Loading...

Details

Type: Bug
Resolution: Done
Priority: Critical
Fix Version/s: 7.1.0.DR18
Affects Version/s: 7.1.0.DR14, 7.1.0.DR15
Component/s: EJB, Security
Labels:
- eap71_beta_candidate

Target Release:

7.1.0.GA
Git Pull Request:
https://github.com/wildfly-security-incubator/wildfly/pull/170, https://github.com/jbossas/jboss-eap7/pull/1776
Steps to Reproduce:
Hide

AS TS has a regression test:

cd testsuite/integration/basic mvn clean test -Delytron -Dwildfly.tmp.enable.elytron.profile.tests=true -Dwildfly.tmp.enable.invocation.tests=true -Dtest=EJBClientDescriptorTestCase

It fails with root cause:

Caused by: java.lang.IllegalStateException: EJBCLIENT000024: Not able to find EJB matching "StatelessEJBLocator for "/ejb-client-descriptor-test/DelegateEchoBean", view is interface org.jboss.as.test.integration.ejb.client.descriptor.RemoteEcho, affinity is None" at org.jboss.ejb.client.EJBClientContext.discoverAffinityNone(EJBClientContext.java:704) at org.jboss.ejb.client.EJBClientContext.performLocatedAction(EJBClientContext.java:686) at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:146) at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:96) at com.sun.proxy.$Proxy53.echo(Unknown Source) at org.jboss.as.test.integration.ejb.client.descriptor.EchoBean.echo(EchoBean.java:44) ... 69 more Suppressed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed: JBOSS-LOCAL-USER: javax.security.sasl.SaslException: Server rejected authentication at org.jboss.remoting3.remote.ClientConnectionOpenListener.allMechanismsFailed(ClientConnectionOpenListener.java:108) at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:428) at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:241) at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92) at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66) at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89) at org.xnio.nio.WorkerThread.run(WorkerThread.java:567) at ...asynchronous invocation...(Unknown Source) at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:465) at org.jboss.remoting3.FutureConnection.getConnection(FutureConnection.java:117) at org.jboss.remoting3.FutureConnection.init(FutureConnection.java:77) at org.jboss.remoting3.FutureConnection.get(FutureConnection.java:152) at org.jboss.remoting3.EndpointImpl.doGetConnection(EndpointImpl.java:407) at org.jboss.remoting3.EndpointImpl.getConnection(EndpointImpl.java:341) at org.jboss.remoting3.Endpoint.getConnection(Endpoint.java:135) at org.jboss.remoting3.Endpoint.getConnection(Endpoint.java:112) at org.jboss.ejb.protocol.remote.RemotingEJBDiscoveryProvider.lambda$discover$0(RemotingEJBDiscoveryProvider.java:101) at java.security.AccessController.doPrivileged(Native Method) at org.jboss.ejb.protocol.remote.RemotingEJBDiscoveryProvider.discover(RemotingEJBDiscoveryProvider.java:101) at org.wildfly.discovery.impl.AggregateDiscoveryProvider.discover(AggregateDiscoveryProvider.java:58) at org.wildfly.discovery.Discovery.discover(Discovery.java:94) at org.jboss.ejb.client.EJBClientContext.discover(EJBClientContext.java:440) at org.jboss.ejb.client.EJBClientContext.discoverAffinityNone(EJBClientContext.java:699) ... 74 more Suppressed: javax.security.sasl.SaslException: Server rejected authentication at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.handleEvent(ClientConnectionOpenListener.java:716) at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.handleEvent(ClientConnectionOpenListener.java:560) at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92) at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66) at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89) at org.xnio.nio.WorkerThread.run(WorkerThread.java:567)
Show
AS TS has a regression test: cd testsuite/integration/basic mvn clean test -Delytron -Dwildfly.tmp.enable.elytron.profile.tests= true -Dwildfly.tmp.enable.invocation.tests= true -Dtest=EJBClientDescriptorTestCase It fails with root cause: Caused by: java.lang.IllegalStateException: EJBCLIENT000024: Not able to find EJB matching "StatelessEJBLocator for "/ejb-client-descriptor-test/DelegateEchoBean", view is interface org.jboss.as.test.integration.ejb.client.descriptor.RemoteEcho, affinity is None" at org.jboss.ejb.client.EJBClientContext.discoverAffinityNone(EJBClientContext.java:704) at org.jboss.ejb.client.EJBClientContext.performLocatedAction(EJBClientContext.java:686) at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:146) at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:96) at com.sun.proxy.$Proxy53.echo(Unknown Source) at org.jboss.as.test.integration.ejb.client.descriptor.EchoBean.echo(EchoBean.java:44) ... 69 more Suppressed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed: JBOSS-LOCAL-USER: javax.security.sasl.SaslException: Server rejected authentication at org.jboss.remoting3.remote.ClientConnectionOpenListener.allMechanismsFailed(ClientConnectionOpenListener.java:108) at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:428) at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:241) at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92) at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66) at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89) at org.xnio.nio.WorkerThread.run(WorkerThread.java:567) at ...asynchronous invocation...(Unknown Source) at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:465) at org.jboss.remoting3.FutureConnection.getConnection(FutureConnection.java:117) at org.jboss.remoting3.FutureConnection.init(FutureConnection.java:77) at org.jboss.remoting3.FutureConnection.get(FutureConnection.java:152) at org.jboss.remoting3.EndpointImpl.doGetConnection(EndpointImpl.java:407) at org.jboss.remoting3.EndpointImpl.getConnection(EndpointImpl.java:341) at org.jboss.remoting3.Endpoint.getConnection(Endpoint.java:135) at org.jboss.remoting3.Endpoint.getConnection(Endpoint.java:112) at org.jboss.ejb.protocol.remote.RemotingEJBDiscoveryProvider.lambda$discover$0(RemotingEJBDiscoveryProvider.java:101) at java.security.AccessController.doPrivileged(Native Method) at org.jboss.ejb.protocol.remote.RemotingEJBDiscoveryProvider.discover(RemotingEJBDiscoveryProvider.java:101) at org.wildfly.discovery.impl.AggregateDiscoveryProvider.discover(AggregateDiscoveryProvider.java:58) at org.wildfly.discovery.Discovery.discover(Discovery.java:94) at org.jboss.ejb.client.EJBClientContext.discover(EJBClientContext.java:440) at org.jboss.ejb.client.EJBClientContext.discoverAffinityNone(EJBClientContext.java:699) ... 74 more Suppressed: javax.security.sasl.SaslException: Server rejected authentication at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.handleEvent(ClientConnectionOpenListener.java:716) at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.handleEvent(ClientConnectionOpenListener.java:560) at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92) at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66) at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89) at org.xnio.nio.WorkerThread.run(WorkerThread.java:567)

SFDC Cases Counter:
SFDC Cases Links:

Description

The remote-outbound-connection with user authentication configured, doesn't work with Elytron because the SASL authentication fails.

Scenario:

from a deployment is made a remote EJB call through defined remote-outbound-connection (which specifies valid username and legacy security realm with valid password)

Current behavior:

The call fails with authentication exception (for Elytron configuration).

Expected behavior:

The remote EJB call is allowed with Elytron configured as the default security provider

Attachments

Issue Links

blocks

JBEAP-9051 Tracking JIRA for tests failing with Elytron profile in AS TS

Closed

is cloned by

WFLY-8430 EJB call through remote-outbound-connection doesn't authenticate with Elytron

Closed

is related to

JBEAP-9692 Remote-outbound-connection with legacy-style configuration only allows JBOSS-LOCAL-USER auth mechanism

Verified

EJB call through remote-outbound-connection doesn't authenticate with Elytron

Details

Description

Attachments

Issue Links

Activity

People

Dates