Major Description
Setting "encryption.enabled = true" and leave "encryption.name = " in the etc/org.apache.karaf.jaas.cfg, then start karaf container, try to connect it from client.sh/client.bat, then no success with these DEBUG error:
javax.security.auth.login.LoginException: org.jasypt.exceptions.EncryptionOperationNotPossibleException at org.jasypt.digest.StandardByteDigester.matches(StandardByteDigester.java:1106) at org.jasypt.digest.StandardStringDigester.matches(StandardStringDigester.java:1052) at org.jasypt.util.password.ConfigurablePasswordEncryptor.checkPassword(ConfigurablePasswordEncryptor.java:251) at org.apache.karaf.jaas.jasypt.impl.JasyptEncryption.checkPassword(JasyptEncryption.java:82) at org.apache.karaf.jaas.modules.AbstractKarafLoginModule.checkPassword(AbstractKarafLoginModule.java:135) at org.apache.karaf.jaas.modules.properties.PropertiesLoginModule.login(PropertiesLoginModule.java:126) at org.apache.karaf.jaas.boot.ProxyLoginModule.login(ProxyLoginModule.java:83) at sun.reflect.GeneratedMethodAccessor53.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) at javax.security.auth.login.LoginContext.login(LoginContext.java:587) at org.apache.karaf.shell.ssh.KarafJaasAuthenticator.doLogin(KarafJaasAuthenticator.java:93) at org.apache.karaf.shell.ssh.KarafJaasAuthenticator.authenticate(KarafJaasAuthenticator.java:70) at org.apache.sshd.server.auth.keyboard.DefaultKeyboardInteractiveAuthenticator.authenticate(DefaultKeyboardInteractiveAuthenticator.java:92) at org.apache.sshd.server.auth.keyboard.UserAuthKeyboardInteractive.doAuth(UserAuthKeyboardInteractive.java:119) at org.apache.sshd.server.auth.AbstractUserAuth.next(AbstractUserAuth.java:75) at org.apache.sshd.server.session.ServerUserAuthService.process(ServerUserAuthService.java:229) at org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:614) at org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:547) at org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1498) at org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:508) at org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:66) at org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:301) at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:281) at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:278) at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38) at java.security.AccessController.doPrivileged(Native Method) at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37) at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126) at sun.nio.ch.Invoker$2.run(Invoker.java:218) at sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748)
It's trying to use "jasypt" to do the validation but not the "basic" as the default behaviour of Karaf 4.1.x.
You have to set "encryption.name = basic" or "encryption.name = jasypt" definitely, then everything works. otherwize it always try to use "jasypt" and failed more silently.
Attachments
Issue Links
- links to