Highlighted

javax.security.auth.login.LoginException: unable to find LoginModule class in AEM 6.3

Avatar

Avatar

swapnilg7731718

Avatar

swapnilg7731718

swapnilg7731718

12-11-2018

Hi team ,

Recently we have upgraded AEM 6.0 to AEM 6.3 , where we have  JAAS module configured to generate token for authentication.

Step 1: After starting the server in AEM 6.3 , we get below error when we replicate something.

09.11.2018 07:41:43.424 *WARN* [sling-threadpool-cb90f54b-e9a7-47b5-a011-36ec26f9ae1f-(apache-sling-job-thread-pool)-3-com_day_cq_replication_job_rep-ny-dev-2(com/day/cq/replication/job/rep-ny-dev-2)] org.apache.felix.jaas No JAAS module configured for realm "XXX09.11.2018 07:41:43.425 *ERROR* [sling-threadpool-cb90f54b-e9a7-47b5-a011-36ec26f9ae1f-(apache-sling-job-thread-pool)-3-com_day_cq_replication_job_rep-ny-dev-2(com/day/cq/replication/job/rep-ny-dev-2)] ***.***.*** Failed to generate new token

javax.security.auth.login.LoginException: unable to find LoginModule class: aa.bb.cc

Step 2: Whenever after restart we manually do test connection , than replication start working as if has loaded the login module

  1. 09.11.2018 07:42:06.957 *INFO* [ [1541767326884] GET /etc/replication/agents.author/rep-ny-dev-1.test.html HTTP/1.1] LoginModule Initializing...
  2. 09.11.2018 07:42:06.957 *INFO* [ [1541767326884] GET /etc/replication/agents.author/rep-ny-dev-1.test.html HTTP/1.1] LoginModule System property from aa.properties
  3. 09.11.2018 07:42:06.960 *INFO* [ [1541767326884] GET /etc/replication/agents.author/rep-ny-dev-1.test.html HTTP/1.1] LoginModule Reading login properties from [aa.properties]
  4. 09.11.2018 07:42:06.963 *INFO* [ [1541767326884] GET /etc/replication/agents.author/rep-ny-dev-1.test.html HTTP/1.1] LoginModule Initialisation complete...

Any pointer will be helpful , thanks in Advance.

Just like to share more information so that can be useful to trouble shoot.

In Aem 6.0 , we didn't have any problem  with jaas configuration.

We used to place all the bundle in install folder for installation of bundles.

But after upgrade to AEM 6.3 , we have change this approach to package manager for installation.

Below is the log(related to jaas configuration) which appear in AEM 6.3 which wasn't available in AEM 6.0 after starting the server

  • 12.11.2018 09:05:44.440 *INFO* [FelixStartLevel] org.apache.felix.jaas Registered provider FelixJaasProvider for managing JAAS config with type JavaLoginConfig
  • 12.11.2018 09:05:44.442 *INFO* [FelixStartLevel] org.apache.felix.jaas Service [org.apache.felix.jaas.ConfigurationSpi,134, [org.osgi.service.cm.ManagedService]] ServiceEvent REGISTERED
  • 12.11.2018 09:05:44.442 *INFO* [FelixStartLevel] org.apache.felix.jaas Service [135, [org.apache.felix.jaas.LoginContextFactory]] ServiceEvent REGISTERED
  • 12.11.2018 09:05:44.443 *INFO* [CM Configuration Updater (ManagedService Update: pid=[org.apache.felix.jaas.ConfigurationSpi])] org.apache.felix.jaas Removed provider FelixJaasProvider type JavaLoginConfig from Security providers list
  • 12.11.2018 09:05:44.443 *INFO* [CM Configuration Updater (ManagedService Update: pid=[org.apache.felix.jaas.ConfigurationSpi])] org.apache.felix.jaas Registered provider FelixJaasProvider for managing JAAS config with type JavaLoginConfig
  • 12.11.2018 09:05:44.444 *INFO* [CM Configuration Updater (ManagedService Update: pid=[org.apache.felix.jaas.ConfigurationSpi])] org.apache.felix.jaas Replacing the global JAAS configuration with OSGi based proxy configuration. It would look first in the OSGi based configuration and if not found would use the default global configuration

Replies

Highlighted

Avatar

Avatar

smacdonald2008

Total Posts

12.7K

Likes

1.4K

Correct Answer

2.3K

Avatar

smacdonald2008

Total Posts

12.7K

Likes

1.4K

Correct Answer

2.3K
smacdonald2008

12-11-2018

Have you tried to set up on a fresh AEM instance (in a dev environment) - this will tell us if this is an upgrade issue

Highlighted

Avatar

Avatar

swapnilg7731718

Avatar

swapnilg7731718

swapnilg7731718

12-11-2018

Thanks for immediate response.

