I’m using JBoss 7.1.3.Final. I’m trying to connect to the CLI tool, but keep getting this OutOfMemoryError. In my standalone.xml config, I have
<management>
<security-realms>
<security-realm name="ManagementRealm">
<authentication>
<local default-user="$local"/>
<properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>
</authentication>
</security-realm>
<security-realm name="ApplicationRealm">
<authentication>
<local default-user="$local" allowed-users="*"/>
<properties path="application-users.properties" relative-to="jboss.server.config.dir"/>
</authentication>
<authorization>
<properties path="application-roles.properties" relative-to="jboss.server.config.dir"/>
</authorization>
</security-realm>
</security-realms>
I connect to the CLI tool like so with the error …
bin]$ ./jboss-cli.sh --controller=192.169.1.118:9999
You are disconnected at the moment. Type 'connect' to connect to the server or 'help' for the list of supported commands.
[disconnected /] connect
java.lang.OutOfMemoryError: Java heap space
at java.util.Arrays.copyOf(Arrays.java:2882)
at java.lang.AbstractStringBuilder.expandCapacity(AbstractStringBuilder.java:100)
at java.lang.AbstractStringBuilder.append(AbstractStringBuilder.java:390)
at java.lang.StringBuilder.append(StringBuilder.java:119)
at org.jboss.as.cli.impl.CommandContextImpl.handleSafe(CommandContextImpl.java:551)
at org.jboss.as.cli.impl.CommandContextImpl.interact(CommandContextImpl.java:1113)
at org.jboss.as.cli.impl.CliLauncher.main(CliLauncher.java:243)
at org.jboss.as.cli.CommandLineMain.main(CommandLineMain.java:34)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.jboss.modules.Module.run(Module.java:270)
at org.jboss.modules.Main.main(Main.java:294)
Anyone have any suggestions? How do I connect to JBoss through the CLI tool?
Edit: My memroy settings within standalone.conf are set through JAVA_OPTS like so
JAVA_OPTS="-Xms256m -Xmx10240m -XX:-UseGCOverheadLimit -XX:MaxPermSize=512m -Djava.net.preferIPv4Stack=true -Dorg.jboss.resolver.warning=true -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000"
Edit 2 K, added the memory settings to the last line of the jboss-cli.sh file. Got past “connect” but then got the OutOfMemoryError shortly after …
bin]$ ./jboss-cli.sh
You are disconnected at the moment. Type 'connect' to connect to the server or 'help' for the list of supported commands.
[disconnected /] connect
Authenticating against security realm: ManagementRealm
Username: admin
Password:
java.lang.OutOfMemoryError: Java heap space
at java.util.Arrays.copyOf(Arrays.java:2882)
at java.lang.AbstractStringBuilder.expandCapacity(AbstractStringBuilder.java:100)
at java.lang.AbstractStringBuilder.append(AbstractStringBuilder.java:390)
at java.lang.StringBuilder.append(StringBuilder.java:119)
at org.jboss.as.cli.impl.CommandContextImpl.handleSafe(CommandContextImpl.java:551)
at org.jboss.as.cli.impl.CommandContextImpl.interact(CommandContextImpl.java:1113)
at org.jboss.as.cli.impl.CliLauncher.main(CliLauncher.java:243)
at org.jboss.as.cli.CommandLineMain.main(CommandLineMain.java:34)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.jboss.modules.Module.run(Module.java:270)
at org.jboss.modules.Main.main(Main.java:294)
Related
I have a existing certificate (abc.crt) on Jboss server. This certificate is used in existing application to authenticate users from other system. Now I am working on migrating this application from Jboss to Tomcat 9.
Based on some online information, I have come to know to follow below steps to import the certificate in tomcat
Create keystore
keytool -importcert -file abc.crt -keystore xyz.jks -alias=pingfedcert
Modify server.xml and add connector
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="443" />
<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150"
SSLEnabled="true"
scheme="https"
secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="conf/xyz.jks"
keystorePass="pingfed12"
keyAlias="pingfedcert" />
Tomcat server restart and I get below error on server restart
org.apache.catalina.util.LifecycleBase.handleSubClassException Failed to initialize component [Connector[HTTP/1.1-443]]
org.apache.catalina.LifecycleException: Protocol handler initialization failed
at org.apache.catalina.connector.Connector.initInternal(Connector.java:1049)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at org.apache.catalina.core.StandardService.initInternal(StandardService.java:556)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:1042)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at org.apache.catalina.startup.Catalina.load(Catalina.java:724)
at org.apache.catalina.startup.Catalina.load(Catalina.java:746)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:483)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:305)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:475)
Caused by: java.lang.IllegalArgumentException: Alias name [pingfedcert] does not identify a key entry
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:107)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:71)
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:234)
at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1227)
at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1240)
at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:603)
at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:80)
at org.apache.catalina.connector.Connector.initInternal(Connector.java:1046)
... 13 more
Caused by: java.io.IOException: Alias name [pingfedcert] does not identify a key entry
at org.apache.tomcat.util.net.SSLUtilBase.getKeyManagers(SSLUtilBase.java:337)
at org.apache.tomcat.util.net.openssl.OpenSSLUtil.getKeyManagers(OpenSSLUtil.java:98)
at org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:247)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:105)
As I am new to tomcat, not sure whats wrong with these steps. Any idea?
I migrated Weblogin application to JBoss EAP 7.1.
But when I call my API from browser I have an exception :
WFLYEJB0364: Invocation on method: public abstract java.util.List
com.medtronic.diabetes.carelink.hcp.service.UserService.getCountryLanguages(java.lang.String,com.medtronic.diabetes.carelink.hcp.persistence.model.ApplicationType)
of bean: UserServiceImpl is not allowed
UserService method signature :
#PermitAll
List<LanguageDefinitionItemDto> getCountryLanguages(String countryCode, ApplicationType type);
In weblogic.xml I had security properties:
<security-role-assignment>
<role-name>admin</role-name>
<principal-name>adminGroup</principal-name>
</security-role-assignment>
<security-role-assignment>
<role-name>user</role-name>
<principal-name>userGroup</principal-name>
</security-role-assignment>
<!-- session configuration -->
<session-descriptor>
<cookie-secure> true </cookie-secure>
<persistent-store-type> replicated_if_clustered </persistent-store-type>
<cookie-http-only> false </cookie-http-only>
<url-rewriting-enabled> false </url-rewriting-enabled>
<timeout-secs> 1800 </timeout-secs>
</session-descriptor>
in standalone-full.xml I have one login-module from another ear. Do I need to add RoleMappingLoginModule ?
<security-domain name="mySecurityDomain" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="java:/jdbc/powds"/>
<module-option name="principalsQuery" value="SELECT password FROM DDMS_ACCOUNT WHERE user_name = ?"/>
<module-option name="rolesQuery" value="SELECT group_name, 'Roles' FROM DDMS_ACCOUNT_GRP_ASSOC WHERE user_name = ?"/>
</login-module>
</authentication>
</security-domain>
</security-domains>
Plese help me to transfer this config on Jboss EAP 7.1.0.
I tried add in web.xml but this didn't help :
<security-role>
<role-name>admin</role-name>
</security-role>
<security-role>
<role-name>user</role-name>
</security-role>
jboss server.log
Principal: anonymous
:callerRunAs=null:callerRunAs=null:ejbRestrictionEnforcement=false:ejbVersion=2.0];Action=authorization;Source=org.jboss.security.plugins.javaee.EJBAuthorizationHelper;policyRegistration=null;Exception:=PBOX00017: Access denied: authorization failed ;
2019-12-17 10:59:59,177 TRACE [org.jboss.security] (default task-7) PBOX00354: Setting security roles ThreadLocal: null
If I remove #PermitAll annotation it still doesnt works.
End please explain me where this security-role uses and why? Do I need to add this admin and user to jboss security ApplicationRealm?
<default-missing-method-permissions-deny-access value="false"/> works. but Will it have negative affect?
delete cofig <default-security-domain value="other"/> in standalone-full.xml helped me
I'm trying to deploy my java backstage on a remote tomcat server (8.5.39). In order to use https, I changed these lines on /conf/server.xml
<Connector port="80" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="443" />
<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" keystoreFile="xxx" keystorePass="xxx">
</Connector>
<Connector port="8009" protocol="AJP/1.3" redirectPort="443" />
I can run the tomcat on remote server and I can access it by domain name(https). But when I use eclipse to run java code on remote server, it comes with error like
SEVERE: Failed to initialize connector [Connector[HTTP/1.1-443]]
org.apache.catalina.LifecycleException: Failed to initialize component [Connector[HTTP/1.1-443]]
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:112)
at org.apache.catalina.core.StandardService.initInternal(StandardService.java:552)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:875)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
at org.apache.catalina.startup.Catalina.load(Catalina.java:639)
at org.apache.catalina.startup.Catalina.load(Catalina.java:662)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:567)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:309)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:492)
Caused by: org.apache.catalina.LifecycleException: Protocol handler initialization failed
at org.apache.catalina.connector.Connector.initInternal(Connector.java:995)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:107)
... 12 more
Caused by: java.lang.IllegalArgumentException: C:\Users\Administrator\eclipse-workspace\.metadata\.plugins\org.eclipse.wst.server.core\tmp0\cert\server.jks (No such file or directory)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:100)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:72)
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:244)
at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1105)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.init(AbstractJsseEndpoint.java:224)
at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:581)
at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:68)
at org.apache.catalina.connector.Connector.initInternal(Connector.java:993)
... 13 more
Caused by: java.io.FileNotFoundException: C:\Users\Administrator\eclipse-workspace\.metadata\.plugins\org.eclipse.wst.server.core\tmp0\cert\server.jks (No such file or directory)
at java.base/java.io.FileInputStream.open0(Native Method)
at java.base/java.io.FileInputStream.open(FileInputStream.java:213)
at java.base/java.io.FileInputStream.<init>(FileInputStream.java:155)
at java.base/java.io.FileInputStream.<init>(FileInputStream.java:110)
at java.base/sun.net.www.protocol.file.FileURLConnection.connect(FileURLConnection.java:86)
at java.base/sun.net.www.protocol.file.FileURLConnection.getInputStream(FileURLConnection.java:184)
at org.apache.tomcat.util.file.ConfigFileLoader.getInputStream(ConfigFileLoader.java:89)
at org.apache.tomcat.util.net.SSLUtilBase.getStore(SSLUtilBase.java:190)
at org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystore(SSLHostConfigCertificate.java:206)
at org.apache.tomcat.util.net.SSLUtilBase.getKeyManagers(SSLUtilBase.java:272)
at org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:239)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:98)
... 20 more
Someone told me to stop tomcat on remote server and run the code. I tried but it doesn't work.
Your most deep exception cause is:
Caused by: java.io.FileNotFoundException: C:\Users\Administrator\eclipse-workspace\.metadata\.plugins\org.eclipse.wst.server.core\tmp0\cert\server.jks (No such file or directory)
Which is trying to find certificate to start service with SSL enabled.
In order to do that you'll have to either provide certificate file for SSL or remove https enpoint to start without any encription
I am trying to deploy a war file using jboss-cli to Wildfly 8.
