[jboss-dev-forums] [JBoss AS 7 Development] - Remote EJB Client with SASL and Kerberos Authentication fails on jboss-as-7.1.0.Final-SNAPSHOT ( 02.02.2012)

Tue Jan 3 08:22:32 EST 2012

Radek Rodak [http://community.jboss.org/people/rodakr] created the discussion

"Remote EJB Client with SASL and Kerberos Authentication fails on jboss-as-7.1.0.Final-SNAPSHOT ( 02.02.2012)"

To view the discussion, visit: http://community.jboss.org/message/644350#644350

--------------------------------------------------------------
Hi

I tried to use SASL and GSSAPI  for Authentication on jboss-as-7.1.0.Final-SNAPSHOT but it fails...

I did what is wroten here:   http://community.jboss.org/docs/DOC-17302 http://community.jboss.org/wiki/SASLAndKerberos

Client Code  is able to execute createSaslClient in Privileged Action after successfull KRB5 Jaas Login:

Sasl.createSaslClient(new String[]{"GSSAPI"}, null, "remoting", "test2", Collections.EMPTY_MAP, new NamePasswordCallbackHandler2("someuser","somepass" ) );

, but it fails with this Exception... :

   [java] Client Addresses  Null 
     [java] Initial Context created
     [java] lookupejb:/sl-securityTestEjb3//TestServiceSLEJB3Bean!ch.swisslife.test.ejb3.TestServiceItf @RolesAllowed({"BackofficeRole"})
     [java] 03.01.2012 13:54:35 org.jboss.ejb.client.EJBClient <clinit>
     [java] INFO: JBoss EJB Client version 1.0.0.Beta11
     [java] lookup testEjbJndi successful
     [java]  call unsecured Method permittAllMethod()
     [java] 03.01.2012 13:54:36 org.xnio.Xnio <clinit>
     [java] INFO: XNIO Version 3.0.0.GA
     [java] 03.01.2012 13:54:36 org.xnio.nio.NioXnio <clinit>
     [java] INFO: XNIO NIO Implementation Version 3.0.0.GA
     [java] 03.01.2012 13:54:36 org.jboss.remoting3.EndpointImpl <clinit>
     [java] INFO: JBoss Remoting version 3.2.0.CR8
     [java] 03.01.2012 13:54:36 org.jboss.remoting3.remote.RemoteConnection handleException
     [java] ERROR: JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
     [java] 03.01.2012 13:54:36 org.jboss.ejb.client.ConfigBasedEJBClientContextSelector createConnections
     [java] ERROR: Could not create connection for connection named default
     [java] java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
     [java]     at org.jboss.ejb.client.remoting.IoFutureHelper.get(IoFutureHelper.java:91)
     [java]     at org.jboss.ejb.client.ConfigBasedEJBClientContextSelector.createConnection(ConfigBasedEJBClientContextSelector.java:292)
     [java]     at org.jboss.ejb.client.ConfigBasedEJBClientContextSelector.createConnections(ConfigBasedEJBClientContextSelector.java:209)
     [java]     at org.jboss.ejb.client.ConfigBasedEJBClientContextSelector.setupEJBReceivers(ConfigBasedEJBClientContextSelector.java:138)
     [java]     at org.jboss.ejb.client.ConfigBasedEJBClientContextSelector.<init>(ConfigBasedEJBClientContextSelector.java:120)
     [java]     at org.jboss.ejb.client.ConfigBasedEJBClientContextSelector.<clinit>(ConfigBasedEJBClientContextSelector.java:110)
     [java]     at org.jboss.ejb.client.EJBClientContext.<clinit>(EJBClientContext.java:57)
     [java]     at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:91)
     [java]     at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:83)
     [java]     at $Proxy0.permittAllMethod(Unknown Source)
     [java]     at ch.swisslife.client.krb5.GetAction.run(TestServiceClient.java:154)
     [java]     at ch.swisslife.client.krb5.GetAction.run(TestServiceClient.java:114)
     [java]     at java.security.AccessController.doPrivileged(Native Method)
     [java]     at javax.security.auth.Subject.doAs(Subject.java:396)
     [java]     at TestServiceKrb5Client.main(TestServiceClient.java:76)
     [java] Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
     [java]     at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:358)
     [java]     at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:207)
     [java]     at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)
     [java]     at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189)
     [java]     at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103)
     [java]     at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)
     [java]     at org.xnio.nio.NioHandle.run(NioHandle.java:90)
     [java]     at org.xnio.nio.WorkerThread.run(WorkerThread.java:184)
     [java]     at ...asynchronous invocation...(Unknown Source)
     [java]     at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:268)
     [java]     at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:250)
     [java]     at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:359)
     [java]     at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:343)
     [java]     at org.jboss.ejb.client.ConfigBasedEJBClientContextSelector.createConnection(ConfigBasedEJBClientContextSelector.java:290)
     [java]     ... 13 more
     [java] 03.01.2012 13:54:36 org.jboss.ejb.client.ConfigBasedEJBClientContextSelector createConnections
     [java] INFO: Connection default will not be available in EJB client context org.jboss.ejb.client.EJBClientContext at e2dae9
     [java] java.lang.IllegalStateException: No EJB receiver available for handling [appName:,modulename:sl-securityTestEjb3,distinctname:] combination
     [java]     at org.jboss.ejb.client.EJBClientContext.requireEJBReceiver(EJBClientContext.java:344)
     [java]     at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:92)
     [java]     at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:83)
     [java]     at $Proxy0.permittAllMethod(Unknown Source)
     [java]     at ch.swisslife.client.krb5.GetAction.run(TestServiceClient.java:154)
     [java]     at ch.swisslife.client.krb5.GetAction.run(TestServiceClient.java:114)
     [java]     at java.security.AccessController.doPrivileged(Native Method)
     [java]     at javax.security.auth.Subject.doAs(Subject.java:396)
     [java]     at ch.swisslife.client.krb5.TestServiceClient.main(TestServiceClient.java:76)

I tried using those client jars:

jboss-ejb-api_3.1_spec-1.0.1.Final.jar
jboss-ejb-client-1.0.0.Beta11.jar
jboss-jacc-api_1.4_spec-1.0.1.Final.jar
jboss-logging-3.1.0.CR2.jar
jboss-marshalling-1.3.4.GA.jar
jboss-marshalling-river-1.3.4.GA.jar
jboss-remoting-3.2.0.CR8.jar
jboss-sasl-1.0.0.Beta9.jar
jboss-transaction-api_1.1_spec-1.0.0.Final.jar
xnio-api-3.0.0.GA.jar
xnio-nio-3.0.0.GA.jar

Some hints what's wrong... or is this not yet supported?
--------------------------------------------------------------

Reply to this message by going to Community
[http://community.jboss.org/message/644350#644350]

Start a new discussion in JBoss AS 7 Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2225]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20120103/ec61d7ab/attachment.html 