[jboss-jira] [JBoss JIRA] (WFCORE-2968) Servers in a domain won't boot if local auth is disabled on the host controller

Ken Wills (JIRA) issues at jboss.org
Wed Jun 28 11:51:00 EDT 2017 

    [ https://issues.jboss.org/browse/WFCORE-2968?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13428404#comment-13428404 ] 

Ken Wills edited comment on WFCORE-2968 at 6/28/17 11:50 AM:
-------------------------------------------------------------

FYI: 

{quote}
[Host Controller] 10:47:39,595 TRACE [org.wildfly.security] (management task-4) Handling RealmCallback: selected = [ManagementRealm]
[Host Controller] 10:47:39,595 TRACE [org.wildfly.security] (management task-4) Handling NameCallback: authenticationName = =server-one
[Host Controller] 10:47:39,595 TRACE [org.wildfly.security] (management task-4) Principal assigning: [=server-one], pre-realm rewritten: [=server-one at ManagementRealm], realm name: [DIGEST], post-realm rewritten: [=server-one at ManagementRealm], realm rewritten: [=server-one at ManagementRealm]
[Host Controller] 10:47:39,595 TRACE [org.wildfly.security] (management task-4) Handling CredentialCallback: failed to obtain credential
[Host Controller] 10:47:39,595 TRACE [org.wildfly.security] (management task-4) Handling RealmCallback: selected = [ManagementRealm]
[Host Controller] 10:47:39,595 TRACE [org.wildfly.security] (management task-4) Handling NameCallback: authenticationName = =server-one
[Host Controller] 10:47:39,595 TRACE [org.wildfly.security] (management task-4) Handling CredentialCallback: failed to obtain credential
[Host Controller] 10:47:39,595 TRACE [org.wildfly.security] (management task-4) Handling RealmCallback: selected = [ManagementRealm]
[Host Controller] 10:47:39,595 TRACE [org.wildfly.security] (management task-4) Handling NameCallback: authenticationName = =server-one
[Host Controller] 10:47:39,595 TRACE [org.wildfly.security] (management task-4) Handling PasswordCallback: failed to obtain PasswordCredential
[Host Controller] 10:47:39,595 TRACE [org.jboss.remoting.remote.server] (management task-4) Server sending authentication rejected: javax.security.sasl.SaslException: ELY05051: [DIGEST-MD5] Callback handler does not support credential acquisition
[Host Controller] 	at org.wildfly.security.sasl.digest.DigestSaslServer.validateDigestResponse(DigestSaslServer.java:269)
[Host Controller] 	at org.wildfly.security.sasl.digest.DigestSaslServer.evaluateMessage(DigestSaslServer.java:358)
[Host Controller] 	at org.wildfly.security.sasl.util.AbstractSaslParticipant.evaluateMessage(AbstractSaslParticipant.java:180)
[Host Controller] 	at org.wildfly.security.sasl.digest.DigestSaslServer.evaluateResponse(DigestSaslServer.java:331)
[Host Controller] 	at org.wildfly.security.sasl.util.AuthenticationCompleteCallbackSaslServerFactory$1.evaluateResponse(AuthenticationCompleteCallbackSaslServerFactory.java:58)
[Host Controller] 	at org.wildfly.security.sasl.util.AuthenticationTimeoutSaslServerFactory$DelegatingTimeoutSaslServer.evaluateResponse(AuthenticationTimeoutSaslServerFactory.java:106)
[Host Controller] 	at org.wildfly.security.sasl.util.SecurityIdentitySaslServerFactory$1.evaluateResponse(SecurityIdentitySaslServerFactory.java:57)
[Host Controller] 	at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:245)
[Host Controller] 	at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:217)
[Host Controller] 	at org.jboss.remoting3.remote.ServerConnectionOpenListener$AuthStepRunnable.run(ServerConnectionOpenListener.java:470)
[Host Controller] 	at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:902)
[Host Controller] 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
[Host Controller] 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
[Host Controller] 	at java.lang.Thread.run(Thread.java:748)
[Host Controller] 
[Host Controller] 10:47:39,595 TRACE [org.wildfly.security] (management task-4) Handling AuthenticationCompleteCallback: fail
{quote}



was (Author: luck3y):
FYI: 

[Host Controller] 10:47:39,595 TRACE [org.wildfly.security] (management task-4) Handling RealmCallback: selected = [ManagementRealm]
[Host Controller] 10:47:39,595 TRACE [org.wildfly.security] (management task-4) Handling NameCallback: authenticationName = =server-one
[Host Controller] 10:47:39,595 TRACE [org.wildfly.security] (management task-4) Principal assigning: [=server-one], pre-realm rewritten: [=server-one at ManagementRealm], realm name: [DIGEST], post-realm rewritten: [=server-one at ManagementRealm], realm rewritten: [=server-one at ManagementRealm]
[Host Controller] 10:47:39,595 TRACE [org.wildfly.security] (management task-4) Handling CredentialCallback: failed to obtain credential
[Host Controller] 10:47:39,595 TRACE [org.wildfly.security] (management task-4) Handling RealmCallback: selected = [ManagementRealm]
[Host Controller] 10:47:39,595 TRACE [org.wildfly.security] (management task-4) Handling NameCallback: authenticationName = =server-one
[Host Controller] 10:47:39,595 TRACE [org.wildfly.security] (management task-4) Handling CredentialCallback: failed to obtain credential
[Host Controller] 10:47:39,595 TRACE [org.wildfly.security] (management task-4) Handling RealmCallback: selected = [ManagementRealm]
[Host Controller] 10:47:39,595 TRACE [org.wildfly.security] (management task-4) Handling NameCallback: authenticationName = =server-one
[Host Controller] 10:47:39,595 TRACE [org.wildfly.security] (management task-4) Handling PasswordCallback: failed to obtain PasswordCredential
[Host Controller] 10:47:39,595 TRACE [org.jboss.remoting.remote.server] (management task-4) Server sending authentication rejected: javax.security.sasl.SaslException: ELY05051: [DIGEST-MD5] Callback handler does not support credential acquisition
[Host Controller] 	at org.wildfly.security.sasl.digest.DigestSaslServer.validateDigestResponse(DigestSaslServer.java:269)
[Host Controller] 	at org.wildfly.security.sasl.digest.DigestSaslServer.evaluateMessage(DigestSaslServer.java:358)
[Host Controller] 	at org.wildfly.security.sasl.util.AbstractSaslParticipant.evaluateMessage(AbstractSaslParticipant.java:180)
[Host Controller] 	at org.wildfly.security.sasl.digest.DigestSaslServer.evaluateResponse(DigestSaslServer.java:331)
[Host Controller] 	at org.wildfly.security.sasl.util.AuthenticationCompleteCallbackSaslServerFactory$1.evaluateResponse(AuthenticationCompleteCallbackSaslServerFactory.java:58)
[Host Controller] 	at org.wildfly.security.sasl.util.AuthenticationTimeoutSaslServerFactory$DelegatingTimeoutSaslServer.evaluateResponse(AuthenticationTimeoutSaslServerFactory.java:106)
[Host Controller] 	at org.wildfly.security.sasl.util.SecurityIdentitySaslServerFactory$1.evaluateResponse(SecurityIdentitySaslServerFactory.java:57)
[Host Controller] 	at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:245)
[Host Controller] 	at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:217)
[Host Controller] 	at org.jboss.remoting3.remote.ServerConnectionOpenListener$AuthStepRunnable.run(ServerConnectionOpenListener.java:470)
[Host Controller] 	at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:902)
[Host Controller] 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
[Host Controller] 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
[Host Controller] 	at java.lang.Thread.run(Thread.java:748)
[Host Controller] 
[Host Controller] 10:47:39,595 TRACE [org.wildfly.security] (management task-4) Handling AuthenticationCompleteCallback: fail


> Servers in a domain won't boot if local auth is disabled on the host controller
> -------------------------------------------------------------------------------
>
>                 Key: WFCORE-2968
>                 URL: https://issues.jboss.org/browse/WFCORE-2968
>             Project: WildFly Core
>          Issue Type: Bug
>          Components: Domain Management, Security
>            Reporter: James Perkins
>            Assignee: Ken Wills
>            Priority: Blocker
>             Fix For: 3.0.0.Beta28
>
>
> If local authentication has been disabled on the host controller servers cannot communicate with the host controller and fail to start.
> {code}
> [Server:server-one] 15:10:51,241 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 2) MSC000001: Failed to start service jboss.server-boot-operations: org.jboss.msc.service.StartException in service jboss.server-boot-operations: java.net.ConnectException: WFLYPRT0053: Could not connect to remote+http://127.0.0.1:9990. The connection failed
> [Server:server-one] 	at org.jboss.as.server.mgmt.domain.ServerBootOperationsService$1.run(ServerBootOperationsService.java:72)
> [Server:server-one] 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> [Server:server-one] 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> [Server:server-one] 	at java.lang.Thread.run(Thread.java:748)
> [Server:server-one] 	at org.jboss.threads.JBossThread.run(JBossThread.java:320)
> [Server:server-one] Caused by: java.net.ConnectException: WFLYPRT0053: Could not connect to remote+http://127.0.0.1:9990. The connection failed
> [Server:server-one] 	at org.jboss.as.protocol.ProtocolConnectionUtils.connectSync(ProtocolConnectionUtils.java:126)
> [Server:server-one] 	at org.jboss.as.protocol.ProtocolConnectionManager$EstablishingConnection.connect(ProtocolConnectionManager.java:259)
> [Server:server-one] 	at org.jboss.as.protocol.ProtocolConnectionManager.connect(ProtocolConnectionManager.java:70)
> [Server:server-one] 	at org.jboss.as.server.mgmt.domain.HostControllerConnection.openConnection(HostControllerConnection.java:128)
> [Server:server-one] 	at org.jboss.as.server.mgmt.domain.HostControllerClient.resolveBootUpdates(HostControllerClient.java:110)
> [Server:server-one] 	at org.jboss.as.server.mgmt.domain.ServerBootOperationsService$1.run(ServerBootOperationsService.java:68)
> [Server:server-one] 	... 4 more
> [Server:server-one] Caused by: javax.security.sasl.SaslException: Authentication failed: none of the mechanisms presented by the server (DIGEST-MD5) are supported
> [Server:server-one] 	at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:438)
> [Server:server-one] 	at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:246)
> [Server:server-one] 	at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
> [Server:server-one] 	at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
> [Server:server-one] 	at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89)
> [Server:server-one] 	at org.xnio.nio.WorkerThread.run(WorkerThread.java:571)
> [Server:server-one] 	at ...asynchronous invocation...(Unknown Source)
> [Server:server-one] 	at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:545)
> [Server:server-one] 	at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:509)
> [Server:server-one] 	at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:497)
> [Server:server-one] 	at org.jboss.as.protocol.ProtocolConnectionUtils.connect(ProtocolConnectionUtils.java:194)
> [Server:server-one] 	at org.jboss.as.protocol.ProtocolConnectionUtils.connectSync(ProtocolConnectionUtils.java:118)
> [Server:server-one] 	... 9 more
> [Server:server-one] 
> [Server:server-one] 15:10:51,241 ERROR [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0055: Caught exception during boot: org.jboss.as.controller.persistence.ConfigurationPersistenceException: java.util.concurrent.ExecutionException: Operation failed
> [Server:server-one] 	at org.jboss.as.server.ServerStartTask$2$1.load(ServerStartTask.java:188)
> [Server:server-one] 	at org.jboss.as.server.ServerService.boot(ServerService.java:387)
> [Server:server-one] 	at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:370)
> [Server:server-one] 	at java.lang.Thread.run(Thread.java:748)
> [Server:server-one] Caused by: java.util.concurrent.ExecutionException: Operation failed
> [Server:server-one] 	at org.jboss.threads.AsyncFutureTask.operationFailed(AsyncFutureTask.java:74)
> [Server:server-one] 	at org.jboss.threads.AsyncFutureTask.get(AsyncFutureTask.java:268)
> [Server:server-one] 	at org.jboss.as.server.mgmt.domain.ServerBootOperationsService$2.get(ServerBootOperationsService.java:113)
> [Server:server-one] 	at org.jboss.as.server.mgmt.domain.ServerBootOperationsService$2.get(ServerBootOperationsService.java:95)
> [Server:server-one] 	at org.jboss.as.server.ServerStartTask$2$1.load(ServerStartTask.java:185)
> [Server:server-one] 	... 3 more
> [Server:server-one] Caused by: java.net.ConnectException: WFLYPRT0053: Could not connect to remote+http://127.0.0.1:9990. The connection failed
> [Server:server-one] 	at org.jboss.as.protocol.ProtocolConnectionUtils.connectSync(ProtocolConnectionUtils.java:126)
> [Server:server-one] 	at org.jboss.as.protocol.ProtocolConnectionManager$EstablishingConnection.connect(ProtocolConnectionManager.java:259)
> [Server:server-one] 	at org.jboss.as.protocol.ProtocolConnectionManager.connect(ProtocolConnectionManager.java:70)
> [Server:server-one] 	at org.jboss.as.server.mgmt.domain.HostControllerConnection.openConnection(HostControllerConnection.java:128)
> [Server:server-one] 	at org.jboss.as.server.mgmt.domain.HostControllerClient.resolveBootUpdates(HostControllerClient.java:110)
> [Server:server-one] 	at org.jboss.as.server.mgmt.domain.ServerBootOperationsService$1.run(ServerBootOperationsService.java:68)
> [Server:server-one] 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> [Server:server-one] 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> [Server:server-one] 	at java.lang.Thread.run(Thread.java:748)
> [Server:server-one] 	at org.jboss.threads.JBossThread.run(JBossThread.java:320)
> [Server:server-one] Caused by: javax.security.sasl.SaslException: Authentication failed: none of the mechanisms presented by the server (DIGEST-MD5) are supported
> [Server:server-one] 	at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:438)
> [Server:server-one] 	at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:246)
> [Server:server-one] 	at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
> [Server:server-one] 	at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
> [Server:server-one] 	at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89)
> [Server:server-one] 	at org.xnio.nio.WorkerThread.run(WorkerThread.java:571)
> [Server:server-one] 	at ...asynchronous invocation...(Unknown Source)
> [Server:server-one] 	at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:545)
> [Server:server-one] 	at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:509)
> [Server:server-one] 	at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:497)
> [Server:server-one] 	at org.jboss.as.protocol.ProtocolConnectionUtils.connect(ProtocolConnectionUtils.java:194)
> [Server:server-one] 	at org.jboss.as.protocol.ProtocolConnectionUtils.connectSync(ProtocolConnectionUtils.java:118)
> [Server:server-one] 	... 9 more
> [Server:server-one] 
> [Server:server-one] 15:10:51,243 FATAL [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0056: Server boot has failed in an unrecoverable manner; exiting. See previous messages for details.
> [Server:server-one] 15:10:51,254 INFO  [org.jboss.as] (MSC service thread 1-8) WFLYSRV0050: WildFly Core 3.0.0.Beta27-SNAPSHOT "Kenny" stopped in 6ms
> {code}



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list