[
https://issues.apache.org/jira/browse/QPID-1482?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Robert Gemmell updated QPID-1482:
---------------------------------
Attachment: QPID-1482_22nov2008.patch
After investigation, it became clear that the PasswordCallback being used to
verify the password contained a null pointer for the password field, despite
the fact this had successfully been communicated to the broker by the
management console.
I found that this was the result of the setPassword() method never having been
called on it, and tracked the issue down to changes made as a result of
QPID-474 in order to ensure that the broker was properly validating passwords
in the PlainSaslServer class. Evidently, the JMX
org.apache.qpid.server.management.JMXManagedObjectRegistry class was written
whilst this was an open issue, as its private UserCallbackHandler class
depended on the behavior it exhibited in order to work, although it actually
did verify the password as a result.
I first proceeded to modify the UserCallbackHandler private class and fixed the
issue, but then realised this issue could/would simply occur again in the
future and that the broker must have its own callback handlers, which it does.
Not seeing a need for there to be a callback handler in the broker that is
specific to the management console, I removed the private UserCallbackHandler
class and modified the JMXManagedObjectRegistry class to make use of the
brokers org.apache.qpid.server.security.auth.sasl.plain.PlainInitialiser and
associated UsernamePasswordInitialiser classes to handle the authentication
process. Following this, the management console is able to successfully
complete PLAIN authentication when paired with my patches for QPID-1481 and
QPID-794
I attach a patch, QPID-1482_22nov2008.patch , which addresses the changes
required for the PLAIN authentication, and also includes the workaround for the
exception i mentioned above, which may or may not be something you want to
include but is easily removed if desired, only being a one-liner.
> Management Console cant complete PLAIN user authentication process
> ------------------------------------------------------------------
>
> Key: QPID-1482
> URL: https://issues.apache.org/jira/browse/QPID-1482
> Project: Qpid
> Issue Type: Bug
> Components: Java Broker, Java Management : JMX Console
> Affects Versions: M4
> Reporter: Robert Gemmell
> Attachments: QPID-1482_22nov2008.patch
>
>
> When the patches I supplied for QPID-1481 and QPID-794 are used, the
> management console is able to communicate with the broker across the
> JMXMPConnector link but is still unable to successfully complete the
> connection, however the failure now occurs during the PLAIN authentication
> process as opposed to before it like previously. Despite this, the management
> console reports that "Qpid server is not running."
> Enabling debug console output for the management console yields the following
> exception listing:
> java.io.IOException: java.lang.NullPointerException
> at
> com.sun.jmx.remote.opt.security.AdminClient.throwExceptionOnError(AdminClient.java:379)
> at
> com.sun.jmx.remote.opt.security.AdminClient.connectionOpen(AdminClient.java:184)
> at
> com.sun.jmx.remote.generic.ClientSynchroMessageConnectionImpl.connect(ClientSynchroMessageConnectionImpl.java:112)
> at
> javax.management.remote.generic.GenericConnector.connect(GenericConnector.java:217)
> at
> javax.management.remote.jmxmp.JMXMPConnector.connect(JMXMPConnector.java:159)
> at
> javax.management.remote.JMXConnectorFactory.connect(JMXConnectorFactory.java:248)
> at
> org.apache.qpid.management.ui.jmx.JMXServerRegistry$ConnectorThread.run(JMXServerRegistry.java:204)
> at java.lang.Thread.run(Thread.java:619)
> java.io.IOException: java.lang.NullPointerException
> at
> com.sun.jmx.remote.opt.security.AdminClient.throwExceptionOnError(AdminClient.java:379)
> at
> com.sun.jmx.remote.opt.security.AdminClient.connectionOpen(AdminClient.java:184)
> at
> com.sun.jmx.remote.generic.ClientSynchroMessageConnectionImpl.connect(ClientSynchroMessageConnectionImpl.java:112)
> at
> javax.management.remote.generic.GenericConnector.connect(GenericConnector.java:217)
> at
> javax.management.remote.jmxmp.JMXMPConnector.connect(JMXMPConnector.java:159)
> at
> javax.management.remote.JMXConnectorFactory.connect(JMXConnectorFactory.java:248)
> at
> org.apache.qpid.management.ui.jmx.JMXServerRegistry$ConnectorThread.run(JMXServerRegistry.java:204)
> at java.lang.Thread.run(Thread.java:619)
> The broker was slightly more informative however, giving:
> GenericConnectorServer ClientCreation.run
> WARNING: Failed to open connection: java.lang.NullPointerException
> java.lang.NullPointerException
> at
> org.apache.qpid.server.security.auth.database.PlainPasswordFilePrincipalDatabase.compareCharArray(PlainPasswordFilePrincipalDatabase.java:182)
> at
> org.apache.qpid.server.security.auth.database.PlainPasswordFilePrincipalDatabase.verifyPassword(PlainPasswordFilePrincipalDatabase.java:130)
> at
> org.apache.qpid.server.management.JMXManagedObjectRegistry$UserCallbackHandler.handle(JMXManagedObjectRegistry.java:267)
> at
> org.apache.qpid.server.security.auth.sasl.plain.PlainSaslServer.evaluateResponse(PlainSaslServer.java:81)
> at
> com.sun.jmx.remote.opt.security.SASLServerHandler.consumeMessage(SASLServerHandler.java:164)
> at
> com.sun.jmx.remote.opt.security.AdminServer.connectionOpen(AdminServer.java:216)
> at
> com.sun.jmx.remote.generic.ServerSynchroMessageConnectionImpl.connect(ServerSynchroMessageConnectionImpl.java:98)
> at
> javax.management.remote.generic.GenericConnectorServer$ClientCreation.run(GenericConnectorServer.java:443)
> at
> com.sun.jmx.remote.opt.util.ThreadService$ThreadServiceJob.run(ThreadS
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
