Securing Jgroups Cluster using SASL protocol in EAP

Solution Verified - Updated -

Issue

  • How to secure Jgroups using SASL protocol in EAP ?
  • Validation error in standalone-ha.xml when adding SASL as :

<SASL mech="DIGEST-MD5" client_name="node_user" client_password="node_password" server_callback_handler_class="org.example.infinispan.security.JGroupsSaslServerCallbackHandler" client_callback_handler_class="org.example.infinispan.security.JGroupsSaslClientCallbackHandler" sasl_props="com.sun.security.sasl.digest.realm=test_realm" /> Error: ~~~~~~ 4:34:54,479 ERROR [org.jboss.as.controller] (Controller Boot Thread) OPVDX001: Validation error in standalone-ha.xml -------------------------------- | | 408: <protocol type="pbcast.STABLE"/> | 409: | 410: <SASL mech="DIGEST-MD5" | ^^^^ 'SASL' isn't an allowed element here | | Elements allowed here are: | auth-protocol relay | encrypt-protocol socket-discovery-protocol | jdbc-protocol socket-protocol | protocol transport | | 411: client_name="node_user" | 412: client_password="node_password" | 413: server_callback_handler_class="org.example.infinispan.security.JGroupsSaslServerCallbackHandler" | | The primary underlying error message was: | > ParseError at [row,col]:[410,1] | > Message: WFLYCTL0198: Unexpected element | > '{urn:jboss:domain:jgroups:6.0}SASL' encountered |

Environment

  • JBoss Enterprise Application Platform (EAP) :
    • 7.x
  • Red Hat Data Grid (RHDG):
    • 7.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content