Uploaded image for project: 'Red Hat Fuse'
  1. Red Hat Fuse
  2. ENTESB-5157

Not able to login when user belongs to jaas PublickeyLoginModule.

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • jboss-fuse-6.3
    • jboss-fuse-6.2.1
    • Karaf
    • None
    • % %
    • Hide
      • PublickeyLoginModule can be configured using documentation https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Fuse/6.2/html/Security_Guide/ESBSecureContainer.html#JAASAuth-PublicKeyLoginModule. As per it deploy the xml to deploy folder.
      • Using below command generate a key. Default location where keys would be created is /home/username/.ssh/id_rsa. 
        ssh-keygen -t rsa -b 2048
      • This should create two files id_rsa and id_rsa.pub.
      • Copy content of id_rsa.pub to key.properties file against a username also add group at last. For example: 
        cps=AAAAB3NzaC1yc2EAAAABIwAAAQEAwSDehor8FL9ONyrdQyq0b+RVGgEtrRUFWlBaB31pvAa7jGk+HgplTs2yYGnAszlePVd6z/u5i5ZJJMrWFuqlzhE1z81XNQDBO1QcbQY8T9WICh2a2BZH2yHmXUQkQ3f3DTX/0a/rA0AMiEM3DMaB+0tS4V6ksPYlzK7GFZXFphW4e7Uu/ZkZzuoXjW6u0ah/XzDRG3el44oGjQxeAT7VAkBmlyk/3XE2GbQQn55ddpc9pkHtPm2SoQGI9XE43IlsIR+vsECdcDLRvJAP4jLxz3Sgplfrz47ZCVOS7XchrKcCl4ya/vkAzGtH+I2JhUmM7NqY7EqLMq+bp5w1iq7mpw==,_g_:admingroup
      • Login using command 
        ./client -u cps -k /home/username/.ssh/id_rsa
      • Also we need to improve documentation for ./client --help.
      Show
      PublickeyLoginModule can be configured using documentation https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Fuse/6.2/html/Security_Guide/ESBSecureContainer.html#JAASAuth-PublicKeyLoginModule . As per it deploy the xml to deploy folder. Using below command generate a key. Default location where keys would be created is /home/username/.ssh/id_rsa. ssh-keygen -t rsa -b 2048 This should create two files id_rsa and id_rsa.pub . Copy content of id_rsa.pub to key.properties file against a username also add group at last. For example: cps=AAAAB3NzaC1yc2EAAAABIwAAAQEAwSDehor8FL9ONyrdQyq0b+RVGgEtrRUFWlBaB31pvAa7jGk+HgplTs2yYGnAszlePVd6z/u5i5ZJJMrWFuqlzhE1z81XNQDBO1QcbQY8T9WICh2a2BZH2yHmXUQkQ3f3DTX/0a/rA0AMiEM3DMaB+0tS4V6ksPYlzK7GFZXFphW4e7Uu/ZkZzuoXjW6u0ah/XzDRG3el44oGjQxeAT7VAkBmlyk/3XE2GbQQn55ddpc9pkHtPm2SoQGI9XE43IlsIR+vsECdcDLRvJAP4jLxz3Sgplfrz47ZCVOS7XchrKcCl4ya/vkAzGtH+I2JhUmM7NqY7EqLMq+bp5w1iq7mpw==,_g_:admingroup Login using command ./client -u cps -k /home/username/.ssh/id_rsa Also we need to improve documentation for ./client --help.
    • 6.3 Sprint 4 (Mar 28 - Apr 29), Sprint 5 - towards ER2

    Description

      Not able to login using command:

      ./client -u cps -k /home/username/.ssh/id_rsa

      Also registered bountycastle to jvm and included it to java.security like

      security.provider.10=org.bouncycastle.jce.provider.BouncyCastleProvider

      Attachments

        Activity

          People

            yfang@redhat.com Freeman(Yue) Fang
            rhn-support-cpandey Chandra Shekhar Pandey (Inactive)
            Josef Ludvicek Josef Ludvicek (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: