[jboss-jira] [JBoss JIRA] (WFLY-8808) AUTH fails to validate AuthHeader
Paul Ferraro (JIRA)
issues at jboss.org
Fri May 19 08:28:00 EDT 2017
[ https://issues.jboss.org/browse/WFLY-8808?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Paul Ferraro moved JBEAP-11028 to WFLY-8808:
--------------------------------------------
Project: WildFly (was: JBoss Enterprise Application Platform)
Key: WFLY-8808 (was: JBEAP-11028)
Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1)
Component/s: Clustering
(was: Clustering)
Affects Version/s: 11.0.0.Alpha1
(was: 7.1.0.DR11)
(was: 7.1.0.DR16)
(was: 7.1.0.DR17)
(was: 7.1.0.DR18)
> AUTH fails to validate AuthHeader
> ---------------------------------
>
> Key: WFLY-8808
> URL: https://issues.jboss.org/browse/WFLY-8808
> Project: WildFly
> Issue Type: Bug
> Components: Clustering
> Affects Versions: 11.0.0.Alpha1
> Reporter: Paul Ferraro
> Assignee: Paul Ferraro
>
> When setting up AUTH protocol and starting two servers, they fail to establish a view, because they never authenticate to each other:
> Server 1:
> {noformat}
> 12:21:59,348 WARN [org.jgroups.protocols.AUTH] (thread-2) rjanik: failed to validate AuthHeader (token: SimpleToken) from node2; dropping message
> {noformat}
> Server 2:
> {noformat}
> 12:23:17,370 WARN [org.jgroups.protocols.AUTH] (thread-1) node2: failed to validate AuthHeader (token: SimpleToken) from node2; dropping message
> 12:23:17,371 WARN [org.jgroups.protocols.AUTH] (thread-1) node2: failed to validate AuthHeader (token: SimpleToken) from node2; dropping message
> 12:23:17,372 WARN [org.jgroups.protocols.AUTH] (thread-2) node2: failed to validate AuthHeader (token: SimpleToken) from rjanik; dropping message
> 12:23:22,370 WARN [org.jgroups.protocols.pbcast.GMS] (MergeTask,ee,node2) node2: merge is cancelled: did not get any merge responses from partition coordinators
> {noformat}
> {{AUTH}} does not set up the {{auth_value}} field for the SimpleToken and MD5Token when creating them and it looks like {{setAuthToken}} is not called later. Those tokens then fail when authenticating, referencing the {{auth_value}} field.
> AUTH:
> {code:java}
> public void setAuthClass(String class_name) throws Exception {
> Object obj=Class.forName(class_name).newInstance();
> auth_token=(AuthToken)obj;
> auth_token.setAuth(this);
> }
> {code}
> MD5Token:
> {code:java}
> return (this.auth_value != null) && (serverToken.auth_value != null)
> && (this.auth_value.equalsIgnoreCase(serverToken.auth_value));
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list