Can not log in to Management Console - jbossfuse

I have set up JBoss Fuse, created a fabric and installed the fabric:web feature as explained in the resource Using the Management Console. I can browse http://hostName:8181 and it shows the Management Console login screen.
However, whichever user/pass combination I try, the response is "Failed to log in, Forbidden". It also shows an icon with an exclamation mark, when I click that I see the following messages appear:
[Branding] enabled branding
[Core] Management Console started
That does not help much either. How do I know what login combination I should use? It is not clear to me what I am logging into in the first place.

In your fuse install folder under /etc there is a file called user.properties. Is the user admin with password admin filled in? If not, then at least admin user should be allowed.
If yes, try simply restarting the server. I am not sure why buy that has helped in some cases for me. Do a osgi:shutdown and then start it again.

Have you tried admin/admin?
I believe those are the default credentials.

Related

How to debug the Citrix ICA error "The session limit has been reached"?

Apologies in advance for somewhat vague information. I am new to Citrix XenApp/XenDesktop technology and am just looking for generic troubleshooting information.
At my place of employment we have kiosks that are configured to connect to a SaaS webapp. These kiosk have either the Citrix XenApp or XenDesktop installed.
One of the icons launches the IE browser that connects to the SaaS app using a preconfigured user account. Sometimes, however, instead of launching the browser, the system displays the "The session limit has been reached. Please contact your system administrator." error shown in below image.
The people administering these kiosks think that this message comes from the SaaS web application but that application does not enforce any limits on how many session are open for a given account under a given time.
Also considering how Citrix XenApp/XenDesktop works I would think (but maybe I am wrong) that if the SaaS app did reject a user login, we would be displayed an error message in Internet Explorer instead of this ICA prompt.
So I think that the issue here could be that the message is not about login sessions made to the background SaaS app but either about Citrix sessions or perhaps previous IE browsers somehow running in the background(?)
However our company's Citrix team looked at this and noticed that "Citrix was still active" when this prompt was displayed. The conclusion was then that Citrix is for that reason not the cause here.
So I wanted here to ask some questions on what things I could consider as causes and where I could look in the hopes of getting started on this issue.
This would be for XenApp / XenDesktop 7.18.
The questions I have:
Does XenApp / XenDesktop have log files that can be consulted for
debugging issues like this?
Is it possible to get XenApp / XenDesktop to run in debug mode (to
output more details to the log files)?
Does Citrix have configuration settings that could lead it to
have an issue like this?
A. First check the event logs and see when you facing this issue so does any event logs generated.
B. Also you can check the ICA configuration tool for session settings and checked if session settings are set to NEVER.
C. The ICA listener configuration tool is located at Start > All Programs > Citrix > Administration Tools > ICA Listener Configuration.
You are on the right track with the SaaS application itself reporting the error. If this Citrix session was already active when the icon was clicked again and the preconfigured user was already logged into the SaaS application, that would account for this error. To investigate, logout the Citrix session and try clicking the icon again, or check SaaS application to see if that preconfigured users is already connected.
Is the same user used for all these kiosks or is each kiosk supposed to have a unique user? Can this preconfigured user log in multiple times?

Unable to connect to my GAE account through appcfg

I was surprized not to be able to connect to my account through appcfg my password was right, butthe app ansered it's not.
When I change the google setting : https://www.google.com/settings/security/lesssecureapps to make Access for less secure apps enabled, it worked.
Is there something I'm missing or must i have this security hole open to be able to use appcfg?
Please notice I'm using eclipse to publish my apps, and the eclipse plugin connects with even if the accont security is safe, but calling appcfg from the command line for roll back was the operation that failed...
I thought eclipse uses the command line to upload my app? I'm obviously wrong.
So the question is: is there something I have to do to be able to have Access for less secure apps disabled and use appcfg ?
Workaround is to use an OAuth2 token instead of using password based authentication.It is more convenient.
just add the option --oauth2 before the update, you get a key which you paste in for appcfg
I recommend you to try uploading your GAE app from the command line by:
Open CMD
Going to the GAE \ BIN directory
Enter the following command:
appcfg.exe update PATH_YOUR_APP_WAR
After that you will be required to enter your GAE email address and password, that's it

'DefaultAppPool' is being automatically disabled due to a series of failures

Having a tough time with this issue. Not sure how but my ApplicationPoolIdentity is broken.
Currently I'm running IIS 8 on Windows 8 with Visual Studio 2012. When trying to debug an application from Visual Studio, or just navigating to the site in a browser I get the following error logged and a 503 error.
Application pool 'DefaultAppPool' is being automatically disabled due to a series of failures in the process(es) serving that application pool.
If I check out the Application error logs, I find the following error from the User Profile Service.
Windows cannot log you on because your profile cannot be loaded. Check that you are connected to the network, and that your network is functioning correctly.
DETAIL - The system cannot find the path specified.
Upon looking into the details I find that the User Profile Service is trying to load up a profile with the Id
S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415
Now I opened up the registry to try and find the profile with that UserId. However there's nothing in the Profile list that helps.
So digging around a little more I've found that this issue can be resolved by either
A) Set the Load User Profile of the Application Pool to false.
B) Use a different account for the application pool.
C) Fix the account.
Seeing how this is the built in account, I'd prefer to fix the issue rather than fix the sympton.
What I have tried
aspnet_regiis -i
Removing IIS from windows and reinstalling.
Attempted to follow the guide here but I don't know the account password :P
My hunch
Somehow the ApplicationPoolIdentity got messed up. Is there any physical folders for the built-in accounts? I know that the Network and Local service profiles physical directories exist at C:\Windows\ServiceProfiles\. It is possible to recreate the ApplicationPoolIdentity profile? Or am I way off on what the real issue is?
C) Here is what i did to fix the account
Go in regedit at key
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
There is a setting called "Default". You have to make sure that the data value point to an existing directory on the drive.
By default it contains "%SystemDrive%\Users\Default". In my company the default is changed to a custom profile. Somehow, someone deleted that user profile. So when the defaultAppPool user tryed to create an accound for himself, it was unable to do so because windows cannot provide him with a default user profile.
You can also diagnose this error when looking at the Event Viewer under the Application folder. You will get a message of that type:
Windows cannot find the local profile and is logging you on with a
temporary profile. changes you make to this profile will be lost when
you log off.

JBoss default password

What's the JBoss 5.x EAP default web console password?
The default credentials are:
login: admin
password: admin
But if you use EAP these credentials are turned off by default and there is no active user (security reasons :)). If you want to turn on these users, you have to edit the following file in your current profile: ./deploy/management/console-mgr.sar/web-console.war/WEB-INF/classes/web-console-users.properties. It should be enough to remove the # sign from the line with the user.
If you want to create a new user, don't forget to set up the correct groups in web-console-roles.properties file.
You can easily find information where these information are stored: just open the ./conf/login-config.xml file and find the proper security domain definition. In the case of the Web Console application, it will be web-console policy.
Also if you want to have access to JMX, you have unlock JMX Console. Just check the following files in the conf/props/ directory (in your profile): jmx-console-users.properties and jmx-console-roles.properties.
I just had to uncomment the line in jboss-eap-5.0\jboss-as\server\default\conf\props\jmx-console-users.properties
admin=admin
Thats it. Restart Jboss and I was about to get in to JBOSS JMX. Magically this even fixed the error that I used to get while shutting down Jboss from Eclipse.
I can also verify the above solution except I had to change in
**..\server\<server profile>\conf\props\jmx-console-users.properties**
If you are using Talend MDM Server, the login is:
login: admin
password: talend
See more: http://wiki.glitchdata.com/index.php?title=TOS:_Accessing_the_Talend_MDM_Server
This differs from the default JBoss login of admin/admin
The password setup file is also login-config.xml in this case.
I suggest visit Add digest auth in jmx-console and read oficial documentation for Configure admin consoles, you can add more security to your JBoss AS console and at these link explains where are the role and user/pass files that you need to change this information for your server and how you can change them. Also I recommend you quit all consoles that you don't use because they can affect to application server's performance.
Also there are others links about securing jmx-console that could help you, search in jboss as community site for them (I can't put them here for my actual reputation,sorry). Never you should has the password in plain text over conf/props/ files.
Sorry for my bad English and I hope my answer be useful for you.
just commenting the line of user and password in file
./server/default/conf/props jmx-console-users.properties worked for me
Step 1:
jmx-console-users.properties
admin=admin
Step 2:
jmx-console-roles.properties
admin=JBossAdmin,HttpInvoker
Step 3: Restart or start the JBoss instance.
Now you should good to go...
Go to the jmx console, enter JBoss login URL, then enter admin as username and admin password.
as suggested in other posts, probably you don't have any user defined. it's not advisable to manually edit the configuration files. you should use the add-user (.sh or .cmd) utility as explained in https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6/html/Installation_Guide/chap-Getting_Started_with_JBoss_Enterprise_Application_Platform_6.html#Add_the_Initial_User_for_the_Management_Interfaces

JBoss view active user sessions

We have a JBoss server with a single J2EE on it. I wish to find out who are the current active users using that application. Does JBoss give me any utilities that lets me view those existing sessions? (NOT the count, but who all are logged in) The question is kinda lame, but so is my JBoss knowledge :)
I checked the JBoss community, but it only had a couple of relative unanswered questions there. The information i'm looking for would help me in maintenance cycles. I do not wish to reboot the system when users are still using it. We also need to keep a track of any illegal activities on our server. Hence the requirement.
Would appreciate any pointers :)
Regards,
Abhi
http://docs.jboss.org/jbossas/docs/Server_Configuration_Guide/4/html/clustering-http-monitor.html
Enter on your JMX console : ex: ip:port/jmx-console/
Look for "jboss.cache:service=TomcatClusteringCache" on objectName Filter and Apply.
Enter on MBean jboss.cache:service=TomcatClusteringCache (the first option, ignore interceptors)
Look for "printDetails" and invoke it. It shows all opened sessions and attributes.
In CLI:
First of all connect to the server using jboss-cli.sh (it is inside /bin ):
jboss-cli.sh --connect --controller=<ip-server>:9990
For standalone mode:
[standalone#ip-address:9999 /] /deployment=${deployment-name}/subsystem=undertow:read-attribute(name=active-sessions)
For domain mode:
[domain#ip-address:9999 /] /host=${host-name}/server=${server-name}/deployment=${deployment-name}/subsystem=undertow:read-attribute(name=active-sessions)
In Web Management Console:
Access web console using "http://ip-address:9990/"
Select "Deployments" from the left bottom corner.
According to the mode you use:
For standalone mode:
From left panel, select: "deployment"-"${deploymentname}"-"subsystem"-"undertow",
Click on "Data" tab on the main page
For domain mode:
From left panel, select: "Server Groups"-"${server-group-name}"-"deployment"-"${deployment-name}"-"view"-"subsystem"-"undertow"
Click on "Data" tab on the main page
go to /jmx-console/
search for type=Manager or service=ClusterManager
click on the right context.
property "activeSessions" gives the number of sessions
go to JMX console by http://localhost:8080/jmx-console.
Search for your MBEAN on that..
click on that.. there you can find loads of information.