[midPoint] JMX Invalid username or password
Florin. Stingaciu
fstingaciu at mirantis.com
Tue May 10 18:42:07 CEST 2016
Hello Ivan,
Thanks for your reply. It turns out that the password in the jmx file did
have a new line character. I can't believe I missed that. Everything works
great now.
Thanks,
-F
On Tue, May 10, 2016 at 12:13 AM, Ivan Noris <ivan.noris at evolveum.com>
wrote:
> Hi Florin,
>
> the configuration looks ok to me, I just tried to revive my old cluster on
> my machine and it still works with midPoint 3.4
> Please double check the password in jmxremote.password, from what I see
> there might be a trailing space at the end of line. (But it might be also
> just displayed incorrectly in my email client..)
> If I fouled my jmxpassword file, the other node was not able to connect to
> the first one with the error you posted.
>
> If the file was not readable, Tomcat would refuse to start.
>
> Regards,
> Ivan
>
>
> On 05/09/2016 11:22 PM, Florin. Stingaciu wrote:
>
> Hello,
>
> I'm following this guide
> <https://wiki.evolveum.com/display/midPoint/Failover+setup> to setup
> Midpoint in a failover environment. After setting everything up and
> navigating to /tasks I get the following error:
>
> 2016-05-09 21:05:40,778 [] [http-bio-8080-exec-1] ERROR
>> (com.evolveum.midpoint.web.page.admin.server.dto.NodeDtoProvider):
>> Unhandled exception when listing nodes, reason: Subresult
>> com.evolveum.midpoint.task.api.TaskManager..searchObjects of operation
>> com.evolveum.midpoint.model.api.ModelService.searchObjects is still UNKNOWN
>> during cleanup; during handling of exception java.lang.SecurityException:
>> Authentication failed! Invalid username or password (class
>> java.lang.IllegalStateException)
>>
>
> I'm fairly positive, I've set up everything correctly. Here's the relevant
> config.xml:
>
> <repository>
>>
>> <repositoryServiceFactoryClass>com.evolveum.midpoint.repo.sql.SqlRepositoryFactory</repositoryServiceFactoryClass>
>> <database>mysql</database>
>> <jdbcUsername>midpoint</jdbcUsername>
>> <jdbcPassword>myDBPass</jdbcPassword>
>> <jdbcUrl>jdbc:mysql://DBSERVER:3306/midpoint</jdbcUrl>
>> <embedded>false</embedded>
>> <driverClassName>com.mysql.jdbc.Driver</driverClassName>
>> <hibernateHbm2ddl>validate</hibernateHbm2ddl>
>>
>> <hibernateDialect>org.hibernate.dialect.MySQLDialect</hibernateDialect>
>> </repository>
>> <taskManager>
>> <clustered>true</clustered>
>> <jdbcUrl>jdbc:mysql://DBSERVER:3306/midpoint_quartz</jdbcUrl>
>> <jmxUsername>midpoint</jmxUsername>
>> <jmxPassword>password</jmxPassword>
>> </taskManager>
>
>
> On both Midpoint instances I have the following two files:
>
> /var/opt/midpoint/jmxremote.password
>
>> midpoint password
>>
> /var/opt/midpoint/jmxremote.access
>
>> midpoint readwrite
>
>
> Also, the permissions for these files:
>
>> -rwx------ 1 tomcat7 tomcat7 19 May 9 19:40 jmxremote.access
>> -rwx------ 1 tomcat7 tomcat7 19 May 9 20:55 jmxremote.password
>
>
> Lastly, I have the following entries in JAVA_OPTS:
>
>> -Dcom.sun.management.jmxremote=true
>>
>> -Dcom.sun.management.jmxremote.password.file=/var/opt/midpoint/jmxremote.password
>>
>> -Dcom.sun.management.jmxremote.access.file=/var/opt/midpoint/jmxremote.access
>> -Dmidpoint.nodeId=002 -Dcom.sun.management.jmxremote.port=20001
>
> -Dcom.sun.management.jmxremote.ssl=false
>
>
> The only difference is the nodeId.
>
> Also, upon server startup I see the following entries, which indicate the
> connection to the DB works fine:
>
>
>> 2016-05-09 21:04:45,822 [] [localhost-startStop-1] INFO
>> (com.evolveum.midpoint.task.quartzimpl.Initializer): Task Manager
>> initialization.
>> 2016-05-09 21:04:45,829 [] [localhost-startStop-1] INFO
>> (com.evolveum.midpoint.task.quartzimpl.Initializer): Task Manager: Quartz
>> Job Store: JDBC, clustered. Threads: 10
>> 2016-05-09 21:04:45,830 [] [localhost-startStop-1] INFO
>> (com.evolveum.midpoint.task.quartzimpl.TaskManagerConfiguration): Quartz
>> database is at jdbc:mysql://DBSERVER:3306/midpoint_quartz (a JDBC URL)
>> 2016-05-09 21:04:45,840 [] [localhost-startStop-1] INFO
>> (com.evolveum.midpoint.task.quartzimpl.cluster.NodeRegistrar): Registering
>> this node in the repository as 001 at 100.80.134.132:20001
>> 2016-05-09 21:04:46,199 [] [localhost-startStop-1] INFO
>> (com.evolveum.midpoint.task.quartzimpl.execution.TaskSynchronizer):
>> Synchronizing Quartz job store with midPoint repository.
>> 2016-05-09 21:04:46,398 [] [localhost-startStop-1] INFO
>> (com.evolveum.midpoint.task.quartzimpl.execution.TaskSynchronizer):
>> Synchronization of midpoint and Quartz task store finished. 3 task(s)
>> existing in midPoint repository successfully processed, resulting in 0
>> updated Quartz job(s). 0 task(s) removed from Quartz job store. Processing
>> of 0 task(s) failed.
>> 2016-05-09 21:04:46,398 [] [localhost-startStop-1] INFO
>> (com.evolveum.midpoint.task.quartzimpl.Initializer): Task Manager
>> initialized
>
>
> You can find the full stack trace here: <http://pastebin.com/kHnN3frr>
> http://pastebin.com/kHnN3frr. Any help would be greatly appreciated.
>
> Also, as a side question. This guide uses the word failover configuration,
> however from my understanding this configuration could be used as an
> active/active mode of operation. Is this correct?
>
> Thanks,
> -F
>
>
>
> _______________________________________________
> midPoint mailing listmidPoint at lists.evolveum.comhttp://lists.evolveum.com/mailman/listinfo/midpoint
>
>
> --
> Ing. Ivan Noris
> Senior Identity Management Engineer & IDM Architect
> evolveum.com evolveum.com/blog/
> ___________________________________________________
> "Semper ID(e)M Vix."
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160510/e53df549/attachment.htm>
More information about the midPoint
mailing list