I have one case which works on JBoss 4.2.
Client login (with JAAS, ClientLoginModule)
Client get JMX connection from JBoss JMX server
Client call mbean API;
Server will check current caller/principal is, whether he/she has the enough privilege to do the action.
Now with Wildfly 9, we do the similar thing, moreover, we have set the username/password when getting JMX connection.
// urlString likes:service:jmx:remote://localhost:9999
JMXServiceURL serviceURL = new JMXServiceURL(urlString);
Map<String, Object> env = new HashMap<String, Object>();
String[] creds = new String[2];
creds[0] = username_;
creds[1] = password_;
env.put(JMXConnector.CREDENTIALS, creds);
JMXConnector jmxConnector = JMXConnectorFactory.connect(serviceURL, env);
MBeanServerConnection connection = jmxConnector.getMBeanServerConnection();
However, at step3, JMX server find current caller/principal is null.
Do you know why? Or how to resolve this.
Are there any interceptors for JMX just like EJB?
Related
DISCLAIMER: I know that this question was asked before multiple times, non of the answers helped me.
In our app, we implemented SSL for more security, but we sometimes get the mentioned error, the error is not persistent, meaning that the same route can success at time but other time it throws this error.
Nothing is displayed on the server logs.
This is how I setup SSL configuration in the app:
(client.httpClientAdapter as DefaultHttpClientAdapter).onHttpClientCreate = (HttpClient _client) {
SecurityContext sc = SecurityContext();
sc.setTrustedCertificatesBytes(sslCert.buffer.asInt8List());
HttpClient httpClient = HttpClient(context: sc);
httpClient.badCertificateCallback = (X509Certificate cert, String host, int port) => false;
httpClient.maxConnectionsPerHost = 10;
return httpClient;
};
client being a Dio instance
Our server is built using Node.js, with Apache on centOS
I need to create an SOAP client with JAX-WS on JBoss.
The Problem is I cannot get past the authentication.
I have a test implemented in SoapUI which works when I set the request properties username and password
With the following code
URL kbaURL = new URL("http://...");
IkfzService ikfzService = new IkfzService(kbaURL);
IkfzPortType ikfzPortType = ikfzService.getIkfzSOAP();
Map<String, Object> requestContext = ((BindingProvider)ikfzPortType).getRequestContext();
requestContext.put(BindingProvider.USERNAME_PROPERTY, "...");
requestContext.put(BindingProvider.PASSWORD_PROPERTY, "...");
Where URL, username und password are the same like in SOAPUI I am getting
javax.xml.ws.WebServiceException: org.apache.cxf.service.factory.ServiceConstructionException:
Failed to create service.
...
Caused by: javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR:
Problem parsing 'http://..'.: java.io.IOException: Server returned HTTP response code:
401 for URL: http://..
What am I missing?
This should be a basic example of what you're trying to accomplish - let me know if you need more help or clarification
//the WSDL/webservice endpoint
private static final String WSDL_URL = "http://localhost:8080/MyWebService/MyWebService?wsdl";
URL url = new URL(WSDL_URL);
QName qname = new QName("http://ws.mycompany.com/", MyWebServiceImpl");
Service theWSService = Service.create(url, qname);
//returns the interface for MyWebServiceImpl
TheWSServiceIF port = theWSService.getPort(TheWSServiceIF.class);
//Setup Security
Map<String, Object> requestContext = ((BindingProvider)port).getRequestContext();
requestContext.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, WS_URL);
Map<String, List<String>> requestHeaders = new HashMap<String, List<String>>();
requestHeaders.put("Username", Collections.singletonList("myUserName"));
requestHeaders.put("Password", Collections.singletonList("myPasword"));
requestContext.put(MessageContext.HTTP_REQUEST_HEADERS, headers);
/**********************************************************************/
//actually call the web service method, print results
System.out.println(port.getMyWebServiceData());
I'm a beginner when it comes to HTTP connections.
Currently i'm working with SAAJ api to have my soap based client, where to handle timeouts i ended up using URLStreamHandler for HTTP connection properties with the endpoints.
Problem is that this timeout works for my windows based system, however it isn't working for the Linux server it is going to go live on.
below is the code for fetching endpoint with set properties. It is a HTTP POST connection.
URL endpoint = new URL (null, url, new URLStreamHandler () {
protected URLConnection openConnection (URL url) throws IOException {
// The url is the parent of this stream handler, so must create clone
URL clone = new URL (url.toString ());
HttpURLConnection connection = (HttpURLConnection) clone.openConnection();
connection.setRequestProperty("Content-Type",
"text/xml");
connection.setRequestProperty("Accept",
"application/soap+xml, text/*");
// If we cast to HttpURLConnection, we can set redirects
// connection.setInstanceFollowRedirects (false);
connection.setDoOutput(true);
connection.setConnectTimeout(3 * 1000);
connection.setReadTimeout(3 * 1000);
return connection;
for the SAAJ API part, below is the implementation, pretty basic one
SOAPConnectionFactory soapConnectionFactory = SOAPConnectionFactory
.newInstance();
soapConnection = soapConnectionFactory.createConnection();
is = new ByteArrayInputStream(command.getBytes());
SOAPMessage request = MessageFactory.newInstance(
SOAPConstants.SOAP_1_1_PROTOCOL).createMessage(
new MimeHeaders(), is);
MimeHeaders headers = request.getMimeHeaders();
headers.addHeader("Content-Type", "text/xml");
request.saveChanges();
ByteArrayOutputStream out = new ByteArrayOutputStream();
request.writeTo(out);
soapResponse = soapConnection.call(request, endpoint);
Is it that system properties would affect connect or read timeout. If so please let me know what could cause this behavior.
I used the info in this link https://www.ibm.com/support/knowledgecenter/SSEQTP_8.5.5/com.ibm.websphere.wlp.doc/ae/twlp_dev_prog_login_auth_data.html As per my info which I got from this discussion thread. https://developer.ibm.com/answers/questions/261209/websphere-liberty-profile-and-j2c-authdata-retriev-1.html
The DefaultPrincipalMapping programmatic login is avaiable and should work. I configured everything updated to Liberty profile v 8.5.5.9 , yet my code throws exception at [err] javax.security.auth.login.LoginException: No LoginModules configured for DefaultPrincipalMapping [err] at javax.security.auth.login.LoginContext.init(LoginContext.java:264) [err] at javax.security.auth.login.LoginContext.(LoginContext.java:417) Here is my code snippet..
Context context = new InitialContext();
String user = (String) context.lookup("cell/persistent/ADBindUser");
String password = (String) context.lookup("cell/persistent/ADBindPwd");
Map<String, String> map = new HashMap<String, String>();
map.put(Constants.MAPPING_ALIAS, "WPSBIND");
// CallbackHandler callbackHandler = // WSMappingCallbackHandlerFactory.getInstance().getCallbackHandler(map, null);
CallbackHandler callbackHandler =new WSMappingCallbackHandler(map, null);
LoginContext loginContext =
new LoginContext("DefaultPrincipalMapping", callbackHandler);
try{
loginContext.login();
}catch(LoginException le) {
}
Can any one please tell me what I am missing here.
Instead of "DefaultPrincipalMapping" the login configuration "system.DEFAULT" did the job for me.
The final hint was hidden in the documentation:
system.DEFAULT
Used for login when no JAAS configuration is specified.
...
The system.WEB_INBOUND and system.DEFAULT configurations have these
default login modules in this order: hashtable, userNameAndPassword,
certificate, and token. The WSLogin configuration has the proxy login module
as the default login module, and the proxy delegates all the
operations to the real login module in system.DEFAULT.
WSLogin fails with an Unrecognized Callback in case the application uses e.g. org.jboss.security.auth.callback.UsernamePasswordHandler as the callback. If the application cannot be modified, system.DEFAULT provides an alternative.
iam trying to follow the documentation of the mbeans for weblogic and create a web application
to access an already created custom beans running in another application deployed in the server .
iam using this code
InitialContext ctx = new InitialContext();
MBeanServer server = (MBeanServer)ctx.lookup("java:comp/env/jmx/runtime");
String serverName = System.getProperty("weblogic.Name");
ObjectName on =new ObjectName("com.myCompanyName:Name=MyCutomBean,Type=MyCutomBean");
boolean boolresult=(Boolean)server.invoke(on, "myMethod",
new Object[]{"a","b","c"}
,new String[]{"java.lang.String","java.lang.String","java.lang.String"}); //throw exception
out.print(result);
out.print(boolresult);
when i try to access our custom beans i got this exception :
Access not allowed for subject: principals=[], on ResourceType: Name Action: execute, Target: myMethod
what could be the problem ?
i finally find a solution
to avoid this exception u need to authenticate your Context using the following :
Hashtable props = new Hashtable();
props.put(Context.INITIAL_CONTEXT_FACTORY,
"weblogic.jndi.WLInitialContextFactory");
props.put(Context.SECURITY_PRINCIPAL, "<userName>");
props.put(Context.SECURITY_CREDENTIALS, "<password>");
Context ctx = new InitialContext(props); MBeanServer server = (MBeanServer)ctx.lookup("java:comp/env/jmx/runtime");
Hope this will help someone