Details
-
Bug
-
Resolution: Not a Bug
-
Major
-
None
-
fuse-6.3-R16-GA
-
None
-
CEE
-
%
-
Hide
- unzip fuse 6.3 R16
- enable default user by editing etc/user.properties
- create fabric with the default user
- create child container
- create another admin user by using jaas: commands
- delete default user by using jaas: commands
- execute container-stop command
FYI, this is the console log and fuse log which I got
JBossFuse:karaf@root> version 2.4.0.redhat-630446 JBossFuse:karaf@root> fabric:create --clean --new-user admin --new-user-password admin --new-user-role Administrator --zookeeper-password admin --zookeeper-data-dir zkdata --resolver manualip --manual-ip 127.0.0.1 --wait-for-provisioning Waiting for container: root Waiting for container root to provision. JBossFuse:karaf@root> fabric:container-create-child root child Creating new instance on SSH port 8102 and RMI ports 1100/44445 at: /home/hfuruich/product/fuse-630/r16/jboss-fuse-6.3.0.redhat-446/instances/child The following containers have been created successfully: Container: child. JBossFuse:karaf@root> container-list [id] [version] [type] [connected] [profiles] [provision status] root* 1.0 karaf yes fabric success fabric-ensemble-0000-1 jboss-fuse-full child 1.0 karaf yes default success JBossFuse:karaf@root> JBossFuse:karaf@root> realms Index Realm Module Class 1 karaf io.fabric8.jaas.ZookeeperLoginModule JBossFuse:karaf@root> jaas:manage --index 1 JBossFuse:karaf@root> jaas:useradd bob bob JBossFuse:karaf@root> jaas:roleadd bob admin JBossFuse:karaf@root> jaas:update JBossFuse:karaf@root> jaas:manage --index 1 JBossFuse:karaf@root> jaas:users User Name Group Role admin admin admin admin admin manager admin admin viewer admin admin Operator admin admin Maintainer admin admin Deployer admin admin Auditor admin admin Administrator admin admin SuperUser admin Monitor bob admin JBossFuse:karaf@root> jaas:userdel admin JBossFuse:karaf@root> jaas:update JBossFuse:karaf@root> jaas:manage --index 1 JBossFuse:karaf@root> jaas:users User Name Group Role bob admin JBossFuse:karaf@root> JBossFuse:karaf@root> container-stop child The list of container names: [child] Error executing command: java.lang.SecurityException: Authentication failed JBossFuse:karaf@root> fuse.log (root container) ~~~ 2020-05-12 15:33:06,674 | ERROR | l Console Thread | Console | 37 - org.apache.karaf.shell.console - 2.4.0.redhat-630446 | Exception caught while executing command io.fabric8.api.FabricAuthenticationException: java.lang.SecurityException: Authentication failed at io.fabric8.service.ContainerTemplate.createConnector(ContainerTemplate.java:165) at io.fabric8.service.ContainerTemplate$1.createConnector(ContainerTemplate.java:54) at io.fabric8.service.NonCachingJmxTemplate.execute(NonCachingJmxTemplate.java:32) at io.fabric8.service.ContainerTemplate.execute(ContainerTemplate.java:91) at io.fabric8.service.child.ChildContainerProvider$1.stop(ChildContainerProvider.java:232) at io.fabric8.service.child.ChildContainerProvider.stop(ChildContainerProvider.java:101) at io.fabric8.service.FabricServiceImpl.stopContainer(FabricServiceImpl.java:387) at io.fabric8.internal.ContainerImpl.stop(ContainerImpl.java:513) at io.fabric8.commands.ContainerStopAction.doExecute(ContainerStopAction.java:49) at org.apache.karaf.shell.console.AbstractAction.execute(AbstractAction.java:33) at org.apache.felix.gogo.commands.basic.AbstractCommand.execute(AbstractCommand.java:35) at sun.reflect.GeneratedMethodAccessor55.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.apache.aries.proxy.impl.ProxyHandler$1.invoke(ProxyHandler.java:54) at org.apache.aries.proxy.impl.ProxyHandler.invoke(ProxyHandler.java:119) at io.fabric8.commands.$ContainerStop591513427.execute(Unknown Source) at org.apache.felix.gogo.runtime.CommandProxy.execute(CommandProxy.java:78) at org.apache.felix.gogo.runtime.Closure.executeCmd(Closure.java:477) at org.apache.felix.gogo.runtime.Closure.executeStatement(Closure.java:403) at org.apache.felix.gogo.runtime.Pipe.run(Pipe.java:108) at org.apache.felix.gogo.runtime.Closure.execute(Closure.java:183) at org.apache.felix.gogo.runtime.Closure.execute(Closure.java:120) at org.apache.felix.gogo.runtime.CommandSessionImpl.execute(CommandSessionImpl.java:92) at org.apache.karaf.shell.console.jline.Console.run(Console.java:197) at org.apache.karaf.shell.console.jline.DelayedStarted.run(DelayedStarted.java:79) Caused by: java.lang.SecurityException: Authentication failed at org.apache.karaf.management.JaasAuthenticator.authenticate(JaasAuthenticator.java:78) at javax.management.remote.rmi.RMIServerImpl.doNewClient(RMIServerImpl.java:232) at javax.management.remote.rmi.RMIServerImpl.newClient(RMIServerImpl.java:199) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:357) at sun.rmi.transport.Transport$1.run(Transport.java:200) at sun.rmi.transport.Transport$1.run(Transport.java:197) at java.security.AccessController.doPrivileged(Native Method) at sun.rmi.transport.Transport.serviceCall(Transport.java:196) at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:568) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:826) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.lambda$run$0(TCPTransport.java:683) at java.security.AccessController.doPrivileged(Native Method) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:682) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:283) at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:260) at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:161) at javax.management.remote.rmi.RMIServerImpl_Stub.newClient(Unknown Source) at javax.management.remote.rmi.RMIConnector.getConnection(RMIConnector.java:2430) at javax.management.remote.rmi.RMIConnector.connect(RMIConnector.java:308) at javax.management.remote.JMXConnectorFactory.connect(JMXConnectorFactory.java:270) at io.fabric8.service.ContainerTemplate.createConnector(ContainerTemplate.java:159) ... 25 more Caused by: javax.security.auth.login.FailedLoginException: User doesn't exist at io.fabric8.jaas.ZookeeperLoginModule.login(ZookeeperLoginModule.java:213) at org.apache.karaf.jaas.boot.ProxyLoginModule.login(ProxyLoginModule.java:83) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) at javax.security.auth.login.LoginContext.login(LoginContext.java:587) at org.apache.karaf.management.JaasAuthenticator.authenticate(JaasAuthenticator.java:69) at javax.management.remote.rmi.RMIServerImpl.doNewClient(RMIServerImpl.java:232) at javax.management.remote.rmi.RMIServerImpl.newClient(RMIServerImpl.java:199) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:357) at sun.rmi.transport.Transport$1.run(Transport.java:200) at sun.rmi.transport.Transport$1.run(Transport.java:197) at java.security.AccessController.doPrivileged(Native Method) at sun.rmi.transport.Transport.serviceCall(Transport.java:196) at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:568) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:826) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.lambda$run$0(TCPTransport.java:683) at java.security.AccessController.doPrivileged(Native Method) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:682) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) ~~~
Showunzip fuse 6.3 R16 enable default user by editing etc/user.properties create fabric with the default user create child container create another admin user by using jaas: commands delete default user by using jaas: commands execute container-stop command FYI, this is the console log and fuse log which I got JBossFuse:karaf@root> version 2.4.0.redhat-630446 JBossFuse:karaf@root> fabric:create --clean --new-user admin --new-user-password admin --new-user-role Administrator --zookeeper-password admin --zookeeper-data-dir zkdata --resolver manualip --manual-ip 127.0.0.1 --wait-for-provisioning Waiting for container: root Waiting for container root to provision. JBossFuse:karaf@root> fabric:container-create-child root child Creating new instance on SSH port 8102 and RMI ports 1100/44445 at: /home/hfuruich/product/fuse-630/r16/jboss-fuse-6.3.0.redhat-446/instances/child The following containers have been created successfully: Container: child. JBossFuse:karaf@root> container-list [id] [version] [type] [connected] [profiles] [provision status] root* 1.0 karaf yes fabric success fabric-ensemble-0000-1 jboss-fuse-full child 1.0 karaf yes default success JBossFuse:karaf@root> JBossFuse:karaf@root> realms Index Realm Module Class 1 karaf io.fabric8.jaas.ZookeeperLoginModule JBossFuse:karaf@root> jaas:manage --index 1 JBossFuse:karaf@root> jaas:useradd bob bob JBossFuse:karaf@root> jaas:roleadd bob admin JBossFuse:karaf@root> jaas:update JBossFuse:karaf@root> jaas:manage --index 1 JBossFuse:karaf@root> jaas:users User Name Group Role admin admin admin admin admin manager admin admin viewer admin admin Operator admin admin Maintainer admin admin Deployer admin admin Auditor admin admin Administrator admin admin SuperUser admin Monitor bob admin JBossFuse:karaf@root> jaas:userdel admin JBossFuse:karaf@root> jaas:update JBossFuse:karaf@root> jaas:manage --index 1 JBossFuse:karaf@root> jaas:users User Name Group Role bob admin JBossFuse:karaf@root> JBossFuse:karaf@root> container-stop child The list of container names: [child] Error executing command: java.lang.SecurityException: Authentication failed JBossFuse:karaf@root> fuse.log (root container) ~~~ 2020-05-12 15:33:06,674 | ERROR | l Console Thread | Console | 37 - org.apache.karaf.shell.console - 2.4.0.redhat-630446 | Exception caught while executing command io.fabric8.api.FabricAuthenticationException: java.lang.SecurityException: Authentication failed at io.fabric8.service.ContainerTemplate.createConnector(ContainerTemplate.java:165) at io.fabric8.service.ContainerTemplate$1.createConnector(ContainerTemplate.java:54) at io.fabric8.service.NonCachingJmxTemplate.execute(NonCachingJmxTemplate.java:32) at io.fabric8.service.ContainerTemplate.execute(ContainerTemplate.java:91) at io.fabric8.service.child.ChildContainerProvider$1.stop(ChildContainerProvider.java:232) at io.fabric8.service.child.ChildContainerProvider.stop(ChildContainerProvider.java:101) at io.fabric8.service.FabricServiceImpl.stopContainer(FabricServiceImpl.java:387) at io.fabric8.internal.ContainerImpl.stop(ContainerImpl.java:513) at io.fabric8.commands.ContainerStopAction.doExecute(ContainerStopAction.java:49) at org.apache.karaf.shell.console.AbstractAction.execute(AbstractAction.java:33) at org.apache.felix.gogo.commands.basic.AbstractCommand.execute(AbstractCommand.java:35) at sun.reflect.GeneratedMethodAccessor55.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.apache.aries.proxy.impl.ProxyHandler$1.invoke(ProxyHandler.java:54) at org.apache.aries.proxy.impl.ProxyHandler.invoke(ProxyHandler.java:119) at io.fabric8.commands.$ContainerStop591513427.execute(Unknown Source) at org.apache.felix.gogo.runtime.CommandProxy.execute(CommandProxy.java:78) at org.apache.felix.gogo.runtime.Closure.executeCmd(Closure.java:477) at org.apache.felix.gogo.runtime.Closure.executeStatement(Closure.java:403) at org.apache.felix.gogo.runtime.Pipe.run(Pipe.java:108) at org.apache.felix.gogo.runtime.Closure.execute(Closure.java:183) at org.apache.felix.gogo.runtime.Closure.execute(Closure.java:120) at org.apache.felix.gogo.runtime.CommandSessionImpl.execute(CommandSessionImpl.java:92) at org.apache.karaf.shell.console.jline.Console.run(Console.java:197) at org.apache.karaf.shell.console.jline.DelayedStarted.run(DelayedStarted.java:79) Caused by: java.lang.SecurityException: Authentication failed at org.apache.karaf.management.JaasAuthenticator.authenticate(JaasAuthenticator.java:78) at javax.management.remote.rmi.RMIServerImpl.doNewClient(RMIServerImpl.java:232) at javax.management.remote.rmi.RMIServerImpl.newClient(RMIServerImpl.java:199) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:357) at sun.rmi.transport.Transport$1.run(Transport.java:200) at sun.rmi.transport.Transport$1.run(Transport.java:197) at java.security.AccessController.doPrivileged(Native Method) at sun.rmi.transport.Transport.serviceCall(Transport.java:196) at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:568) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:826) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.lambda$run$0(TCPTransport.java:683) at java.security.AccessController.doPrivileged(Native Method) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:682) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:283) at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:260) at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:161) at javax.management.remote.rmi.RMIServerImpl_Stub.newClient(Unknown Source) at javax.management.remote.rmi.RMIConnector.getConnection(RMIConnector.java:2430) at javax.management.remote.rmi.RMIConnector.connect(RMIConnector.java:308) at javax.management.remote.JMXConnectorFactory.connect(JMXConnectorFactory.java:270) at io.fabric8.service.ContainerTemplate.createConnector(ContainerTemplate.java:159) ... 25 more Caused by: javax.security.auth.login.FailedLoginException: User doesn't exist at io.fabric8.jaas.ZookeeperLoginModule.login(ZookeeperLoginModule.java:213) at org.apache.karaf.jaas.boot.ProxyLoginModule.login(ProxyLoginModule.java:83) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) at javax.security.auth.login.LoginContext.login(LoginContext.java:587) at org.apache.karaf.management.JaasAuthenticator.authenticate(JaasAuthenticator.java:69) at javax.management.remote.rmi.RMIServerImpl.doNewClient(RMIServerImpl.java:232) at javax.management.remote.rmi.RMIServerImpl.newClient(RMIServerImpl.java:199) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:357) at sun.rmi.transport.Transport$1.run(Transport.java:200) at sun.rmi.transport.Transport$1.run(Transport.java:197) at java.security.AccessController.doPrivileged(Native Method) at sun.rmi.transport.Transport.serviceCall(Transport.java:196) at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:568) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:826) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.lambda$run$0(TCPTransport.java:683) at java.security.AccessController.doPrivileged(Native Method) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:682) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) ~~~
Description
Let's say we created a fabric environment with default user, admin, and now we want to delete the default user and create another admin user.
However, another admin user could not do "container-stop" command with following error message:
Caused by: javax.security.auth.login.FailedLoginException: User doesn't exist