Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-9978

resource adapter sometimes fails to start when it uses legacy security-domain

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Blocker Blocker
    • 14.0.0.Beta2
    • 11.0.0.Final, 12.0.0.Final
    • JCA
    • Hide
      1. Configure legacy security domain and resource adapter as below or use attached standalone.xml
      2. Start server few times, reproducible in ~ 1 of 7 starts
        <resource-adapter id="generic-jms-ra">
            <module slot="main" id="org.jboss.genericjms"/>
            <transaction-support>LocalTransaction</transaction-support>
            <connection-definitions>
                <connection-definition class-name="org.jboss.resource.adapter.jms.JmsManagedConnectionFactory" jndi-name="java:/jms/TibcoEmsLocalTxFactory" enabled="true" use-java-context="true" pool-name="GenericJmsXA" use-ccm="true">
                    <config-property name="ConnectionFactory">
                        QueueConnectionFactory
                    </config-property>
                    <config-property name="SessionDefaultType">
                        javax.jms.Queue
                    </config-property>
                    <config-property name="JndiParameters">
                        java.naming.factory.initial=com.tibco.tibjms.naming.TibjmsInitialContextFactory;java.naming.provider.url=tcp:/xxxxx
                    </config-property>
                    <pool>
                        <min-pool-size>0</min-pool-size>
                        <max-pool-size>20</max-pool-size>
                        <prefill>false</prefill>
                        <use-strict-min>false</use-strict-min>
                        <flush-strategy>FailingConnectionOnly</flush-strategy>
                    </pool>
                    <security>
                        <security-domain-and-application>TibcoEmsRealm</security-domain-and-application>
                    </security>
                </connection-definition>
            </connection-definitions>
        </resource-adapter>
        
        <security-domain name="TibcoEmsRealm" cache-type="default">
            <authentication>
                <login-module code="ConfiguredIdentity" flag="required">
                    <module-option name="principal" value="xxxx"/>
                    <module-option name="userName" value="xxxx"/>
                    <module-option name="password" value="xxxx"/>
                </login-module>
            </authentication>
        </security-domain>
        
      Show
      Configure legacy security domain and resource adapter as below or use attached standalone.xml Start server few times, reproducible in ~ 1 of 7 starts <resource-adapter id= "generic-jms-ra" > <module slot= "main" id= "org.jboss.genericjms" /> <transaction-support> LocalTransaction </transaction-support> <connection-definitions> <connection-definition class-name= "org.jboss.resource.adapter.jms.JmsManagedConnectionFactory" jndi-name= "java:/jms/TibcoEmsLocalTxFactory" enabled= "true" use-java-context= "true" pool-name= "GenericJmsXA" use-ccm= "true" > <config-property name= "ConnectionFactory" > QueueConnectionFactory </config-property> <config-property name= "SessionDefaultType" > javax.jms.Queue </config-property> <config-property name= "JndiParameters" > java.naming.factory.initial=com.tibco.tibjms.naming.TibjmsInitialContextFactory;java.naming.provider.url=tcp:/xxxxx </config-property> <pool> <min-pool-size> 0 </min-pool-size> <max-pool-size> 20 </max-pool-size> <prefill> false </prefill> <use-strict-min> false </use-strict-min> <flush-strategy> FailingConnectionOnly </flush-strategy> </pool> <security> <security-domain-and-application> TibcoEmsRealm </security-domain-and-application> </security> </connection-definition> </connection-definitions> </resource-adapter> <security-domain name= "TibcoEmsRealm" cache-type= "default" > <authentication> <login-module code= "ConfiguredIdentity" flag= "required" > <module-option name= "principal" value= "xxxx" /> <module-option name= "userName" value= "xxxx" /> <module-option name= "password" value= "xxxx" /> </login-module> </authentication> </security-domain>
    • Hide

      possible workaround might be to replace legacy security with elytron

      Show
      possible workaround might be to replace legacy security with elytron

      When resource adapter is configured with legacy security domain, it sometimes fails to start.

      Error:

      2018-03-07 16:04:34,300 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 62) MSC000001: Failed to start service jboss.ra.deployment."org.jboss.genericjms:main_generic-jms-ra": org.jboss.msc.service.StartException in service jboss.ra.deployment."org.jboss.genericjms:main_generic-jms-ra": WFLYJCA0046: Failed to start RA deployment [generic-jms-ra]
      	at org.jboss.as.connector.services.resourceadapters.deployment.AbstractResourceAdapterDeploymentService$2.run(AbstractResourceAdapterDeploymentService.java:332)
      	at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
      	at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
      	at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
      	at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1349)
      	at java.lang.Thread.run(Thread.java:748)
      	at org.jboss.threads.JBossThread.run(JBossThread.java:485)
      Caused by: org.jboss.jca.deployers.common.DeployException: IJ020056: Deployment failed: file:/tmp/wildfly-13.0.0.Alpha1-SNAPSHOT/modules/system/layers/base/org/jboss/genericjms/main/
      	at org.jboss.jca.deployers.common.AbstractResourceAdapterDeployer.createObjectsAndInjectValue(AbstractResourceAdapterDeployer.java:2064)
      	at org.jboss.as.connector.services.resourceadapters.deployment.ResourceAdapterXmlDeploymentService$WildFlyRaXmlDeployer.doDeploy(ResourceAdapterXmlDeploymentService.java:173)
      	at org.jboss.as.connector.services.resourceadapters.deployment.ResourceAdapterXmlDeploymentService.start(ResourceAdapterXmlDeploymentService.java:116)
      	at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1714)
      	at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1693)
      	at org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1540)
      	at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
      	at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
      	at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
      	at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)
      	at java.lang.Thread.run(Thread.java:748)
      Caused by: java.lang.IllegalStateException
      	at org.jboss.msc.value.InjectedValue.getValue(InjectedValue.java:47)
      	at org.jboss.as.connector.services.resourceadapters.deployment.AbstractResourceAdapterDeploymentService$AbstractWildFlyRaDeployer.getSubjectFactory(AbstractResourceAdapterDeploymentService.java:635)
      	at org.jboss.jca.deployers.common.AbstractResourceAdapterDeployer.createObjectsAndInjectValue(AbstractResourceAdapterDeployer.java:1666)
      	... 10 more
      

      Full logs for good and bad start with enabled trace logging for org.jboss.as.connector, org.jboss.as.security and org.jboss.security are attached.

      Priority set to blocker because it seems to be regression against WildFly 10 (and JBoss EAP 7.0.0) where I wasn't able to reproduce this.

        1. standalone.xml
          30 kB
        2. good.txt
          55 kB
        3. bad.txt
          54 kB

              smaestri@redhat.com Stefano Maestri
              msimka@redhat.com Martin Simka
              Votes:
              1 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated:
                Resolved: