.security.krb5.conf" value="${jboss.home.dir}/krb5.conf"/> > <property name="java.security.krb5.debug" value="true"/> > </system-properties> > {code} -- This message was sent by Atlassian JIRA (v7.2.2#72004)

8 years, 2 months

1
0
0 / 0

[JBoss JIRA] (TEIID-4499) OData Kerberos cannot access VDB

by Steven Hawkins (JIRA)

[ https://issues.jboss.org/browse/TEIID-4499?page=com.atlassian.jira.plugin... ] Steven Hawkins commented on TEIID-4499: --------------------------------------- To rephrase, the reason why you see this exception is that PassthroughAuthentication was set to false. For GSS or any other web level authentication to work with OData, then PassthroughAuthentication must be set to true (which is the default). Your previous comment confirms this. > OData Kerberos cannot access VDB > -------------------------------- > > Key: TEIID-4499 > URL: https://issues.jboss.org/browse/TEIID-4499 > Project: Teiid > Issue Type: Bug > Components: OData > Affects Versions: 8.12.6.6_3 > Reporter: Jan Stastny > Assignee: Ramesh Reddy > Priority: Critical > Fix For: 9.2, 9.0.5, 9.1.1 > > > When configured odata war for Kerberos using https://teiid.gitbooks.io/documents/content/security/Kerberos_support_thr... an error occurs when accessing a vdb, which is also secured by Kerberos. > The error is following: > {code:plain} > 11:44:53,360 WARN [org.teiid.ODATA] (http-127.0.0.1:8080-1) TEIID16047 Could not process OData 4 request: 08001 TEIID40055 org.teiid.core.TeiidException: TEIID40055 org.teiid.net.ConnectionException: TEIID40055 Wrong logon method is being used. Server is not set up for GSS based authentication.: org.teiid.core.TeiidProcessingException: 08001 TEIID40055 org.teiid.core.TeiidException: TEIID40055 org.teiid.net.ConnectionException: TEIID40055 Wrong logon method is being used. Server is not set up for GSS based authentication. > at org.teiid.olingo.web.ODataFilter.internalDoFilter(ODataFilter.java:233) [teiid-olingo-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > at org.teiid.olingo.web.ODataFilter.doFilter(ODataFilter.java:100) [teiid-olingo-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:231) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.jboss.security.negotiation.NegotiationAuthenticator$WrapperValve.invoke(NegotiationAuthenticator.java:492) [jboss-negotiation-common-2.3.11.Final-redhat-1.jar:2.3.11.Final-redhat-1] > at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:512) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web-7.5.9.Final-redhat-2.jar:7.5.9.Final-redhat-2] > at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:150) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:854) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:654) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_102] > Caused by: org.teiid.jdbc.TeiidSQLException: TEIID40055 org.teiid.core.TeiidException: TEIID40055 org.teiid.net.ConnectionException: TEIID40055 Wrong logon method is being used. Server is not set up for GSS based authentication. > at org.teiid.jdbc.TeiidSQLException.create(TeiidSQLException.java:135) > at org.teiid.jdbc.TeiidSQLException.create(TeiidSQLException.java:71) > at org.teiid.jdbc.EmbeddedProfile.connect(EmbeddedProfile.java:55) > at org.teiid.jdbc.TeiidDriver.connect(TeiidDriver.java:105) > at org.teiid.olingo.service.LocalClient.buildConnection(LocalClient.java:119) [teiid-olingo-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > at org.teiid.olingo.service.LocalClient.open(LocalClient.java:89) [teiid-olingo-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > at org.teiid.olingo.web.ODataFilter.internalDoFilter(ODataFilter.java:226) [teiid-olingo-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > ... 16 more > Caused by: org.teiid.core.TeiidException: TEIID40055 org.teiid.core.TeiidException: TEIID40055 org.teiid.net.ConnectionException: TEIID40055 Wrong logon method is being used. Server is not set up for GSS based authentication. > at org.teiid.core.util.ReflectionHelper.create(ReflectionHelper.java:308) [teiid-common-core-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > at org.teiid.jdbc.ModuleHelper.createFromModule(ModuleHelper.java:53) > at org.teiid.jdbc.EmbeddedProfile.createServerConnection(EmbeddedProfile.java:60) > at org.teiid.jdbc.EmbeddedProfile.connect(EmbeddedProfile.java:50) > ... 20 more > Caused by: org.teiid.core.TeiidException: TEIID40055 org.teiid.net.ConnectionException: TEIID40055 Wrong logon method is being used. Server is not set up for GSS based authentication. > at org.teiid.core.util.ReflectionHelper.create(ReflectionHelper.java:345) [teiid-common-core-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > at org.teiid.core.util.ReflectionHelper.create(ReflectionHelper.java:306) [teiid-common-core-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > ... 23 more > Caused by: org.teiid.net.ConnectionException: TEIID40055 Wrong logon method is being used. Server is not set up for GSS based authentication. > at org.teiid.transport.LocalServerConnection.authenticate(LocalServerConnection.java:146) > at org.teiid.transport.LocalServerConnection.<init>(LocalServerConnection.java:106) > at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) [rt.jar:1.8.0_102] > at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) [rt.jar:1.8.0_102] > at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) [rt.jar:1.8.0_102] > at java.lang.reflect.Constructor.newInstance(Constructor.java:423) [rt.jar:1.8.0_102] > at org.teiid.core.util.ReflectionHelper.create(ReflectionHelper.java:343) [teiid-common-core-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > ... 24 more > Caused by: org.teiid.client.security.LogonException: TEIID40055 Wrong logon method is being used. Server is not set up for GSS based authentication. > at org.teiid.transport.LogonImpl.logon(LogonImpl.java:119) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.8.0_102] > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) [rt.jar:1.8.0_102] > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.8.0_102] > at java.lang.reflect.Method.invoke(Method.java:498) [rt.jar:1.8.0_102] > at org.teiid.transport.LocalServerConnection$1$1.call(LocalServerConnection.java:180) > at java.util.concurrent.FutureTask.run(FutureTask.java:266) [rt.jar:1.8.0_102] > at org.teiid.dqp.internal.process.DQPWorkContext.runInContext(DQPWorkContext.java:276) > at org.teiid.dqp.internal.process.DQPWorkContext.runInContext(DQPWorkContext.java:260) > at org.teiid.transport.LocalServerConnection$1.invoke(LocalServerConnection.java:178) > at com.sun.proxy.$Proxy81.logon(Unknown Source) > at org.teiid.transport.LocalServerConnection.authenticate(LocalServerConnection.java:142) > ... 30 more > {code} > Authentication of the user succeeded: > {code:plain} > principal is dv(a)EXAMPLE.COM > Will use keytab > Commit Succeeded > {code} > Authentication of the server succeeded: > {code:plain} > 11:44:52,873 INFO [stdout] (http-127.0.0.1:8080-1) Acquire TGT from Cache > 11:44:52,874 INFO [stdout] (http-127.0.0.1:8080-1) Principal is HTTP/localhost(a)EXAMPLE.COM > 11:44:52,874 INFO [stdout] (http-127.0.0.1:8080-1) null credentials from Ticket Cache > 11:44:53,234 INFO [stdout] (http-127.0.0.1:8080-1) principal is HTTP/localhost(a)EXAMPLE.COM > 11:44:53,234 INFO [stdout] (http-127.0.0.1:8080-1) Will use keytab > 11:44:53,236 INFO [stdout] (http-127.0.0.1:8080-1) Commit Succeeded > {code} > Initial request: > {code:plain} > 12:44:52,325 DEBUG [MainClientExec] Opening connection {}->http://localhost:8080 > 12:44:52,327 DEBUG [DefaultHttpClientConnectionOperator] Connecting to localhost/127.0.0.1:8080 > 12:44:52,328 DEBUG [DefaultHttpClientConnectionOperator] Connection established 127.0.0.1:47980<->127.0.0.1:8080 > 12:44:52,328 DEBUG [MainClientExec] Executing request GET /odata4/kerberos_teiid/BQT1/smalla HTTP/1.1 > 12:44:52,328 DEBUG [MainClientExec] Target auth state: UNCHALLENGED > 12:44:52,329 DEBUG [MainClientExec] Proxy auth state: UNCHALLENGED > 12:44:52,330 DEBUG [headers] http-outgoing-0 >> GET /odata4/kerberos_teiid/BQT1/smalla HTTP/1.1 > 12:44:52,330 DEBUG [headers] http-outgoing-0 >> Host: localhost:8080 > 12:44:52,330 DEBUG [headers] http-outgoing-0 >> Connection: Keep-Alive > 12:44:52,330 DEBUG [headers] http-outgoing-0 >> User-Agent: Apache-HttpClient/4.5.2 (Java/1.8.0_51) > 12:44:52,330 DEBUG [headers] http-outgoing-0 >> Accept-Encoding: gzip,deflate > 12:44:52,330 DEBUG [wire] http-outgoing-0 >> "GET /odata4/kerberos_teiid/BQT1/smalla HTTP/1.1[\r][\n]" > 12:44:52,330 DEBUG [wire] http-outgoing-0 >> "Host: localhost:8080[\r][\n]" > 12:44:52,331 DEBUG [wire] http-outgoing-0 >> "Connection: Keep-Alive[\r][\n]" > 12:44:52,331 DEBUG [wire] http-outgoing-0 >> "User-Agent: Apache-HttpClient/4.5.2 (Java/1.8.0_51)[\r][\n]" > 12:44:52,331 DEBUG [wire] http-outgoing-0 >> "Accept-Encoding: gzip,deflate[\r][\n]" > 12:44:52,331 DEBUG [wire] http-outgoing-0 >> "[\r][\n]" > {code} > Negotiate request from server: > {code:plain} > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "HTTP/1.1 401 Unauthorized[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "Server: Apache-Coyote/1.1[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "Pragma: No-cache[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "Cache-Control: no-cache[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "Expires: Thu, 01 Jan 1970 01:00:00 GMT+01:00[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "WWW-Authenticate: Negotiate[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "Content-Type: text/html;charset=utf-8[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "Content-Length: 996[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "Date: Mon, 10 Oct 2016 10:44:52 GMT[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "<html><head><title>JBWEB000065: HTTP Status 401 - </title><style></style> </head><body><h1>JBWEB000065: HTTP Status 401 - </h1><HR size="1" noshade="noshade"><p><b>JBWEB000309: type</b> JBWEB000067: Status report</p><p><b>JBWEB000068: message</b> <u></u></p><p><b>JBWEB000069: description</b> <u>JBWEB000121: This request requires HTTP authentication.</u></p><HR size="1" noshade="noshade"></body></html>" > 12:44:52,459 DEBUG [headers] http-outgoing-0 << HTTP/1.1 401 Unauthorized > 12:44:52,459 DEBUG [headers] http-outgoing-0 << Server: Apache-Coyote/1.1 > 12:44:52,459 DEBUG [headers] http-outgoing-0 << Pragma: No-cache > 12:44:52,460 DEBUG [headers] http-outgoing-0 << Cache-Control: no-cache > 12:44:52,460 DEBUG [headers] http-outgoing-0 << Expires: Thu, 01 Jan 1970 01:00:00 GMT+01:00 > 12:44:52,460 DEBUG [headers] http-outgoing-0 << WWW-Authenticate: Negotiate > 12:44:52,460 DEBUG [headers] http-outgoing-0 << Content-Type: text/html;charset=utf-8 > 12:44:52,460 DEBUG [headers] http-outgoing-0 << Content-Length: 996 > 12:44:52,460 DEBUG [headers] http-outgoing-0 << Date: Mon, 10 Oct 2016 10:44:52 GMT > {code} > Response to auth server: > {code:plain} > Found ticket for dv(a)EXAMPLE.COM to go to krbtgt/EXAMPLE.COM(a)EXAMPLE.COM expiring on Mon Oct 10 20:44:52 CEST 2016 > Entered Krb5Context.initSecContext with state=STATE_NEW > Service ticket not found in the subject > 12:44:52,846 DEBUG [SPNegoScheme] Sending response 'YIIEjgYGKwYBBQUCoIIEgjCCBH6gDTALBgkqhkiG9xIBAgKhBAMCAfaiggRlBIIEYWCCBF0GCSqGSIb3EgECAgEAboIETDCCBEigAwIBBaEDAgEOogcDBQAgAAAAo4IBBmGCAQIwgf+gAwIBBaEbGxlNVy5MQUIuRU5HLkJPUy5SRURIQVQuQ09NohwwGqADAgEAoRMwERsESFRUUBsJbG9jYWxob3N0o4G8MIG5oAMCARGhAwIBBKKBrASBqdJuL2wF7+W0MD1qISt66VAyhitq77SR6vLKWJnpc/Yx60ch80GepVlYdoYxee0qW+d4u6aw3p0BaOWSgSMRoDnr9bSUn+tQXNevIfKE+oUM+5lC4afhAF0PB4dcJC7z6/wLZ9drDImvyhntm9lq/yv5LW76gSbVd9SjO58ZvD3cYRJnuF3CaFhm5ol0ce84ojZdX5mVvVBUU3+Vo1rh6SSEKda+xoBkK/ykggMnMIIDI6ADAgERooIDGgSCAxaG8huKFUf6vR0wVfeI1caKfIPtGC9rDSw5DYTz1dz43F8GI9we3YG9NC6kEi1zPdA4A2dxfBqgUl+/YkBdQco4udBCwLXNmziHCS5ypypBJsFdgFzRi/9hXukmqofSGIlKVJWH3ap1ap+37Amfm6LxZuQFDyY526onGXdWoAB0Jbcpsi74Ti5x3sRGZqoF5FTwUqI0pQYI+hLDh2GeBNXBNOHqdMXNfnLFOr+LpnNhl7ROxkWsBxNPv/4MmRLPsF/cGrc924L6R4PQvP7qVjGKUxayEoBPP/go5xb2b2z+TjruspzbJ5dw1wKAOH2RGlDJ5om0PUSqaxe0h2WhL9rXBOGVONTSv7lYQ2pcgaOqR6FutB5PZGP0B73ekwhbRfrt6zxLpHzZFnrSeV9lz1U4r8Bkyxuze3cuQGcL/cNTBbhE83cbNY8VJlu4E+6LmZ9ll3vpjNq3735S6gFArsOJ38FcLO0Kqj1rZr7/r9TRsV9f8agDnWusc5lQzZc+4H0BIeAPD34ApJxGogA63/8yF1Pl3uc1Rp+a6blQHLLCRZthIpi8LVF8rSizTkTDWUrTw+X5wGDunjslrUmClW25qzGeLTZpELrJXkKFstUnL4blaPboyPk8qDecaRed+dIjteVS9CgF51AtHrO9vhWgrr41TL+H8akHfjI6Q9GIgravWLSkNrVMsrNyVAlc1hdUAovLXJFfxS3Mg0OugjG3rJhSCiQqLCuhIRL8OB4Fz4Pa24fpBG0G/Rv1RrhuQaKoxNsZxuR67zzF+v7+4PRKK39y0cqFWBf95YV4SWz7qzXmZYcaDcVhrFzp723ecWunVa6Qt5YUZ3+pkKV+NGGb95PjS7HtvXZo4ko5tJX1QI+ke4I3j3cThrWlV5y3rNC2IKiE8eRNI6rKRGdvpYLwkL0B5AkJleqGjdiqZVy6Q2w/YdHN2oTOs8qUgIVgPHJMyRLUTT872ZOWdmmHWJuIe3sVkr1RLFDV2csmYggSZCbjCczFvlmKrcn6OLqVRGN3sNm6a9Q45wZimLvIkxePHag3vvtp' back to the auth server > 12:44:52,846 DEBUG [MainClientExec] Proxy auth state: UNCHALLENGED > 12:44:52,846 DEBUG [headers] http-outgoing-0 >> GET /odata4/kerberos_teiid/BQT1/smalla HTTP/1.1 > 12:44:52,846 DEBUG [headers] http-outgoing-0 >> Host: localhost:8080 > 12:44:52,846 DEBUG [headers] http-outgoing-0 >> Connection: Keep-Alive > 12:44:52,846 DEBUG [headers] http-outgoing-0 >> User-Agent: Apache-HttpClient/4.5.2 (Java/1.8.0_51) > 12:44:52,846 DEBUG [headers] http-outgoing-0 >> Accept-Encoding: gzip,deflate > 12:44:52,846 DEBUG [headers] http-outgoing-0 >> Authorization: Negotiate YIIEjgYGKwYBBQUCoIIEgjCCBH6gDTALBgkqhkiG9xIBAgKhBAMCAfaiggRlBIIEYWCCBF0GCSqGSIb3EgECAgEAboIETDCCBEigAwIBBaEDAgEOogcDBQAgAAAAo4IBBmGCAQIwgf+gAwIBBaEbGxlNVy5MQUIuRU5HLkJPUy5SRURIQVQuQ09NohwwGqADAgEAoRMwERsESFRUUBsJbG9jYWxob3N0o4G8MIG5oAMCARGhAwIBBKKBrASBqdJuL2wF7+W0MD1qISt66VAyhitq77SR6vLKWJnpc/Yx60ch80GepVlYdoYxee0qW+d4u6aw3p0BaOWSgSMRoDnr9bSUn+tQXNevIfKE+oUM+5lC4afhAF0PB4dcJC7z6/wLZ9drDImvyhntm9lq/yv5LW76gSbVd9SjO58ZvD3cYRJnuF3CaFhm5ol0ce84ojZdX5mVvVBUU3+Vo1rh6SSEKda+xoBkK/ykggMnMIIDI6ADAgERooIDGgSCAxaG8huKFUf6vR0wVfeI1caKfIPtGC9rDSw5DYTz1dz43F8GI9we3YG9NC6kEi1zPdA4A2dxfBqgUl+/YkBdQco4udBCwLXNmziHCS5ypypBJsFdgFzRi/9hXukmqofSGIlKVJWH3ap1ap+37Amfm6LxZuQFDyY526onGXdWoAB0Jbcpsi74Ti5x3sRGZqoF5FTwUqI0pQYI+hLDh2GeBNXBNOHqdMXNfnLFOr+LpnNhl7ROxkWsBxNPv/4MmRLPsF/cGrc924L6R4PQvP7qVjGKUxayEoBPP/go5xb2b2z+TjruspzbJ5dw1wKAOH2RGlDJ5om0PUSqaxe0h2WhL9rXBOGVONTSv7lYQ2pcgaOqR6FutB5PZGP0B73ekwhbRfrt6zxLpHzZFnrSeV9lz1U4r8Bkyxuze3cuQGcL/cNTBbhE83cbNY8VJlu4E+6LmZ9ll3vpjNq3735S6gFArsOJ38FcLO0Kqj1rZr7/r9TRsV9f8agDnWusc5lQzZc+4H0BIeAPD34ApJxGogA63/8yF1Pl3uc1Rp+a6blQHLLCRZthIpi8LVF8rSizTkTDWUrTw+X5wGDunjslrUmClW25qzGeLTZpELrJXkKFstUnL4blaPboyPk8qDecaRed+dIjteVS9CgF51AtHrO9vhWgrr41TL+H8akHfjI6Q9GIgravWLSkNrVMsrNyVAlc1hdUAovLXJFfxS3Mg0OugjG3rJhSCiQqLCuhIRL8OB4Fz4Pa24fpBG0G/Rv1RrhuQaKoxNsZxuR67zzF+v7+4PRKK39y0cqFWBf95YV4SWz7qzXmZYcaDcVhrFzp723ecWunVa6Qt5YUZ3+pkKV+NGGb95PjS7HtvXZo4ko5tJX1QI+ke4I3j3cThrWlV5y3rNC2IKiE8eRNI6rKRGdvpYLwkL0B5AkJleqGjdiqZVy6Q2w/YdHN2oTOs8qUgIVgPHJMyRLUTT872ZOWdmmHWJuIe3sVkr1RLFDV2csmYggSZCbjCczFvlmKrcn6OLqVRGN3sNm6a9Q45wZimLvIkxePHag3vvtp > 12:44:52,846 DEBUG [wire] http-outgoing-0 >> "GET /odata4/kerberos_teiid/BQT1/smalla HTTP/1.1[\r][\n]" > 12:44:52,846 DEBUG [wire] http-outgoing-0 >> "Host: localhost:8080[\r][\n]" > 12:44:52,847 DEBUG [wire] http-outgoing-0 >> "Connection: Keep-Alive[\r][\n]" > 12:44:52,847 DEBUG [wire] http-outgoing-0 >> "User-Agent: Apache-HttpClient/4.5.2 (Java/1.8.0_51)[\r][\n]" > 12:44:52,847 DEBUG [wire] http-outgoing-0 >> "Accept-Encoding: gzip,deflate[\r][\n]" > 12:44:52,847 DEBUG [wire] http-outgoing-0 >> "Authorization: Negotiate YIIEjgYGKwYBBQUCoIIEgjCCBH6gDTALBgkqhkiG9xIBAgKhBAMCAfaiggRlBIIEYWCCBF0GCSqGSIb3EgECAgEAboIETDCCBEigAwIBBaEDAgEOogcDBQAgAAAAo4IBBmGCAQIwgf+gAwIBBaEbGxlNVy5MQUIuRU5HLkJPUy5SRURIQVQuQ09NohwwGqADAgEAoRMwERsESFRUUBsJbG9jYWxob3N0o4G8MIG5oAMCARGhAwIBBKKBrASBqdJuL2wF7+W0MD1qISt66VAyhitq77SR6vLKWJnpc/Yx60ch80GepVlYdoYxee0qW+d4u6aw3p0BaOWSgSMRoDnr9bSUn+tQXNevIfKE+oUM+5lC4afhAF0PB4dcJC7z6/wLZ9drDImvyhntm9lq/yv5LW76gSbVd9SjO58ZvD3cYRJnuF3CaFhm5ol0ce84ojZdX5mVvVBUU3+Vo1rh6SSEKda+xoBkK/ykggMnMIIDI6ADAgERooIDGgSCAxaG8huKFUf6vR0wVfeI1caKfIPtGC9rDSw5DYTz1dz43F8GI9we3YG9NC6kEi1zPdA4A2dxfBqgUl+/YkBdQco4udBCwLXNmziHCS5ypypBJsFdgFzRi/9hXukmqofSGIlKVJWH3ap1ap+37Amfm6LxZuQFDyY526onGXdWoAB0Jbcpsi74Ti5x3sRGZqoF5FTwUqI0pQYI+hLDh2GeBNXBNOHqdMXNfnLFOr+LpnNhl7ROxkWsBxNPv/4MmRLPsF/cGrc924L6R4PQvP7qVjGKUxayEoBPP/go5xb2b2z+TjruspzbJ5dw1wKAOH2RGlDJ5om0PUSqaxe0h2WhL9rXBOGVONTSv7lYQ2pcgaOqR6FutB5PZGP0B73ekwhbRfrt6zxLpHzZFnrSeV9lz1U4r8Bkyxuze3cuQGcL/cNTBbhE83cbNY8VJlu4E+6LmZ9ll3vpjNq3735S6gFArsOJ38FcLO0Kqj1rZr7/r9TRsV9f8agDnWusc5lQzZc+4H0BIeAPD34ApJxGogA63/8yF1Pl3uc1Rp+a6blQHLLCRZthIpi8LVF8rSizTkTDWUrTw+X5wGDunjslrUmClW25qzGeLTZpELrJXkKFstUnL4blaPboyPk8qDecaRed+dIjteVS9CgF51AtHrO9vhWgrr41TL+H8akHfjI6Q9GIgravWLSkNrVMsrNyVAlc1hdUAovLXJFfxS3Mg0OugjG3rJhSCiQqLCuhIRL8OB4Fz4Pa24fpBG0G/Rv1RrhuQaKoxNsZxuR67zzF+v7+4PRKK39y0cqFWBf95YV4SWz7qzXmZYcaDcVhrFzp723ecWunVa6Qt5YUZ3+pkKV+NGGb95PjS7HtvXZo4ko5tJX1QI+ke4I3j3cThrWlV5y3rNC2IKiE8eRNI6rKRGdvpYLwkL0B5AkJleqGjdiqZVy6Q2w/YdHN2oTOs8qUgIVgPHJMyRLUTT872ZOWdmmHWJuIe3sVkr1RLFDV2csmYggSZCbjCczFvlmKrcn6OLqVRGN3sNm6a9Q45wZimLvIkxePHag3vvtp[\r][\n]" > 12:44:52,847 DEBUG [wire] http-outgoing-0 >> "[\r][\n]" > {code} > Last server logs before error: > {code:plain} > 11:44:53,246 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (http-127.0.0.1:8080-1) Logged in 'host' LoginContext > 11:44:53,247 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (http-127.0.0.1:8080-1) Creating new GSSContext. > 11:44:53,283 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (http-127.0.0.1:8080-1) context.getCredDelegState() = true > 11:44:53,284 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (http-127.0.0.1:8080-1) context.getMutualAuthState() = true > 11:44:53,284 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (http-127.0.0.1:8080-1) context.getSrcName() = dv(a)EXAMPLE.COM > 11:44:53,284 INFO [stdout] (http-127.0.0.1:8080-1) [Krb5LoginModule]: Entering logout > 11:44:53,285 INFO [stdout] (http-127.0.0.1:8080-1) [Krb5LoginModule]: logged out Subject > 11:44:53,285 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (http-127.0.0.1:8080-1) Storing username 'dv(a)EXAMPLE.COM' and empty password > 11:44:53,304 DEBUG [org.jboss.security.negotiation.NegotiationAuthenticator] (http-127.0.0.1:8080-1) authenticated principal = GenericPrincipal[5tV-f1mRV7tGghx2rk4krdFH_1476096292858(odata,user,)] > {code} > VDB used: > {code:xml} > <vdb name="kerberos_teiid" version="1"> > <property name="security-domain" value="EXAMPLE.COM"/> > <property name="authentication-type" value="GSS"/> > . > . > . > </vdb> > {code} > Request URL: > {code:plain} > http://localhost:8080/odata4/kerberos_teiid/BQT1/smalla > {code} > Server configuration: > {code:xml} > <security-domain name="host"> > <authentication> > <login-module code="Kerberos" flag="required" module="org.jboss.security.negotiation"> > <module-option name="storeKey" value="true"/> > <module-option name="useKeyTab" value="true"/> > <module-option name="keyTab" value="${jboss.home.dir}/HTTP_localhost"/> > <module-option name="principal" value="HTTP/localhost(a)EXAMPLE.COM"/> > <module-option name="doNotPrompt" value="true"/> > <module-option name="useTicketCache" value="true"/> > <module-option name="debug" value="true"/> > <module-option name="refreshKrb5Config" value="false"/> > <module-option name="isInitiator" value="true"/> > <module-option name="addGSSCredential" value="true"/> > <module-option name="delegationCredential" value="USE"/> > <module-option name="ticketCache" value="/tmp/krb5cc_1000"/> > </login-module> > </authentication> > </security-domain> > <security-domain name="EXAMPLE.COM"> > <authentication> > <login-module code="SPNEGO" flag="requisite" module="org.jboss.security.negotiation"> > <module-option name="password-stacking" value="useFirstPass"/> > <module-option name="serverSecurityDomain" value="host"/> > </login-module> > </authentication> > <mapping> > <mapping-module code="SimpleRoles" type="role"> > <module-option name="dv(a)EXAMPLE.COM" value="user,odata"/> > </mapping-module> > </mapping> > </security-domain> > {code} > Kerberos client configuration: > {code:plain} > ClientDV { > com.sun.security.auth.module.Krb5LoginModule required > storeKey="true" > useKeyTab="true" > keyTab="${dv.test.krb.dir}/dv.keytab" > principal="dv(a)EXAMPLE.COM" > doNotPrompt="true" > refreshKrb5Config="false" > useTicketCache="true" > ticketCache="/tmp/krb5cc_1000" > debug="true"; > }; > {code} > KRB5 configuration file is passed to server by setting system-property java.security.krb5.conf: > {code:xml} > <system-properties> > <property name="java.security.krb5.conf" value="${jboss.home.dir}/krb5.conf"/> > <property name="java.security.krb5.debug" value="true"/> > </system-properties> > {code} -- This message was sent by Atlassian JIRA (v7.2.2#72004)

8 years, 2 months

1
0
0 / 0

[JBoss JIRA] (TEIID-4499) OData Kerberos cannot access VDB

by Jan Stastny (JIRA)

[ https://issues.jboss.org/browse/TEIID-4499?page=com.atlassian.jira.plugin... ] Jan Stastny commented on TEIID-4499: ------------------------------------ [~shawkins] I got confused. "So the real issue here is that passthough must not be enabled. Jan, is the odata servlet configured to turn off passthrough authentication?" Should I turn it off and I still should be able to access the vdb via kerberos-secured odata api? Or should it be turned on? Regards Jan > OData Kerberos cannot access VDB > -------------------------------- > > Key: TEIID-4499 > URL: https://issues.jboss.org/browse/TEIID-4499 > Project: Teiid > Issue Type: Bug > Components: OData > Affects Versions: 8.12.6.6_3 > Reporter: Jan Stastny > Assignee: Ramesh Reddy > Priority: Critical > Fix For: 9.2, 9.0.5, 9.1.1 > > > When configured odata war for Kerberos using https://teiid.gitbooks.io/documents/content/security/Kerberos_support_thr... an error occurs when accessing a vdb, which is also secured by Kerberos. > The error is following: > {code:plain} > 11:44:53,360 WARN [org.teiid.ODATA] (http-127.0.0.1:8080-1) TEIID16047 Could not process OData 4 request: 08001 TEIID40055 org.teiid.core.TeiidException: TEIID40055 org.teiid.net.ConnectionException: TEIID40055 Wrong logon method is being used. Server is not set up for GSS based authentication.: org.teiid.core.TeiidProcessingException: 08001 TEIID40055 org.teiid.core.TeiidException: TEIID40055 org.teiid.net.ConnectionException: TEIID40055 Wrong logon method is being used. Server is not set up for GSS based authentication. > at org.teiid.olingo.web.ODataFilter.internalDoFilter(ODataFilter.java:233) [teiid-olingo-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > at org.teiid.olingo.web.ODataFilter.doFilter(ODataFilter.java:100) [teiid-olingo-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:231) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.jboss.security.negotiation.NegotiationAuthenticator$WrapperValve.invoke(NegotiationAuthenticator.java:492) [jboss-negotiation-common-2.3.11.Final-redhat-1.jar:2.3.11.Final-redhat-1] > at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:512) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web-7.5.9.Final-redhat-2.jar:7.5.9.Final-redhat-2] > at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:150) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:854) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:654) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926) [jbossweb-7.5.17.Final-redhat-1.jar:7.5.17.Final-redhat-1] > at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_102] > Caused by: org.teiid.jdbc.TeiidSQLException: TEIID40055 org.teiid.core.TeiidException: TEIID40055 org.teiid.net.ConnectionException: TEIID40055 Wrong logon method is being used. Server is not set up for GSS based authentication. > at org.teiid.jdbc.TeiidSQLException.create(TeiidSQLException.java:135) > at org.teiid.jdbc.TeiidSQLException.create(TeiidSQLException.java:71) > at org.teiid.jdbc.EmbeddedProfile.connect(EmbeddedProfile.java:55) > at org.teiid.jdbc.TeiidDriver.connect(TeiidDriver.java:105) > at org.teiid.olingo.service.LocalClient.buildConnection(LocalClient.java:119) [teiid-olingo-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > at org.teiid.olingo.service.LocalClient.open(LocalClient.java:89) [teiid-olingo-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > at org.teiid.olingo.web.ODataFilter.internalDoFilter(ODataFilter.java:226) [teiid-olingo-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > ... 16 more > Caused by: org.teiid.core.TeiidException: TEIID40055 org.teiid.core.TeiidException: TEIID40055 org.teiid.net.ConnectionException: TEIID40055 Wrong logon method is being used. Server is not set up for GSS based authentication. > at org.teiid.core.util.ReflectionHelper.create(ReflectionHelper.java:308) [teiid-common-core-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > at org.teiid.jdbc.ModuleHelper.createFromModule(ModuleHelper.java:53) > at org.teiid.jdbc.EmbeddedProfile.createServerConnection(EmbeddedProfile.java:60) > at org.teiid.jdbc.EmbeddedProfile.connect(EmbeddedProfile.java:50) > ... 20 more > Caused by: org.teiid.core.TeiidException: TEIID40055 org.teiid.net.ConnectionException: TEIID40055 Wrong logon method is being used. Server is not set up for GSS based authentication. > at org.teiid.core.util.ReflectionHelper.create(ReflectionHelper.java:345) [teiid-common-core-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > at org.teiid.core.util.ReflectionHelper.create(ReflectionHelper.java:306) [teiid-common-core-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > ... 23 more > Caused by: org.teiid.net.ConnectionException: TEIID40055 Wrong logon method is being used. Server is not set up for GSS based authentication. > at org.teiid.transport.LocalServerConnection.authenticate(LocalServerConnection.java:146) > at org.teiid.transport.LocalServerConnection.<init>(LocalServerConnection.java:106) > at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) [rt.jar:1.8.0_102] > at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) [rt.jar:1.8.0_102] > at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) [rt.jar:1.8.0_102] > at java.lang.reflect.Constructor.newInstance(Constructor.java:423) [rt.jar:1.8.0_102] > at org.teiid.core.util.ReflectionHelper.create(ReflectionHelper.java:343) [teiid-common-core-8.12.6.6_3-redhat-1.jar:8.12.6.6_3-redhat-1] > ... 24 more > Caused by: org.teiid.client.security.LogonException: TEIID40055 Wrong logon method is being used. Server is not set up for GSS based authentication. > at org.teiid.transport.LogonImpl.logon(LogonImpl.java:119) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.8.0_102] > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) [rt.jar:1.8.0_102] > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.8.0_102] > at java.lang.reflect.Method.invoke(Method.java:498) [rt.jar:1.8.0_102] > at org.teiid.transport.LocalServerConnection$1$1.call(LocalServerConnection.java:180) > at java.util.concurrent.FutureTask.run(FutureTask.java:266) [rt.jar:1.8.0_102] > at org.teiid.dqp.internal.process.DQPWorkContext.runInContext(DQPWorkContext.java:276) > at org.teiid.dqp.internal.process.DQPWorkContext.runInContext(DQPWorkContext.java:260) > at org.teiid.transport.LocalServerConnection$1.invoke(LocalServerConnection.java:178) > at com.sun.proxy.$Proxy81.logon(Unknown Source) > at org.teiid.transport.LocalServerConnection.authenticate(LocalServerConnection.java:142) > ... 30 more > {code} > Authentication of the user succeeded: > {code:plain} > principal is dv(a)EXAMPLE.COM > Will use keytab > Commit Succeeded > {code} > Authentication of the server succeeded: > {code:plain} > 11:44:52,873 INFO [stdout] (http-127.0.0.1:8080-1) Acquire TGT from Cache > 11:44:52,874 INFO [stdout] (http-127.0.0.1:8080-1) Principal is HTTP/localhost(a)EXAMPLE.COM > 11:44:52,874 INFO [stdout] (http-127.0.0.1:8080-1) null credentials from Ticket Cache > 11:44:53,234 INFO [stdout] (http-127.0.0.1:8080-1) principal is HTTP/localhost(a)EXAMPLE.COM > 11:44:53,234 INFO [stdout] (http-127.0.0.1:8080-1) Will use keytab > 11:44:53,236 INFO [stdout] (http-127.0.0.1:8080-1) Commit Succeeded > {code} > Initial request: > {code:plain} > 12:44:52,325 DEBUG [MainClientExec] Opening connection {}->http://localhost:8080 > 12:44:52,327 DEBUG [DefaultHttpClientConnectionOperator] Connecting to localhost/127.0.0.1:8080 > 12:44:52,328 DEBUG [DefaultHttpClientConnectionOperator] Connection established 127.0.0.1:47980<->127.0.0.1:8080 > 12:44:52,328 DEBUG [MainClientExec] Executing request GET /odata4/kerberos_teiid/BQT1/smalla HTTP/1.1 > 12:44:52,328 DEBUG [MainClientExec] Target auth state: UNCHALLENGED > 12:44:52,329 DEBUG [MainClientExec] Proxy auth state: UNCHALLENGED > 12:44:52,330 DEBUG [headers] http-outgoing-0 >> GET /odata4/kerberos_teiid/BQT1/smalla HTTP/1.1 > 12:44:52,330 DEBUG [headers] http-outgoing-0 >> Host: localhost:8080 > 12:44:52,330 DEBUG [headers] http-outgoing-0 >> Connection: Keep-Alive > 12:44:52,330 DEBUG [headers] http-outgoing-0 >> User-Agent: Apache-HttpClient/4.5.2 (Java/1.8.0_51) > 12:44:52,330 DEBUG [headers] http-outgoing-0 >> Accept-Encoding: gzip,deflate > 12:44:52,330 DEBUG [wire] http-outgoing-0 >> "GET /odata4/kerberos_teiid/BQT1/smalla HTTP/1.1[\r][\n]" > 12:44:52,330 DEBUG [wire] http-outgoing-0 >> "Host: localhost:8080[\r][\n]" > 12:44:52,331 DEBUG [wire] http-outgoing-0 >> "Connection: Keep-Alive[\r][\n]" > 12:44:52,331 DEBUG [wire] http-outgoing-0 >> "User-Agent: Apache-HttpClient/4.5.2 (Java/1.8.0_51)[\r][\n]" > 12:44:52,331 DEBUG [wire] http-outgoing-0 >> "Accept-Encoding: gzip,deflate[\r][\n]" > 12:44:52,331 DEBUG [wire] http-outgoing-0 >> "[\r][\n]" > {code} > Negotiate request from server: > {code:plain} > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "HTTP/1.1 401 Unauthorized[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "Server: Apache-Coyote/1.1[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "Pragma: No-cache[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "Cache-Control: no-cache[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "Expires: Thu, 01 Jan 1970 01:00:00 GMT+01:00[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "WWW-Authenticate: Negotiate[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "Content-Type: text/html;charset=utf-8[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "Content-Length: 996[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "Date: Mon, 10 Oct 2016 10:44:52 GMT[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "[\r][\n]" > 12:44:52,457 DEBUG [wire] http-outgoing-0 << "<html><head><title>JBWEB000065: HTTP Status 401 - </title><style></style> </head><body><h1>JBWEB000065: HTTP Status 401 - </h1><HR size="1" noshade="noshade"><p><b>JBWEB000309: type</b> JBWEB000067: Status report</p><p><b>JBWEB000068: message</b> <u></u></p><p><b>JBWEB000069: description</b> <u>JBWEB000121: This request requires HTTP authentication.</u></p><HR size="1" noshade="noshade"></body></html>" > 12:44:52,459 DEBUG [headers] http-outgoing-0 << HTTP/1.1 401 Unauthorized > 12:44:52,459 DEBUG [headers] http-outgoing-0 << Server: Apache-Coyote/1.1 > 12:44:52,459 DEBUG [headers] http-outgoing-0 << Pragma: No-cache > 12:44:52,460 DEBUG [headers] http-outgoing-0 << Cache-Control: no-cache > 12:44:52,460 DEBUG [headers] http-outgoing-0 << Expires: Thu, 01 Jan 1970 01:00:00 GMT+01:00 > 12:44:52,460 DEBUG [headers] http-outgoing-0 << WWW-Authenticate: Negotiate > 12:44:52,460 DEBUG [headers] http-outgoing-0 << Content-Type: text/html;charset=utf-8 > 12:44:52,460 DEBUG [headers] http-outgoing-0 << Content-Length: 996 > 12:44:52,460 DEBUG [headers] http-outgoing-0 << Date: Mon, 10 Oct 2016 10:44:52 GMT > {code} > Response to auth server: > {code:plain} > Found ticket for dv(a)EXAMPLE.COM to go to krbtgt/EXAMPLE.COM(a)EXAMPLE.COM expiring on Mon Oct 10 20:44:52 CEST 2016 > Entered Krb5Context.initSecContext with state=STATE_NEW > Service ticket not found in the subject > 12:44:52,846 DEBUG [SPNegoScheme] Sending response 'YIIEjgYGKwYBBQUCoIIEgjCCBH6gDTALBgkqhkiG9xIBAgKhBAMCAfaiggRlBIIEYWCCBF0GCSqGSIb3EgECAgEAboIETDCCBEigAwIBBaEDAgEOogcDBQAgAAAAo4IBBmGCAQIwgf+gAwIBBaEbGxlNVy5MQUIuRU5HLkJPUy5SRURIQVQuQ09NohwwGqADAgEAoRMwERsESFRUUBsJbG9jYWxob3N0o4G8MIG5oAMCARGhAwIBBKKBrASBqdJuL2wF7+W0MD1qISt66VAyhitq77SR6vLKWJnpc/Yx60ch80GepVlYdoYxee0qW+d4u6aw3p0BaOWSgSMRoDnr9bSUn+tQXNevIfKE+oUM+5lC4afhAF0PB4dcJC7z6/wLZ9drDImvyhntm9lq/yv5LW76gSbVd9SjO58ZvD3cYRJnuF3CaFhm5ol0ce84ojZdX5mVvVBUU3+Vo1rh6SSEKda+xoBkK/ykggMnMIIDI6ADAgERooIDGgSCAxaG8huKFUf6vR0wVfeI1caKfIPtGC9rDSw5DYTz1dz43F8GI9we3YG9NC6kEi1zPdA4A2dxfBqgUl+/YkBdQco4udBCwLXNmziHCS5ypypBJsFdgFzRi/9hXukmqofSGIlKVJWH3ap1ap+37Amfm6LxZuQFDyY526onGXdWoAB0Jbcpsi74Ti5x3sRGZqoF5FTwUqI0pQYI+hLDh2GeBNXBNOHqdMXNfnLFOr+LpnNhl7ROxkWsBxNPv/4MmRLPsF/cGrc924L6R4PQvP7qVjGKUxayEoBPP/go5xb2b2z+TjruspzbJ5dw1wKAOH2RGlDJ5om0PUSqaxe0h2WhL9rXBOGVONTSv7lYQ2pcgaOqR6FutB5PZGP0B73ekwhbRfrt6zxLpHzZFnrSeV9lz1U4r8Bkyxuze3cuQGcL/cNTBbhE83cbNY8VJlu4E+6LmZ9ll3vpjNq3735S6gFArsOJ38FcLO0Kqj1rZr7/r9TRsV9f8agDnWusc5lQzZc+4H0BIeAPD34ApJxGogA63/8yF1Pl3uc1Rp+a6blQHLLCRZthIpi8LVF8rSizTkTDWUrTw+X5wGDunjslrUmClW25qzGeLTZpELrJXkKFstUnL4blaPboyPk8qDecaRed+dIjteVS9CgF51AtHrO9vhWgrr41TL+H8akHfjI6Q9GIgravWLSkNrVMsrNyVAlc1hdUAovLXJFfxS3Mg0OugjG3rJhSCiQqLCuhIRL8OB4Fz4Pa24fpBG0G/Rv1RrhuQaKoxNsZxuR67zzF+v7+4PRKK39y0cqFWBf95YV4SWz7qzXmZYcaDcVhrFzp723ecWunVa6Qt5YUZ3+pkKV+NGGb95PjS7HtvXZo4ko5tJX1QI+ke4I3j3cThrWlV5y3rNC2IKiE8eRNI6rKRGdvpYLwkL0B5AkJleqGjdiqZVy6Q2w/YdHN2oTOs8qUgIVgPHJMyRLUTT872ZOWdmmHWJuIe3sVkr1RLFDV2csmYggSZCbjCczFvlmKrcn6OLqVRGN3sNm6a9Q45wZimLvIkxePHag3vvtp' back to the auth server > 12:44:52,846 DEBUG [MainClientExec] Proxy auth state: UNCHALLENGED > 12:44:52,846 DEBUG [headers] http-outgoing-0 >> GET /odata4/kerberos_teiid/BQT1/smalla HTTP/1.1 > 12:44:52,846 DEBUG [headers] http-outgoing-0 >> Host: localhost:8080 > 12:44:52,846 DEBUG [headers] http-outgoing-0 >> Connection: Keep-Alive > 12:44:52,846 DEBUG [headers] http-outgoing-0 >> User-Agent: Apache-HttpClient/4.5.2 (Java/1.8.0_51) > 12:44:52,846 DEBUG [headers] http-outgoing-0 >> Accept-Encoding: gzip,deflate > 12:44:52,846 DEBUG [headers] http-outgoing-0 >> Authorization: Negotiate YIIEjgYGKwYBBQUCoIIEgjCCBH6gDTALBgkqhkiG9xIBAgKhBAMCAfaiggRlBIIEYWCCBF0GCSqGSIb3EgECAgEAboIETDCCBEigAwIBBaEDAgEOogcDBQAgAAAAo4IBBmGCAQIwgf+gAwIBBaEbGxlNVy5MQUIuRU5HLkJPUy5SRURIQVQuQ09NohwwGqADAgEAoRMwERsESFRUUBsJbG9jYWxob3N0o4G8MIG5oAMCARGhAwIBBKKBrASBqdJuL2wF7+W0MD1qISt66VAyhitq77SR6vLKWJnpc/Yx60ch80GepVlYdoYxee0qW+d4u6aw3p0BaOWSgSMRoDnr9bSUn+tQXNevIfKE+oUM+5lC4afhAF0PB4dcJC7z6/wLZ9drDImvyhntm9lq/yv5LW76gSbVd9SjO58ZvD3cYRJnuF3CaFhm5ol0ce84ojZdX5mVvVBUU3+Vo1rh6SSEKda+xoBkK/ykggMnMIIDI6ADAgERooIDGgSCAxaG8huKFUf6vR0wVfeI1caKfIPtGC9rDSw5DYTz1dz43F8GI9we3YG9NC6kEi1zPdA4A2dxfBqgUl+/YkBdQco4udBCwLXNmziHCS5ypypBJsFdgFzRi/9hXukmqofSGIlKVJWH3ap1ap+37Amfm6LxZuQFDyY526onGXdWoAB0Jbcpsi74Ti5x3sRGZqoF5FTwUqI0pQYI+hLDh2GeBNXBNOHqdMXNfnLFOr+LpnNhl7ROxkWsBxNPv/4MmRLPsF/cGrc924L6R4PQvP7qVjGKUxayEoBPP/go5xb2b2z+TjruspzbJ5dw1wKAOH2RGlDJ5om0PUSqaxe0h2WhL9rXBOGVONTSv7lYQ2pcgaOqR6FutB5PZGP0B73ekwhbRfrt6zxLpHzZFnrSeV9lz1U4r8Bkyxuze3cuQGcL/cNTBbhE83cbNY8VJlu4E+6LmZ9ll3vpjNq3735S6gFArsOJ38FcLO0Kqj1rZr7/r9TRsV9f8agDnWusc5lQzZc+4H0BIeAPD34ApJxGogA63/8yF1Pl3uc1Rp+a6blQHLLCRZthIpi8LVF8rSizTkTDWUrTw+X5wGDunjslrUmClW25qzGeLTZpELrJXkKFstUnL4blaPboyPk8qDecaRed+dIjteVS9CgF51AtHrO9vhWgrr41TL+H8akHfjI6Q9GIgravWLSkNrVMsrNyVAlc1hdUAovLXJFfxS3Mg0OugjG3rJhSCiQqLCuhIRL8OB4Fz4Pa24fpBG0G/Rv1RrhuQaKoxNsZxuR67zzF+v7+4PRKK39y0cqFWBf95YV4SWz7qzXmZYcaDcVhrFzp723ecWunVa6Qt5YUZ3+pkKV+NGGb95PjS7HtvXZo4ko5tJX1QI+ke4I3j3cThrWlV5y3rNC2IKiE8eRNI6rKRGdvpYLwkL0B5AkJleqGjdiqZVy6Q2w/YdHN2oTOs8qUgIVgPHJMyRLUTT872ZOWdmmHWJuIe3sVkr1RLFDV2csmYggSZCbjCczFvlmKrcn6OLqVRGN3sNm6a9Q45wZimLvIkxePHag3vvtp > 12:44:52,846 DEBUG [wire] http-outgoing-0 >> "GET /odata4/kerberos_teiid/BQT1/smalla HTTP/1.1[\r][\n]" > 12:44:52,846 DEBUG [wire] http-outgoing-0 >> "Host: localhost:8080[\r][\n]" > 12:44:52,847 DEBUG [wire] http-outgoing-0 >> "Connection: Keep-Alive[\r][\n]" > 12:44:52,847 DEBUG [wire] http-outgoing-0 >> "User-Agent: Apache-HttpClient/4.5.2 (Java/1.8.0_51)[\r][\n]" > 12:44:52,847 DEBUG [wire] http-outgoing-0 >> "Accept-Encoding: gzip,deflate[\r][\n]" > 12:44:52,847 DEBUG [wire] http-outgoing-0 >> "Authorization: Negotiate YIIEjgYGKwYBBQUCoIIEgjCCBH6gDTALBgkqhkiG9xIBAgKhBAMCAfaiggRlBIIEYWCCBF0GCSqGSIb3EgECAgEAboIETDCCBEigAwIBBaEDAgEOogcDBQAgAAAAo4IBBmGCAQIwgf+gAwIBBaEbGxlNVy5MQUIuRU5HLkJPUy5SRURIQVQuQ09NohwwGqADAgEAoRMwERsESFRUUBsJbG9jYWxob3N0o4G8MIG5oAMCARGhAwIBBKKBrASBqdJuL2wF7+W0MD1qISt66VAyhitq77SR6vLKWJnpc/Yx60ch80GepVlYdoYxee0qW+d4u6aw3p0BaOWSgSMRoDnr9bSUn+tQXNevIfKE+oUM+5lC4afhAF0PB4dcJC7z6/wLZ9drDImvyhntm9lq/yv5LW76gSbVd9SjO58ZvD3cYRJnuF3CaFhm5ol0ce84ojZdX5mVvVBUU3+Vo1rh6SSEKda+xoBkK/ykggMnMIIDI6ADAgERooIDGgSCAxaG8huKFUf6vR0wVfeI1caKfIPtGC9rDSw5DYTz1dz43F8GI9we3YG9NC6kEi1zPdA4A2dxfBqgUl+/YkBdQco4udBCwLXNmziHCS5ypypBJsFdgFzRi/9hXukmqofSGIlKVJWH3ap1ap+37Amfm6LxZuQFDyY526onGXdWoAB0Jbcpsi74Ti5x3sRGZqoF5FTwUqI0pQYI+hLDh2GeBNXBNOHqdMXNfnLFOr+LpnNhl7ROxkWsBxNPv/4MmRLPsF/cGrc924L6R4PQvP7qVjGKUxayEoBPP/go5xb2b2z+TjruspzbJ5dw1wKAOH2RGlDJ5om0PUSqaxe0h2WhL9rXBOGVONTSv7lYQ2pcgaOqR6FutB5PZGP0B73ekwhbRfrt6zxLpHzZFnrSeV9lz1U4r8Bkyxuze3cuQGcL/cNTBbhE83cbNY8VJlu4E+6LmZ9ll3vpjNq3735S6gFArsOJ38FcLO0Kqj1rZr7/r9TRsV9f8agDnWusc5lQzZc+4H0BIeAPD34ApJxGogA63/8yF1Pl3uc1Rp+a6blQHLLCRZthIpi8LVF8rSizTkTDWUrTw+X5wGDunjslrUmClW25qzGeLTZpELrJXkKFstUnL4blaPboyPk8qDecaRed+dIjteVS9CgF51AtHrO9vhWgrr41TL+H8akHfjI6Q9GIgravWLSkNrVMsrNyVAlc1hdUAovLXJFfxS3Mg0OugjG3rJhSCiQqLCuhIRL8OB4Fz4Pa24fpBG0G/Rv1RrhuQaKoxNsZxuR67zzF+v7+4PRKK39y0cqFWBf95YV4SWz7qzXmZYcaDcVhrFzp723ecWunVa6Qt5YUZ3+pkKV+NGGb95PjS7HtvXZo4ko5tJX1QI+ke4I3j3cThrWlV5y3rNC2IKiE8eRNI6rKRGdvpYLwkL0B5AkJleqGjdiqZVy6Q2w/YdHN2oTOs8qUgIVgPHJMyRLUTT872ZOWdmmHWJuIe3sVkr1RLFDV2csmYggSZCbjCczFvlmKrcn6OLqVRGN3sNm6a9Q45wZimLvIkxePHag3vvtp[\r][\n]" > 12:44:52,847 DEBUG [wire] http-outgoing-0 >> "[\r][\n]" > {code} > Last server logs before error: > {code:plain} > 11:44:53,246 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (http-127.0.0.1:8080-1) Logged in 'host' LoginContext > 11:44:53,247 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (http-127.0.0.1:8080-1) Creating new GSSContext. > 11:44:53,283 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (http-127.0.0.1:8080-1) context.getCredDelegState() = true > 11:44:53,284 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (http-127.0.0.1:8080-1) context.getMutualAuthState() = true > 11:44:53,284 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (http-127.0.0.1:8080-1) context.getSrcName() = dv(a)EXAMPLE.COM > 11:44:53,284 INFO [stdout] (http-127.0.0.1:8080-1) [Krb5LoginModule]: Entering logout > 11:44:53,285 INFO [stdout] (http-127.0.0.1:8080-1) [Krb5LoginModule]: logged out Subject > 11:44:53,285 DEBUG [org.jboss.security.auth.spi.AbstractServerLoginModule] (http-127.0.0.1:8080-1) Storing username 'dv(a)EXAMPLE.COM' and empty password > 11:44:53,304 DEBUG [org.jboss.security.negotiation.NegotiationAuthenticator] (http-127.0.0.1:8080-1) authenticated principal = GenericPrincipal[5tV-f1mRV7tGghx2rk4krdFH_1476096292858(odata,user,)] > {code} > VDB used: > {code:xml} > <vdb name="kerberos_teiid" version="1"> > <property name="security-domain" value="EXAMPLE.COM"/> > <property name="authentication-type" value="GSS"/> > . > . > . > </vdb> > {code} > Request URL: > {code:plain} > http://localhost:8080/odata4/kerberos_teiid/BQT1/smalla > {code} > Server configuration: > {code:xml} > <security-domain name="host"> > <authentication> > <login-module code="Kerberos" flag="required" module="org.jboss.security.negotiation"> > <module-option name="storeKey" value="true"/> > <module-option name="useKeyTab" value="true"/> > <module-option name="keyTab" value="${jboss.home.dir}/HTTP_localhost"/> > <module-option name="principal" value="HTTP/localhost(a)EXAMPLE.COM"/> > <module-option name="doNotPrompt" value="true"/> > <module-option name="useTicketCache" value="true"/> > <module-option name="debug" value="true"/> > <module-option name="refreshKrb5Config" value="false"/> > <module-option name="isInitiator" value="true"/> > <module-option name="addGSSCredential" value="true"/> > <module-option name="delegationCredential" value="USE"/> > <module-option name="ticketCache" value="/tmp/krb5cc_1000"/> > </login-module> > </authentication> > </security-domain> > <security-domain name="EXAMPLE.COM"> > <authentication> > <login-module code="SPNEGO" flag="requisite" module="org.jboss.security.negotiation"> > <module-option name="password-stacking" value="useFirstPass"/> > <module-option name="serverSecurityDomain" value="host"/> > </login-module> > </authentication> > <mapping> > <mapping-module code="SimpleRoles" type="role"> > <module-option name="dv(a)EXAMPLE.COM" value="user,odata"/> > </mapping-module> > </mapping> > </security-domain> > {code} > Kerberos client configuration: > {code:plain} > ClientDV { > com.sun.security.auth.module.Krb5LoginModule required > storeKey="true" > useKeyTab="true" > keyTab="${dv.test.krb.dir}/dv.keytab" > principal="dv(a)EXAMPLE.COM" > doNotPrompt="true" > refreshKrb5Config="false" > useTicketCache="true" > ticketCache="/tmp/krb5cc_1000" > debug="true"; > }; > {code} > KRB5 configuration file is passed to server by setting system-property java.security.krb5.conf: > {code:xml} > <system-properties> > <property name="java.security.krb5.conf" value="${jboss.home.dir}/krb5.conf"/> > <property name="java.security.krb5.debug" value="true"/> > </system-properties> > {code} -- This message was sent by Atlassian JIRA (v7.2.2#72004)

8 years, 2 months

1
0
0 / 0

[JBoss JIRA] (TEIID-4515) Phoenix/Hbase should support offset

by Steven Hawkins (JIRA)

[ https://issues.jboss.org/browse/TEIID-4515?page=com.atlassian.jira.plugin... ] Steven Hawkins commented on TEIID-4515: --------------------------------------- Yes it would be great to update for all of the new functionality. > Phoenix/Hbase should support offset > ----------------------------------- > > Key: TEIID-4515 > URL: https://issues.jboss.org/browse/TEIID-4515 > Project: Teiid > Issue Type: Enhancement > Components: JDBC Connector > Reporter: Steven Hawkins > Assignee: Kylin Soong > Fix For: 9.2 > > > http://phoenix.apache.org/language/index.html indicates that offset is supported, but wasn't added in the initial implementation of the translator. Need to see if that is version dependent behavior. -- This message was sent by Atlassian JIRA (v7.2.2#72004)

8 years, 2 months

1
0
0 / 0

[JBoss JIRA] (TEIID-4540) Make admin methods the same for ddl vdbs

by Steven Hawkins (JIRA)

Steven Hawkins created TEIID-4540: ------------------------------------- Summary: Make admin methods the same for ddl vdbs Key: TEIID-4540 URL: https://issues.jboss.org/browse/TEIID-4540 Project: Teiid Issue Type: Sub-task Components: Server Reporter: Steven Hawkins Assignee: Steven Hawkins There are still admin methods that depend upon the VDBService/Runtime vdb, which is not available for the DDL vdbs. -- This message was sent by Atlassian JIRA (v7.2.2#72004)

8 years, 2 months

1
0
0 / 0

[JBoss JIRA] (TEIID-4531) Unable to configure the JDG schema using marshallers

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/TEIID-4531?page=com.atlassian.jira.plugin... ] RH Bugzilla Integration commented on TEIID-4531: ------------------------------------------------ jolee(a)redhat.com changed the Status of [bug 1385628|https://bugzilla.redhat.com/show_bug.cgi?id=1385628] from ASSIGNED to ON_QA > Unable to configure the JDG schema using marshallers > ---------------------------------------------------- > > Key: TEIID-4531 > URL: https://issues.jboss.org/browse/TEIID-4531 > Project: Teiid > Issue Type: Bug > Components: Misc. Connectors > Affects Versions: 9.2 > Reporter: Van Halbert > Assignee: Van Halbert > > There appears to be a change in JDG 7.1 that now requires permission in order to configure the JDG schema using marshallers. There was a blog [1] found that describes the issue and a possible solution. > [1] https://blog.kenthua.com/2016/08/03/jdg-7-remote-query-register-proto-sch... -- This message was sent by Atlassian JIRA (v7.2.2#72004)

8 years, 2 months

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

teiid-issues October 2016