Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-11263

Wrong host name resolution in mechanism information

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Critical Critical
    • 7.1.0.ER2
    • 7.1.0.DR19
    • Security
    • None

      When I call ejb for second time inside test I get exception like

      [Caused by java.io.IOException: ELY01156: Cannot obtain a credential from a security factory]
      	at org.wildfly.security.sasl.gssapi.GssapiServer.<init>(GssapiServer.java:81)
      	at org.wildfly.security.sasl.gssapi.GssapiServerFactory.createSaslServer(GssapiServerFactory.java:44)
      	at org.wildfly.security.sasl.util.SecurityProviderSaslServerFactory.createSaslServer(SecurityProviderSaslServerFactory.java:80)
      	at org.wildfly.security.sasl.util.FilterMechanismSaslServerFactory.createSaslServer(FilterMechanismSaslServerFactory.java:88)
      	at org.wildfly.security.sasl.util.PropertiesSaslServerFactory.createSaslServer(PropertiesSaslServerFactory.java:56)
      	at org.wildfly.security.sasl.util.AbstractDelegatingSaslServerFactory.createSaslServer(AbstractDelegatingSaslServerFactory.java:64)
      	at org.wildfly.security.sasl.util.AbstractDelegatingSaslServerFactory.createSaslServer(AbstractDelegatingSaslServerFactory.java:64)
      	at org.wildfly.security.sasl.util.SetMechanismInformationSaslServerFactory.createSaslServer(SetMechanismInformationSaslServerFactory.java:80)
      	at org.wildfly.security.sasl.util.AuthenticationCompleteCallbackSaslServerFactory.createSaslServer(AuthenticationCompleteCallbackSaslServerFactory.java:51)
      	at org.wildfly.security.sasl.util.TrustManagerSaslServerFactory.createSaslServer(TrustManagerSaslServerFactory.java:72)
      	at org.wildfly.security.sasl.util.AuthenticationTimeoutSaslServerFactory.createSaslServer(AuthenticationTimeoutSaslServerFactory.java:74)
      	at org.wildfly.security.sasl.util.AbstractDelegatingSaslServerFactory.createSaslServer(AbstractDelegatingSaslServerFactory.java:64)
      	at org.wildfly.security.sasl.util.ProtocolSaslServerFactory.createSaslServer(ProtocolSaslServerFactory.java:48)
      	at org.wildfly.security.sasl.util.AbstractDelegatingSaslServerFactory.createSaslServer(AbstractDelegatingSaslServerFactory.java:64)
      	at org.wildfly.security.sasl.util.ServerNameSaslServerFactory.createSaslServer(ServerNameSaslServerFactory.java:48)
      	at org.wildfly.security.sasl.util.SecurityIdentitySaslServerFactory.createSaslServer(SecurityIdentitySaslServerFactory.java:51)
      	at org.wildfly.security.auth.server.SaslAuthenticationFactory.doCreate(SaslAuthenticationFactory.java:59)
      	at org.wildfly.security.auth.server.SaslAuthenticationFactory.doCreate(SaslAuthenticationFactory.java:50)
      	at org.wildfly.security.auth.server.AbstractMechanismAuthenticationFactory.createMechanism(AbstractMechanismAuthenticationFactory.java:54)
      	at org.jboss.remoting3.ConnectionImpl.lambda$receiveAuthRequest$2(ConnectionImpl.java:198)
      	at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:902)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
      	at java.lang.Thread.run(Thread.java:745)
      Caused by: java.io.IOException: ELY01156: Cannot obtain a credential from a security factory
      	at org.wildfly.security.credential.source.CredentialSource$4.getCredential(CredentialSource.java:327)
      	at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:863)
      	at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handle(ServerAuthenticationContext.java:735)
      	at org.wildfly.security.sasl.util.TrustManagerSaslServerFactory.lambda$createSaslServer$0(TrustManagerSaslServerFactory.java:96)
      	at org.wildfly.security.sasl.gssapi.GssapiServer.<init>(GssapiServer.java:78)
      	... 23 more
      Caused by: java.security.GeneralSecurityException: WFLYDM0139: No SubjectIdentity found for remote/localhost.
      	at org.jboss.as.domain.management.security.SecurityRealmService.getGSSKerberosCredential(SecurityRealmService.java:572)
      	at org.jboss.as.domain.management.security.SecurityRealmService.lambda$null$4(SecurityRealmService.java:229)
      	at org.wildfly.security.credential.source.CredentialSource$4.getCredential(CredentialSource.java:325)
      	... 27 more
      

      I have noticed wrong host-name is resolved localhost, whereas on my environment correct should be localhost.localdomain

      server.log
      Handling MechanismInformationCallback type='SASL' name='GSSAPI' host-name='localhost' protocol='remote'
      

      [1] https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.0/html-single/how_to_set_up_sso_with_kerberos/#configure-krb-remoting

              dlloyd@redhat.com David Lloyd
              mchoma@redhat.com Martin Choma
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: