Loading...

Type: Bug
Resolution: Done
Priority: Critical
Fix Version/s: 7.1.0.ER2
Affects Version/s: 7.1.0.DR19
Component/s: Security
Labels:
None

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.1.0.GA

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

When I call ejb for second time inside test I get exception like

[Caused by java.io.IOException: ELY01156: Cannot obtain a credential from a security factory]
	at org.wildfly.security.sasl.gssapi.GssapiServer.<init>(GssapiServer.java:81)
	at org.wildfly.security.sasl.gssapi.GssapiServerFactory.createSaslServer(GssapiServerFactory.java:44)
	at org.wildfly.security.sasl.util.SecurityProviderSaslServerFactory.createSaslServer(SecurityProviderSaslServerFactory.java:80)
	at org.wildfly.security.sasl.util.FilterMechanismSaslServerFactory.createSaslServer(FilterMechanismSaslServerFactory.java:88)
	at org.wildfly.security.sasl.util.PropertiesSaslServerFactory.createSaslServer(PropertiesSaslServerFactory.java:56)
	at org.wildfly.security.sasl.util.AbstractDelegatingSaslServerFactory.createSaslServer(AbstractDelegatingSaslServerFactory.java:64)
	at org.wildfly.security.sasl.util.AbstractDelegatingSaslServerFactory.createSaslServer(AbstractDelegatingSaslServerFactory.java:64)
	at org.wildfly.security.sasl.util.SetMechanismInformationSaslServerFactory.createSaslServer(SetMechanismInformationSaslServerFactory.java:80)
	at org.wildfly.security.sasl.util.AuthenticationCompleteCallbackSaslServerFactory.createSaslServer(AuthenticationCompleteCallbackSaslServerFactory.java:51)
	at org.wildfly.security.sasl.util.TrustManagerSaslServerFactory.createSaslServer(TrustManagerSaslServerFactory.java:72)
	at org.wildfly.security.sasl.util.AuthenticationTimeoutSaslServerFactory.createSaslServer(AuthenticationTimeoutSaslServerFactory.java:74)
	at org.wildfly.security.sasl.util.AbstractDelegatingSaslServerFactory.createSaslServer(AbstractDelegatingSaslServerFactory.java:64)
	at org.wildfly.security.sasl.util.ProtocolSaslServerFactory.createSaslServer(ProtocolSaslServerFactory.java:48)
	at org.wildfly.security.sasl.util.AbstractDelegatingSaslServerFactory.createSaslServer(AbstractDelegatingSaslServerFactory.java:64)
	at org.wildfly.security.sasl.util.ServerNameSaslServerFactory.createSaslServer(ServerNameSaslServerFactory.java:48)
	at org.wildfly.security.sasl.util.SecurityIdentitySaslServerFactory.createSaslServer(SecurityIdentitySaslServerFactory.java:51)
	at org.wildfly.security.auth.server.SaslAuthenticationFactory.doCreate(SaslAuthenticationFactory.java:59)
	at org.wildfly.security.auth.server.SaslAuthenticationFactory.doCreate(SaslAuthenticationFactory.java:50)
	at org.wildfly.security.auth.server.AbstractMechanismAuthenticationFactory.createMechanism(AbstractMechanismAuthenticationFactory.java:54)
	at org.jboss.remoting3.ConnectionImpl.lambda$receiveAuthRequest$2(ConnectionImpl.java:198)
	at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:902)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
	at java.lang.Thread.run(Thread.java:745)
Caused by: java.io.IOException: ELY01156: Cannot obtain a credential from a security factory
	at org.wildfly.security.credential.source.CredentialSource$4.getCredential(CredentialSource.java:327)
	at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:863)
	at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handle(ServerAuthenticationContext.java:735)
	at org.wildfly.security.sasl.util.TrustManagerSaslServerFactory.lambda$createSaslServer$0(TrustManagerSaslServerFactory.java:96)
	at org.wildfly.security.sasl.gssapi.GssapiServer.<init>(GssapiServer.java:78)
	... 23 more
Caused by: java.security.GeneralSecurityException: WFLYDM0139: No SubjectIdentity found for remote/localhost.
	at org.jboss.as.domain.management.security.SecurityRealmService.getGSSKerberosCredential(SecurityRealmService.java:572)
	at org.jboss.as.domain.management.security.SecurityRealmService.lambda$null$4(SecurityRealmService.java:229)
	at org.wildfly.security.credential.source.CredentialSource$4.getCredential(CredentialSource.java:325)
	... 27 more

I have noticed wrong host-name is resolved localhost, whereas on my environment correct should be localhost.localdomain

server.log

Handling MechanismInformationCallback type='SASL' name='GSSAPI' host-name='localhost' protocol='remote'

[1] https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.0/html-single/how_to_set_up_sso_with_kerberos/#configure-krb-remoting

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

EJB_no_security_annotations.log
34 kB
2017/06/01 12:14 PM
EJB_with_secuirty_annotations.log
23 kB
2017/06/01 12:14 PM
jboss-remoting-5.0.0.CR3-SNAPSHOT.jar
300 kB
2017/06/29 11:45 AM
standalone.xml
34 kB
2017/06/01 12:16 PM

is caused by

REM3-291 SSL information should be available on inner authentications

Resolved

REM3-292 SASL server name should match beween outer & inner authentications

Resolved

Details

Description

Attachments

Attachments

Issue Links

Activity

People

Dates