Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Critical Critical
    • Resolution: Fixed
    • Affects Version/s: 4.0_b89_RC5
    • Fix Version/s: 4.1
    • Component/s: admin, configuration, jdbc, security
    • Labels:
      None
    • Environment:

      Windows 7 64-bit, JDK 1.7.0_45

      Description

      I use the password alias feature to configure JDBC connections and other sensitive artefacts. I have just started work with GlassFish 4.0 and have found that it doesn't handle password aliases properly. It accepts them (using the GUI or create-password-alias), it accepts JDBC resources that use them (using the GUI or create-jdbc-connection-pool), but it can't use them. Any attempt to use the connection pool (e.g. through the "Ping" command) fails with "Connection could not be allocated because: Access denied for user 'ff_read_write'@'localhost' (using password: YES)]]". Once I replace the password alias with the plain-text password, everything works fine.

      I turned up logging on everything security-related I could find and there's an exception logging into a file realm. See log attached.

      Appears to be related to:

      https://java.net/jira/browse/GLASSFISH-20675

      Definitely related to:

      https://java.net/jira/browse/GLASSFISH-20873

        Issue Links

          Activity

          Hide
          Kevin Dean added a comment -

          [2013-12-19T17:50:57.499+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.ssl] [tid: _ThreadID=234 _ThreadName=admin-listener(43)] [timeMillis: 1387475457499] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.ssl.J2EEKeyManager] [METHODNAME: getPrivateKey] [[
          Getting private key for alias:s1as]]

          [2013-12-19T17:50:57.500+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.ssl] [tid: _ThreadID=234 _ThreadName=admin-listener(43)] [timeMillis: 1387475457500] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.ssl.J2EEKeyManager] [METHODNAME: getCertificateChain] [[
          Getting certificate chain]]

          [2013-12-19T17:50:57.500+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.ssl] [tid: _ThreadID=234 _ThreadName=admin-listener(43)] [timeMillis: 1387475457500] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.ssl.J2EEKeyManager] [METHODNAME: getPrivateKey] [[
          Getting private key for alias:s1as]]

          [2013-12-19T17:50:57.500+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.ssl] [tid: _ThreadID=234 _ThreadName=admin-listener(43)] [timeMillis: 1387475457500] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.ssl.J2EEKeyManager] [METHODNAME: getCertificateChain] [[
          Getting certificate chain]]

          [2013-12-19T17:50:57.515+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=130 _ThreadName=admin-listener(14)] [timeMillis: 1387475457515] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.realm.file.FileRealm] [METHODNAME: init] [[
          FileRealm : file=D:\Users\KDean\projects\FeeFracture\trunk\servers\glassfish4\glassfish\domains\feefracture\config\admin-keyfile]]

          [2013-12-19T17:50:57.515+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=130 _ThreadName=admin-listener(14)] [timeMillis: 1387475457515] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.realm.file.FileRealm] [METHODNAME: init] [[
          FileRealm : jaas-context=ignore]]

          [2013-12-19T17:50:57.516+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security] [tid: _ThreadID=130 _ThreadName=admin-listener(14)] [timeMillis: 1387475457516] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.BasePasswordLoginModule] [METHODNAME: initialize] [[
          Login module initialized: class com.sun.enterprise.security.auth.login.FileLoginModule]]

          [2013-12-19T17:50:57.517+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security] [tid: _ThreadID=130 _ThreadName=admin-listener(14)] [timeMillis: 1387475457517] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.login.FileLoginModule] [METHODNAME: authenticate] [[
          File login succeeded for: admin]]

          [2013-12-19T17:50:57.517+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security] [tid: _ThreadID=130 _ThreadName=admin-listener(14)] [timeMillis: 1387475457517] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.BasePasswordLoginModule] [METHODNAME: login] [[
          JAAS login complete.]]

          [2013-12-19T17:50:57.517+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security] [tid: _ThreadID=130 _ThreadName=admin-listener(14)] [timeMillis: 1387475457517] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.BasePasswordLoginModule] [METHODNAME: commit] [[
          JAAS authentication committed.]]

          [2013-12-19T17:50:57.518+0000] [glassfish 4.0] [FINEST] [] [javax.enterprise.system.core.security.org.glassfish.security.services.impl.authorization] [tid: _ThreadID=130 _ThreadName=admin-listener(14)] [timeMillis: 1387475457518] [levelValue: 300] [CLASSNAME: org.glassfish.security.services.impl.authorization.AuthorizationServiceImpl] [METHODNAME: getAuthorizationDecision] [[
          Authorization Service result for Subject:
          Principal: admin
          Principal: asadmin
          Private Credential: Realm=admin-realm Username=admin Password=######## TargetName =
          was status=OK, decision=[1].]]

          [2013-12-19T17:50:58.226+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458226] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: setPolicyContext] [[
          [Web-Security] Setting Policy Context ID: old = null ctxID = _admingui/_admingui]]

          [2013-12-19T17:50:58.226+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458226] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[
          [Web-Security] Codesource with Web URL: file:/__admingui/__admingui]]

          [2013-12-19T17:50:58.226+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458226] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[
          [Web-Security] Checking Web Permission with Principals : null]]

          [2013-12-19T17:50:58.226+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458226] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[
          [Web-Security] Web Permission = ("javax.security.jacc.WebResourcePermission" "/jdbc/jdbcConnectionPoolEdit.jsf" "GET")]]

          [2013-12-19T17:50:58.226+0000] [glassfish 4.0] [FINEST] [] [javax.enterprise.system.core.security] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458226] [levelValue: 300] [CLASSNAME: com.sun.enterprise.security.provider.BasePolicyWrapper] [METHODNAME: doImplies] [[
          JACC Policy Provider: PolicyWrapper.implies, context (_admingui/_admingui)- result was(false) permission (("javax.security.jacc.WebResourcePermission" "/jdbc/jdbcConnectionPoolEdit.jsf" "GET"))]]

          [2013-12-19T17:50:58.226+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.jmac.config] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458226] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.jmac.config.GFServerConfigProvider] [METHODNAME: getEntry] [[
          getEntry for: HttpServlet – GFConsoleAuthModule
          module class: org.glassfish.admingui.common.security.AdminConsoleAuthModule
          options:

          {loginErrorPage=/loginError.jsf, loginPage=/login.jsf}
          request policy: javax.security.auth.message.MessagePolicy@de1d100
          response policy: null]]

