Uploaded image for project: 'Red Hat Fuse'
  1. Red Hat Fuse
  2. ENTESB-5157

Not able to login when user belongs to jaas PublickeyLoginModule.

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: jboss-fuse-6.2.1
    • Fix Version/s: jboss-fuse-6.3
    • Component/s: Karaf
    • Labels:
      None
    • Environment:

      ALL

    • Steps to Reproduce:
      Hide
      • PublickeyLoginModule can be configured using documentation https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Fuse/6.2/html/Security_Guide/ESBSecureContainer.html#JAASAuth-PublicKeyLoginModule. As per it deploy the xml to deploy folder.
      • Using below command generate a key. Default location where keys would be created is /home/username/.ssh/id_rsa. 

        ssh-keygen -t rsa -b 2048

      • This should create two files id_rsa and id_rsa.pub.
      • Copy content of id_rsa.pub to key.properties file against a username also add group at last. For example: 

        cps=AAAAB3NzaC1yc2EAAAABIwAAAQEAwSDehor8FL9ONyrdQyq0b+RVGgEtrRUFWlBaB31pvAa7jGk+HgplTs2yYGnAszlePVd6z/u5i5ZJJMrWFuqlzhE1z81XNQDBO1QcbQY8T9WICh2a2BZH2yHmXUQkQ3f3DTX/0a/rA0AMiEM3DMaB+0tS4V6ksPYlzK7GFZXFphW4e7Uu/ZkZzuoXjW6u0ah/XzDRG3el44oGjQxeAT7VAkBmlyk/3XE2GbQQn55ddpc9pkHtPm2SoQGI9XE43IlsIR+vsECdcDLRvJAP4jLxz3Sgplfrz47ZCVOS7XchrKcCl4ya/vkAzGtH+I2JhUmM7NqY7EqLMq+bp5w1iq7mpw==,_g_:admingroup

      • Login using command 

        ./client -u cps -k /home/username/.ssh/id_rsa

      • Also we need to improve documentation for ./client --help.
      Show
      PublickeyLoginModule can be configured using documentation https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Fuse/6.2/html/Security_Guide/ESBSecureContainer.html#JAASAuth-PublicKeyLoginModule . As per it deploy the xml to deploy folder. Using below command generate a key. Default location where keys would be created is /home/username/.ssh/id_rsa. ssh-keygen -t rsa -b 2048 This should create two files id_rsa and id_rsa.pub . Copy content of id_rsa.pub to key.properties file against a username also add group at last. For example: cps=AAAAB3NzaC1yc2EAAAABIwAAAQEAwSDehor8FL9ONyrdQyq0b+RVGgEtrRUFWlBaB31pvAa7jGk+HgplTs2yYGnAszlePVd6z/u5i5ZJJMrWFuqlzhE1z81XNQDBO1QcbQY8T9WICh2a2BZH2yHmXUQkQ3f3DTX/0a/rA0AMiEM3DMaB+0tS4V6ksPYlzK7GFZXFphW4e7Uu/ZkZzuoXjW6u0ah/XzDRG3el44oGjQxeAT7VAkBmlyk/3XE2GbQQn55ddpc9pkHtPm2SoQGI9XE43IlsIR+vsECdcDLRvJAP4jLxz3Sgplfrz47ZCVOS7XchrKcCl4ya/vkAzGtH+I2JhUmM7NqY7EqLMq+bp5w1iq7mpw==,_g_:admingroup Login using command ./client -u cps -k /home/username/.ssh/id_rsa Also we need to improve documentation for ./client --help.
    • Sprint:
      6.3 Sprint 4 (Mar 28 - Apr 29), Sprint 5 - towards ER2

      Description

      Not able to login using command:

      ./client -u cps -k /home/username/.ssh/id_rsa

      Also registered bountycastle to jvm and included it to java.security like

      security.provider.10=org.bouncycastle.jce.provider.BouncyCastleProvider

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                ffang Freeman(Yue) Fang
                Reporter:
                cpandey Chandra Shekhar Pandey
                Tester:
                Josef Ludvicek
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: