4

Very new to Hawtio and Jolokia. I am NOT using JBOSS or any other RedHat product, only Tomcat. I downloaded Hawtio-default.war (ver. 1.4.21) and Jolokia.war (ver. 1.2.2). I have two Tomcat (7.0.39) instances on my local machine (localhost), running on port 18080 and 38080 respectively.

The issue: If I didn't enable the security for Jolokia, I was OK to connect from Hawtio (port 18080) to Jolokia (port 38080) without any problem. However, if I enabled the security for Jolokia, I was NOT able to connect and always got below error (tried in both FF and Chrome):

This is the details of I have done:
1. Deployed Hawtio.war to Tomcat running on port 18080.
2. deployed Jolokia.war to Tomcat running on port 38080.
3. Without enabling security for Jolokia, I was able to connect from Hawtio (port 18080), without proxy, to Jolokia (port 38080). Success.
4. Then, I tried to enable security for Jolokia by uncommenting the section in its web.xml to make it look like this:

<login-config>
   <auth-method>BASIC</auth-method>
   <realm-name>UserDatabase</realm-name>
</login-config>

<security-constraint>
  <web-resource-collection>
     <web-resource-name>Jolokia-Agent Access</web-resource-name>
     <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
     <role-name>Jolokia</role-name>
  </auth-constraint>
</security-constraint>

<security-role>
   <role-name>Jolokia</role-name>
</security-role>

and in tomcat/conf/user-tomat.xml file, I added:

  <role rolename="Jolokia"/>
  <user username="admin" password="hawtorwhat" roles="Jolokia"/>
  1. Add username/password and role to tomcat-users.xml file as:
  2. restarted both Tomcat instances.
  3. Tried to goto Jolokia directly http://localhost:38080/jolokia, it prompted me for username and password. After I typed in admin and hawtorwhat, I was shown below message in my browser. So it looked like OK to directly remote connect to a security-enabled Jolokia.
  4. launched http://localhost:18080/hawtio, clicked on "Connect" tab, provided same info plus username and password for localhost port 38080 (without proxy), un-success. the error was always the same (different error for different browser, strange, no previous hawtio plug-in for Chrome):

In FireFox: 

Cannot Connect: [Exception... "Failure" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: http://localhost:18080/hawtio/app/app.js?6f7be3a9a9f2ffe8 :: .send :: line 8" data: no]

In Chrome: 

Cannot Connect: NetworkError: Failed to execute 'send' on 'XMLHttpRequest': Failed to load 'http://localhost:38080/jolokia-war-1.2.2/?maxDepth=2&maxCollectionSize=500&ignoreErrors=true&canonicalNaming=false'.

I also tried check 'use proxy', it didn't work regardless with or without security enabled. Error message was as:

java.net.UnknownHostException: http
    java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178)
    java.net.PlainSocketImpl.connect(PlainSocketImpl.java:157)
    java.net.SocksSocketImpl.connect(SocksSocketImpl.java:391)
    java.net.Socket.connect(Socket.java:579)
    java.net.Socket.connect(Socket.java:528)
    java.net.Socket.<init>(Socket.java:425)
    java.net.Socket.<init>(Socket.java:208)
    io.hawt.web.OpenShiftProtocolSocketFactory.createSocket(OpenShiftProtocolSocketFactory.java:36)
    org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:122)
    org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707)
    org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387)
    org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
    org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
    org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
    io.hawt.web.ProxyServlet.executeProxyRequest(ProxyServlet.java:418)
    io.hawt.web.ProxyServlet.doPost(ProxyServlet.java:273)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:647)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
    io.hawt.web.RedirectFilter.process(RedirectFilter.java:66)
    io.hawt.web.RedirectFilter.doFilter(RedirectFilter.java:38)

My IE (ver. 9) doesn't seem to support html5, leave it out for now...

I read docs and others internet posts for both Hawio and Jolokia, not sure what I missed. Based on #3 and #7 above, Jolokia seemed to be running fine. What else should I do? Is any config or additional files that I need to add anywhere? Please help. Also, how am i going to debug this?

Thank you,

---misterxy

MisterXY
  • 51
  • 1
  • 4
  • I've run into what I think is a similar issue without a solution. For now I've added it to the hawt.io issues on GitHub. If you setup a Spring application with Jolokia and no security, things work well. If you add Spring Security you get a login prompt for /jolokia but both Hawt.io and Jolokia work. If you inherit from WebSecurityConfigurerAdapter, Hawt.io is no longer able to access /jolokia even though behavior in a browser seems the same. – Nathanial Woolls Jul 08 '15 at 00:51

0 Answers0