          [2013-12-19T17:50:58.226+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458226] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: setPolicyContext] [[
          [Web-Security] Policy Context ID was: _admingui/_admingui]]

          [2013-12-19T17:50:58.227+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458227] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[
          [Web-Security] Codesource with Web URL: file:/__admingui/__admingui]]

          [2013-12-19T17:50:58.227+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458227] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[
          [Web-Security] Checking Web Permission with Principals : asadmin, admin]]

          [2013-12-19T17:50:58.227+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458227] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[
          [Web-Security] Web Permission = ("javax.security.jacc.WebResourcePermission" "/jdbc/jdbcConnectionPoolEdit.jsf" "GET")]]

          [2013-12-19T17:50:58.227+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458227] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: hasResourcePermission] [[
          [Web-Security] hasResource isGranted: true]]

          [2013-12-19T17:50:58.227+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458227] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: hasResourcePermission] [[
          [Web-Security] hasResource perm: ("javax.security.jacc.WebResourcePermission" "/jdbc/jdbcConnectionPoolEdit.jsf" "GET")]]

          [2013-12-19T17:50:58.246+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=38 _ThreadName=admin-listener(4)] [timeMillis: 1387475458246] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.realm.file.FileRealm] [METHODNAME: init] [[
          FileRealm : file=D:\Users\KDean\projects\FeeFracture\trunk\servers\glassfish4\glassfish\domains\feefracture\config\admin-keyfile]]

          [2013-12-19T17:50:58.246+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=38 _ThreadName=admin-listener(4)] [timeMillis: 1387475458246] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.realm.file.FileRealm] [METHODNAME: init] [[
          FileRealm : jaas-context=ignore]]

          [2013-12-19T17:50:58.331+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=237 _ThreadName=admin-listener(46)] [timeMillis: 1387475458331] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.realm.file.FileRealm] [METHODNAME: init] [[
          FileRealm : file=D:\Users\KDean\projects\FeeFracture\trunk\servers\glassfish4\glassfish\domains\feefracture\config\admin-keyfile]]

          [2013-12-19T17:50:58.331+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=237 _ThreadName=admin-listener(46)] [timeMillis: 1387475458331] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.realm.file.FileRealm] [METHODNAME: init] [[
          FileRealm : jaas-context=ignore]]

          [2013-12-19T17:50:58.352+0000] [glassfish 4.0] [FINEST] [] [javax.enterprise.system.core.security.org.glassfish.security.services.impl.authorization] [tid: _ThreadID=237 _ThreadName=admin-listener(46)] [timeMillis: 1387475458352] [levelValue: 300] [CLASSNAME: org.glassfish.security.services.impl.authorization.AuthorizationServiceImpl] [METHODNAME: getAuthorizationDecision] [[
          Authorization Service result for Subject:
          Principal: admin
          Principal: asadmin
          Private Credential: Realm=admin-realm Username=admin Password=######## TargetName =
          Private Credential: Realm=admin-realm Username=admin Password=######## TargetName =
          was status=OK, decision=[1].]]

          [2013-12-19T17:50:58.360+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=225 _ThreadName=admin-listener(34)] [timeMillis: 1387475458360] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.realm.file.FileRealm] [METHODNAME: init] [[
          FileRealm : file=D:\Users\KDean\projects\FeeFracture\trunk\servers\glassfish4\glassfish\domains\feefracture\config\admin-keyfile]]

          [2013-12-19T17:50:58.361+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=225 _ThreadName=admin-listener(34)] [timeMillis: 1387475458361] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.realm.file.FileRealm] [METHODNAME: init] [[
          FileRealm : jaas-context=ignore]]

          [2013-12-19T17:50:58.382+0000] [glassfish 4.0] [FINEST] [] [javax.enterprise.system.core.security.org.glassfish.security.services.impl.authorization] [tid: _ThreadID=225 _ThreadName=admin-listener(34)] [timeMillis: 1387475458382] [levelValue: 300] [CLASSNAME: org.glassfish.security.services.impl.authorization.AuthorizationServiceImpl] [METHODNAME: getAuthorizationDecision] [[
          Authorization Service result for Subject:
          Principal: admin
          Principal: asadmin
          Private Credential: Realm=admin-realm Username=admin Password=######## TargetName =
          Private Credential: Realm=admin-realm Username=admin Password=######## TargetName =
          was status=OK, decision=[1].]]

          [2013-12-19T17:50:58.384+0000] [glassfish 4.0] [FINEST] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.login] [tid: _ThreadID=225 _ThreadName=admin-listener(34)] [timeMillis: 1387475458384] [levelValue: 300] [CLASSNAME: com.sun.enterprise.security.auth.login.LoginContextDriver] [METHODNAME: login] [[
          Processing login with credentials of type: class com.sun.enterprise.security.auth.login.common.PasswordCredential]]

          [2013-12-19T17:50:58.384+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.login] [tid: _ThreadID=225 _ThreadName=admin-listener(34)] [timeMillis: 1387475458384] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.login.LoginContextDriver] [METHODNAME: doPasswordLogin] [[
          Logging in user [admin] into realm: admin-realm using JAAS module: fileRealm]]

          [2013-12-19T17:50:58.384+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security] [tid: _ThreadID=225 _ThreadName=admin-listener(34)] [timeMillis: 1387475458384] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.BasePasswordLoginModule] [METHODNAME: initialize] [[
          Login module initialized: class com.sun.enterprise.security.auth.login.FileLoginModule]]

          [2013-12-19T17:50:58.384+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security] [tid: _ThreadID=225 _ThreadName=admin-listener(34)] [timeMillis: 1387475458384] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.BasePasswordLoginModule] [METHODNAME: abort] [[
          JAAS authentication aborted.]]

