Hawtio executable jar always "Failed to log in, Forbidden" - activemq

I'm trying to put hawtio-1.4.11 to work, but failing. I'm using the simplest configuration.
In the same host, activemq-5.9.0 (clean, no configs), and I just run java -jar hawtio-app-1.4.11.jar.
I've tested the logins to activemq (both old console and hawtio) and it was working ok.
Then I accessed hawtio
http://my_ip_address:8080/hawtio
and filled the form, and I was redirected to the login page. Then when I click login, I get "Failed to log in, Forbidden".
Could not see any log messages the give me a hint.
Thanks in advance for any help.
Update:
I did the fowlling test:
wget --user admin --password admin --auth-no-challenge http://localhost:8161/hawtio/jolokia/read/org.apache.activemq:type=Broker,brokerName=localhost/TotalConsumerCount
And it worked (HTTP 200), and using a wrong password (HTTP 403). It seems to be working as it supposed to, but still can not make hawtio standalone to connect.
When I try to login using hawtio, the only log messages are those (regardless if I used the correct password or not):
2014-07-17 19:08:47,342 | DEBUG | Handling request for path /auth/login | io.hawt.web.AuthenticationFilter | qtp962581073-40
2014-07-17 19:08:47,342 | DEBUG | Doing authentication and authorization for path /auth/login | io.hawt.web.AuthenticationFilter | qtp962581073-40
BTW, I've tried a lot of different setups, including war version in jboss-4.2.3 but all failed too.

See this blog entry how to install hawtio in ActiveMQ as the web console
http://sensatic.net/activemq/activemq-and-hawtio.html
It also explains to setup the security part, which is likely what is your problem.

I was able to login to activemq console, but not in hawtio.
In my case I found that:
activemq console credetial are read from conf/jetty-realm.properties
hawtio credential are read from conf/users.properties and conf/groups.properties
In users.properties the password cannot contains same characters, in my case the euro sign €

I have had a similar issue: get always a hawtio (1.4.45) styled login page when try to remote connect to ActiveMQ jolokia api (ActiveMQ 5.10.1)
The reason was that the URL-paht configured in hawtio, that points to ActiveMQ jolokia api must end with an /!
for example /api/jolokia/

On a Unix machine - I fixed this through changing the order of the configurationpath to the configuration scripts. Added /bin/env as the first statment in the /bin/activemq script under # CONFIGURATION # For using instances,
since it ignores the others but the first as stated here
Unix configuration
happy coding !

Related

JBoss Data Virt Access Using SSL

I have Data Virt running via the standalone.sh script, and can log in with my username and password. My next task is configuring it so that it automatically runs whenever the instance is up and running (without having to execute standalone.sh), and uses SSL (port 443) rather than my username and password to log me in. I added the vault.keystore, dv_keystore.jks, and dv_truststore.jks files, and modified both standalone.sh and standalone.xml, according to the JBoss and other online documentation, to account for using these files. I start the standalone.sh script, which runs without any errors. When I browse to:
http://<IP>:8443/dashboard
after starting standalone.sh, I get the following error:
This page can't be displayed
Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to https://:8443 again. If this error persists, it is possible that this site uses an unsupported protocol or cipher suite such as RC4, which is not considered secure. Please contact your site administrator.
The settings Use TLS-1.0-ON, Use TLS-1.1-ON, and Use TLS-1.2-ON are all checked in the Browser properties.
By contrast, when I browse to
http://<IP>:8443/dashboard
when standalone.sh is not running, I get the following:
This page can't be displayed
- Make sure the web address https://:8443 is correct.
- Look for the page with your search engine.
- Refresh the page in a few minutes.
It appears the browser is sensing something going on when standalone.sh is running, but something is not allowing the browser to access the dashboard.
What am I missing here?
Have you validated any other ssl access? Is it just an issue with the dashboard application?

ActiveMQ 5.15 HTTP ERROR: 503

Run environment :linux (CentOS 7), JDK 1.8, & ActiveMQ 5.15
I started Activemq then visit the management page with Chrome,when I try to log in with the default username & password I get the following error;
HTTP ERROR: 503
Problem accessing /admin/. Reason:
Service Unavailable Powered by Jetty://
How can I resolve this problem?
I was getting this same error. It turns out that I had run it as root user originally, then later I stopped it and ran it as a non-root user. Certain data files that had been created and owned by the original root instance were not accessible to the non-root user.
Check the ownership of the files, and change them if necessary to match the user that the broker is running as.
Had the same issue.
Maybe something went wrong the extraction of the package.
I downloaded this:
wget https://archive.apache.org/dist/activemq/5.15.0/apache-activemq-5.15.0-bin.tar.gz
and extracted it with:
sudo tar -zxvf apache-activemq-5.15.0-bin.tar.gz -C /opt
then it worked for me.
My two cents:
I start with the activemq in Ubuntu Repo, but then later change to binary package from official website.
In my case, the repo version left an /etc/default/activemq config file, which runs activemq with user "activemq". It turns out in previous experiments, I did not kill the old processes running under "activemq" when I start activemq under my own user name. There are two activemq processes running under different user names, and when connecting to admin console, I have a 503.
I delete the /etc/default/activemq file, and kill all activemq processes running under "activemq", then restart activemq with my user name, the 503 is gone.

Failed to login, Forbidden, using hawtio offline war file with ActiveMQ

I'm trying to use hawtio 1.5.2 offline war file as a webapp within ActiveMQ 5.14.5. I have added what I believe are the required entries to ACTIVEMQ_OPTS in $ACTIVEMQ_HOME/bin/env
-Dhawtio.role=admins -Dhawtio.rolePrincipalClasses=org.apache.activemq.jaas.GroupPrincipal -Djava.security.auth.login.config=$ACTIVEMQ_CONF/login.config
and when I go to http://localhost:8161/hawtio I get the login screen, but after using admin/admin and trying to login I get the error Failed to login, forbidden.
I am however able to use the executable JAR for hawtio and connect to my server, so I believe I must be missing something in the ActiveMQ configuration to allow this to work.
I have tried adding log4j.logger.io.hawt=DEBUG to my ActiveMQ's log4j.properties file but I don't seem to get any feedback in the logs from hawtio.
Can anyone help? Thanks
I found my problem. I didn't have this entry in ACTIVEMQ_OPTS in $ACTIVEMQ_HOME/bin/env
-Dhawtio.realm=activemq
Now with my entry reading
ACTIVEMQ_OPTS="$ACTIVEMQ_OPTS_MEMORY \
-Djava.util.logging.config.file=logging.properties \
-Djava.security.auth.login.config=$ACTIVEMQ_CONF/login.config \
-Dhawtio.realm=activemq \
-Dhawtio.role=admins \
-Dhawtio.rolePrincipalClasses=org.apache.activemq.jaas.GroupPrincipal"
I'm able to login.

cloudfoundry - vmc register error with external uri

I installed cloudfoundry with the -D option to change the default domain. Cloudfoundry installs fine and starts but when I try to vmc in I get an error:
swampfox#swampcf:~$ vmc target api.mydomain.com
Successfully targeted to [http://api.mydomain.com]
swampfox#swampcf:~$ vmc register --email emailid#gmail.com --passwd mypass
Creating New User: OK
Attempting login to [http://api.mydomain.com]
Problem with login to 'http://api.mydomain.com', target refused connection (getaddrinfo: Name or service not known), try again or register for an account.
swampfox#swampcf:~$ vmc register --email emailid#gmail.com --passwd mypass
Creating New User: Error 100: Bad request
Can someone help. I need to have the external uri or this is useless for me.
This works fine if I take the default api.vcap.me but it only works on that vm and is not accessable from other infrastructure which is pretty useless.
I have found the issue. There is a bug in vmc-0.3.21. Backed it down to vmc-0.3.18 and everything works now.
Whoof! How to open a bug against vmc?
When you have tried api.vcap.me, did you do this by just changing the endpoint address in config/cloud_controller.yml? If so, it may be worth checking to see if the setup did set the endpoint correctly in all the other configuration files, uaa.yml especially in this case as you are having issues with login.
I have always used the standard configuration (api.vcap.me) and then manually changed the endpoint in all the configuration files using sed, for example, from the config directory;
sed -i 's/\.vcap\.me/.newdomain.com/g' *.yml
Actually I initially installed with default api.vcap.me. Then i wiped out the guest an completely reinstalled with -D mydomain.com. I have subsquently installed another CF on a different guest with api.vcap.me for comparison.
Checked the config /home/cfadmin/cloudfoundry/.deployments/devbox/config/uaa.yml and there is no reverence to api.swampnet.com or api.vcap.me.
Just a quick note. I can successfully login from an external domain like emc.com but i cannot login on the local machine or a machine in the same subnet. Whoof!
I noticed that the controller had external uris false so I set them to ture but that made no difference. If I set them to true on the api.vcap.me instance will that allow me to push and app with an external uri?

Windows Phone Test Framework - NuGet - Testing a new App

I have followed your test app example from this video. I have also created the ACL for port 8085 using below command. (with Mydomain and myusracc being my work domain and user account)
netsh http add urlacl url=http://+:8085/ user=<mydomain>\<myusracc>
When I run the solution in debug mode, I'm getting below error:
There was no endpoint listening at http://localhost:8085/phoneAutomation/automate that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.
I tried executing the SpecFlow scenarios, I get below exception:
App not alive - ping failed
Expected: True
But was: False
I ran the command to see which ports are lisening, (netstat -an |find /i "listening") and couldn't find 8085
If I ran the netsh command again to create the ACL, I get a message saying URL is already there and is listed as follows:
Reserved URL : http://+:8085/
User: <mydomain>\<myusername>
Listen: Yes
Delegate: No
SDDL: D:(A;;GX;;;S-1-5-21-xxxxxxxxxxxx-xxxxxxxxxxx-xxxxxxxxxxxxx-xxxxxxxx)
I has the same questions and what I have found about second question: manual at GitHub isn't correct in example part and I use their examples from source code - they work fine.
Try to change your SpecFlow feature to something like:
Feature: MainPage
In order to test my app
As a WP7 Developer
I want to see it start and take a picture of it
Scenario: Main Page loads after a few seconds
Given my app is clean installed and running
Then take a picture