Application Server Fails to Connect to Host Controller when JBOSS-LOCAL-USER Mechanism is Removed from Elytron Config in JBoss EAP 7.

Solution Verified - Updated -

Issue

  • The application server fails to start with:

    Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed:
......
DIGEST-MD5: javax.security.sasl.SaslException: DIGEST-MD5: Server rejected authentication
    Suppressed: javax.security.sasl.SaslException: DIGEST-MD5: Server rejected authentication

  • Where can I / Is there a way to specify an authentication-factory for a server to connect to the host controller?

  • Does this mean that management-sasl-authentication must specify JBOSS-LOCAL-USER?

Environment

  • Red Hat JBoss Enterprise Application Platform( EAP)
    • 7.1 or later
  • Elytron
  • http-authentication-factory authentication on management-interface
  • Disabled/Removed local authentication / JBOSS-LOCAL-USER on sasl-authentication-factory
  • Managed Domain Mode

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content