JBoss EAP exception when host controller connects to domain controller: SaslException: DIGEST-MD5: Server rejected authentication

Solution Verified - Updated -

Issue

  • Unable to start server
  • Slave host-controller.log has exception

    11:05:34,578 WARN  [org.jboss.as.host.controller] (Controller Boot Thread) WFLYHC0001: Could not connect to remote domain controller remote://server:9999: java.lang.IllegalStateException: WFLYHC0043: Unable to connect due to authentication failure.
        at org.jboss.as.host.controller.RemoteDomainConnectionService.rethrowIrrecoverableConnectionFailures(RemoteDomainConnectionService.java:674)
        at org.jboss.as.host.controller.RemoteDomainConnectionService.register(RemoteDomainConnectionService.java:293)
        at org.jboss.as.host.controller.DomainModelControllerService.connectToDomainMaster(DomainModelControllerService.java:940)
        ...
    Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed:
    DIGEST-MD5: javax.security.sasl.SaslException: DIGEST-MD5: Server rejected authentication
        at org.jboss.remoting3.remote.ClientConnectionOpenListener.allMechanismsFailed(ClientConnectionOpenListener.java:109)
        at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:446)
        ...
        Suppressed: javax.security.sasl.SaslException: DIGEST-MD5: Server rejected authentication
            at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.handleEvent(ClientConnectionOpenListener.java:736)
            at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.handleEvent(ClientConnectionOpenListener.java:578)
            at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
            at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
            at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89)
            at org.xnio.nio.WorkerThread.run(WorkerThread.java:591)
    

Environment

  • Red Hat JBoss Enterprise Application Platform (JBoss EAP) 6, 7
  • Managed Domain Mode
  • Legacy Security
  • Domain controller secured with server secret
  • Slave host controller host.xml:

    <domain-controller>
        <remote protocol="remote" host="server" port="9999" security-realm="ManagementRealm" username="jboss"/>
    </domain-controller>
    
  • Domain Controller host.xml has default ManagementRealm configuration

  • Domain Controller management interface has

        <management-interfaces>
            <native-interface security-realm="ManagementRealm">
                <socket interface="management" port="${jboss.management.native.port:9999}"/>
            </native-interface>
            ...
        </management-interfaces>
    

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content