Securing Jgroups Cluster using SASL protocol in EAP

Solution Verified - Updated -

Issue

  • How to secure Jgroups using SASL protocol in EAP ?
  • Validation error in standalone-ha.xml when adding SASL as :

<SASL mech="DIGEST-MD5" client_name="node_user" client_password="node_password" server_callback_handler_class="org.example.infinispan.security.JGroupsSaslServerCallbackHandler" client_callback_handler_class="org.example.infinispan.security.JGroupsSaslClientCallbackHandler" sasl_props="com.sun.security.sasl.digest.realm=test_realm" /> Error: ~~~~~~ 4:34:54,479 ERROR [org.jboss.as.controller] (Controller Boot Thread) OPVDX001: Validation error in standalone-ha.xml -------------------------------- | | 408: <protocol type="pbcast.STABLE"/> | 409: | 410: <SASL mech="DIGEST-MD5" | ^^^^ 'SASL' isn't an allowed element here | | Elements allowed here are: | auth-protocol relay | encrypt-protocol socket-discovery-protocol | jdbc-protocol socket-protocol | protocol transport | | 411: client_name="node_user" | 412: client_password="node_password" | 413: server_callback_handler_class="org.example.infinispan.security.JGroupsSaslServerCallbackHandler" | | The primary underlying error message was: | > ParseError at [row,col]:[410,1] | > Message: WFLYCTL0198: Unexpected element | > '{urn:jboss:domain:jgroups:6.0}SASL' encountered |

Environment

  • JBoss Enterprise Application Platform (EAP) :
    • 7.x
  • Red Hat Data Grid (RHDG):
    • 7.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In