Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-9372

Elytron, using wrong provider-http-server-mechanism-factory does not generates any log messages

XMLWordPrintable

    • Hide
      • Use provider, which does not contains any HttpServerMechanismFactory implementation, e.g. predefined openssl provider
        /subsystem=elytron/provider-http-server-mechanism-factory=my:add(providers=openssl)
        /subsystem=elytron/http-authentication-factory=management-http-authentication:write-attribute(name=http-server-mechanism-factory, value=my)
        /core-service=management/management-interface=http-interface:write-attribute(name=http-authentication-factory, value=management-http-authentication)
        reload
        
      • Turn on TRACE logging
        /subsystem=logging/console-handler=CONSOLE:write-attribute(name=level, value=ALL)
        /subsystem=logging/logger=org.jboss.security:add(level=ALL)
        /subsystem=logging/logger=org.jboss.as.security:add(level=ALL)
        /subsystem=logging/logger=org.picketbox:add(level=ALL)
        /subsystem=logging/logger=org.apache.catalina.authenticator:add(level=ALL)
        /subsystem=logging/logger=org.jboss.as.web.security:add(level=ALL)
        /subsystem=logging/logger=org.jboss.as.domain.management.security:add(level=ALL)
        /subsystem=logging/logger=org.wildfly.security:add(level=ALL)
        /subsystem=logging/logger=org.wildfly.elytron:add(level=ALL)
        /subsystem=logging/logger=org.jboss.sasl:add(level=ALL)
        /subsystem=logging/logger=org.jboss.as.ejb3:add(level=ALL)
        /subsystem=logging/logger=org.jboss.as.remoting:add(level=ALL)
        /subsystem=logging/logger=org.jboss.remoting3:add(level=ALL)
        /subsystem=logging/logger=org.jboss.remoting:add(level=ALL)
        /subsystem=logging/logger=org.jboss.naming.remote:add(level=ALL)
        
      • access web console http://localhost:9990/console/
      Show
      Use provider, which does not contains any HttpServerMechanismFactory implementation, e.g. predefined openssl provider /subsystem=elytron/provider-http-server-mechanism-factory=my:add(providers=openssl) /subsystem=elytron/http-authentication-factory=management-http-authentication:write-attribute(name=http-server-mechanism-factory, value=my) /core-service=management/management- interface =http- interface :write-attribute(name=http-authentication-factory, value=management-http-authentication) reload Turn on TRACE logging /subsystem=logging/console-handler=CONSOLE:write-attribute(name=level, value=ALL) /subsystem=logging/logger=org.jboss.security:add(level=ALL) /subsystem=logging/logger=org.jboss.as.security:add(level=ALL) /subsystem=logging/logger=org.picketbox:add(level=ALL) /subsystem=logging/logger=org.apache.catalina.authenticator:add(level=ALL) /subsystem=logging/logger=org.jboss.as.web.security:add(level=ALL) /subsystem=logging/logger=org.jboss.as.domain.management.security:add(level=ALL) /subsystem=logging/logger=org.wildfly.security:add(level=ALL) /subsystem=logging/logger=org.wildfly.elytron:add(level=ALL) /subsystem=logging/logger=org.jboss.sasl:add(level=ALL) /subsystem=logging/logger=org.jboss.as.ejb3:add(level=ALL) /subsystem=logging/logger=org.jboss.as.remoting:add(level=ALL) /subsystem=logging/logger=org.jboss.remoting3:add(level=ALL) /subsystem=logging/logger=org.jboss.remoting:add(level=ALL) /subsystem=logging/logger=org.jboss.naming.remote:add(level=ALL) access web console http://localhost:9990/console/

      When I secure management interface with wrongly configured http-authentication-factory and try to authenticate I get no error except of warning during boot

      11:41:16,140 WARN  [org.jboss.as.remoting] (MSC service thread 1-2) ****** All authentication is ANONYMOUS for org.jboss.as.remoting.RemotingHttpUpgradeService
      

      But user is not able to know what is going wrong.

      When I do similar for deployment there is at least error during boot:

      14:30:59,608 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 63) MSC000001: Failed to start service jboss.undertow.deployment.default-server.default-host./secured-webapp: org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./secured-webapp: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0084: There are no mechanisms available from the HttpAuthenticationFactory.
      	at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:84)
      	at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
      	at java.util.concurrent.FutureTask.run(FutureTask.java:266)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
      	at java.lang.Thread.run(Thread.java:745)
      	at org.jboss.threads.JBossThread.run(JBossThread.java:320)
      Caused by: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0084: There are no mechanisms available from the HttpAuthenticationFactory.
      	at io.undertow.servlet.core.DeploymentManagerImpl.deploy(DeploymentManagerImpl.java:241)
      	at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:99)
      	at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:81)
      	... 6 more
      Caused by: java.lang.IllegalStateException: WFLYUT0084: There are no mechanisms available from the HttpAuthenticationFactory.
      	at org.wildfly.extension.undertow.ApplicationSecurityDomainDefinition$ApplicationSecurityDomainService.initialSecurityHandler(ApplicationSecurityDomainDefinition.java:463)
      	at org.wildfly.extension.undertow.ApplicationSecurityDomainDefinition$ApplicationSecurityDomainService.lambda$applyElytronSecurity$2(ApplicationSecurityDomainDefinition.java:425)
      	at io.undertow.servlet.core.DeploymentManagerImpl.setupSecurityHandlers(DeploymentManagerImpl.java:415)
      	at io.undertow.servlet.core.DeploymentManagerImpl.access$600(DeploymentManagerImpl.java:119)
      	at io.undertow.servlet.core.DeploymentManagerImpl$1.call(DeploymentManagerImpl.java:211)
      	at io.undertow.servlet.core.DeploymentManagerImpl$1.call(DeploymentManagerImpl.java:174)
      	at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:42)
      	at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
      	at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704)
      	at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704)
      	at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704)
      	at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704)
      	at io.undertow.servlet.core.DeploymentManagerImpl.deploy(DeploymentManagerImpl.java:239)
      	... 8 more
      
      14:30:59,613 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("deploy") failed - address: ([("deployment" => "secured-webapp.war")]) - failure description: {
          "WFLYCTL0080: Failed services" => {"jboss.undertow.deployment.default-server.default-host./secured-webapp" => "org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./secured-webapp: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0084: There are no mechanisms available from the HttpAuthenticationFactory.
          Caused by: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0084: There are no mechanisms available from the HttpAuthenticationFactory.
          Caused by: java.lang.IllegalStateException: WFLYUT0084: There are no mechanisms available from the HttpAuthenticationFactory."},
          "WFLYCTL0412: Required services that are not installed:" => ["jboss.undertow.deployment.default-server.default-host./secured-webapp"]
      }
      

      Add some error, to help user troubleshoot this kind of problem.

            jkalina@redhat.com Jan Kalina (Inactive)
            mchoma@redhat.com Martin Choma
            Martin Choma Martin Choma
            Martin Choma Martin Choma
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: