[
https://issues.apache.org/jira/browse/KARAF-6357?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17014929#comment-17014929
]
ASF GitHub Bot commented on KARAF-6357:
---------------------------------------
jbonofre commented on pull request #1061: [KARAF-6357] Use basic encryption by
default
URL: https://github.com/apache/karaf/pull/1061
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
> client sh/bat no longer working in case of specify encryption.enabled = true
> ----------------------------------------------------------------------------
>
> Key: KARAF-6357
> URL: https://issues.apache.org/jira/browse/KARAF-6357
> Project: Karaf
> Issue Type: Bug
> Components: karaf
> Affects Versions: 4.2.4
> Environment: Java 8
> Reporter: Xilai Dai
> Assignee: Jean-Baptiste Onofré
> Priority: Major
> Fix For: 4.3.0, 4.2.9
>
>
> Setting "encryption.enabled = true" and leave "encryption.name = " in the
> etc/org.apache.karaf.jaas.cfg, then start karaf container, try to connect it
> from client.sh/client.bat, then no success with these DEBUG error:
> {code}
> javax.security.auth.login.LoginException:
> org.jasypt.exceptions.EncryptionOperationNotPossibleException
> at
> org.jasypt.digest.StandardByteDigester.matches(StandardByteDigester.java:1106)
> at
> org.jasypt.digest.StandardStringDigester.matches(StandardStringDigester.java:1052)
> at
> org.jasypt.util.password.ConfigurablePasswordEncryptor.checkPassword(ConfigurablePasswordEncryptor.java:251)
> at
> org.apache.karaf.jaas.jasypt.impl.JasyptEncryption.checkPassword(JasyptEncryption.java:82)
> at
> org.apache.karaf.jaas.modules.AbstractKarafLoginModule.checkPassword(AbstractKarafLoginModule.java:135)
> at
> org.apache.karaf.jaas.modules.properties.PropertiesLoginModule.login(PropertiesLoginModule.java:126)
> at
> org.apache.karaf.jaas.boot.ProxyLoginModule.login(ProxyLoginModule.java:83)
> at sun.reflect.GeneratedMethodAccessor53.invoke(Unknown Source)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
> at
> javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
> at java.security.AccessController.doPrivileged(Native Method)
> at
> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
> at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
> at
> org.apache.karaf.shell.ssh.KarafJaasAuthenticator.doLogin(KarafJaasAuthenticator.java:93)
> at
> org.apache.karaf.shell.ssh.KarafJaasAuthenticator.authenticate(KarafJaasAuthenticator.java:70)
> at
> org.apache.sshd.server.auth.keyboard.DefaultKeyboardInteractiveAuthenticator.authenticate(DefaultKeyboardInteractiveAuthenticator.java:92)
> at
> org.apache.sshd.server.auth.keyboard.UserAuthKeyboardInteractive.doAuth(UserAuthKeyboardInteractive.java:119)
> at
> org.apache.sshd.server.auth.AbstractUserAuth.next(AbstractUserAuth.java:75)
> at
> org.apache.sshd.server.session.ServerUserAuthService.process(ServerUserAuthService.java:229)
> at
> org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:614)
> at
> org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:547)
> at
> org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1498)
> at
> org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:508)
> at
> org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:66)
> at
> org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:301)
> at
> org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:281)
> at
> org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:278)
> at
> org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38)
> at java.security.AccessController.doPrivileged(Native Method)
> at
> org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37)
> at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)
> at sun.nio.ch.Invoker$2.run(Invoker.java:218)
> at
> sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
> at java.lang.Thread.run(Thread.java:748)
> {code}
> It's trying to use "jasypt" to do the validation but not the "basic" as the
> default behaviour of Karaf 4.1.x.
> You have to set "encryption.name = basic" or "encryption.name = jasypt"
> definitely, then everything works. otherwize it always try to use "jasypt"
> and failed more silently.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