The command I'm using is as follows,
jboss-cli.bat --connect --command="deploy --force E:\Projects\CD&CI\portal.war"
That gives me an exception like below,
org.jboss.as.cli.CliInitializationException: Failed to connect to the controller
at org.jboss.as.cli.impl.CliLauncher.initCommandContext(CliLauncher.java:278)
at org.jboss.as.cli.impl.CliLauncher.main(CliLauncher.java:253)
at org.jboss.as.cli.CommandLineMain.main(CommandLineMain.java:34)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.jboss.modules.Module.run(Module.java:292)
at org.jboss.modules.Main.main(Main.java:455)
Caused by: org.jboss.as.cli.CommandLineException: The controller is not available at localhost:9990
at org.jboss.as.cli.impl.CommandContextImpl.tryConnection(CommandContextImpl.java:1020)
at org.jboss.as.cli.impl.CommandContextImpl.connectController(CommandContextImpl.java:832)
at org.jboss.as.cli.impl.CommandContextImpl.connectController(CommandContextImpl.java:811)
at org.jboss.as.cli.impl.CliLauncher.initCommandContext(CliLauncher.java:276)
... 8 more
Caused by: java.io.IOException: java.net.ConnectException: JBAS012144: Could not connect to http-remoting://localhost:9990. The connection timed out
at org.jboss.as.controller.client.impl.AbstractModelControllerClient.executeForResult(AbstractModelControllerClient.java:129)
at org.jboss.as.controller.client.impl.AbstractModelControllerClient.execute(AbstractModelControllerClient.java:71)
at org.jboss.as.cli.impl.CommandContextImpl.tryConnection(CommandContextImpl.java:997)
... 11 more
Caused by: java.net.ConnectException: JBAS012144: Could not connect to http-remoting://localhost:9990. The connection timed out
at org.jboss.as.protocol.ProtocolConnectionUtils.connectSync(ProtocolConnectionUtils.java:120)
at org.jboss.as.protocol.ProtocolConnectionManager$EstablishingConnection.connect(ProtocolConnectionManager.java:256)
at org.jboss.as.protocol.ProtocolConnectionManager.connect(ProtocolConnectionManager.java:70)
at org.jboss.as.protocol.mgmt.FutureManagementChannel$Establishing.getChannel(FutureManagementChannel.java:204)
at org.jboss.as.cli.impl.CLIModelControllerClient.getOrCreateChannel(CLIModelControllerClient.java:169)
at org.jboss.as.cli.impl.CLIModelControllerClient$2.getChannel(CLIModelControllerClient.java:129)
at org.jboss.as.protocol.mgmt.ManagementChannelHandler.executeRequest(ManagementChannelHandler.java:117)
at org.jboss.as.protocol.mgmt.ManagementChannelHandler.executeRequest(ManagementChannelHandler.java:92)
at org.jboss.as.controller.client.impl.AbstractModelControllerClient.executeRequest(AbstractModelControllerClient.java:236)
at org.jboss.as.controller.client.impl.AbstractModelControllerClient.execute(AbstractModelControllerClient.java:141)
at org.jboss.as.controller.client.impl.AbstractModelControllerClient.executeForResult(AbstractModelControllerClient.java:127)
... 13 more
I also tried changing jboss-cli.xml's default controller to 9999 where it takes protocol as remote instead of it's default value http-remote, but nothing worked.
I tried to connect to the jboss management console, but it also didn't work.
jboss-cli.bat -c
Can someone please help me with this.
I was using a native-interface instead of a http-interface so it won't use the correct protocol.
I had to change the management interface in standalone-full.xml file as below.
<management-interfaces><!--
<http-interface security-realm="ManagementRealm" http-upgrade-enabled="true">
<socket-binding http="management-http" />
</http-interface>-->
<http-interface security-realm="ManagementRealm" http-upgrade-enabled="true">
<socket interface="management" port="${jboss.management.http.port:9990}" secure-port="${jboss.management.http.port:9993}"/>
</http-interface>
</management-interfaces>
When starting my first GWTP application I got this error message:
java.net.ConnectException: Connection timed out: connect
at java.net.DualStackPlainSocketImpl.connect0(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:79)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:339)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:200)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:182)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.net.Socket.connect(Socket.java:579)
at java.net.Socket.connect(Socket.java:528)
at java.net.Socket.<init>(Socket.java:425)
at java.net.Socket.<init>(Socket.java:208)
at com.gwtplatform.common.rebind.VersionInspectorLinker.fetchArtifactVersion(VersionInspectorLinker.java:178)
at com.gwtplatform.common.rebind.VersionInspectorLinker.checkLatestVersion(VersionInspectorLinker.java:154)
I could configure a proxy in the jvm args of the gwt-maven-plugin, but the problem is that other developers would need to use different proxies and we also don't have Internet connection in our continuous integration servers.
How can this checking be disabled?
This is very simple. Add this to your .gwt.xml file:
<set-configuration-property name="verifyNewerVersion" value="false"/>