[midPoint] JMX Invalid username or password

Ivan Noris ivan.noris at evolveum.com
Tue May 10 09:13:57 CEST 2016


Hi Florin,

the configuration looks ok to me, I just tried to revive my old cluster
on my machine and it still works with midPoint 3.4
Please double check the password in jmxremote.password, from what I see
there might be a trailing space at the end of line. (But it might be
also just displayed incorrectly in my email client..)
If I fouled my jmxpassword file, the other node was not able to connect
to the first one with the error you posted.

If the file was not readable, Tomcat would refuse to start.

Regards,
Ivan

On 05/09/2016 11:22 PM, Florin. Stingaciu wrote:
> Hello, 
>
> I'm following this guide
> <https://wiki.evolveum.com/display/midPoint/Failover+setup> to setup
> Midpoint in a failover environment. After setting everything up and
> navigating to /tasks I get the following error:
>
>     2016-05-09 21:05:40,778 [] [http-bio-8080-exec-1] ERROR
>     (com.evolveum.midpoint.web.page.admin.server.dto.NodeDtoProvider):
>     Unhandled exception when listing nodes, reason: Subresult
>     com.evolveum.midpoint.task.api.TaskManager..searchObjects of
>     operation
>     com.evolveum.midpoint.model.api.ModelService.searchObjects is
>     still UNKNOWN during cleanup; during handling of exception
>     java.lang.SecurityException: Authentication failed! Invalid
>     username or password (class java.lang.IllegalStateException)
>
>
> I'm fairly positive, I've set up everything correctly. Here's the
> relevant config.xml: 
>
>             <repository>
>              
>     <repositoryServiceFactoryClass>com.evolveum.midpoint.repo.sql.SqlRepositoryFactory</repositoryServiceFactoryClass>
>                     <database>mysql</database>
>                     <jdbcUsername>midpoint</jdbcUsername>
>                     <jdbcPassword>myDBPass</jdbcPassword>
>                     <jdbcUrl>jdbc:mysql://DBSERVER:3306/midpoint</jdbcUrl>
>                     <embedded>false</embedded>
>                    
>     <driverClassName>com.mysql.jdbc.Driver</driverClassName>
>                     <hibernateHbm2ddl>validate</hibernateHbm2ddl>
>                    
>     <hibernateDialect>org.hibernate.dialect.MySQLDialect</hibernateDialect>
>             </repository>
>             <taskManager>
>               <clustered>true</clustered>
>              
>     <jdbcUrl>jdbc:mysql://DBSERVER:3306/midpoint_quartz</jdbcUrl>
>               <jmxUsername>midpoint</jmxUsername>
>               <jmxPassword>password</jmxPassword>
>             </taskManager>
>
>
> On both Midpoint instances I have the following two files:
>
> /var/opt/midpoint/jmxremote.password
>
>     midpoint password 
>
> /var/opt/midpoint/jmxremote.access
>
>     midpoint readwrite
>
>
>  Also, the permissions for these files:
>
>     -rwx------ 1 tomcat7 tomcat7 19 May  9 19:40 jmxremote.access
>     -rwx------ 1 tomcat7 tomcat7 19 May  9 20:55 jmxremote.password
>
>
> Lastly, I have the following entries in JAVA_OPTS:
>
>     -Dcom.sun.management.jmxremote=true 
>     -Dcom.sun.management.jmxremote.password.file=/var/opt/midpoint/jmxremote.password 
>     -Dcom.sun.management.jmxremote.access.file=/var/opt/midpoint/jmxremote.access 
>     -Dmidpoint.nodeId=002 -Dcom.sun.management.jmxremote.port=20001 
>
>     -Dcom.sun.management.jmxremote.ssl=false
>
>
> The only difference is the nodeId. 
>
> Also, upon server startup I see the following entries, which indicate
> the connection to the DB works fine:
>
>
>     2016-05-09 21:04:45,822 [] [localhost-startStop-1] INFO
>     (com.evolveum.midpoint.task.quartzimpl.Initializer): Task Manager
>     initialization.
>     2016-05-09 21:04:45,829 [] [localhost-startStop-1] INFO
>     (com.evolveum.midpoint.task.quartzimpl.Initializer): Task Manager:
>     Quartz Job Store: JDBC, clustered. Threads: 10
>     2016-05-09 21:04:45,830 [] [localhost-startStop-1] INFO
>     (com.evolveum.midpoint.task.quartzimpl.TaskManagerConfiguration):
>     Quartz database is at jdbc:mysql://DBSERVER:3306/midpoint_quartz
>     (a JDBC URL)
>     2016-05-09 21:04:45,840 [] [localhost-startStop-1] INFO
>     (com.evolveum.midpoint.task.quartzimpl.cluster.NodeRegistrar):
>     Registering this node in the repository as 001 at
>     100.80.134.132:20001 <http://100.80.134.132:20001>
>     2016-05-09 21:04:46,199 [] [localhost-startStop-1] INFO
>     (com.evolveum.midpoint.task.quartzimpl.execution.TaskSynchronizer): Synchronizing
>     Quartz job store with midPoint repository.
>     2016-05-09 21:04:46,398 [] [localhost-startStop-1] INFO
>     (com.evolveum.midpoint.task.quartzimpl.execution.TaskSynchronizer): Synchronization
>     of midpoint and Quartz task store finished. 3 task(s) existing in
>     midPoint repository successfully processed, resulting in 0 updated
>     Quartz job(s). 0 task(s) removed from Quartz job store. Processing
>     of 0 task(s) failed.
>     2016-05-09 21:04:46,398 [] [localhost-startStop-1] INFO
>     (com.evolveum.midpoint.task.quartzimpl.Initializer): Task Manager
>     initialized 
>
>
> You can find the full stack trace here: http://pastebin.com/kHnN3frr.
> Any help would be greatly appreciated. 
>
> Also, as a side question. This guide uses the word failover
> configuration, however from my understanding this configuration could
> be used as an active/active mode of operation. Is this correct?
>
> Thanks, 
> -F 
>
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint

-- 
  Ing. Ivan Noris
  Senior Identity Management Engineer & IDM Architect
  evolveum.com                     evolveum.com/blog/
  ___________________________________________________
  "Semper ID(e)M Vix."

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160510/c8745cb1/attachment.htm>


More information about the midPoint mailing list