          [2013-12-19T17:50:58.384+0000] [glassfish 4.0] [FINEST] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.login] [tid: _ThreadID=225 _ThreadName=admin-listener(34)] [timeMillis: 1387475458384] [levelValue: 300] [CLASSNAME: com.sun.enterprise.security.auth.login.LoginContextDriver] [METHODNAME: doPasswordLogin] [[
          doPasswordLogin fails
          javax.security.auth.login.LoginException: Failed file login for admin.
          at com.sun.enterprise.security.auth.login.FileLoginModule.authenticate(FileLoginModule.java:84)
          at com.sun.enterprise.security.auth.login.PasswordLoginModule.authenticateUser(PasswordLoginModule.java:116)
          at com.sun.enterprise.security.BasePasswordLoginModule.login(BasePasswordLoginModule.java:146)
          at sun.reflect.GeneratedMethodAccessor40.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          at java.lang.reflect.Method.invoke(Method.java:606)
          at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784)
          at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
          at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698)
          at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696)
          at java.security.AccessController.doPrivileged(Native Method)
          at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695)
          at javax.security.auth.login.LoginContext.login(LoginContext.java:594)
          at com.sun.enterprise.security.auth.login.LoginContextDriver.doPasswordLogin(LoginContextDriver.java:383)
          at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:241)
          at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:154)
          at org.glassfish.admin.rest.cli.SecurityUtil.getAnonymousUser(SecurityUtil.java:344)
          at org.glassfish.admin.rest.cli.IsAnonymousUserEnabledCommand.execute(IsAnonymousUserEnabledCommand.java:78)
          at com.sun.enterprise.v3.admin.CommandRunnerImpl$2$1.run(CommandRunnerImpl.java:527)
          at com.sun.enterprise.v3.admin.CommandRunnerImpl$2$1.run(CommandRunnerImpl.java:523)
          at java.security.AccessController.doPrivileged(Native Method)
          at javax.security.auth.Subject.doAs(Subject.java:356)
          at com.sun.enterprise.v3.admin.CommandRunnerImpl$2.execute(CommandRunnerImpl.java:522)
          at com.sun.enterprise.v3.admin.CommandRunnerImpl.doCommand(CommandRunnerImpl.java:546)
          at com.sun.enterprise.v3.admin.CommandRunnerImpl.doCommand(CommandRunnerImpl.java:1423)
          at com.sun.enterprise.v3.admin.CommandRunnerImpl.access$1500(CommandRunnerImpl.java:108)
          at com.sun.enterprise.v3.admin.CommandRunnerImpl$ExecutionContext.execute(CommandRunnerImpl.java:1762)
          at com.sun.enterprise.v3.admin.CommandRunnerImpl$ExecutionContext.execute(CommandRunnerImpl.java:1674)
          at org.glassfish.admin.rest.utils.ResourceUtil.runCommand(ResourceUtil.java:235)
          at org.glassfish.admin.rest.resources.TemplateExecCommand.executeCommandLegacyFormat(TemplateExecCommand.java:161)
          at org.glassfish.admin.rest.resources.TemplateCommandGetResource.processGetLegacyFormat(TemplateCommandGetResource.java:75)
          at sun.reflect.GeneratedMethodAccessor152.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
          at java.lang.reflect.Method.invoke(Method.java:606)
          at org.glassfish.jersey.server.model.internal.ResourceMethodInvocationHandlerFactory$1.invoke(ResourceMethodInvocationHandlerFactory.java:81)
          at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.invoke(AbstractJavaResourceMethodDispatcher.java:125)
          at org.glassfish.jersey.server.model.internal.JavaResourceMethodDispatcherProvider$ResponseOutInvoker.doDispatch(JavaResourceMethodDispatcherProvider.java:152)
          at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.dispatch(AbstractJavaResourceMethodDispatcher.java:91)
          at org.glassfish.jersey.server.model.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:346)
          at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:341)
          at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:101)
          at org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:224)
          at org.glassfish.jersey.internal.Errors$1.call(Errors.java:271)
          at org.glassfish.jersey.internal.Errors$1.call(Errors.java:267)
          at org.glassfish.jersey.internal.Errors.process(Errors.java:315)
          at org.glassfish.jersey.internal.Errors.process(Errors.java:297)
          at org.glassfish.jersey.internal.Errors.process(Errors.java:267)
          at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:317)
          at org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:198)
          at org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:946)
          at org.glassfish.jersey.grizzly2.httpserver.GrizzlyHttpContainer.service(GrizzlyHttpContainer.java:331)
          at org.glassfish.admin.rest.adapter.RestAdapter$2.service(RestAdapter.java:318)
          at org.glassfish.admin.rest.adapter.RestAdapter.service(RestAdapter.java:181)
          at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:246)
          at org.glassfish.grizzly.http.server.HttpHandler.runService(HttpHandler.java:191)
          at org.glassfish.grizzly.http.server.HttpHandler.doHandle(HttpHandler.java:168)
          at org.glassfish.grizzly.http.server.HttpServerFilter.handleRead(HttpServerFilter.java:189)
          at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119)
          at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:288)
          at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:206)
          at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:136)
          at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:114)
          at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77)
          at org.glassfish.grizzly.portunif.PUFilter.handleRead(PUFilter.java:231)
          at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119)
          at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:288)
          at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:206)
          at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:136)
          at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:114)
          at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77)
          at org.glassfish.grizzly.portunif.PUFilter.handleRead(PUFilter.java:231)
          at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119)
          at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:288)
          at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:206)
          at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:136)
          at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:114)
          at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77)
          at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:838)
          at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:113)
          at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:115)
          at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:55)
          at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:135)
          at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:564)
          at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:544)
          at java.lang.Thread.run(Thread.java:744)
          ]]

          [2013-12-19T17:50:59.808+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459808] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: setPolicyContext] [[
          [Web-Security] Setting Policy Context ID: old = null ctxID = _admingui/_admingui]]

          [2013-12-19T17:50:59.808+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459808] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[
          [Web-Security] Codesource with Web URL: file:/__admingui/__admingui]]

          [2013-12-19T17:50:59.808+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459808] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[
          [Web-Security] Checking Web Permission with Principals : null]]

          [2013-12-19T17:50:59.808+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459808] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[
          [Web-Security] Web Permission = ("javax.security.jacc.WebResourcePermission" "/jdbc/jdbcConnectionPoolEdit.jsf" "POST")]]

          [2013-12-19T17:50:59.808+0000] [glassfish 4.0] [FINEST] [] [javax.enterprise.system.core.security] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459808] [levelValue: 300] [CLASSNAME: com.sun.enterprise.security.provider.BasePolicyWrapper] [METHODNAME: doImplies] [[
          JACC Policy Provider: PolicyWrapper.implies, context (_admingui/_admingui)- result was(false) permission (("javax.security.jacc.WebResourcePermission" "/jdbc/jdbcConnectionPoolEdit.jsf" "POST"))]]

          [2013-12-19T17:50:59.808+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.jmac.config] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459808] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.jmac.config.GFServerConfigProvider] [METHODNAME: getEntry] [[
          getEntry for: HttpServlet – GFConsoleAuthModule
          module class: org.glassfish.admingui.common.security.AdminConsoleAuthModule
          options: {loginErrorPage=/loginError.jsf, loginPage=/login.jsf}

          request policy: javax.security.auth.message.MessagePolicy@de1d100
          response policy: null]]

