You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@karaf.apache.org by "Jean-Baptiste Onofré (JIRA)" <ji...@apache.org> on 2019/07/15 10:29:00 UTC

[jira] [Assigned] (KARAF-6357) client sh/bat no longer working in case of specify encryption.enabled = true

     [ https://issues.apache.org/jira/browse/KARAF-6357?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jean-Baptiste Onofré reassigned KARAF-6357:
-------------------------------------------

    Assignee: Jean-Baptiste Onofré

> client sh/bat no longer working in case of specify encryption.enabled = true
> ----------------------------------------------------------------------------
>
>                 Key: KARAF-6357
>                 URL: https://issues.apache.org/jira/browse/KARAF-6357
>             Project: Karaf
>          Issue Type: Bug
>          Components: karaf
>    Affects Versions: 4.2.4
>         Environment: Java 8
>            Reporter: Xilai Dai
>            Assignee: Jean-Baptiste Onofré
>            Priority: Major
>
> Setting "encryption.enabled = true" and leave "encryption.name = " in the etc/org.apache.karaf.jaas.cfg, then start karaf container, try to connect it from client.sh/client.bat, then no success with these DEBUG error:
> {code}
> javax.security.auth.login.LoginException: org.jasypt.exceptions.EncryptionOperationNotPossibleException
> 	at org.jasypt.digest.StandardByteDigester.matches(StandardByteDigester.java:1106)
> 	at org.jasypt.digest.StandardStringDigester.matches(StandardStringDigester.java:1052)
> 	at org.jasypt.util.password.ConfigurablePasswordEncryptor.checkPassword(ConfigurablePasswordEncryptor.java:251)
> 	at org.apache.karaf.jaas.jasypt.impl.JasyptEncryption.checkPassword(JasyptEncryption.java:82)
> 	at org.apache.karaf.jaas.modules.AbstractKarafLoginModule.checkPassword(AbstractKarafLoginModule.java:135)
> 	at org.apache.karaf.jaas.modules.properties.PropertiesLoginModule.login(PropertiesLoginModule.java:126)
> 	at org.apache.karaf.jaas.boot.ProxyLoginModule.login(ProxyLoginModule.java:83)
> 	at sun.reflect.GeneratedMethodAccessor53.invoke(Unknown Source)
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> 	at java.lang.reflect.Method.invoke(Method.java:498)
> 	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
> 	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
> 	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
> 	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
> 	at java.security.AccessController.doPrivileged(Native Method)
> 	at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
> 	at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
> 	at org.apache.karaf.shell.ssh.KarafJaasAuthenticator.doLogin(KarafJaasAuthenticator.java:93)
> 	at org.apache.karaf.shell.ssh.KarafJaasAuthenticator.authenticate(KarafJaasAuthenticator.java:70)
> 	at org.apache.sshd.server.auth.keyboard.DefaultKeyboardInteractiveAuthenticator.authenticate(DefaultKeyboardInteractiveAuthenticator.java:92)
> 	at org.apache.sshd.server.auth.keyboard.UserAuthKeyboardInteractive.doAuth(UserAuthKeyboardInteractive.java:119)
> 	at org.apache.sshd.server.auth.AbstractUserAuth.next(AbstractUserAuth.java:75)
> 	at org.apache.sshd.server.session.ServerUserAuthService.process(ServerUserAuthService.java:229)
> 	at org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:614)
> 	at org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:547)
> 	at org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1498)
> 	at org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:508)
> 	at org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:66)
> 	at org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:301)
> 	at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:281)
> 	at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:278)
> 	at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38)
> 	at java.security.AccessController.doPrivileged(Native Method)
> 	at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37)
> 	at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)
> 	at sun.nio.ch.Invoker$2.run(Invoker.java:218)
> 	at sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)
> 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
> 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
> 	at java.lang.Thread.run(Thread.java:748)
> {code}
> It's trying to use "jasypt" to do the validation but not the "basic" as the default behaviour of Karaf 4.1.x.
> You have to set "encryption.name = basic" or "encryption.name = jasypt" definitely, then everything works. otherwize it always try to use "jasypt" and failed more silently.



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)