Loading...

XML

Word

Printable

Type: Enhancement
Resolution: Not a Bug
Priority: Minor
Fix Version/s: None
Affects Version/s: None
Component/s: Security
Labels:
- Quickstarts

Infinispan server running on RHEL 8.5 + FIPS machine logs following error at startup and continues to run.
Command:

docker run -p 11222:11222 -e USER=admin -e PASS=password infinispan/server

Logs:

PKCS11Exception: CKR_ATTRIBUTE_VALUE_INVALID

Because of this Quarkus fails to connect to the Infinispan server and throws:

ISPN005003: Exception reported java.lang.SecurityException: ISPN028027: Invalid credentials at org.infinispan.server.hotrod.Authentication.lambda$auth$0(Authentication.java:82) at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) at java.base/java.lang.Thread.run(Thread.java:829) Caused by: javax.security.sasl.SaslException: ELY05051: Callback handler does not support credential acquisition [Caused by org.wildfly.security.auth.callback.FastUnsupportedCallbackException: javax.security.auth.callback.PasswordCallback@4034e07e] at org.wildfly.security.mechanism.digest.PasswordDigestObtainer.getSaltedPasswordFromPasswordCallback(PasswordDigestObtainer.java:295) at org.wildfly.security.mechanism.digest.PasswordDigestObtainer.handleUserRealmPasswordCallbacks(PasswordDigestObtainer.java:112) at org.wildfly.security.sasl.digest.AbstractDigestMechanism.handleUserRealmPasswordCallbacks(AbstractDigestMechanism.java:194) at org.wildfly.security.sasl.digest.DigestSaslServer.validateDigestResponse(DigestSaslServer.java:264) at org.wildfly.security.sasl.digest.DigestSaslServer.evaluateMessage(DigestSaslServer.java:377) at org.wildfly.security.sasl.util.AbstractSaslParticipant.evaluateMessage(AbstractSaslParticipant.java:206) at org.wildfly.security.sasl.digest.DigestSaslServer.evaluateResponse(DigestSaslServer.java:350) at org.wildfly.security.sasl.util.AuthenticationCompleteCallbackSaslServerFactory$1.evaluateResponse(AuthenticationCompleteCallbackSaslServerFactory.java:58) at org.wildfly.security.sasl.util.AuthenticationTimeoutSaslServerFactory$DelegatingTimeoutSaslServer.evaluateResponse(AuthenticationTimeoutSaslServerFactory.java:110) at org.wildfly.security.sasl.util.SecurityIdentitySaslServerFactory$1.evaluateResponse(SecurityIdentitySaslServerFactory.java:59) at org.infinispan.server.core.security.SubjectSaslServer.evaluateResponse(SubjectSaslServer.java:39) at org.infinispan.server.hotrod.Authentication.authInternal(Authentication.java:98) at org.infinispan.server.hotrod.Authentication.lambda$auth$0(Authentication.java:77) ... 5 more Caused by: org.wildfly.security.auth.callback.FastUnsupportedCallbackException: javax.security.auth.callback.PasswordCallback@4034e07e

Upstream issue: https://github.com/quarkusio/quarkus/issues/22839{}

relates to

QUARKUS-1457 Keycloak 15.0.2 fails on start up over RHEL8.5 + FIPS

Closed

Assignee:: Tristan Tarrant

Reporter:: Kyrylo Shpak (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2022/01/12 2:47 PM

Updated:: 2022/01/20 2:56 PM

Resolved:: 2022/01/19 8:47 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates