You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@karaf.apache.org by abdelb <ab...@live.co.uk> on 2019/02/05 18:26:33 UTC
Connecting via jaas module results in FileNotFoundException
Hi,
I'm copying over a jaas module xml from an older version of karaf to 4.2.2
and get this error when trying to ssh:
WARN | sshd-SshServer[61072017]-nio2-thread-1 |
VersionProperties$LazyHolder | 114 - org.apache.sshd.core - 1.7.0 |
Failed (FileNotFoundException) to load version properties: Resource does not
exists
I'm using the exact same file and credentials - is this a bug in 4.2.2?
--
Sent from: http://karaf.922171.n3.nabble.com/Karaf-User-f930749.html
Re: Connecting via jaas module results in FileNotFoundException
Posted by Jean-Baptiste Onofré <jb...@nanthrax.net>.
Hi,
I did the following test (on Karaf 4.2.3-SNAPSHOT):
1. In etc/org.apache.karaf.features.cfg, I added aries-blueprint as
featuresBoot
2. I created deploy/config.xml containing:
<?xml version="1.0" encoding="UTF-8"?>
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:jaas="http://karaf.apache.org/xmlns/jaas/v1.0.0"
xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0">
<!-- Bean to allow the $[karaf.base] property to be correctly
resolved -->
<ext:property-placeholder placeholder-prefix="$["
placeholder-suffix="]"/>
<jaas:config name="karaf" rank="1">
<jaas:module
className="org.apache.karaf.jaas.modules.properties.PropertiesLoginModule"
flags="required">
users = $[karaf.etc]/mybackend.properties
</jaas:module>
</jaas:config>
</blueprint>
In etc/mybackend.properties, I added my user (jbonofre).
3. Then I started Karaf. I can see the realm using jaas:* commands:
karaf@root()> jaas:realm-list
Index │ Realm Name │ Login Module Class Name
──────┼────────────┼───────────────────────────────────────────────────────────────
1 │ karaf │
org.apache.karaf.jaas.modules.properties.PropertiesLoginModule
karaf@root()> jaas:realm-manage --index 1
karaf@root()> jaas:user-list
User Name │ Group │ Role
──────────┼────────────┼──────────────
jbonofre │ admingroup │ admin
jbonofre │ admingroup │ manager
jbonofre │ admingroup │ viewer
jbonofre │ admingroup │ systembundles
jbonofre │ admingroup │ ssh
4. Now, I connect using ssh with my jbonofre user:
ssh -p 8101 jbonofre@localhost
So, it seems to work at least with the PropertiesLoginModule.
Let me try a Apache Directory to test with the LDAPLoginModule.
Regards
JB
On 06/02/2019 15:55, abdelb wrote:
> Thanks for investigating. If it helps I have just tested this module in the
> standard 4.0.8 and 4.2.2 distributions downloaded from the Karaf website.
>
> It works fine on 4.0.8; 4.2.2 is failing with the same message as my custom
> distribution.
>
>
>
> --
> Sent from: http://karaf.922171.n3.nabble.com/Karaf-User-f930749.html
>
--
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com
Re: Connecting via jaas module results in FileNotFoundException
Posted by Jean-Baptiste Onofré <jb...@nanthrax.net>.
Thanks for the update.
I'm testing a properties login module on Karaf 4.2.3-SNAPSHOT.
Regards
JB
On 06/02/2019 15:55, abdelb wrote:
> Thanks for investigating. If it helps I have just tested this module in the
> standard 4.0.8 and 4.2.2 distributions downloaded from the Karaf website.
>
> It works fine on 4.0.8; 4.2.2 is failing with the same message as my custom
> distribution.
>
>
>
> --
> Sent from: http://karaf.922171.n3.nabble.com/Karaf-User-f930749.html
>
--
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com
Re: Connecting via jaas module results in FileNotFoundException
Posted by abdelb <ab...@live.co.uk>.
Thanks for investigating. If it helps I have just tested this module in the
standard 4.0.8 and 4.2.2 distributions downloaded from the Karaf website.
It works fine on 4.0.8; 4.2.2 is failing with the same message as my custom
distribution.
--
Sent from: http://karaf.922171.n3.nabble.com/Karaf-User-f930749.html
Re: Connecting via jaas module results in FileNotFoundException
Posted by Jean-Baptiste Onofré <jb...@nanthrax.net>.
Thanks, I will try and I keep you posted.
Regards
JB
On 06/02/2019 10:32, abdelb wrote:
> Sure:
>
> <?xml version="1.0" encoding="UTF-8"?>
> <blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
> xmlns:jaas="http://karaf.apache.org/xmlns/jaas/v1.1.0"
>
> xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0">
>
> <jaas:config name="karaf" rank="1">
> <jaas:module
> className="org.apache.karaf.jaas.modules.ldap.LDAPLoginModule"
> flags="required">
> connection.url = ldap://xxx:xxx
> connection.username = CN=xxx,OU=xxx,OU=xxx,DC=xxx,DC=xxx
> connection.password = xxx
> user.base.dn = DC=xxx,DC=xxx
> user.filter = (uid=%u)
> user.search.subtree = true
> role.base.dn = OU=xxx,OU=xxx,DC=xxx,DC=xxx
> role.filter = (member:=%fqdn)
> role.name.attribute = CN
> role.search.subtree = true
> role.mapping = xxx=admin,viewer,systembundles,manager
> authentication = simple
> </jaas:module>
> </jaas:config>
>
> </blueprint>
>
>
>
> --
> Sent from: http://karaf.922171.n3.nabble.com/Karaf-User-f930749.html
>
--
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com
Re: Connecting via jaas module results in FileNotFoundException
Posted by abdelb <ab...@live.co.uk>.
Hi, sshRole was set to ssh. I changed it to admin and that has done the
trick!
Really appreciate the assistance, thanks again.
--
Sent from: http://karaf.922171.n3.nabble.com/Karaf-User-f930749.html
Re: Connecting via jaas module results in FileNotFoundException
Posted by Jean-Baptiste Onofré <jb...@nanthrax.net>.
Do you have the ssh role for the user ?
Regards
JB
On 06/02/2019 17:38, abdelb wrote:
> Hello,
>
> It does appear under realm-list.
>
> I had a closer look at the logs and it actually authenticates and generates
> an ssh key if the credentials are correct (however it still denies access
> for some reason). Incorrect credentials correctly lead to a
> javax.naming.AuthenticationException being thrown.
>
>
>
> --
> Sent from: http://karaf.922171.n3.nabble.com/Karaf-User-f930749.html
>
--
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com
Re: Connecting via jaas module results in FileNotFoundException
Posted by abdelb <ab...@live.co.uk>.
Hello,
It does appear under realm-list.
I had a closer look at the logs and it actually authenticates and generates
an ssh key if the credentials are correct (however it still denies access
for some reason). Incorrect credentials correctly lead to a
javax.naming.AuthenticationException being thrown.
--
Sent from: http://karaf.922171.n3.nabble.com/Karaf-User-f930749.html
Re: Connecting via jaas module results in FileNotFoundException
Posted by Jean-Baptiste Onofré <jb...@nanthrax.net>.
Hi,
Can you see the login module in the jaas:realm-list ?
If not, can you add debug option in LDAPLoginModule configuration:
debug=true
Please, send me the log in debug.
Thanks,
Regards
JB
On 06/02/2019 10:32, abdelb wrote:
> Sure:
>
> <?xml version="1.0" encoding="UTF-8"?>
> <blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
> xmlns:jaas="http://karaf.apache.org/xmlns/jaas/v1.1.0"
>
> xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0">
>
> <jaas:config name="karaf" rank="1">
> <jaas:module
> className="org.apache.karaf.jaas.modules.ldap.LDAPLoginModule"
> flags="required">
> connection.url = ldap://xxx:xxx
> connection.username = CN=xxx,OU=xxx,OU=xxx,DC=xxx,DC=xxx
> connection.password = xxx
> user.base.dn = DC=xxx,DC=xxx
> user.filter = (uid=%u)
> user.search.subtree = true
> role.base.dn = OU=xxx,OU=xxx,DC=xxx,DC=xxx
> role.filter = (member:=%fqdn)
> role.name.attribute = CN
> role.search.subtree = true
> role.mapping = xxx=admin,viewer,systembundles,manager
> authentication = simple
> </jaas:module>
> </jaas:config>
>
> </blueprint>
>
>
>
> --
> Sent from: http://karaf.922171.n3.nabble.com/Karaf-User-f930749.html
>
--
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com
Re: Connecting via jaas module results in FileNotFoundException
Posted by abdelb <ab...@live.co.uk>.
Sure:
<?xml version="1.0" encoding="UTF-8"?>
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:jaas="http://karaf.apache.org/xmlns/jaas/v1.1.0"
xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0">
<jaas:config name="karaf" rank="1">
<jaas:module
className="org.apache.karaf.jaas.modules.ldap.LDAPLoginModule"
flags="required">
connection.url = ldap://xxx:xxx
connection.username = CN=xxx,OU=xxx,OU=xxx,DC=xxx,DC=xxx
connection.password = xxx
user.base.dn = DC=xxx,DC=xxx
user.filter = (uid=%u)
user.search.subtree = true
role.base.dn = OU=xxx,OU=xxx,DC=xxx,DC=xxx
role.filter = (member:=%fqdn)
role.name.attribute = CN
role.search.subtree = true
role.mapping = xxx=admin,viewer,systembundles,manager
authentication = simple
</jaas:module>
</jaas:config>
</blueprint>
--
Sent from: http://karaf.922171.n3.nabble.com/Karaf-User-f930749.html
Re: Connecting via jaas module results in FileNotFoundException
Posted by Jean-Baptiste Onofré <jb...@nanthrax.net>.
Can you share the module.xml ?
Some new properties are required, especially around the namespace version.
Regards
JB
On 05/02/2019 19:26, abdelb wrote:
> Hi,
>
> I'm copying over a jaas module xml from an older version of karaf to 4.2.2
> and get this error when trying to ssh:
>
> WARN | sshd-SshServer[61072017]-nio2-thread-1 |
> VersionProperties$LazyHolder | 114 - org.apache.sshd.core - 1.7.0 |
> Failed (FileNotFoundException) to load version properties: Resource does not
> exists
>
> I'm using the exact same file and credentials - is this a bug in 4.2.2?
>
>
>
> --
> Sent from: http://karaf.922171.n3.nabble.com/Karaf-User-f930749.html
>
--
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com
Re: Connecting via jaas module results in FileNotFoundException
Posted by Jean-Baptiste Onofré <jb...@nanthrax.net>.
By the way, I'm not sure that the FileNotFoundException coming from sshd
(WARN) is actually the problem.
Regards
JB
On 05/02/2019 19:26, abdelb wrote:
> Hi,
>
> I'm copying over a jaas module xml from an older version of karaf to 4.2.2
> and get this error when trying to ssh:
>
> WARN | sshd-SshServer[61072017]-nio2-thread-1 |
> VersionProperties$LazyHolder | 114 - org.apache.sshd.core - 1.7.0 |
> Failed (FileNotFoundException) to load version properties: Resource does not
> exists
>
> I'm using the exact same file and credentials - is this a bug in 4.2.2?
>
>
>
> --
> Sent from: http://karaf.922171.n3.nabble.com/Karaf-User-f930749.html
>
--
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com