Description of problem: Users trying to deploy RichFaces Showcase example will likely experience following error: Version-Release number of selected component (if applicable): Showcase. How reproducible: Always. Steps to Reproduce: 1. Build RichFaces Showacase: mvn clean package -Pjbas7 2. Deploy RichFaces Showcase to a standard standalone-full.xml based profile. Actual results: 15:53:24,302 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (Thread-2 (HornetQ-remoting-threads-HornetQServerImpl::serverUUID=18634602-6c53-11e1-92e1-525400a7d082-1153720146-944645059)) Login failure: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:269) [picketbox-4.0.6.final-redhat-1.jar:4.0.6.final-redhat-1] at org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:155) [picketbox-4.0.6.final-redhat-1.jar:4.0.6.final-redhat-1] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.6.0_27] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [rt.jar:1.6.0_27] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [rt.jar:1.6.0_27] at java.lang.reflect.Method.invoke(Method.java:597) [rt.jar:1.6.0_27] at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) [rt.jar:1.6.0_27] at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [rt.jar:1.6.0_27] at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [rt.jar:1.6.0_27] at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.6.0_27] at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [rt.jar:1.6.0_27] at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [rt.jar:1.6.0_27] at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449) [picketbox-infinispan-4.0.6.final-redhat-1.jar:4.0.6.final-redhat-1] at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383) [picketbox-infinispan-4.0.6.final-redhat-1.jar:4.0.6.final-redhat-1] at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371) [picketbox-infinispan-4.0.6.final-redhat-1.jar:4.0.6.final-redhat-1] at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160) [picketbox-infinispan-4.0.6.final-redhat-1.jar:4.0.6.final-redhat-1] at org.jboss.as.messaging.HornetQSecurityManagerAS7.validateUser(HornetQSecurityManagerAS7.java:39) [jboss-as-messaging-7.1.0.Final-redhat-1.jar:7.1.0.Final-redhat-1] at org.hornetq.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:134) [hornetq-core-2.2.13.Final-redhat-1.jar:] at org.hornetq.core.server.impl.HornetQServerImpl.createSession(HornetQServerImpl.java:807) [hornetq-core-2.2.13.Final-redhat-1.jar:] at org.hornetq.core.protocol.core.impl.HornetQPacketHandler.handleCreateSession(HornetQPacketHandler.java:187) [hornetq-core-2.2.13.Final-redhat-1.jar:] at org.hornetq.core.protocol.core.impl.HornetQPacketHandler.handlePacket(HornetQPacketHandler.java:85) [hornetq-core-2.2.13.Final-redhat-1.jar:] at org.hornetq.core.protocol.core.impl.ChannelImpl.handlePacket(ChannelImpl.java:508) [hornetq-core-2.2.13.Final-redhat-1.jar:] at org.hornetq.core.protocol.core.impl.RemotingConnectionImpl.doBufferReceived(RemotingConnectionImpl.java:556) [hornetq-core-2.2.13.Final-redhat-1.jar:] at org.hornetq.core.protocol.core.impl.RemotingConnectionImpl.bufferReceived(RemotingConnectionImpl.java:517) [hornetq-core-2.2.13.Final-redhat-1.jar:] at org.hornetq.core.remoting.server.impl.RemotingServiceImpl$DelegatingBufferHandler.bufferReceived(RemotingServiceImpl.java:533) [hornetq-core-2.2.13.Final-redhat-1.jar:] at org.hornetq.core.remoting.impl.invm.InVMConnection$1.run(InVMConnection.java:166) [hornetq-core-2.2.13.Final-redhat-1.jar:] at org.hornetq.utils.OrderedExecutorFactory$OrderedExecutor$1.run(OrderedExecutorFactory.java:100) [hornetq-core-2.2.13.Final-redhat-1.jar:] at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) [rt.jar:1.6.0_27] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) [rt.jar:1.6.0_27] at java.lang.Thread.run(Thread.java:662) [rt.jar:1.6.0_27] 15:53:24,319 INFO [org.hibernate.dialect.Dialect] (MSC service thread 1-2) HHH000400: Using dialect: org.hibernate.dialect.HSQLDialect 15:53:24,329 INFO [org.hibernate.engine.transaction.internal.TransactionFactoryInitiator] (MSC service thread 1-2) HHH000268: Transaction strategy: org.hibernate.engine.transaction.internal.jdbc.JdbcTransactionFactory 15:53:24,330 INFO [org.hibernate.hql.internal.ast.ASTQueryTranslatorFactory] (MSC service thread 1-2) HHH000397: Using ASTQueryTranslatorFactory 15:53:24,334 ERROR [org.hornetq.core.protocol.core.impl.HornetQPacketHandler] (Thread-2 (HornetQ-remoting-threads-HornetQServerImpl::serverUUID=18634602-6c53-11e1-92e1-525400a7d082-1153720146-944645059)) Failed to create session : HornetQException[errorCode=105 message=Unable to validate user: guest] at org.hornetq.core.security.impl.SecurityStoreImpl.authenticate(SecurityStoreImpl.java:147) [hornetq-core-2.2.13.Final-redhat-1.jar:] at org.hornetq.core.server.impl.HornetQServerImpl.createSession(HornetQServerImpl.java:807) [hornetq-core-2.2.13.Final-redhat-1.jar:] at org.hornetq.core.protocol.core.impl.HornetQPacketHandler.handleCreateSession(HornetQPacketHandler.java:187) [hornetq-core-2.2.13.Final-redhat-1.jar:] at org.hornetq.core.protocol.core.impl.HornetQPacketHandler.handlePacket(HornetQPacketHandler.java:85) [hornetq-core-2.2.13.Final-redhat-1.jar:] at org.hornetq.core.protocol.core.impl.ChannelImpl.handlePacket(ChannelImpl.java:508) [hornetq-core-2.2.13.Final-redhat-1.jar:] at org.hornetq.core.protocol.core.impl.RemotingConnectionImpl.doBufferReceived(RemotingConnectionImpl.java:556) [hornetq-core-2.2.13.Final-redhat-1.jar:] at org.hornetq.core.protocol.core.impl.RemotingConnectionImpl.bufferReceived(RemotingConnectionImpl.java:517) [hornetq-core-2.2.13.Final-redhat-1.jar:] at org.hornetq.core.remoting.server.impl.RemotingServiceImpl$DelegatingBufferHandler.bufferReceived(RemotingServiceImpl.java:533) [hornetq-core-2.2.13.Final-redhat-1.jar:] at org.hornetq.core.remoting.impl.invm.InVMConnection$1.run(InVMConnection.java:166) [hornetq-core-2.2.13.Final-redhat-1.jar:] at org.hornetq.utils.OrderedExecutorFactory$OrderedExecutor$1.run(OrderedExecutorFactory.java:100) [hornetq-core-2.2.13.Final-redhat-1.jar:] at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) [rt.jar:1.6.0_27] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) [rt.jar:1.6.0_27] at java.lang.Thread.run(Thread.java:662) [rt.jar:1.6.0_27] 15:53:24,340 INFO [org.hibernate.tool.hbm2ddl.SchemaExport] (MSC service thread 1-2) HHH000227: Running hbm2ddl schema export 15:53:24,350 SEVERE [org.richfaces.demo.push.MessageProducerRunnable] (MessageProducerThread) javax.faces.FacesException: Unable to validate user: guest: com.google.common.collect.ComputationException: javax.faces.FacesException: Unable to validate user: guest at com.google.common.collect.ComputingConcurrentHashMap$ComputingMapAdapter.get(ComputingConcurrentHashMap.java:397) [guava-10.0.1-redhat-1.jar:10.0.1-redhat-1] at org.richfaces.application.push.impl.jms.JMSTopicsContextImpl.createTopic(JMSTopicsContextImpl.java:281) [richfaces-core-impl-4.2.0.Final-redhat-1.jar:4.2.0.Final-redhat-1] at org.richfaces.application.push.TopicsContext.getOrCreateTopic(TopicsContext.java:48) [richfaces-core-api-4.2.0.Final-redhat-1.jar:4.2.0.Final-redhat-1] at org.richfaces.application.push.TopicsContext.publish(TopicsContext.java:69) [richfaces-core-api-4.2.0.Final-redhat-1.jar:4.2.0.Final-redhat-1] at org.richfaces.demo.push.TopicsContextMessageProducer.sendMessage(TopicsContextMessageProducer.java:46) [classes:] at org.richfaces.demo.push.MessageProducerRunnable.run(MessageProducerRunnable.java:57) [classes:] at java.lang.Thread.run(Thread.java:662) [rt.jar:1.6.0_27] Caused by: javax.faces.FacesException: Unable to validate user: guest at org.richfaces.application.push.impl.jms.JMSTopicsContextImpl$1.apply(JMSTopicsContextImpl.java:207) [richfaces-core-impl-4.2.0.Final-redhat-1.jar:4.2.0.Final-redhat-1] at org.richfaces.application.push.impl.jms.JMSTopicsContextImpl$1.apply(JMSTopicsContextImpl.java:195) [richfaces-core-impl-4.2.0.Final-redhat-1.jar:4.2.0.Final-redhat-1] at com.google.common.collect.ComputingConcurrentHashMap$ComputingValueReference.compute(ComputingConcurrentHashMap.java:355) [guava-10.0.1-redhat-1.jar:10.0.1-redhat-1] at com.google.common.collect.ComputingConcurrentHashMap$ComputingSegment.compute(ComputingConcurrentHashMap.java:184) [guava-10.0.1-redhat-1.jar:10.0.1-redhat-1] at com.google.common.collect.ComputingConcurrentHashMap$ComputingSegment.getOrCompute(ComputingConcurrentHashMap.java:153) [guava-10.0.1-redhat-1.jar:10.0.1-redhat-1] at com.google.common.collect.ComputingConcurrentHashMap.getOrCompute(ComputingConcurrentHashMap.java:69) [guava-10.0.1-redhat-1.jar:10.0.1-redhat-1] at com.google.common.collect.ComputingConcurrentHashMap$ComputingMapAdapter.get(ComputingConcurrentHashMap.java:393) [guava-10.0.1-redhat-1.jar:10.0.1-redhat-1] ... 6 more Caused by: javax.jms.JMSSecurityException: Unable to validate user: guest at org.hornetq.core.protocol.core.impl.ChannelImpl.sendBlocking(ChannelImpl.java:312) at org.hornetq.core.client.impl.ClientSessionFactoryImpl.createSessionInternal(ClientSessionFactoryImpl.java:780) at org.hornetq.core.client.impl.ClientSessionFactoryImpl.createSession(ClientSessionFactoryImpl.java:279) at org.hornetq.jms.client.HornetQConnection.authorize(HornetQConnection.java:601) at org.hornetq.jms.client.HornetQConnectionFactory.createConnectionInternal(HornetQConnectionFactory.java:684) at org.hornetq.jms.client.HornetQConnectionFactory.createConnection(HornetQConnectionFactory.java:119) at org.richfaces.application.push.impl.jms.JMSTopicsContextImpl$JMSTopicContext.createConnection(JMSTopicsContextImpl.java:99) [richfaces-core-impl-4.2.0.Final-redhat-1.jar:4.2.0.Final-redhat-1] at org.richfaces.application.push.impl.jms.JMSTopicsContextImpl$JMSTopicContext.start(JMSTopicsContextImpl.java:123) [richfaces-core-impl-4.2.0.Final-redhat-1.jar:4.2.0.Final-redhat-1] at org.richfaces.application.push.impl.jms.JMSTopicsContextImpl$1.apply(JMSTopicsContextImpl.java:199) [richfaces-core-impl-4.2.0.Final-redhat-1.jar:4.2.0.Final-redhat-1] ... 12 more Caused by: HornetQException[errorCode=105 message=Unable to validate user: guest] ... 21 more Expected results: It gets deployed. Additional info:
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: The default installation of JBoss Enterprise Application Platform comes secured by default. RichFaces Showcase example uses JMS Push functionality, which is secured as well. Users wishing to deploy the application needs to do one of the following additional configurations: 1/ Add an user to via ApplicationRealm via $JBOSS_HOME/bin/add-user.bat/sh script into roles guest. 2/ Modify web.xml in the RichFaces Showcase to contain created credentials, e.g.: <context-param> <param-name>org.richfaces.push.jms.connectionUsername</param-name> <param-value>guest</param-value> </context-param> <context-param> <param-name>org.richfaces.push.jms.connectionPassword</param-name> <param-value>password</param-value> </context-param> The other way is to disable security for HornetQ completely.
Technical note updated. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. Diffed Contents: @@ -1,18 +1,6 @@ -The default installation of JBoss Enterprise Application Platform comes secured by default. RichFaces Showcase example uses JMS Push functionality, which is secured as well. +Both the default installation of JBoss Enterprise Application Platform and JMS Push, which is required by RichFaces Showcase example, are secured by default. To deploy the application, choose one of the following options: -Users wishing to deploy the application needs to do one of the following additional configurations: +1. Add a new user ApplicationRealm with the $JBOSS_HOME/bin/add-user.bat/sh script, with the role: guest. - +2. Modify web.xml in the RichFaces Showcase to contain created credentials: -1/ Add an user to via ApplicationRealm via $JBOSS_HOME/bin/add-user.bat/sh script into roles guest. +adkslfjasdfk - +3. Disable security for HornetQ completely.-2/ Modify web.xml in the RichFaces Showcase to contain created credentials, e.g.: - - <context-param> - <param-name>org.richfaces.push.jms.connectionUsername</param-name> - <param-value>guest</param-value> - </context-param> - <context-param> - <param-name>org.richfaces.push.jms.connectionPassword</param-name> - <param-value>password</param-value> - </context-param> - -The other way is to disable security for HornetQ completely.
Technical note updated. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. Diffed Contents: @@ -2,5 +2,11 @@ 1. Add a new user ApplicationRealm with the $JBOSS_HOME/bin/add-user.bat/sh script, with the role: guest. 2. Modify web.xml in the RichFaces Showcase to contain created credentials: -adkslfjasdfk +<context-param> +- <param-name>org.richfaces.push.jms.connectionUsername</param-name> <param-value>guest</param-value> + </context-param> + <context-param> + <param-name>org.richfaces.push.jms.connectionPassword</param-name> + <param-value>password</param-value> + </context-param> 3. Disable security for HornetQ completely.
Technical note updated. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. Diffed Contents: @@ -1,12 +1,14 @@ -Both the default installation of JBoss Enterprise Application Platform and JMS Push, which is required by RichFaces Showcase example, are secured by default. To deploy the application, choose one of the following options: +Both the default installation of JBoss Enterprise Application Platform and JMS Push, which is required by RichFaces Showcase example, are secured by default. To deploy the application, you have add an user to a secured ApplicationRealm via following commands: -1. Add a new user ApplicationRealm with the $JBOSS_HOME/bin/add-user.bat/sh script, with the role: guest. -2. Modify web.xml in the RichFaces Showcase to contain created credentials: +1. Add a new user ApplicationRealm with the $JBOSS_HOME/bin/add-user.bat or add-user.sh script, with the role: guest. + +2. Modify web.xml in the RichFaces Showcase. Replace ${username} and ${password} with actual credentials. + <context-param> -- <param-name>org.richfaces.push.jms.connectionUsername</param-name> <param-value>guest</param-value> + <param +name>org.richfaces.push.jms.connectionUsername</param-name> <param-value>${username}</param-value> </context-param> <context-param> <param-name>org.richfaces.push.jms.connectionPassword</param-name> - <param-value>password</param-value> + <param-value>${password}</param-value> - </context-param> + </context-param>-3. Disable security for HornetQ completely.
Karel Piwko <kpiwko> made a comment on jira RF-11983 Lukas, can you change default password to be different than username? AS7 does not allow you have password the same as username.
Lukáš Fryč <lfryc> made a comment on jira RF-11983 Hi Karel, it does make sense, I have opened RF-12048.
Lukáš Fryč <lfryc> made a comment on jira RF-11983 Additionally we can try to workaround this issue - to make the example deployable without any configuration out-of-the-box.
Lukáš Fryč <lfryc> made a comment on jira RF-11983 Additionally we can try to workaround this issue - to make the example deployable without any configuration out-of-the-box. We can achieve it by configuring the JMS (adding user) using DMR interface.
Lukáš Fryč <lfryc> made a comment on jira RF-11983 Additionally we can try to workaround this issue - to make the example deployable without any configuration out-of-the-box. We can achieve it by configuring the JMS (adding user) using DMR interface (the same already used for topic creation).
Juraj Huska <jhuska> made a comment on jira RF-11983 The behavior is the same when deploying on _JBoss AS 6.0.0.Final_. I have used similar workaround when I have set to: _JBOSS_HOME/server/default/deploy/hornetq/hornetq-configuration.xml_ the same property: _<security-enabled>false</security-enabled>_
Is this issue for only a technical note or real fix is somewhere needed? I can see that upstream issue is not resolved and postponed to 4.3.
Karel Piwko <kpiwko> made a comment on jira RF-11983 Test comment.
Brian, what do we do with this issue? Still only documented issue?
Currently we have to document the required steps to workaround the auth requirement. Lukas has proposed an automation of this using the DMR interface. While this would work, we have to keep in mind we now have a completely non-portable solution here, and this only brings us further in a non-portable direction. An alternative workaround is to remove the JMS integration from the showcase altogether. We can have a specific dev-example to demonstrate JMS/Push integration. This would also improve the portability of the showcase.
changing status as this is now only documentation issue and the solution will be provided in future.
Lukáš Fryč <lfryc> updated the status of jira RF-11983 to Resolved