Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-9844

EJB call through remote-outbound-connection doesn't authenticate with Elytron

    Details

    • Target Release:
    • Steps to Reproduce:
      Hide

      AS TS has a regression test:

      cd testsuite/integration/basic
      mvn clean test -Delytron -Dwildfly.tmp.enable.elytron.profile.tests=true -Dwildfly.tmp.enable.invocation.tests=true -Dtest=EJBClientDescriptorTestCase
      

      It fails with root cause:

      Caused by: java.lang.IllegalStateException: EJBCLIENT000024: Not able to find EJB matching "StatelessEJBLocator for "/ejb-client-descriptor-test/DelegateEchoBean", view is interface org.jboss.as.test.integration.ejb.client.descriptor.RemoteEcho, affinity is None"
      	at org.jboss.ejb.client.EJBClientContext.discoverAffinityNone(EJBClientContext.java:704)
      	at org.jboss.ejb.client.EJBClientContext.performLocatedAction(EJBClientContext.java:686)
      	at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:146)
      	at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:96)
      	at com.sun.proxy.$Proxy53.echo(Unknown Source)
      	at org.jboss.as.test.integration.ejb.client.descriptor.EchoBean.echo(EchoBean.java:44)
      	... 69 more
      	Suppressed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed:
         JBOSS-LOCAL-USER: javax.security.sasl.SaslException: Server rejected authentication
      		at org.jboss.remoting3.remote.ClientConnectionOpenListener.allMechanismsFailed(ClientConnectionOpenListener.java:108)
      		at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:428)
      		at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:241)
      		at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
      		at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
      		at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89)
      		at org.xnio.nio.WorkerThread.run(WorkerThread.java:567)
      		at ...asynchronous invocation...(Unknown Source)
      		at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:465)
      		at org.jboss.remoting3.FutureConnection.getConnection(FutureConnection.java:117)
      		at org.jboss.remoting3.FutureConnection.init(FutureConnection.java:77)
      		at org.jboss.remoting3.FutureConnection.get(FutureConnection.java:152)
      		at org.jboss.remoting3.EndpointImpl.doGetConnection(EndpointImpl.java:407)
      		at org.jboss.remoting3.EndpointImpl.getConnection(EndpointImpl.java:341)
      		at org.jboss.remoting3.Endpoint.getConnection(Endpoint.java:135)
      		at org.jboss.remoting3.Endpoint.getConnection(Endpoint.java:112)
      		at org.jboss.ejb.protocol.remote.RemotingEJBDiscoveryProvider.lambda$discover$0(RemotingEJBDiscoveryProvider.java:101)
      		at java.security.AccessController.doPrivileged(Native Method)
      		at org.jboss.ejb.protocol.remote.RemotingEJBDiscoveryProvider.discover(RemotingEJBDiscoveryProvider.java:101)
      		at org.wildfly.discovery.impl.AggregateDiscoveryProvider.discover(AggregateDiscoveryProvider.java:58)
      		at org.wildfly.discovery.Discovery.discover(Discovery.java:94)
      		at org.jboss.ejb.client.EJBClientContext.discover(EJBClientContext.java:440)
      		at org.jboss.ejb.client.EJBClientContext.discoverAffinityNone(EJBClientContext.java:699)
      		... 74 more
      		Suppressed: javax.security.sasl.SaslException: Server rejected authentication
      			at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.handleEvent(ClientConnectionOpenListener.java:716)
      			at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.handleEvent(ClientConnectionOpenListener.java:560)
      			at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
      			at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
      			at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89)
      			at org.xnio.nio.WorkerThread.run(WorkerThread.java:567)
      
      Show
      AS TS has a regression test: cd testsuite/integration/basic mvn clean test -Delytron -Dwildfly.tmp.enable.elytron.profile.tests= true -Dwildfly.tmp.enable.invocation.tests= true -Dtest=EJBClientDescriptorTestCase It fails with root cause: Caused by: java.lang.IllegalStateException: EJBCLIENT000024: Not able to find EJB matching "StatelessEJBLocator for "/ejb-client-descriptor-test/DelegateEchoBean", view is interface org.jboss.as.test.integration.ejb.client.descriptor.RemoteEcho, affinity is None" at org.jboss.ejb.client.EJBClientContext.discoverAffinityNone(EJBClientContext.java:704) at org.jboss.ejb.client.EJBClientContext.performLocatedAction(EJBClientContext.java:686) at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:146) at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:96) at com.sun.proxy.$Proxy53.echo(Unknown Source) at org.jboss.as.test.integration.ejb.client.descriptor.EchoBean.echo(EchoBean.java:44) ... 69 more Suppressed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed: JBOSS-LOCAL-USER: javax.security.sasl.SaslException: Server rejected authentication at org.jboss.remoting3.remote.ClientConnectionOpenListener.allMechanismsFailed(ClientConnectionOpenListener.java:108) at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:428) at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:241) at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92) at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66) at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89) at org.xnio.nio.WorkerThread.run(WorkerThread.java:567) at ...asynchronous invocation...(Unknown Source) at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:465) at org.jboss.remoting3.FutureConnection.getConnection(FutureConnection.java:117) at org.jboss.remoting3.FutureConnection.init(FutureConnection.java:77) at org.jboss.remoting3.FutureConnection.get(FutureConnection.java:152) at org.jboss.remoting3.EndpointImpl.doGetConnection(EndpointImpl.java:407) at org.jboss.remoting3.EndpointImpl.getConnection(EndpointImpl.java:341) at org.jboss.remoting3.Endpoint.getConnection(Endpoint.java:135) at org.jboss.remoting3.Endpoint.getConnection(Endpoint.java:112) at org.jboss.ejb.protocol.remote.RemotingEJBDiscoveryProvider.lambda$discover$0(RemotingEJBDiscoveryProvider.java:101) at java.security.AccessController.doPrivileged(Native Method) at org.jboss.ejb.protocol.remote.RemotingEJBDiscoveryProvider.discover(RemotingEJBDiscoveryProvider.java:101) at org.wildfly.discovery.impl.AggregateDiscoveryProvider.discover(AggregateDiscoveryProvider.java:58) at org.wildfly.discovery.Discovery.discover(Discovery.java:94) at org.jboss.ejb.client.EJBClientContext.discover(EJBClientContext.java:440) at org.jboss.ejb.client.EJBClientContext.discoverAffinityNone(EJBClientContext.java:699) ... 74 more Suppressed: javax.security.sasl.SaslException: Server rejected authentication at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.handleEvent(ClientConnectionOpenListener.java:716) at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.handleEvent(ClientConnectionOpenListener.java:560) at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92) at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66) at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89) at org.xnio.nio.WorkerThread.run(WorkerThread.java:567)

      Description

      The remote-outbound-connection with user authentication configured, doesn't work with Elytron because the SASL authentication fails.

      Scenario:

      • from a deployment is made a remote EJB call through defined remote-outbound-connection (which specifies valid username and legacy security realm with valid password)

      Current behavior:

      • The call fails with authentication exception (for Elytron configuration).

      Expected behavior:

      • The remote EJB call is allowed with Elytron configured as the default security provider

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  dmlloyd David Lloyd
                  Reporter:
                  jcacek Josef Cacek
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: