912264 – ChannelBusyException as a result of remoting server ignoring client capabilities on auth failure with one of the authentication mechanisms

Bug 912264 - ChannelBusyException as a result of remoting server ignoring client capabilities on auth failure with one of the authentication mechanisms

Summary: ChannelBusyException as a result of remoting server ignoring client capabilit...

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	JBoss Enterprise Application Platform 6
Classification:	JBoss
Component:	Remoting
Sub Component:
Version:	6.0.1
Hardware:	All
OS:	All
Priority:	urgent
Severity:	urgent
Target Milestone:	ER3
Target Release:	EAP 6.1.0
Assignee:	David M. Lloyd
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	920731
TreeView+	depends on / blocked

Reported:	2013-02-18 09:00 UTC by Jaikiran Pai
Modified:	2013-10-23 23:02 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2013-07-23 18:37:21 UTC
Type:	Bug
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Bugzilla	920731	0	unspecified	CLOSED	update jboss-remoting to 3.2.15.GA or later	2021-02-22 00:41:40 UTC
Red Hat Issue Tracker	REM3-169	0	Major	Resolved	ChannelBusyException as a result of remoting server ignoring client capabilities on auth failure with one of the authent...	2018-04-02 06:41:58 UTC

Internal Links: 920731

Description Jaikiran Pai 2013-02-18 09:00:22 UTC

If a client <-> server authentication negotiation process fails for a certain SASL auth mechanism, then the client re-sends its CAPABILITIES to the server. However, due to a bug in remoting, those CAPABILITIES get ignored and as a result the remoting channel that gets created won't be aware of the client CAPABILITIES. This will lead to the issue that's explained in https://issues.jboss.org/browse/REM3-169.

A pull request containing a fix for this, has been issued against remoting upstream https://github.com/jboss-remoting/jboss-remoting/pull/8.

Comment 1 Jaikiran Pai 2013-02-18 09:03:33 UTC

Marked as "urgent" for EAP 6.1.0 as per Jason's suggestion.

Comment 2 JBoss JIRA Server 2013-02-18 14:49:10 UTC

David Lloyd <david.lloyd> updated the status of jira REM3-169 to Resolved

Comment 3 David M. Lloyd 2013-02-18 16:31:01 UTC

Pull req. submitted for updated Remoting version.

Comment 4 David M. Lloyd 2013-02-18 20:47:50 UTC

This fix will require only the server to be updated, not the client.

Comment 5 Jason T. Greene 2013-02-18 21:27:11 UTC

We need QE to ack before we can merge a fix. Note that the fix is still undergoing testing.

Comment 6 Jason T. Greene 2013-02-19 16:01:05 UTC

BTW the testing has passed. We are just missing the QE ack to fix this problem. 

The issue was raised by GSS. It is affecting customers on 6.0

Comment 7 Brian Stansberry 2013-03-12 22:00:43 UTC

Moving to MODIFIED as https://github.com/jbossas/jboss-eap/pull/6 was merged several weeks ago.

Comment 8 Jan Martiska 2013-03-29 13:34:39 UTC

verified with EAP 6.1.0.ER3

Note You need to log in before you can comment on or make changes to this bug.