JBoss EAP exception when host controller connects to domain controller: SaslException: DIGEST-MD5: Server rejected authentication
Issue
- Unable to start server
-
Slave
host-controller.log
has exception11:05:34,578 WARN [org.jboss.as.host.controller] (Controller Boot Thread) WFLYHC0001: Could not connect to remote domain controller remote://server:9999: java.lang.IllegalStateException: WFLYHC0043: Unable to connect due to authentication failure. at org.jboss.as.host.controller.RemoteDomainConnectionService.rethrowIrrecoverableConnectionFailures(RemoteDomainConnectionService.java:674) at org.jboss.as.host.controller.RemoteDomainConnectionService.register(RemoteDomainConnectionService.java:293) at org.jboss.as.host.controller.DomainModelControllerService.connectToDomainMaster(DomainModelControllerService.java:940) ... Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed: DIGEST-MD5: javax.security.sasl.SaslException: DIGEST-MD5: Server rejected authentication at org.jboss.remoting3.remote.ClientConnectionOpenListener.allMechanismsFailed(ClientConnectionOpenListener.java:109) at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:446) ... Suppressed: javax.security.sasl.SaslException: DIGEST-MD5: Server rejected authentication at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.handleEvent(ClientConnectionOpenListener.java:736) at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.handleEvent(ClientConnectionOpenListener.java:578) at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92) at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66) at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89) at org.xnio.nio.WorkerThread.run(WorkerThread.java:591)
Environment
- Red Hat JBoss Enterprise Application Platform (JBoss EAP) 6, 7
- Managed Domain Mode
- Legacy Security
- Domain controller secured with server secret
-
Slave host controller
host.xml
:<domain-controller> <remote protocol="remote" host="server" port="9999" security-realm="ManagementRealm" username="jboss"/> </domain-controller>
-
Domain Controller
host.xml
has defaultManagementRealm
configuration -
Domain Controller management interface has
<management-interfaces> <native-interface security-realm="ManagementRealm"> <socket interface="management" port="${jboss.management.native.port:9999}"/> </native-interface> ... </management-interfaces>
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.