Problem connecting to JBoss EAP remotely using jconsole using rbac.

Solution Verified - Updated -

Issue

  1. I updated the profile (the jboss:domain:jmx subsystem) in the domain.xml file to include the following:
<remoting-connector use-management-endpoint="false"/>

I made the configuration changes mentioned in this solution=> https://access.redhat.com/solutions/443033

It is my understanding that this disables it from using the Native Management Port by default.

  1. Added a new user to the ApplicationRealm.

  2. Based upon this solution:

https://access.redhat.com/solutions/752933

I gave the new account the Operator Role for RBAC. Did this in the domain.xml:

                <role name="Operator">
                    <include>
                        <user realm="ApplicationRealm" name="jmx4fxre"/>
                    </include>
                </role>

After restarting the entire domain and trying to connect with jconsole it gives me errors.

I selected "Remote Process" and then entered the following URI:

service:jmx:remoting-jmx://<server-IP>:4447

I then entered the new user that was added to the ApplicationRealm along with its password. Then I selected Connect.

The first error I see says "Secure connection failed. Retry insecurely?". If I select "Insecure" it eventually says "Connection Failed: Retry?". The log that pops us says the following:

Oct 06, 2014 4:29:03 PM org.xnio.Xnio <clinit>
INFO: XNIO Version 3.0.9.GA-redhat-1
Oct 06, 2014 4:29:03 PM org.xnio.nio.NioXnio <clinit>
INFO: XNIO NIO Implementation Version 3.0.9.GA-redhat-1
Oct 06, 2014 4:29:03 PM org.jboss.remoting3.EndpointImpl <clinit>
INFO: JBoss Remoting version 3.2.19.GA-redhat-1
Oct 06, 2014 4:29:03 PM org.jboss.remoting3.remote.RemoteConnection handleException
ERROR: JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
Oct 06, 2014 4:33:31 PM org.jboss.remoting3.remote.RemoteConnection handleException
ERROR: JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed

I also tried running jconsole from another server and connecting to this server remotely and got the same errors. I even tried running jconsole.sh with the following parameters:

-J-Djavax.net.ssl.trustStore=/apps/ssl/jboss/wmttrust.jks -J-Djavax.net.ssl.trustStorePassword=<thepassword>

Environment

  • Red Hat JBoss Enterprise Application Platform (EAP) 6.2.2

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content