Description of problem: During the discovery process, if the installation directory of the EAP6 server is not of the expected form "jboss-eap-6.0", the plugin is unable to determine the version and attempts a connection to the server using either a default set of credentials or a user pulled from the management realm with a null password. As this occurs during the discovery of the process and before it is compared to the inventory, this can result in repeated failed authentication attempts to the EAP server every discovery cycle (by default, every 15 minutes). Version-Release number of selected component (if applicable): JBoss ON 3.1.2 Actual results: Agent attempts to connect to the EAP6 instance to gather the version information without correct credentials. Expected results: BaseProcessDiscovery.buildResourceDetails() should query $JBOSS_HOME/version.txt if it exists to obtain version information, or default to a constant such as '6.x' or 'UNKNOWN 6.x' value to identify that the version was not able to be identified during discovery.
This actually occurs in two different scenarios: As mentioned, during discovery BaseProcessDiscovery.buildResourceDetails is calling getFromRemote() to determine the product info for the newly discovered resource. This seems like a very bad idea considering that on a new resource, this would always fail. The result is that we attempt to authenticate with EAP using the user "admin" with a password of "null". This seems to be a result of the default configuration provided by the plug-in configuration itself. I actually can't think of a time this method would ever succeed. Essentially what is failing in my test case: POST /management HTTP/1.1 Content-Type: application/json Accept: application/json User-Agent: Java/1.6.0_20 Host: 127.0.0.1:9990 Connection: keep-alive Content-Length: 65 Authorization: Digest username="admin", realm="ManagementRealm", nonce="dc8c7d68c5529a0e05cfedfcd016b53a", uri="/management", response="eae9dd3b48ae69e0768390427551b8a1", algorithm="MD5", cnonce="HCDIBNAKOBLKKEBBFDPPFMINEBILANGKOEJNLKOL" {"operation":"read-attribute","address":[],"name":"product-name"} This seems to be invoked 20 times. I am not certain why but perhaps there is some re-try logic somewhere or we are attempting to build resource details multiple times for the same discovered resource. The other issue is availability an availability check on a newly discovered resource that has not yet been imported into inventory. I am guessing this happens one when the resource is created as I see the following same failure occur right after the agent has started up: POST /management HTTP/1.1 Content-Type: application/json Accept: application/json User-Agent: Java/1.6.0_20 Host: 127.0.0.1:9990 Connection: keep-alive Content-Length: 64 Authorization: Digest username="admin", realm="ManagementRealm", nonce="f728fca3619f0ce5e8794753858b75d3", uri="/management", response="11a036ced3c9a91d80943a51644e35f6", algorithm="MD5", cnonce="EEPHMLDJOKHGLNJGBMNNLCOABOKKHMDLGPIBJFIH" {"operation":"read-attribute","address":[],"name":"launch-type"} Which appears to be invoked from BaseServerComponent.getAvailability(). Steps to reproduce: 1. Start EAP 6 standalone server. 2. Enable debug logging for the 'com.sun.net.httpserver' category. "${JBOSS_HOME}/bin/jboss-cli.sh" --connect '/subsystem=logging/logger=com.sun.net.httpserver:add(level=DEBUG)' 3. Start JBoss ON system. The EAP server's server.log will contain the following messages every 15 minutes: FINE [com.sun.net.httpserver] (HttpManagementService-threads - 102) POST /management HTTP/1.1 [401 Unauthorized] ()
Fixed in master (see BZ913764) The version was determined with a call to the http management interface. Now it's all based on file inspection.
Verified on Version : 3.2.0.ER5 Build Number : 2cb2bc9:225c796