9 Replies Latest reply: Jun 4, 2012 9:55 AM by jkreska RSS

Is there a way to disable all auth on 7.1.2.Final

jkreska Newbie

I don't want ejb auth, mgmt auth, user auth etc.  I would like it to run wide open.

  • 1. Re: Is there a way to disable all auth on 7.1.2.Final
    Darran Lofthouse Master

    Just remove all of the security-realm="..." attributes and then any user that can access the ports of your AS installation will have full control to access what they like.

  • 2. Re: Is there a way to disable all auth on 7.1.2.Final
    jkreska Newbie

    That works great for the management console and jconsole access but doesn't seem to have any affect on ejb access.  I have added security realm for ejb-security per the docs

     

            <security-realm name="ejb-security-realm">
                <server-identities>
                    <secret value="dHJ1c3RubzE="/>
                </server-identities>
            </security-realm>

     

    Do I remove this?  I am trying to get rid of all these log stmts when remote clients connect

     

     

    May 24, 2012 8:27:44 AM org.jboss.ejb.client.remoting.RemotingConnectionEJBReceiver associate
    INFO: EJBCLIENT000013: Successful version handshake completed for receiver context EJBReceiverContext{clientContext=org.jboss.ejb.client.EJBClientContext@14c92844, receiver=Remoting connection EJB receiver [connection=Remoting connection <67a78ec>,channel=jboss.ejb,nodename=jb7-8]} on channel Channel ID cfdbcc58 (outbound) of Remoting connection 3de08f43 to jb7-8.alpha.farecompare.com/192.168.12.83:4447
    May 24, 2012 8:27:44 AM org.jboss.remoting3.remote.RemoteConnection handleException
    ERROR: JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
    May 24, 2012 8:27:44 AM org.jboss.ejb.client.remoting.RemotingConnectionClusterNodeManager getEJBReceiver
    INFO: Could not create a connection for cluster node ClusterNode{clusterName='ejb', nodeName='jb7-8', clientMappings=[ClientMapping{sourceNetworkAddress=/0:0:0:0:0:0:0:0, sourceNetworkMaskBits=0, destinationAddress='192.168.12.83', destinationPort=4447}], resolvedDestination=[Destination address=192.168.12.83, destination port=4447]} in cluster ejb
    java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
    
  • 3. Re: Is there a way to disable all auth on 7.1.2.Final
    jaikiran pai Master

    Get rid of the security-realm reference from the remoting-connector in the remoting subsystem, if you don't want to enable security. Also you won't have to create any of those new security realms referenced in the EJB documentation if you don't need security.

  • 4. Re: Is there a way to disable all auth on 7.1.2.Final
    jkreska Newbie

    I am getting some exceptions about unrecognized SSL message when a cluser tries to make a remote connection to another cluster

     

    13:23:08,529 INFO  [org.jboss.ejb.client.remoting.RemotingConnectionClusterNodeManager] (ejb-client-cluster-node-connection-creation-4-thread-2) Could not create a connection for cluster node ClusterNode{clusterName='jboss7-test-server1-ejb', nodeName='jb7-1', clientMappings=[ClientMapping{sourceNetworkAddress=/0:0:0:0:0:0:0:0, sourceNetworkMaskBits=0, destinationAddress='192.168.12.223', destinationPort=4447}], resolvedDestination=[Destination address=192.168.12.223, destination port=4447]} in cluster jboss7-test-server1-ejb: java.lang.RuntimeException: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
            at org.jboss.ejb.client.remoting.IoFutureHelper.get(IoFutureHelper.java:91)
            at org.jboss.ejb.client.remoting.RemotingConnectionClusterNodeManager.getEJBReceiver(RemotingConnectionClusterNodeManager.java:89)
    
  • 5. Re: Is there a way to disable all auth on 7.1.2.Final
    jkreska Newbie

    Unrecognized SSL message, plaintext connection?
            at org.jboss.ejb.client.remoting.IoFutureHelper.get(IoFutureHelper.java:91)

     

    messages have dis-appeard and communication is working again

  • 6. Re: Is there a way to disable all auth on 7.1.2.Final
    jaikiran pai Master

    jkreska wrote:

     

     

    Unrecognized SSL message, plaintext connection?
            at org.jboss.ejb.client.remoting.IoFutureHelper.get(IoFutureHelper.java:91)

     

     

    messages have dis-appeard and communication is working again

    I'm marking this thread as answered then.

  • 7. Re: Is there a way to disable all auth on 7.1.2.Final
    jkreska Newbie

    If i remove the security-realm attribute in jboss-ejb-client.xml file it fails with the following exception

     

    15:14:17,273 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-7) MSC00001: Failed to start service jboss.deployment.unit."xxi-framework-test-modul
    e-deploy-ejb.ear".POST_MODULE: org.jboss.msc.service.StartException in service jboss.deployment.unit."xxi-framework-test-module-deploy-ejb.ear".POST_MODUL
    E: JBAS018733: Failed to process phase POST_MODULE of deployment "xxi-framework-test-module-deploy-ejb.ear"
            at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:123) [jboss-as-server-7.1.2.Final.jar:7.1.2.Fin
    al]
            at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1811) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]
            at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1746) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]
            at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) [rt.jar:1.7.0_04]
            at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) [rt.jar:1.7.0_04]
            at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_04]
    Caused by: java.lang.IllegalArgumentException: Name segment is null for security_realm
            at org.jboss.msc.service.ServiceName.of(ServiceName.java:82) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]
            at org.jboss.msc.service.ServiceName.append(ServiceName.java:112) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]
            at org.jboss.as.ejb3.remote.EJBClientCommonConnectionConfig$CallbackHandlerProvider.<init>(EJBClientCommonConnectionConfig.java:114)
            at org.jboss.as.ejb3.remote.EJBClientCommonConnectionConfig.setCallbackHandler(EJBClientCommonConnectionConfig.java:86)
            at org.jboss.as.ejb3.remote.EJBClientClusterConfig.<init>(EJBClientClusterConfig.java:72)
            at org.jboss.as.ejb3.deployment.processors.EJBClientDescriptorMetaDataProcessor.createClientConfiguration(EJBClientDescriptorMetaDataProcessor.jav
    a:158)
            at org.jboss.as.ejb3.deployment.processors.EJBClientDescriptorMetaDataProcessor.deploy(EJBClientDescriptorMetaDataProcessor.java:89)
            at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:116) [jboss-as-server-7.1.2.Final.jar:7.1.2.Fin
    
  • 8. Re: Is there a way to disable all auth on 7.1.2.Final
    jaikiran pai Master

    Can you please file a JIRA for this one? I'll take a look.