[midPoint] JMX Invalid username or password

Ivan Noris ivan.noris at evolveum.com
Wed May 11 09:33:16 CEST 2016 

Great to hear!
Ivan

On 05/10/2016 06:42 PM, Florin. Stingaciu wrote:
> Hello Ivan, 
>
> Thanks for your reply. It turns out that the password in the jmx file
> did have a new line character. I can't believe I missed that.
> Everything works great now. 
>
> Thanks, 
> -F 
>
> On Tue, May 10, 2016 at 12:13 AM, Ivan Noris <ivan.noris at evolveum.com
> <mailto:ivan.noris at evolveum.com>> wrote:
>
>     Hi Florin,
>
>     the configuration looks ok to me, I just tried to revive my old
>     cluster on my machine and it still works with midPoint 3.4
>     Please double check the password in jmxremote.password, from what
>     I see there might be a trailing space at the end of line. (But it
>     might be also just displayed incorrectly in my email client..)
>     If I fouled my jmxpassword file, the other node was not able to
>     connect to the first one with the error you posted.
>
>     If the file was not readable, Tomcat would refuse to start.
>
>     Regards,
>     Ivan
>
>
>     On 05/09/2016 11:22 PM, Florin. Stingaciu wrote:
>>     Hello, 
>>
>>     I'm following this guide
>>     <https://wiki.evolveum.com/display/midPoint/Failover+setup> to
>>     setup Midpoint in a failover environment. After setting
>>     everything up and navigating to /tasks I get the following error:
>>
>>         2016-05-09 21:05:40,778 [] [http-bio-8080-exec-1] ERROR
>>         (com.evolveum.midpoint.web.page.admin.server.dto.NodeDtoProvider):
>>         Unhandled exception when listing nodes, reason: Subresult
>>         com.evolveum.midpoint.task.api.TaskManager..searchObjects of
>>         operation
>>         com.evolveum.midpoint.model.api.ModelService.searchObjects is
>>         still UNKNOWN during cleanup; during handling of exception
>>         java.lang.SecurityException: Authentication failed! Invalid
>>         username or password (class java.lang.IllegalStateException)
>>
>>
>>     I'm fairly positive, I've set up everything correctly. Here's the
>>     relevant config.xml: 
>>
>>                 <repository>
>>                  
>>         <repositoryServiceFactoryClass>com.evolveum.midpoint.repo.sql.SqlRepositoryFactory</repositoryServiceFactoryClass>
>>                         <database>mysql</database>
>>                         <jdbcUsername>midpoint</jdbcUsername>
>>                         <jdbcPassword>myDBPass</jdbcPassword>
>>                        
>>         <jdbcUrl>jdbc:mysql://DBSERVER:3306/midpoint</jdbcUrl>
>>                         <embedded>false</embedded>
>>                        
>>         <driverClassName>com.mysql.jdbc.Driver</driverClassName>
>>                         <hibernateHbm2ddl>validate</hibernateHbm2ddl>
>>                        
>>         <hibernateDialect>org.hibernate.dialect.MySQLDialect</hibernateDialect>
>>                 </repository>
>>                 <taskManager>
>>                   <clustered>true</clustered>
>>                  
>>         <jdbcUrl>jdbc:mysql://DBSERVER:3306/midpoint_quartz</jdbcUrl>
>>                   <jmxUsername>midpoint</jmxUsername>
>>                   <jmxPassword>password</jmxPassword>
>>                 </taskManager>
>>
>>
>>     On both Midpoint instances I have the following two files:
>>
>>     /var/opt/midpoint/jmxremote.password
>>
>>         midpoint password 
>>
>>     /var/opt/midpoint/jmxremote.access
>>
>>         midpoint readwrite
>>
>>
>>      Also, the permissions for these files:
>>
>>         -rwx------ 1 tomcat7 tomcat7 19 May  9 19:40 jmxremote.access
>>         -rwx------ 1 tomcat7 tomcat7 19 May  9 20:55 jmxremote.password
>>
>>
>>     Lastly, I have the following entries in JAVA_OPTS:
>>
>>         -Dcom.sun.management.jmxremote=true 
>>         -Dcom.sun.management.jmxremote.password.file=/var/opt/midpoint/jmxremote.password 
>>         -Dcom.sun.management.jmxremote.access.file=/var/opt/midpoint/jmxremote.access 
>>         -Dmidpoint.nodeId=002 -Dcom.sun.management.jmxremote.port=20001 
>>
>>         -Dcom.sun.management.jmxremote.ssl=false
>>
>>
>>     The only difference is the nodeId. 
>>
>>     Also, upon server startup I see the following entries, which
>>     indicate the connection to the DB works fine:
>>
>>
>>         2016-05-09 21:04:45,822 [] [localhost-startStop-1] INFO
>>         (com.evolveum.midpoint.task.quartzimpl.Initializer): Task
>>         Manager initialization.
>>         2016-05-09 21:04:45,829 [] [localhost-startStop-1] INFO
>>         (com.evolveum.midpoint.task.quartzimpl.Initializer): Task
>>         Manager: Quartz Job Store: JDBC, clustered. Threads: 10
>>         2016-05-09 21:04:45,830 [] [localhost-startStop-1] INFO
>>         (com.evolveum.midpoint.task.quartzimpl.TaskManagerConfiguration):
>>         Quartz database is at
>>         jdbc:mysql://DBSERVER:3306/midpoint_quartz (a JDBC URL)
>>         2016-05-09 21:04:45,840 [] [localhost-startStop-1] INFO
>>         (com.evolveum.midpoint.task.quartzimpl.cluster.NodeRegistrar): Registering
>>         this node in the repository as 001 at 100.80.134.132:20001
>>         <http://100.80.134.132:20001>
>>         2016-05-09 21:04:46,199 [] [localhost-startStop-1] INFO
>>         (com.evolveum.midpoint.task.quartzimpl.execution.TaskSynchronizer):
>>         Synchronizing Quartz job store with midPoint repository.
>>         2016-05-09 21:04:46,398 [] [localhost-startStop-1] INFO
>>         (com.evolveum.midpoint.task.quartzimpl.execution.TaskSynchronizer):
>>         Synchronization of midpoint and Quartz task store finished. 3
>>         task(s) existing in midPoint repository successfully
>>         processed, resulting in 0 updated Quartz job(s). 0 task(s)
>>         removed from Quartz job store. Processing of 0 task(s) failed.
>>         2016-05-09 21:04:46,398 [] [localhost-startStop-1] INFO
>>         (com.evolveum.midpoint.task.quartzimpl.Initializer): Task
>>         Manager initialized 
>>
>>
>>     You can find the full stack trace here:
>>     http://pastebin.com/kHnN3frr. Any help would be greatly appreciated. 
>>
>>     Also, as a side question. This guide uses the word failover
>>     configuration, however from my understanding this configuration
>>     could be used as an active/active mode of operation. Is this correct?
>>
>>     Thanks, 
>>     -F 
>>
>>
>>
>>     _______________________________________________
>>     midPoint mailing list
>>     midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>>     http://lists.evolveum.com/mailman/listinfo/midpoint
>
>     -- 
>       Ing. Ivan Noris
>       Senior Identity Management Engineer & IDM Architect
>       evolveum.com <http://evolveum.com>                     evolveum.com/blog/ <http://evolveum.com/blog/>
>       ___________________________________________________
>       "Semper ID(e)M Vix."
>
>
>     _______________________________________________
>     midPoint mailing list
>     midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>     http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint

-- 
  Ing. Ivan Noris
  Senior Identity Management Engineer & IDM Architect
  evolveum.com                     evolveum.com/blog/
  ___________________________________________________
  "Semper ID(e)M Vix."

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160511/c096f1f7/attachment.htm>

More information about the midPoint mailing list