Hi Robbie, Welcome to the Apache Qpid project.
Thanks for this patch, and the others you have contributed on the management console items. We'll divvy them up and review them before committing. I'll post a separate thread to get the patches a qpid-er to review. Bye for now, Regards, Marnie On Sat, Nov 22, 2008 at 5:58 PM, Robert Gemmell (JIRA) < [email protected]> wrote: > > [ > https://issues.apache.org/jira/browse/QPID-1482?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel] > > Robert Gemmell updated QPID-1482: > --------------------------------- > > Attachment: QPID-1482_22nov2008.patch > > After investigation, it became clear that the PasswordCallback being used > to verify the password contained a null pointer for the password field, > despite the fact this had successfully been communicated to the broker by > the management console. > > I found that this was the result of the setPassword() method never having > been called on it, and tracked the issue down to changes made as a result of > QPID-474 in order to ensure that the broker was properly validating > passwords in the PlainSaslServer class. Evidently, the JMX > org.apache.qpid.server.management.JMXManagedObjectRegistry class was written > whilst this was an open issue, as its private UserCallbackHandler class > depended on the behavior it exhibited in order to work, although it actually > did verify the password as a result. > > I first proceeded to modify the UserCallbackHandler private class and fixed > the issue, but then realised this issue could/would simply occur again in > the future and that the broker must have its own callback handlers, which it > does. Not seeing a need for there to be a callback handler in the broker > that is specific to the management console, I removed the private > UserCallbackHandler class and modified the JMXManagedObjectRegistry class to > make use of the brokers > org.apache.qpid.server.security.auth.sasl.plain.PlainInitialiser and > associated UsernamePasswordInitialiser classes to handle the authentication > process. Following this, the management console is able to successfully > complete PLAIN authentication when paired with my patches for QPID-1481 and > QPID-794 > > I attach a patch, QPID-1482_22nov2008.patch , which addresses the changes > required for the PLAIN authentication, and also includes the workaround for > the exception i mentioned above, which may or may not be something you want > to include but is easily removed if desired, only being a one-liner. > > > Management Console cant complete PLAIN user authentication process > > ------------------------------------------------------------------ > > > > Key: QPID-1482 > > URL: https://issues.apache.org/jira/browse/QPID-1482 > > Project: Qpid > > Issue Type: Bug > > Components: Java Broker, Java Management : JMX Console > > Affects Versions: M4 > > Reporter: Robert Gemmell > > Attachments: QPID-1482_22nov2008.patch > > > > > > When the patches I supplied for QPID-1481 and QPID-794 are used, the > management console is able to communicate with the broker across the > JMXMPConnector link but is still unable to successfully complete the > connection, however the failure now occurs during the PLAIN authentication > process as opposed to before it like previously. Despite this, the > management console reports that "Qpid server is not running." > > Enabling debug console output for the management console yields the > following exception listing: > > java.io.IOException: java.lang.NullPointerException > > at > com.sun.jmx.remote.opt.security.AdminClient.throwExceptionOnError(AdminClient.java:379) > > at > com.sun.jmx.remote.opt.security.AdminClient.connectionOpen(AdminClient.java:184) > > at > com.sun.jmx.remote.generic.ClientSynchroMessageConnectionImpl.connect(ClientSynchroMessageConnectionImpl.java:112) > > at > javax.management.remote.generic.GenericConnector.connect(GenericConnector.java:217) > > at > javax.management.remote.jmxmp.JMXMPConnector.connect(JMXMPConnector.java:159) > > at > javax.management.remote.JMXConnectorFactory.connect(JMXConnectorFactory.java:248) > > at > org.apache.qpid.management.ui.jmx.JMXServerRegistry$ConnectorThread.run(JMXServerRegistry.java:204) > > at java.lang.Thread.run(Thread.java:619) > > java.io.IOException: java.lang.NullPointerException > > at > com.sun.jmx.remote.opt.security.AdminClient.throwExceptionOnError(AdminClient.java:379) > > at > com.sun.jmx.remote.opt.security.AdminClient.connectionOpen(AdminClient.java:184) > > at > com.sun.jmx.remote.generic.ClientSynchroMessageConnectionImpl.connect(ClientSynchroMessageConnectionImpl.java:112) > > at > javax.management.remote.generic.GenericConnector.connect(GenericConnector.java:217) > > at > javax.management.remote.jmxmp.JMXMPConnector.connect(JMXMPConnector.java:159) > > at > javax.management.remote.JMXConnectorFactory.connect(JMXConnectorFactory.java:248) > > at > org.apache.qpid.management.ui.jmx.JMXServerRegistry$ConnectorThread.run(JMXServerRegistry.java:204) > > at java.lang.Thread.run(Thread.java:619) > > The broker was slightly more informative however, giving: > > GenericConnectorServer ClientCreation.run > > WARNING: Failed to open connection: java.lang.NullPointerException > > java.lang.NullPointerException > > at > org.apache.qpid.server.security.auth.database.PlainPasswordFilePrincipalDatabase.compareCharArray(PlainPasswordFilePrincipalDatabase.java:182) > > at > org.apache.qpid.server.security.auth.database.PlainPasswordFilePrincipalDatabase.verifyPassword(PlainPasswordFilePrincipalDatabase.java:130) > > at > org.apache.qpid.server.management.JMXManagedObjectRegistry$UserCallbackHandler.handle(JMXManagedObjectRegistry.java:267) > > at > org.apache.qpid.server.security.auth.sasl.plain.PlainSaslServer.evaluateResponse(PlainSaslServer.java:81) > > at > com.sun.jmx.remote.opt.security.SASLServerHandler.consumeMessage(SASLServerHandler.java:164) > > at > com.sun.jmx.remote.opt.security.AdminServer.connectionOpen(AdminServer.java:216) > > at > com.sun.jmx.remote.generic.ServerSynchroMessageConnectionImpl.connect(ServerSynchroMessageConnectionImpl.java:98) > > at > javax.management.remote.generic.GenericConnectorServer$ClientCreation.run(GenericConnectorServer.java:443) > > at > com.sun.jmx.remote.opt.util.ThreadService$ThreadServiceJob.run(ThreadS > > -- > This message is automatically generated by JIRA. > - > You can reply to this email to add a comment to the issue online. > >
