[jboss-jira] [JBoss JIRA] (ELY-1826) Cannot connect to management interface with Java Security Manager enabled
Ilia Vassilev (Jira)
issues at jboss.org
Thu Jun 6 11:27:00 EDT 2019
[ https://issues.jboss.org/browse/ELY-1826?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ilia Vassilev updated ELY-1826:
-------------------------------
Security: (was: Red Hat Internal)
> Cannot connect to management interface with Java Security Manager enabled
> -------------------------------------------------------------------------
>
> Key: ELY-1826
> URL: https://issues.jboss.org/browse/ELY-1826
> Project: WildFly Elytron
> Issue Type: Bug
> Components: Security Manager
> Affects Versions: 1.6.2.Final
> Reporter: Ilia Vassilev
> Assignee: Ilia Vassilev
> Priority: Major
>
> When JBoss EAP is configured to authenticate management interfaces with LDAPS and RBAC enabled authentication works unless the security manager is enabled. When security manager is enabled the exception [1] occurs in console and exception [2] is logged in server.log
> [1]
> {code}
> "Failed to connect to the controller: Unable to authenticate against controller at ... Authentication failed: all available authentication mechanisms failed: PLAIN: javax.security.sasl.SaslException: PLAIN: Server rejected authentication"
> {code}
> [2]
> {code}
> 2019-05-15 09:30:45,434 DEBUG [org.wildfly.security] (management task-3) Could not create [class javax.naming.ldap.InitialLdapContext]. Failed to connect to LDAP server.: javax.naming.CommunicationException: myldap.mydomain:636 [Root exception is java.lang.ClassNotFoundException: org/wildfly/security/auth/realm/ldap/ThreadLocalSSLSocketFactory]
> at com.sun.jndi.ldap.Connection.<init>(Connection.java:238)
> at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137)
> at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1609)
> at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2749)
> at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319)
> at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192)
> at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210)
> at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153)
> at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83)
> at org.jboss.as.naming.InitialContext.getDefaultInitCtx(InitialContext.java:116)
> at org.jboss.as.naming.InitialContext.init(InitialContext.java:101)
> at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154)
> ...
> at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:245)
> at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:217)
> at org.jboss.remoting3.remote.ServerConnectionOpenListener$AuthStepRunnable.run(ServerConnectionOpenListener.java:486)
> at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:949)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
> at java.lang.Thread.run(Thread.java:748)
> Caused by: java.lang.ClassNotFoundException: org/wildfly/security/auth/realm/ldap/ThreadLocalSSLSocketFactory
> at java.lang.Class.forName0(Native Method)
> at java.lang.Class.forName(Class.java:348)
> at com.sun.jndi.ldap.VersionHelper12.loadClass(VersionHelper12.java:72)
> at com.sun.jndi.ldap.Connection.createSocket(Connection.java:293)
> at com.sun.jndi.ldap.Connection.<init>(Connection.java:215)
> ... 42 more
> {code}
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the jboss-jira
mailing list