          [2013-12-19T17:50:59.809+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459809] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: setPolicyContext] [[
          [Web-Security] Policy Context ID was: _admingui/_admingui]]

          [2013-12-19T17:50:59.809+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459809] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[
          [Web-Security] Codesource with Web URL: file:/__admingui/__admingui]]

          [2013-12-19T17:50:59.809+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459809] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[
          [Web-Security] Checking Web Permission with Principals : asadmin, admin]]

          [2013-12-19T17:50:59.809+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459809] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[
          [Web-Security] Web Permission = ("javax.security.jacc.WebResourcePermission" "/jdbc/jdbcConnectionPoolEdit.jsf" "POST")]]

          [2013-12-19T17:50:59.809+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459809] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: hasResourcePermission] [[
          [Web-Security] hasResource isGranted: true]]

          [2013-12-19T17:50:59.809+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459809] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: hasResourcePermission] [[
          [Web-Security] hasResource perm: ("javax.security.jacc.WebResourcePermission" "/jdbc/jdbcConnectionPoolEdit.jsf" "POST")]]

          [2013-12-19T17:50:59.834+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=223 _ThreadName=admin-listener(32)] [timeMillis: 1387475459834] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.realm.file.FileRealm] [METHODNAME: init] [[
          FileRealm : file=D:\Users\KDean\projects\FeeFracture\trunk\servers\glassfish4\glassfish\domains\feefracture\config\admin-keyfile]]

          [2013-12-19T17:50:59.834+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=223 _ThreadName=admin-listener(32)] [timeMillis: 1387475459834] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.realm.file.FileRealm] [METHODNAME: init] [[
          FileRealm : jaas-context=ignore]]

          [2013-12-19T17:50:59.888+0000] [glassfish 4.0] [FINEST] [] [javax.enterprise.system.core.security.org.glassfish.security.services.impl.authorization] [tid: _ThreadID=223 _ThreadName=admin-listener(32)] [timeMillis: 1387475459888] [levelValue: 300] [CLASSNAME: org.glassfish.security.services.impl.authorization.AuthorizationServiceImpl] [METHODNAME: getAuthorizationDecision] [[
          Authorization Service result for Subject:
          Principal: admin
          Principal: asadmin
          Private Credential: Realm=admin-realm Username=admin Password=######## TargetName =
          Private Credential: Realm=admin-realm Username=admin Password=######## TargetName =
          was status=OK, decision=[1].]]

          [2013-12-19T17:50:59.936+0000] [glassfish 4.0] [WARNING] [test.connection.pool.failed] [javax.enterprise.resource.resourceadapter.com.sun.enterprise.connectors.service] [tid: _ThreadID=223 _ThreadName=admin-listener(32)] [timeMillis: 1387475459936] [levelValue: 900] [[
          RAR8054: Exception while creating an unpooled [test] connection for pool [ X ], Connection could not be allocated because: Access denied for user 'ff_read_write'@'localhost' (using password: YES)]]

          [2013-12-19T17:50:59.938+0000] [glassfish 4.0] [SEVERE] [] [org.glassfish.admingui] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459938] [levelValue: 1000] [[
          RestResponse.getResponse() gives FAILURE. endpoint = 'https://localhost:4848/management/domain/resources/ping-connection-pool.json'; attrs = '

          {id=X}

          ']]

          Show
          Kevin Dean added a comment - [2013-12-19T17:50:57.499+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.ssl] [tid: _ThreadID=234 _ThreadName=admin-listener(43)] [timeMillis: 1387475457499] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.ssl.J2EEKeyManager] [METHODNAME: getPrivateKey] [[ Getting private key for alias:s1as]] [2013-12-19T17:50:57.500+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.ssl] [tid: _ThreadID=234 _ThreadName=admin-listener(43)] [timeMillis: 1387475457500] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.ssl.J2EEKeyManager] [METHODNAME: getCertificateChain] [[ Getting certificate chain]] [2013-12-19T17:50:57.500+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.ssl] [tid: _ThreadID=234 _ThreadName=admin-listener(43)] [timeMillis: 1387475457500] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.ssl.J2EEKeyManager] [METHODNAME: getPrivateKey] [[ Getting private key for alias:s1as]] [2013-12-19T17:50:57.500+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.ssl] [tid: _ThreadID=234 _ThreadName=admin-listener(43)] [timeMillis: 1387475457500] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.ssl.J2EEKeyManager] [METHODNAME: getCertificateChain] [[ Getting certificate chain]] [2013-12-19T17:50:57.515+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=130 _ThreadName=admin-listener(14)] [timeMillis: 1387475457515] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.realm.file.FileRealm] [METHODNAME: init] [[ FileRealm : file=D:\Users\KDean\projects\FeeFracture\trunk\servers\glassfish4\glassfish\domains\feefracture\config\admin-keyfile]] [2013-12-19T17:50:57.515+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=130 _ThreadName=admin-listener(14)] [timeMillis: 1387475457515] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.realm.file.FileRealm] [METHODNAME: init] [[ FileRealm : jaas-context=ignore]] [2013-12-19T17:50:57.516+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security] [tid: _ThreadID=130 _ThreadName=admin-listener(14)] [timeMillis: 1387475457516] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.BasePasswordLoginModule] [METHODNAME: initialize] [[ Login module initialized: class com.sun.enterprise.security.auth.login.FileLoginModule]] [2013-12-19T17:50:57.517+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security] [tid: _ThreadID=130 _ThreadName=admin-listener(14)] [timeMillis: 1387475457517] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.login.FileLoginModule] [METHODNAME: authenticate] [[ File login succeeded for: admin]] [2013-12-19T17:50:57.517+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security] [tid: _ThreadID=130 _ThreadName=admin-listener(14)] [timeMillis: 1387475457517] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.BasePasswordLoginModule] [METHODNAME: login] [[ JAAS login complete.]] [2013-12-19T17:50:57.517+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security] [tid: _ThreadID=130 _ThreadName=admin-listener(14)] [timeMillis: 1387475457517] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.BasePasswordLoginModule] [METHODNAME: commit] [[ JAAS authentication committed.]] [2013-12-19T17:50:57.518+0000] [glassfish 4.0] [FINEST] [] [javax.enterprise.system.core.security.org.glassfish.security.services.impl.authorization] [tid: _ThreadID=130 _ThreadName=admin-listener(14)] [timeMillis: 1387475457518] [levelValue: 300] [CLASSNAME: org.glassfish.security.services.impl.authorization.AuthorizationServiceImpl] [METHODNAME: getAuthorizationDecision] [[ Authorization Service result for Subject: Principal: admin Principal: asadmin Private Credential: Realm=admin-realm Username=admin Password=######## TargetName = was status=OK, decision= [1] .]] [2013-12-19T17:50:58.226+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458226] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: setPolicyContext] [[ [Web-Security] Setting Policy Context ID: old = null ctxID = _ admingui/ _admingui]] [2013-12-19T17:50:58.226+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458226] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[ [Web-Security] Codesource with Web URL: file:/__admingui/__admingui ]] [2013-12-19T17:50:58.226+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458226] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[ [Web-Security] Checking Web Permission with Principals : null]] [2013-12-19T17:50:58.226+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458226] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[ [Web-Security] Web Permission = ("javax.security.jacc.WebResourcePermission" "/jdbc/jdbcConnectionPoolEdit.jsf" "GET")]] [2013-12-19T17:50:58.226+0000] [glassfish 4.0] [FINEST] [] [javax.enterprise.system.core.security] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458226] [levelValue: 300] [CLASSNAME: com.sun.enterprise.security.provider.BasePolicyWrapper] [METHODNAME: doImplies] [[ JACC Policy Provider: PolicyWrapper.implies, context (_ admingui/ _admingui)- result was(false) permission (("javax.security.jacc.WebResourcePermission" "/jdbc/jdbcConnectionPoolEdit.jsf" "GET"))]] [2013-12-19T17:50:58.226+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.jmac.config] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458226] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.jmac.config.GFServerConfigProvider] [METHODNAME: getEntry] [[ getEntry for: HttpServlet – GFConsoleAuthModule module class: org.glassfish.admingui.common.security.AdminConsoleAuthModule options: {loginErrorPage=/loginError.jsf, loginPage=/login.jsf} request policy: javax.security.auth.message.MessagePolicy@de1d100 response policy: null]] [2013-12-19T17:50:58.226+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458226] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: setPolicyContext] [[ [Web-Security] Policy Context ID was: _ admingui/ _admingui]] [2013-12-19T17:50:58.227+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458227] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[ [Web-Security] Codesource with Web URL: file:/__admingui/__admingui ]] [2013-12-19T17:50:58.227+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458227] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[ [Web-Security] Checking Web Permission with Principals : asadmin, admin]] [2013-12-19T17:50:58.227+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458227] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[ [Web-Security] Web Permission = ("javax.security.jacc.WebResourcePermission" "/jdbc/jdbcConnectionPoolEdit.jsf" "GET")]] [2013-12-19T17:50:58.227+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458227] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: hasResourcePermission] [[ [Web-Security] hasResource isGranted: true]] [2013-12-19T17:50:58.227+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=124 _ThreadName=admin-listener(8)] [timeMillis: 1387475458227] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: hasResourcePermission] [[ [Web-Security] hasResource perm: ("javax.security.jacc.WebResourcePermission" "/jdbc/jdbcConnectionPoolEdit.jsf" "GET")]] [2013-12-19T17:50:58.246+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=38 _ThreadName=admin-listener(4)] [timeMillis: 1387475458246] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.realm.file.FileRealm] [METHODNAME: init] [[ FileRealm : file=D:\Users\KDean\projects\FeeFracture\trunk\servers\glassfish4\glassfish\domains\feefracture\config\admin-keyfile]] [2013-12-19T17:50:58.246+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=38 _ThreadName=admin-listener(4)] [timeMillis: 1387475458246] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.realm.file.FileRealm] [METHODNAME: init] [[ FileRealm : jaas-context=ignore]] [2013-12-19T17:50:58.331+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=237 _ThreadName=admin-listener(46)] [timeMillis: 1387475458331] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.realm.file.FileRealm] [METHODNAME: init] [[ FileRealm : file=D:\Users\KDean\projects\FeeFracture\trunk\servers\glassfish4\glassfish\domains\feefracture\config\admin-keyfile]] [2013-12-19T17:50:58.331+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=237 _ThreadName=admin-listener(46)] [timeMillis: 1387475458331] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.realm.file.FileRealm] [METHODNAME: init] [[ FileRealm : jaas-context=ignore]] [2013-12-19T17:50:58.352+0000] [glassfish 4.0] [FINEST] [] [javax.enterprise.system.core.security.org.glassfish.security.services.impl.authorization] [tid: _ThreadID=237 _ThreadName=admin-listener(46)] [timeMillis: 1387475458352] [levelValue: 300] [CLASSNAME: org.glassfish.security.services.impl.authorization.AuthorizationServiceImpl] [METHODNAME: getAuthorizationDecision] [[ Authorization Service result for Subject: Principal: admin Principal: asadmin Private Credential: Realm=admin-realm Username=admin Password=######## TargetName = Private Credential: Realm=admin-realm Username=admin Password=######## TargetName = was status=OK, decision= [1] .]] [2013-12-19T17:50:58.360+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=225 _ThreadName=admin-listener(34)] [timeMillis: 1387475458360] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.realm.file.FileRealm] [METHODNAME: init] [[ FileRealm : file=D:\Users\KDean\projects\FeeFracture\trunk\servers\glassfish4\glassfish\domains\feefracture\config\admin-keyfile]] [2013-12-19T17:50:58.361+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=225 _ThreadName=admin-listener(34)] [timeMillis: 1387475458361] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.realm.file.FileRealm] [METHODNAME: init] [[ FileRealm : jaas-context=ignore]] [2013-12-19T17:50:58.382+0000] [glassfish 4.0] [FINEST] [] [javax.enterprise.system.core.security.org.glassfish.security.services.impl.authorization] [tid: _ThreadID=225 _ThreadName=admin-listener(34)] [timeMillis: 1387475458382] [levelValue: 300] [CLASSNAME: org.glassfish.security.services.impl.authorization.AuthorizationServiceImpl] [METHODNAME: getAuthorizationDecision] [[ Authorization Service result for Subject: Principal: admin Principal: asadmin Private Credential: Realm=admin-realm Username=admin Password=######## TargetName = Private Credential: Realm=admin-realm Username=admin Password=######## TargetName = was status=OK, decision= [1] .]] [2013-12-19T17:50:58.384+0000] [glassfish 4.0] [FINEST] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.login] [tid: _ThreadID=225 _ThreadName=admin-listener(34)] [timeMillis: 1387475458384] [levelValue: 300] [CLASSNAME: com.sun.enterprise.security.auth.login.LoginContextDriver] [METHODNAME: login] [[ Processing login with credentials of type: class com.sun.enterprise.security.auth.login.common.PasswordCredential]] [2013-12-19T17:50:58.384+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.login] [tid: _ThreadID=225 _ThreadName=admin-listener(34)] [timeMillis: 1387475458384] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.login.LoginContextDriver] [METHODNAME: doPasswordLogin] [[ Logging in user [admin] into realm: admin-realm using JAAS module: fileRealm]] [2013-12-19T17:50:58.384+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security] [tid: _ThreadID=225 _ThreadName=admin-listener(34)] [timeMillis: 1387475458384] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.BasePasswordLoginModule] [METHODNAME: initialize] [[ Login module initialized: class com.sun.enterprise.security.auth.login.FileLoginModule]] [2013-12-19T17:50:58.384+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security] [tid: _ThreadID=225 _ThreadName=admin-listener(34)] [timeMillis: 1387475458384] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.BasePasswordLoginModule] [METHODNAME: abort] [[ JAAS authentication aborted.]] [2013-12-19T17:50:58.384+0000] [glassfish 4.0] [FINEST] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.login] [tid: _ThreadID=225 _ThreadName=admin-listener(34)] [timeMillis: 1387475458384] [levelValue: 300] [CLASSNAME: com.sun.enterprise.security.auth.login.LoginContextDriver] [METHODNAME: doPasswordLogin] [[ doPasswordLogin fails javax.security.auth.login.LoginException: Failed file login for admin. at com.sun.enterprise.security.auth.login.FileLoginModule.authenticate(FileLoginModule.java:84) at com.sun.enterprise.security.auth.login.PasswordLoginModule.authenticateUser(PasswordLoginModule.java:116) at com.sun.enterprise.security.BasePasswordLoginModule.login(BasePasswordLoginModule.java:146) at sun.reflect.GeneratedMethodAccessor40.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695) at javax.security.auth.login.LoginContext.login(LoginContext.java:594) at com.sun.enterprise.security.auth.login.LoginContextDriver.doPasswordLogin(LoginContextDriver.java:383) at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:241) at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:154) at org.glassfish.admin.rest.cli.SecurityUtil.getAnonymousUser(SecurityUtil.java:344) at org.glassfish.admin.rest.cli.IsAnonymousUserEnabledCommand.execute(IsAnonymousUserEnabledCommand.java:78) at com.sun.enterprise.v3.admin.CommandRunnerImpl$2$1.run(CommandRunnerImpl.java:527) at com.sun.enterprise.v3.admin.CommandRunnerImpl$2$1.run(CommandRunnerImpl.java:523) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAs(Subject.java:356) at com.sun.enterprise.v3.admin.CommandRunnerImpl$2.execute(CommandRunnerImpl.java:522) at com.sun.enterprise.v3.admin.CommandRunnerImpl.doCommand(CommandRunnerImpl.java:546) at com.sun.enterprise.v3.admin.CommandRunnerImpl.doCommand(CommandRunnerImpl.java:1423) at com.sun.enterprise.v3.admin.CommandRunnerImpl.access$1500(CommandRunnerImpl.java:108) at com.sun.enterprise.v3.admin.CommandRunnerImpl$ExecutionContext.execute(CommandRunnerImpl.java:1762) at com.sun.enterprise.v3.admin.CommandRunnerImpl$ExecutionContext.execute(CommandRunnerImpl.java:1674) at org.glassfish.admin.rest.utils.ResourceUtil.runCommand(ResourceUtil.java:235) at org.glassfish.admin.rest.resources.TemplateExecCommand.executeCommandLegacyFormat(TemplateExecCommand.java:161) at org.glassfish.admin.rest.resources.TemplateCommandGetResource.processGetLegacyFormat(TemplateCommandGetResource.java:75) at sun.reflect.GeneratedMethodAccessor152.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.glassfish.jersey.server.model.internal.ResourceMethodInvocationHandlerFactory$1.invoke(ResourceMethodInvocationHandlerFactory.java:81) at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.invoke(AbstractJavaResourceMethodDispatcher.java:125) at org.glassfish.jersey.server.model.internal.JavaResourceMethodDispatcherProvider$ResponseOutInvoker.doDispatch(JavaResourceMethodDispatcherProvider.java:152) at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.dispatch(AbstractJavaResourceMethodDispatcher.java:91) at org.glassfish.jersey.server.model.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:346) at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:341) at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:101) at org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:224) at org.glassfish.jersey.internal.Errors$1.call(Errors.java:271) at org.glassfish.jersey.internal.Errors$1.call(Errors.java:267) at org.glassfish.jersey.internal.Errors.process(Errors.java:315) at org.glassfish.jersey.internal.Errors.process(Errors.java:297) at org.glassfish.jersey.internal.Errors.process(Errors.java:267) at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:317) at org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:198) at org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:946) at org.glassfish.jersey.grizzly2.httpserver.GrizzlyHttpContainer.service(GrizzlyHttpContainer.java:331) at org.glassfish.admin.rest.adapter.RestAdapter$2.service(RestAdapter.java:318) at org.glassfish.admin.rest.adapter.RestAdapter.service(RestAdapter.java:181) at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:246) at org.glassfish.grizzly.http.server.HttpHandler.runService(HttpHandler.java:191) at org.glassfish.grizzly.http.server.HttpHandler.doHandle(HttpHandler.java:168) at org.glassfish.grizzly.http.server.HttpServerFilter.handleRead(HttpServerFilter.java:189) at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119) at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:288) at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:206) at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:136) at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:114) at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77) at org.glassfish.grizzly.portunif.PUFilter.handleRead(PUFilter.java:231) at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119) at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:288) at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:206) at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:136) at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:114) at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77) at org.glassfish.grizzly.portunif.PUFilter.handleRead(PUFilter.java:231) at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119) at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:288) at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:206) at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:136) at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:114) at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77) at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:838) at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:113) at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:115) at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:55) at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:135) at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:564) at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:544) at java.lang.Thread.run(Thread.java:744) ]] [2013-12-19T17:50:59.808+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459808] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: setPolicyContext] [[ [Web-Security] Setting Policy Context ID: old = null ctxID = _ admingui/ _admingui]] [2013-12-19T17:50:59.808+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459808] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[ [Web-Security] Codesource with Web URL: file:/__admingui/__admingui ]] [2013-12-19T17:50:59.808+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459808] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[ [Web-Security] Checking Web Permission with Principals : null]] [2013-12-19T17:50:59.808+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459808] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[ [Web-Security] Web Permission = ("javax.security.jacc.WebResourcePermission" "/jdbc/jdbcConnectionPoolEdit.jsf" "POST")]] [2013-12-19T17:50:59.808+0000] [glassfish 4.0] [FINEST] [] [javax.enterprise.system.core.security] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459808] [levelValue: 300] [CLASSNAME: com.sun.enterprise.security.provider.BasePolicyWrapper] [METHODNAME: doImplies] [[ JACC Policy Provider: PolicyWrapper.implies, context (_ admingui/ _admingui)- result was(false) permission (("javax.security.jacc.WebResourcePermission" "/jdbc/jdbcConnectionPoolEdit.jsf" "POST"))]] [2013-12-19T17:50:59.808+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.jmac.config] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459808] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.jmac.config.GFServerConfigProvider] [METHODNAME: getEntry] [[ getEntry for: HttpServlet – GFConsoleAuthModule module class: org.glassfish.admingui.common.security.AdminConsoleAuthModule options: {loginErrorPage=/loginError.jsf, loginPage=/login.jsf} request policy: javax.security.auth.message.MessagePolicy@de1d100 response policy: null]] [2013-12-19T17:50:59.809+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459809] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: setPolicyContext] [[ [Web-Security] Policy Context ID was: _ admingui/ _admingui]] [2013-12-19T17:50:59.809+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459809] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[ [Web-Security] Codesource with Web URL: file:/__admingui/__admingui ]] [2013-12-19T17:50:59.809+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459809] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[ [Web-Security] Checking Web Permission with Principals : asadmin, admin]] [2013-12-19T17:50:59.809+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459809] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[ [Web-Security] Web Permission = ("javax.security.jacc.WebResourcePermission" "/jdbc/jdbcConnectionPoolEdit.jsf" "POST")]] [2013-12-19T17:50:59.809+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459809] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: hasResourcePermission] [[ [Web-Security] hasResource isGranted: true]] [2013-12-19T17:50:59.809+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459809] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: hasResourcePermission] [[ [Web-Security] hasResource perm: ("javax.security.jacc.WebResourcePermission" "/jdbc/jdbcConnectionPoolEdit.jsf" "POST")]] [2013-12-19T17:50:59.834+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=223 _ThreadName=admin-listener(32)] [timeMillis: 1387475459834] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.realm.file.FileRealm] [METHODNAME: init] [[ FileRealm : file=D:\Users\KDean\projects\FeeFracture\trunk\servers\glassfish4\glassfish\domains\feefracture\config\admin-keyfile]] [2013-12-19T17:50:59.834+0000] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=223 _ThreadName=admin-listener(32)] [timeMillis: 1387475459834] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.realm.file.FileRealm] [METHODNAME: init] [[ FileRealm : jaas-context=ignore]] [2013-12-19T17:50:59.888+0000] [glassfish 4.0] [FINEST] [] [javax.enterprise.system.core.security.org.glassfish.security.services.impl.authorization] [tid: _ThreadID=223 _ThreadName=admin-listener(32)] [timeMillis: 1387475459888] [levelValue: 300] [CLASSNAME: org.glassfish.security.services.impl.authorization.AuthorizationServiceImpl] [METHODNAME: getAuthorizationDecision] [[ Authorization Service result for Subject: Principal: admin Principal: asadmin Private Credential: Realm=admin-realm Username=admin Password=######## TargetName = Private Credential: Realm=admin-realm Username=admin Password=######## TargetName = was status=OK, decision= [1] .]] [2013-12-19T17:50:59.936+0000] [glassfish 4.0] [WARNING] [test.connection.pool.failed] [javax.enterprise.resource.resourceadapter.com.sun.enterprise.connectors.service] [tid: _ThreadID=223 _ThreadName=admin-listener(32)] [timeMillis: 1387475459936] [levelValue: 900] [[ RAR8054: Exception while creating an unpooled [test] connection for pool [ X ], Connection could not be allocated because: Access denied for user 'ff_read_write'@'localhost' (using password: YES)]] [2013-12-19T17:50:59.938+0000] [glassfish 4.0] [SEVERE] [] [org.glassfish.admingui] [tid: _ThreadID=215 _ThreadName=admin-listener(24)] [timeMillis: 1387475459938] [levelValue: 1000] [[ RestResponse.getResponse() gives FAILURE. endpoint = 'https://localhost:4848/management/domain/resources/ping-connection-pool.json'; attrs = ' {id=X} ']]
          Hide
          Kevin Dean added a comment -

          After bashing my head against the wall trying to figure out how to enable tracing in GlassFish or the MySQL JDBC driver that would log the aliased password, I finally took the easy route and wrote my own connection pool data source that extended MySQL's connection pool data source. I then overrode the "setPassword" method to log the password and lo and behold, we have an answer!!!

          It seems that either the encryption or the decryption process mangles the password. Any password less than 10 characters long is fine, but the moment you hit ten characters, the process appends a single space character to the end. That space character remains until you hit 20 characters, at which point you have not one but TWO space characters at the end.

          Show
          Kevin Dean added a comment - After bashing my head against the wall trying to figure out how to enable tracing in GlassFish or the MySQL JDBC driver that would log the aliased password, I finally took the easy route and wrote my own connection pool data source that extended MySQL's connection pool data source. I then overrode the "setPassword" method to log the password and lo and behold, we have an answer!!! It seems that either the encryption or the decryption process mangles the password. Any password less than 10 characters long is fine, but the moment you hit ten characters, the process appends a single space character to the end. That space character remains until you hit 20 characters, at which point you have not one but TWO space characters at the end.
          Hide
          kumara added a comment - - edited

          Thanks for the detailed analysis and getting to the root cause. Need to investigate further. Problem demonstrated by following test code ...

          import java.nio.ByteBuffer;
          import java.nio.CharBuffer;
          import java.nio.charset.Charset;
          
          public class Test {
          
              private final static Charset utf8 = Charset.forName("UTF-8");
          
              private static String getBytesInHex(byte[] bytes) {
                  StringBuilder sb = new StringBuilder();
                  for (byte b: bytes) {
                       sb.append(String.format("%02X", b));
                  }
                  return sb.toString();
              }
          
              private static void encodeAndPrint(String password) {
                  final ByteBuffer byteBuffer = utf8.encode(password);
                  System.out.println("Encoded \"" + password + "\" to \"" + getBytesInHex(byteBuffer.array()) + "\"");
              }
          
              public static void main(String[] args) { 
                  for (String s: args) {
                       encodeAndPrint(s);
                  }
              }
          }
          
          

          java Test abcd12345 abdcde12345 abcdefghij012345678 abcdefghij0123456789
          Encoded "abcd12345" to "616263643132333435"
          Encoded "abdcde12345" to "616264636465313233343500"
          Encoded "abcdefghij012345678" to "6162636465666768696A30313233343536373800"
          Encoded "abcdefghij0123456789" to "6162636465666768696A303132333435363738390000"

          Need to dig deeper in utf8.encode() ...

          Show
          kumara added a comment - - edited Thanks for the detailed analysis and getting to the root cause. Need to investigate further. Problem demonstrated by following test code ... import java.nio.ByteBuffer; import java.nio.CharBuffer; import java.nio.charset.Charset; public class Test { private final static Charset utf8 = Charset.forName("UTF-8"); private static String getBytesInHex(byte[] bytes) { StringBuilder sb = new StringBuilder(); for (byte b: bytes) { sb.append(String.format("%02X", b)); } return sb.toString(); } private static void encodeAndPrint(String password) { final ByteBuffer byteBuffer = utf8.encode(password); System.out.println("Encoded \"" + password + "\" to \"" + getBytesInHex(byteBuffer.array()) + "\""); } public static void main(String[] args) { for (String s: args) { encodeAndPrint(s); } } } java Test abcd12345 abdcde12345 abcdefghij012345678 abcdefghij0123456789 Encoded "abcd12345" to "616263643132333435" Encoded "abdcde12345" to "616264636465313233343500" Encoded "abcdefghij012345678" to "6162636465666768696A30313233343536373800" Encoded "abcdefghij0123456789" to "6162636465666768696A303132333435363738390000" Need to dig deeper in utf8.encode() ...
          Hide
          Tim Quinn added a comment -

          The problem turns out not to be in utf8.encode but in how GlassFish and the test code use the return value from array().

          That method returns the entire array that is the backing store for the buffer, not just the valid portion that contains legitimate data.

          For example, the test code should convert the byte buffer to a readable string this way:

              private static String getBytesInHex(final ByteBuffer bb) {
                  final StringBuilder sb = new StringBuilder();
                  while (bb.hasRemaining()) {
                      sb.append(String.format("%02X", bb.get()));
                  }
                  return sb.toString();
              }
          

          Note the use of hasRemaining() and get().

          I'm already at work on a fix to the JCEKSPasswordAliasStore class (which contains the same incorrect use the array() method).

          Show
          Tim Quinn added a comment - The problem turns out not to be in utf8.encode but in how GlassFish and the test code use the return value from array(). That method returns the entire array that is the backing store for the buffer, not just the valid portion that contains legitimate data. For example, the test code should convert the byte buffer to a readable string this way: private static String getBytesInHex( final ByteBuffer bb) { final StringBuilder sb = new StringBuilder(); while (bb.hasRemaining()) { sb.append( String .format( "%02X" , bb.get())); } return sb.toString(); } Note the use of hasRemaining() and get(). I'm already at work on a fix to the JCEKSPasswordAliasStore class (which contains the same incorrect use the array() method).
          Hide
          Tim Quinn added a comment -

          Fix checked in.

          Project: glassfish
          Repository: svn
          Revision: 63048
          Author: tjquinn
          Date: 2013-12-30 21:21:57 UTC
          Link:

          Log Message:
          ------------
          GLASSFISH-20938 - GlassFish password aliases failing

          Symptom: Password aliases longer than just a few characters were incorrectly handled.

          Cause: Places in the new alias handling code use ByteBuffer and CharBuffer objects and the array() method. That method returns the entire backing array, not just the valid portion of the backing array. As longer password strings were created the xxxBuffer would legitimately allocate more bytes than the length of the password. The GlassFish code which uses the entire backing array would use the invalidate bytes in the backing array as well as the valid ones.

          Fix: Change the code to use the position() and remaining() methods on ByteBuffer (one solution) and toString on CharBuffer to work with only the valid portion data in the buffer.

          Tests: new unit test; remote queue EJB, deployment devtests; QL; others

          Revisions:
          ----------
          63048

          Modified Paths:
          ---------------
          trunk/main/nucleus/common/common-util/src/main/java/com/sun/enterprise/util/Utility.java
          trunk/main/nucleus/security/services/src/main/java/org/glassfish/security/services/impl/JCEKSPasswordAliasStore.java

          Added Paths:
          ------------
          trunk/main/nucleus/security/services/src/test/java/org/glassfish/security/services/impl/PasswordAliasTest.java

          Show
          Tim Quinn added a comment - Fix checked in. Project: glassfish Repository: svn Revision: 63048 Author: tjquinn Date: 2013-12-30 21:21:57 UTC Link: Log Message: ------------ GLASSFISH-20938 - GlassFish password aliases failing Symptom: Password aliases longer than just a few characters were incorrectly handled. Cause: Places in the new alias handling code use ByteBuffer and CharBuffer objects and the array() method. That method returns the entire backing array, not just the valid portion of the backing array. As longer password strings were created the xxxBuffer would legitimately allocate more bytes than the length of the password. The GlassFish code which uses the entire backing array would use the invalidate bytes in the backing array as well as the valid ones. Fix: Change the code to use the position() and remaining() methods on ByteBuffer (one solution) and toString on CharBuffer to work with only the valid portion data in the buffer. Tests: new unit test; remote queue EJB, deployment devtests; QL; others Revisions: ---------- 63048 Modified Paths: --------------- trunk/main/nucleus/common/common-util/src/main/java/com/sun/enterprise/util/Utility.java trunk/main/nucleus/security/services/src/main/java/org/glassfish/security/services/impl/JCEKSPasswordAliasStore.java Added Paths: ------------ trunk/main/nucleus/security/services/src/test/java/org/glassfish/security/services/impl/PasswordAliasTest.java

            People

            • Assignee:
              Tim Quinn
              Reporter:
              Kevin Dean
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: