Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 331299

Summary:	Eclipse Virgo failed to shutdown after admin password change
Product:	[RT] Virgo	Reporter:	Krešimir Jurasović <kresimir.jurasovic>
Component:	virgo-build	Assignee:	Glyn Normington <glyn.normington>
Status:	CLOSED FIXED	QA Contact:
Severity:	normal
Priority:	P3	CC:	allahamit, eclipse, glyn.normington, kresimir.jurasovic, zteve.powell
Version:	2.1.0.RELEASE	Keywords:	helpwanted
Target Milestone:	3.0.0.M01
Hardware:	PC
OS:	Windows 7
Whiteboard:

Description Krešimir Jurasović

2010-11-29 03:35:01 EST

I've seem to find a bug in the shutdown mechanism of eclipseRT Virgo that manifest when the user change the default password to something else.

Steps to reproduce:

Download 2.1.0.RELEASE of EclipseRT Virgo. Install the server. Open the file <VIRGO INSTALL DIR>/config/org.eclipse.virgo.kernel.users.properties and change the admin password (I've tried changing it to admin and 1111111111). Then start the server. 

After that if you try to shutdown the server with shutdown.bat the following error occurs:

java.lang.SecurityException: Authentication failed! Credentials did not match
at com.sun.jmx.remote.security.JMXPluggableAuthenticator.authen ticationFailure(JMXPluggableAuthenticator.java:208)
at com.sun.jmx.remote.security.JMXPluggableAuthenticator.authen ticate(JMXPluggableAuthenticator.java:185)
at sun.management.jmxremote.ConnectorBootstrap$AccessFileChecke rAuthenticator.authenticate(ConnectorBootstrap.java:201)
at javax.management.remote.rmi.RMIServerImpl.doNewClient(RMISer verImpl.java:213)
at javax.management.remote.rmi.RMIServerImpl.newClient(RMIServe rImpl.java:180)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce ssorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe thodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.ja va:305)
at sun.rmi.transport.Transport$1.run(Transport.java:159)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:155)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTranspo rt.java:535)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TC PTransport.java:790)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCP Transport.java:649)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Threa dPoolExecutor.java:886)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoo lExecutor.java:908)
at java.lang.Thread.run(Thread.java:619)
at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServ er(StreamRemoteCall.java:255)
at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteC all.java:233)
at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:142)
at javax.management.remote.rmi.RMIServerImpl_Stub.newClient(Unk nown Source)
at javax.management.remote.rmi.RMIConnector.getConnection(RMICo nnector.java:2327)
at javax.management.remote.rmi.RMIConnector.connect(RMIConnecto r.java:279)
at javax.management.remote.JMXConnectorFactory.connect(JMXConne ctorFactory.java:248)
at org.eclipse.virgo.kernel.shutdown.ShutdownClient.doShutdown( ShutdownClient.java:63)
at org.eclipse.virgo.kernel.shutdown.ShutdownClient.performShut down(ShutdownClient.java:50)
at org.eclipse.virgo.kernel.shutdown.ShutdownClient.main(Shutdo wnClient.java:43)

I've tried using JConsole to connect to the server and shutdown it mannually and it works. I've also tried to revert to the old password (springsource) and it also works after that so I guess the bug is that the password is hardcoded or there are more then one place where the admin password is located.

Kresimir

Comment 1 Glyn Normington

2010-11-29 04:29:48 EST

Thanks for raising this. I'll add it to our backlog, but we are rather busy with a Virgo F2F meeting and some tooling donation work, so it will take a while to percolate to the top.

Comment 2 Glyn Normington

2010-11-29 04:30:32 EST

Flagging as helpwanted for anyone who fancies a piece of detective work.

Comment 3 Krešimir Jurasović

2010-12-01 04:45:34 EST

Ok I did some detective work and figured out why this is happening. Not sure about the right solution. 

I took a look at the shutdown script and the code for ShutdownClient and ShutdownCommandParser classes. The ShutdownClient uses ShutdownCommandParser to parse the arguments given to the client. Expected arguments are among others username and password. When I checked the shutdown script and the dmk stop command thoose parameters should be given in dmk.bat here

set SHUTDOWN_PARMS=%SHUTDOWN_PARMS% org.eclipse.virgo.kernel.shutdown.ShutdownClient
set SHUTDOWN_PARMS=%SHUTDOWN_PARMS% %OTHER_ARGS%

but the %OTHER_ARGS% are not given i.e "";

The temporary solution is to give thoose parameters to the shutdown.bat script like this: shutdown.bat -username <username> -password <password>.

But for me it would be alot better if this is read from the org.eclipse.virgo.kernel.users.properties where the password is actually changed othervise the password would have to be change on two seperate places.

Kreso

Comment 4 Amit Kumar

2010-12-09 11:25:20 EST

Kreso,

I guess you have already found the solution for it. You will need to specify the username/password while trying to shutdown if you have changed the username/password in 'com.springsource.kernel.users.properties' configuration.

The reason is that, the ShutdownCommand implementation has a default value of username/password as 'admin/springsource'. So, till the time you do not change the authentication config, the shutdown works. If you change it, you have to specify the username/password while shutting down, otherwise it is defaulted to 'admin/springsource' which will not work.

Take a look at the following code -

Bundle: $SERVER_HOME/lib/org.springsource.kernel.shutdown-2.x.x.jar
Package: com.springsource.kernel.shutdown
Class: ShutdownCommand.java

Code Snippet: private String password = "springsource"; 
              private String username = "admin";

I believe it was designed that way. There can be multiple users you can configure and so the shutdown may want know, who is the user trying to shutdown the container. In that case, the shutdown client must ask you the username/password.

Comment 5 Glyn Normington

2010-12-09 12:04:33 EST

I am in the process of changing the shutdown client code so that it takes default values for the user and password from the config/com.springsource.kernel.users.properties, so the shutdown script will cope with a change of user and/or password without having to specify them explicitly.

Comment 6 Glyn Normington

2010-12-10 06:20:58 EST

Fixed so that the user and password are taken from the configuration file com.springsource.kernel.users.properties and no longer need passing on the shutdown command.