Unable to connect to EAP 6.4.22 using jboss-cli.bat

book

Article ID: 196516

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Identity Suite

Issue/Introduction

An attempt to install Identity Portal shows the following error in the log - the installer uses jboss-cli.bat with credentials which is rejected by JBoss:

C:\Users\User123\AppData\Local\Temp\3\lax-2730022823000952888-err.tmp:

C:\Users\User123\AppData\Local\Temp\3\I1596275130\Windows>"C:\CA\IP-EAP-6.4.0/bin/jboss-cli.bat" --file="C:\Users\User123\AppData\Local\Temp\3\735498.tmp/JB_RemoveSubsystems.cli" --user=admin --password=Password1!

Unable to authenticate against controller at localhost:9999: Authentication failed: the server presented no authentication mechanisms

A similar exception is seen when attempting to connect manually with credentials.

C:\CA\IP-EAP-6.4.0\bin>jboss-cli.bat --connect --user=admin --password=Password1!

Failed to connect to the controller: Unable to authenticate against controller at localhost:9999: Authentication failed: the server presented no authentication mechanisms

org.jboss.as.cli.CliInitializationException: Failed to connect to the controller

        at org.jboss.as.cli.impl.CliLauncher.initCommandContext(CliLauncher.java:306)

        at org.jboss.as.cli.impl.CliLauncher.main(CliLauncher.java:283)

        at org.jboss.as.cli.CommandLineMain.main(CommandLineMain.java:45)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

        at java.lang.reflect.Method.invoke(Unknown Source)

        at org.jboss.modules.Module.run(Module.java:318)

        at org.jboss.modules.Main.main(Main.java:473)

Caused by: org.jboss.as.cli.CommandLineException: Unable to authenticate against controller at localhost:9999

        at org.jboss.as.cli.impl.CommandContextImpl.tryConnection(CommandContextImpl.java:1062)

        at org.jboss.as.cli.impl.CommandContextImpl.connectController(CommandContextImpl.java:903)

        at org.jboss.as.cli.impl.CommandContextImpl.connectController(CommandContextImpl.java:879)

        at org.jboss.as.cli.impl.CliLauncher.initCommandContext(CliLauncher.java:304)

        ... 8 more

Caused by: javax.security.sasl.SaslException: Authentication failed: the server presented no authentication mechanisms

        at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:414)

        at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:244)

        at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

        at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189)

        at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103)

        at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

        at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189)

        at org.xnio.ssl.JsseConnectedSslStreamChannel.handleReadable(JsseConnectedSslStreamChannel.java:183)

        at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103)

        at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

        at org.xnio.nio.NioHandle.run(NioHandle.java:90)

        at org.xnio.nio.WorkerThread.run(WorkerThread.java:198)

        at ...asynchronous invocation...(Unknown Source)

        at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:293)

        at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:274)

        at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:386)

        at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:374)

        at org.jboss.as.protocol.ProtocolConnectionUtils.connect(ProtocolConnectionUtils.java:84)

        at org.jboss.as.protocol.ProtocolConnectionUtils.connectSync(ProtocolConnectionUtils.java:103)

        at org.jboss.as.protocol.ProtocolConnectionManager$EstablishingConnection.connect(ProtocolConnectionManager.java:256)

        at org.jboss.as.protocol.ProtocolConnectionManager.connect(ProtocolConnectionManager.java:70)

        at org.jboss.as.protocol.mgmt.FutureManagementChannel$Establishing.getChannel(FutureManagementChannel.java:208)

        at org.jboss.as.cli.impl.CLIModelControllerClient.getOrCreateChannel(CLIModelControllerClient.java:169)

        at org.jboss.as.cli.impl.CLIModelControllerClient$2.getChannel(CLIModelControllerClient.java:129)

        at org.jboss.as.protocol.mgmt.ManagementChannelHandler.executeRequest(ManagementChannelHandler.java:123)

        at org.jboss.as.protocol.mgmt.ManagementChannelHandler.executeRequest(ManagementChannelHandler.java:98)

        at org.jboss.as.controller.client.impl.AbstractModelControllerClient.executeRequest(AbstractModelControllerClient.java:263)

        at org.jboss.as.controller.client.impl.AbstractModelControllerClient.execute(AbstractModelControllerClient.java:168)

        at org.jboss.as.controller.client.impl.AbstractModelControllerClient.executeForResult(AbstractModelControllerClient.java:147)

        at org.jboss.as.controller.client.impl.AbstractModelControllerClient.execute(AbstractModelControllerClient.java:75)

        at org.jboss.as.cli.impl.CommandContextImpl.tryConnection(CommandContextImpl.java:1053)

        ... 11 more

Press any key to continue . . .

However the same credentials work when trying to login via the web console

 

Cause

JBoss EAP 6.4 update 19 and newer contains a slightly modified version of jboss-cli.bat which is not handling ! in the password (ie omits the ! from the string provided) in some cases.

Environment

Release : 14.x

Component : SIGMA-Identity Suite

Resolution

To avoid / workaround the error:

1. Use EAP 6.4 build 18 or lower - with this, password can contain !

2. Refrain from using passwords containing ! - replace it with a different special character