Yes, this behavior is happening in all lower environment.

One more thing like to highlight , in AEM 6.0 we use tomcat server while in AEM 6.3 we used embedded jetty server.

Highlighted

Avatar

Avatar

aneeta45259594

Avatar

aneeta45259594

aneeta45259594

12-11-2018

Hello swapnilg77317184

Does this upgrade involve an Application server for your setup such as JBOSS, weblogic,etc? If yes, you may need to recreate your /etc/key.

1) Log into crx/explorer as admin

2) Click on Content Explorer

3) Go to the node /etc/key and delete it. Click Save All.

4) Stop AEM

5) Go to crx-quickstart directory

I don't believe this to be an issue with JAAS but with the Crypto Support. Can you check if you see any CryptoSupport errors in the logs as well?

Best Regards,

Aneet

Highlighted

Avatar

Avatar

swapnilg7731718

Avatar

swapnilg7731718

swapnilg7731718

12-11-2018

Thanks Aneeta,

Nope we are not using any external Application Server.

I don't think its related to any crypo related because I am not able to see any crypto related error.

Infact it works after doing test connection as token is generated after that.

I suspect something related to sequence of installation or any config may be I am  missing which is causing this issue.

Highlighted

Avatar

Avatar

swapnilg7731718

Avatar

swapnilg7731718

swapnilg7731718

02-01-2019

Hi , just like to re frame this issue

We have a login module(a.b.c.LoginModule) class specified in JAAS config. This login module gets invoked from class which implements Transport handler.(Generating token while replicating)

Case 1

When  we do test connection or force retry for any content stuck in replication queue, the replication is triggered generating token from Login Module.

Logs

POST /etc/replication/agents.author/agent1/jcr:content.queue.json HTTP/1.1] c.d.c.r.Agent.agent1.queue (ReplicationQueueImpl.java:313) - Processing job for agent agent1

POST /etc/replication/agents.author/agent1/jcr:content.queue.json HTTP/1.1] abc.java  - Initializing...

POST /etc/replication/agents.author/agent1/jcr:content.queue.json HTTP/1.1] abc.java - System property loaded

POST /etc/replication/agents.author/agent1/jcr:content.queue.json HTTP/1.1] abc.java - Reading abc.properties

POST /etc/replication/agents.author/agent1/jcr:content.queue.json HTTP/1.1] abc.java - Initialisation complete...

POST /etc/replication/agents.author/agent1/jcr:content.queue.json HTTP/1.1] abc.java - Generated token

Case 2

But if in case i replicate content , the replication is triggered but fail's to generate token with below exception

Log

[sling-threadpool-04717b99-e707-4d0d-9b0d-35f2dd7ae850-(apache-sling-job-thread-pool)-5831-com_day_cq_replication_job_devuat-1(com/day/cq/replication/job/agent1)] c.d.c.r.Agent.agent1.queue (ReplicationQueueImpl.java:313) - Processing job for agent agent1

2019-01-02T09:14:17.876-0500 ERROR [sling-threadpool-04717b99-e707-4d0d-9b0d-35f2dd7ae850-(apache-sling-job-thread-pool)-5831-com_day_cq_replication_job_devuat-1(com/day/cq/replication/job/agent1)] abc.java - Failed to generate new token

javax.security.auth.login.LoginException: unable to find LoginModule class: a.b.c.LoginModule

Seem's 2nd case is not able to find LoginModule but which is not the case with test connection.

Not sure is it authentication.jar(LoginModule) is not properly loaded in OSGI container  Or is it any thing triggered from sling thread pool is not referencing Login Module ?

Apologies in case i misguide with my earlier post.Any pointer's are appreciated.

Thanks in Advance.