17 messages in net.java.dev.glassfish.adminRe: password policy since b55| From | Sent On | Attachments |
|---|---|---|
| David Ronge | Jul 24, 2009 2:44 am | |
| Jane Young | Jul 24, 2009 3:07 am | |
| David Ronge | Jul 24, 2009 5:55 am | |
| Kedar Mhaswade | Jul 24, 2009 6:10 am | |
| David Ronge | Jul 24, 2009 6:33 am | |
| Kedar Mhaswade | Jul 24, 2009 6:39 am | |
| David Ronge | Jul 24, 2009 6:51 am | |
| Sankar Neelakandan | Jul 24, 2009 9:41 am | |
| David Ronge | Jul 24, 2009 10:03 am | |
| Byron Nevins | Jul 24, 2009 11:13 am | |
| Kedar Mhaswade | Jul 24, 2009 1:17 pm | |
| Sankar Neelakandan | Jul 24, 2009 1:37 pm | |
| Kedar Mhaswade | Jul 24, 2009 2:06 pm | |
| Sankar Neelakandan | Jul 24, 2009 2:26 pm | |
| Kedar Mhaswade | Jul 24, 2009 2:37 pm | |
| David Ronge | Jul 24, 2009 2:58 pm | |
| Sankar Neelakandan | Jul 24, 2009 3:16 pm |
| Subject: | Re: password policy since b55 | |
|---|---|---|
| From: | David Ronge (Davi...@Sun.COM) | |
| Date: | Jul 24, 2009 6:33:45 am | |
| List: | net.java.dev.glassfish.admin | |
Hi Kedar,
yes, we delete domain1 first to be sure the eventual setup change of default domain won't give us some obscure diffs and to keep setup stable.
(delete-domain.1: [exec] Domain domain1 deleted. [exec] Command delete-domain executed successfully. No passwd used.)
content of the password.txt is here: AS_ADMIN_PASSWORD=adminadmin AS_ADMIN_USERPASSWORD=changeit
create-by-admin-command: [echo] exec: create-domain --user admin --passwordfile /space/test4u/cvswork/sunsw/tango/qe-tests/gf-setup/password.txt domain1 [echo] With properties: [echo] http.ssl.port=8181:orb.listener.port=3007:imq.port=7676 [exec] Deprecated syntax: create-domain, Options: [passwordfile, user] [exec] Using port 4848 for Admin. [exec] Using port 8080 for HTTP Instance. [exec] Using default port 7676 for JMS. [exec] Using port 3007 for IIOP. [exec] Using port 8181 for HTTP_SSL. [exec] Using default port 3820 for IIOP_SSL. [exec] Using default port 3920 for IIOP_MUTUALAUTH. [exec] Using default port 8686 for JMX_ADMIN. [exec] Distinguished Name of the self-signed X.509 Server Certificate is: [exec] [CN=eas-x2100-1.India.Sun.COM,OU=GlassFish,O=Sun Microsystems,L=Santa Clara,ST=California,C=US] [exec] Domain domain1 created. [exec] Command create-domain executed successfully.
is the target used, more precisely, target corresponding to the above log is here: <target name="create-by-admin-command" depends="get-asadmin" if="create.by.admin.command"> <!-- propertyset refid="full.domain.propertyset"/ --> <echo message="exec: create-domain --user admin --passwordfile ${basedir}/password.txt ${domain.name}"/> <property name="dmn.specif.1" value="http.ssl.port=${https.port}" /> <property name="dmn.specif.2" value="${dmn.specif.1}:orb.listener.port=${orb.port}" /> <property name="dmn.specif.0" value="${dmn.specif.2}:imq.port=${imq.port}" /> <echo message="With properties:"/> <echo message="${dmn.specif.0}"/>
<exec executable="${asadmin.executable}" dir="${basedir}" resultproperty="asadmin.result"> <!-- in ${gf.install.home} or ${basedir} ? --> <arg value="create-domain"/> <arg value="--user"/> <arg value="admin"/> <arg value="--passwordfile"/> <arg value="password.txt"/><!-- ${basedir}/... --> <arg value="--instanceport"/> <arg value="${instance.port}"/> <arg value="--adminport"/> <arg value="${admin.port}"/> <arg value="--domaindir"/> <arg value="${gf.install.home}/domains"/> <arg value="--domainproperties"/> <arg value="${dmn.specif.0}"/> <!-- leave as last item value - (first that is not an option) --> <arg value="${domain.name}"/> </exec> </target>
with --domainproperties echoed as visible. There's alternative setup target using setup.xml but that is used with V2 only for continuity. (The property set contains the original default ports mainly - i think these are exclusively defaults - you can see better.)
The master password claimed is AS_ADMIN_PASSWORD - according to the password.txt? Or the other entry?
~dave
Kedar Mhaswade wrote:
Hi David,
VB Kumar told me that you guys were seeing some issues here.
Yes, I made some changes to the master password handling in b55. It was not a big deal as far as users are concerned. I am sorry that it seems to affect you. But I do think that you guys are creating domain differently. As you can see the console output of start-domain, it contains:
[exec] No valid master password found [exec] No console, no prompting possible [exec] Command start-domain failed. [exec] Result: 1
So, it's not failing for deprecated syntax, but for something else. Can I get the entire sequence of commands you run? For example, is the same password.txt provided to both create-domain and start-domain commands? I somehow think that the master password for this domain is not the default ("changeit") or there is a bug in what I recently did ...
Let me know either way. My commit log is here: http://fisheye4.atlassian.com/changelog/glassfish-svn/trunk/v3/admin/cli/src/main/java/com/sun/enterprise/admin/cli/commands?cs=29406
-Kedar
David Ronge wrote:
This way:
<target name="start-a-domain" if="a.domain.exists" unless="skip.domain" depends="check.domain.exists"> <property name="a.domain.name" value="${default.domain}"/><!-- convenience default --> <echo message="STARTING domain ${a.domain.name}..." /> <echo message="stuff.dir ${stuff.dir}..." /> <exec executable="${gf.install.home}/bin/asadmin.bat" os="Windows XP,Windows 2000,Windows 2003" dir="${stuff.dir}" spawn="true" failonerror="false"> <arg value="start-domain"/> <arg value="--user"/> <arg value="admin"/> <arg value="--passwordfile"/> <arg value="password.txt"/> <arg value="${a.domain.name}"/> </exec> <exec executable="${gf.install.home}/bin/asadmin" dir="${stuff.dir}" os="SunOS,Linux,AIX,Mac OS X"> <arg line="start-domain --user admin --passwordfile password.txt ${a.domain.name}"/> </exec> <echo message="STARTED domain ${a.domain.name}..." /> </target>
(start-domain command seemed not to be obligatory with user and passwd data but stop-domain did when file-user was added etc. So we include it for start too.) This worked reliably unless some integration fault prevented proper start due to bundling error or start failure of some essential service.
~dave
Jane Young wrote:
Can you provide the syntax used to start the domain?
Thanks, Jane
David Ronge wrote:
Hi, is there any instruction to handle starting/stopping domain differently now? The behavior has changed ~ with build b55 as now i can see >
start-a-domain: [echo] STARTING domain domain1... [echo] stuff.dir /space/test4u/cvswork/sunsw/tango/qe-tests/gf-setup... [exec] Deprecated syntax: start-domain, Options: [passwordfile, user] [exec] No valid master password found [exec] No console, no prompting possible [exec] Command start-domain failed. [exec] Result: 1 [echo] STARTED domain domain1...
it says "deprecated" but the coming syntax simply doesn't work without change. Can someone please give me a clue? Our team tests Metro/jaxws webservices on V2/V3/Tomcat... so managing GF administration is sort of routine for us. (Still, if there's page to look at when something stops working the old way it would be nice.)
Thank you much in advance.
Regards, David