Sankar just confirmed that this works and he's filed a bug against
create-domain (8876) to track.
-Kedar
Kedar Mhaswade wrote:
>
>
> Sankar Neelakandan wrote:
>>
>>
>> Kedar Mhaswade wrote:
>>> That's because master password was NEVER enforced for v3. I
>>> implemented it
>>> for the first time for v3. If you ran the commands like you did for V2,
>>> this would always work. Remember, for V2, a domain startup would always
>>> require to open the stores otherwise the server startup fails.
>> Yes but in V2 when the masterpassword is not provided for the
>> create-domain command the password is assumed to be "changeit".
>> The start-domain command never prompted for masterpassword in this
>> default case.
>
> And it never does. Like I said, there was some create-domain related
> change that Bill made after I was done and I am not sure if this is
> the fallout of that.
>
> e.g. try this out:
>
> passwords:
> AS_ADMIN_MASTERPASSWORD=changeit
> AS_ADMIN_PASSWORD=adminadmin
> AS_ADMIN_ADMINPASSWORD=adminadmin
>
> asadmin --passwordfile passwords create-domain --portbase 5000 d2
>
> asadmin start-domain d2 (note: no passwordfile given)
>
> and it *does* start without prompting.
>
> Again, I don't know why it does not work when passwords does NOT contain
> AS_ADMIN_MASTERPASSWORD. It's a separate issue.
>
>>>
>>> Since the master password was enforced only since b55, the start-domain
>>> needs this to be provided while doing the startup.
>>>
>>> Now, in most cases, this is not a problem. In the "default" case, i.e.
>>> when the domain is *created* with default master password, startup would
>>> have it.
>> Does this mean the masterpassword has to be explicitly provided as
>> "changeit" ?.
>
> No.
>
>> When the masterpassword is not provided the create-domain command
>> still goes ahead and creates a domain. What is the masterpassword used
>> in this case ?.
>
> Investigating. Not related to my changes ...
>
>> If it is "changeit" why does the start-domain command still prompts
>> for masterpassword ?.
>
> Correct, it should not and it does not.
>
>>
>>> In another case, where you choose the do --savemasterpassword during
>>> create-domain, start-domain would have that password read
>>> automatically for
>>> you, so that you don't have to provide it during startup.
>>
>>>
>>> -Kedar
>>>
>>>
>>> Sankar Neelakandan wrote:
>>>> Kedar,
>>>> The exact problem is,
>>>> In B55 when the domain is created without MASTERPASSWORD in
>>>> passwordfile the start-domain works without prompting for
>>>> masterpassword.
>>>> But in B56 when the domain is created without MASTERPASSWORD in
>>>> passwordfile the start-domain doesn't work without providing the
>>>> master password. (If the domain is started without a console there
>>>> is no prompting for masterpassword and fails with the noconsole
>>>> message)
>>>>
>>>> Please see the following logs.
>>>>
>>>>
>>>> bash-3.00# cat /password.txt
>>>> AS_ADMIN_PASSWORD=adminadmin
>>>>
>>>>
>>>> bash-3.00# glassfishv3/glassfish/bin/asadmin create-domain
>>>> --adminport 4848 --user admin --passwordfile /password.txt domain1
>>>> Deprecated syntax: create-domain, Options: [passwordfile, user]
>>>> Using port 4848 for Admin.
>>>> Using default port 8080 for HTTP Instance.
>>>> Using default port 7676 for JMS.
>>>> Using default port 3700 for IIOP.
>>>> Using default port 8181 for HTTP_SSL.
>>>> Using default port 3820 for IIOP_SSL.
>>>> Using default port 3920 for IIOP_MUTUALAUTH.
>>>> Using default port 8686 for JMX_ADMIN.
>>>> Distinguished Name of the self-signed X.509 Server Certificate is:
>>>> [CN=easqesf4,OU=GlassFish,O=Sun Microsystems,L=Santa
>>>> Clara,ST=California,C=US]
>>>> Domain domain2 created.
>>>> Command create-domain executed successfully.
>>>>
>>>> bash-3.00# glassfishv3/glassfish/bin/asadmin start-domain domain2
>>>> No valid master password found
>>>> Enter master password (3 attempt(s) remain)> Sorry, incorrect master
>>>> password, retry
>>>> Enter master password (2 attempt(s) remain)> Sorry, incorrect master
>>>> password, retry
>>>> Enter master password (1 attempt(s) remain)> Sorry, incorrect master
>>>> password, retry
>>>> Number of attempts (3) exhausted, giving up
>>>> Command start-domain failed.
>>>>
>>>> When started without console it fails with the following error message
>>>>
>>>>
>>>> bash-3.00# glassfishv3/glassfish/bin/asadmin start-domain domain1
>>>> Deprecated syntax: start-domain, Options: [passwordfile, user]
>>>> No valid master password found
>>>> Command start-domain failed.
>>>> No console, no prompting possible
>>>>
>>>>
>>>>
>>>> Kedar Mhaswade wrote:
>>>>> Dave,
>>>>>
>>>>> It should be AS_ADMIN_MASTERPASSWORD. AS_ADMIN_USERPASSWORD is
>>>>> for (an entirely) different purpose.
>>>>>
>>>>> If you don't really care about master password (:-0) you can just
>>>>> have AS_ADMIN_MASTERPASSWORD=changeit added to this password.txt
>>>>> file and I am pretty sure this will be fixed.
>>>>>
>>>>> But I think we need to address this use case. My understanding was
>>>>> that in this case, (i.e. the way your password.txt seems) we should
>>>>> have defaulted the master password to "changeit". I am not sure if
>>>>> this is due to recent changes to create-domain command as well. We'll
>>>>> investigate.
>>>>>
>>>>> For now, just add this one more line to password.txt to get unblocked.
>>>>>
>>>>> -Kedar
>>>>>
>>>>> David Ronge wrote:
>>>>>> Hi Kedar,
>>>>>>
>>>>>> yes, we delete domain1 first to be sure the eventual setup change
>>>>>> of default domain won't give us some obscure diffs and to keep
>>>>>> setup stable.
>>>>>>
>>>>>> (delete-domain.1:
>>>>>> [exec] Domain domain1 deleted.
>>>>>> [exec] Command delete-domain executed successfully.
>>>>>> No passwd used.)
>>>>>> content of the password.txt is here:
>>>>>> AS_ADMIN_PASSWORD=adminadmin
>>>>>> AS_ADMIN_USERPASSWORD=changeit
>>>>>>
>>>>>> create-by-admin-command:
>>>>>> [echo] exec: create-domain --user admin --passwordfile
>>>>>> /space/test4u/cvswork/sunsw/tango/qe-tests/gf-setup/password.txt
>>>>>> domain1
>>>>>> [echo] With properties:
>>>>>> [echo] http.ssl.port=8181:orb.listener.port=3007:imq.port=7676
>>>>>> [exec] Deprecated syntax: create-domain, Options:
>>>>>> [passwordfile, user]
>>>>>> [exec] Using port 4848 for Admin.
>>>>>> [exec] Using port 8080 for HTTP Instance.
>>>>>> [exec] Using default port 7676 for JMS.
>>>>>> [exec] Using port 3007 for IIOP.
>>>>>> [exec] Using port 8181 for HTTP_SSL.
>>>>>> [exec] Using default port 3820 for IIOP_SSL.
>>>>>> [exec] Using default port 3920 for IIOP_MUTUALAUTH.
>>>>>> [exec] Using default port 8686 for JMX_ADMIN.
>>>>>> [exec] Distinguished Name of the self-signed X.509 Server
>>>>>> Certificate is:
>>>>>> [exec] [CN=eas-x2100-1.India.Sun.COM,OU=GlassFish,O=Sun
>>>>>> Microsystems,L=Santa Clara,ST=California,C=US]
>>>>>> [exec] Domain domain1 created.
>>>>>> [exec] Command create-domain executed successfully.
>>>>>>
>>>>>> is the target used, more precisely, target corresponding to the
>>>>>> above log is here:
>>>>>> <target name="create-by-admin-command" depends="get-asadmin"
>>>>>> if="create.by.admin.command">
>>>>>> <!-- propertyset refid="full.domain.propertyset"/ -->
>>>>>> <echo message="exec: create-domain --user admin
>>>>>> --passwordfile ${basedir}/password.txt ${domain.name}"/>
>>>>>> <property name="dmn.specif.1"
>>>>>> value="http.ssl.port=${https.port}" />
>>>>>> <property name="dmn.specif.2"
>>>>>> value="${dmn.specif.1}:orb.listener.port=${orb.port}" />
>>>>>> <property name="dmn.specif.0"
>>>>>> value="${dmn.specif.2}:imq.port=${imq.port}" />
>>>>>> <echo message="With properties:"/>
>>>>>> <echo message="${dmn.specif.0}"/>
>>>>>>
>>>>>> <exec executable="${asadmin.executable}" dir="${basedir}"
>>>>>> resultproperty="asadmin.result">
>>>>>> <!-- in ${gf.install.home} or ${basedir} ? -->
>>>>>> <arg value="create-domain"/>
>>>>>> <arg value="--user"/>
>>>>>> <arg value="admin"/>
>>>>>> <arg value="--passwordfile"/>
>>>>>> <arg value="password.txt"/><!-- ${basedir}/... -->
>>>>>> <arg value="--instanceport"/>
>>>>>> <arg value="${instance.port}"/>
>>>>>> <arg value="--adminport"/>
>>>>>> <arg value="${admin.port}"/>
>>>>>> <arg value="--domaindir"/>
>>>>>> <arg value="${gf.install.home}/domains"/>
>>>>>> <arg value="--domainproperties"/>
>>>>>> <arg value="${dmn.specif.0}"/>
>>>>>> <!-- leave as last item value - (first that is not an
>>>>>> option) -->
>>>>>> <arg value="${domain.name}"/>
>>>>>> </exec>
>>>>>> </target>
>>>>>>
>>>>>> with --domainproperties echoed as visible.
>>>>>> There's alternative setup target using setup.xml but that is used
>>>>>> with V2 only for continuity.
>>>>>> (The property set contains the original default ports mainly - i
>>>>>> think these are exclusively defaults - you can see better.)
>>>>>>
>>>>>> The master password claimed is AS_ADMIN_PASSWORD - according to
>>>>>> the password.txt? Or the other entry?
>>>>>>
>>>>>> ~dave
>>>>>>
>>>>>> Kedar Mhaswade wrote:
>>>>>>> Hi David,
>>>>>>>
>>>>>>> VB Kumar told me that you guys were seeing some issues here.
>>>>>>>
>>>>>>> Yes, I made some changes to the master password handling in b55.
>>>>>>> It was
>>>>>>> not a big deal as far as users are concerned. I am sorry that it
>>>>>>> seems to
>>>>>>> affect you. But I do think that you guys are creating domain
>>>>>>> differently.
>>>>>>> As you can see the console output of start-domain, it contains:
>>>>>>>
>>>>>>> >>> [exec] No valid master password found
>>>>>>> >>> [exec] No console, no prompting possible
>>>>>>> >>> [exec] Command start-domain failed.
>>>>>>> >>> [exec] Result: 1
>>>>>>>
>>>>>>> So, it's not failing for deprecated syntax, but for something else.
>>>>>>> Can I get the entire sequence of commands you run? For example,
>>>>>>> is the
>>>>>>> same password.txt provided to both create-domain and start-domain
>>>>>>> commands?
>>>>>>> I somehow think that the master password for this domain is not
>>>>>>> the default
>>>>>>> ("changeit") or there is a bug in what I recently did ...
>>>>>>>
>>>>>>> Let me know either way. My commit log is here:
>>>>>>> http://fisheye4.atlassian.com/changelog/glassfish-svn/trunk/v3/admin/cli/src/main/java/com/sun/enterprise/admin/cli/commands?cs=29406
>>>>>>>
>>>>>>>
>>>>>>> -Kedar
>>>>>>>
>>>>>>>
>>>>>>> David Ronge wrote:
>>>>>>>> This way:
>>>>>>>>
>>>>>>>> <target name="start-a-domain" if="a.domain.exists"
>>>>>>>> unless="skip.domain" depends="check.domain.exists">
>>>>>>>> <property name="a.domain.name"
>>>>>>>> value="${default.domain}"/><!-- convenience default -->
>>>>>>>> <echo message="STARTING domain ${a.domain.name}..." />
>>>>>>>> <echo message="stuff.dir ${stuff.dir}..." />
>>>>>>>> <exec executable="${gf.install.home}/bin/asadmin.bat"
>>>>>>>> os="Windows XP,Windows 2000,Windows 2003"
>>>>>>>> dir="${stuff.dir}" spawn="true" failonerror="false">
>>>>>>>> <arg value="start-domain"/>
>>>>>>>> <arg value="--user"/>
>>>>>>>> <arg value="admin"/>
>>>>>>>> <arg value="--passwordfile"/>
>>>>>>>> <arg value="password.txt"/>
>>>>>>>> <arg value="${a.domain.name}"/>
>>>>>>>> </exec>
>>>>>>>> <exec executable="${gf.install.home}/bin/asadmin"
>>>>>>>> dir="${stuff.dir}" os="SunOS,Linux,AIX,Mac OS X">
>>>>>>>> <arg line="start-domain --user admin --passwordfile
>>>>>>>> password.txt ${a.domain.name}"/>
>>>>>>>> </exec>
>>>>>>>> <echo message="STARTED domain ${a.domain.name}..." />
>>>>>>>> </target>
>>>>>>>>
>>>>>>>> (start-domain command seemed not to be obligatory with user and
>>>>>>>> passwd data but stop-domain did when file-user was added etc.
>>>>>>>> So we include it for start too.)
>>>>>>>> This worked reliably unless some integration fault prevented
>>>>>>>> proper start due to bundling error or start failure of some
>>>>>>>> essential service.
>>>>>>>>
>>>>>>>> ~dave
>>>>>>>>
>>>>>>>> Jane Young wrote:
>>>>>>>>> Can you provide the syntax used to start the domain?
>>>>>>>>>
>>>>>>>>> Thanks,
>>>>>>>>> Jane
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> David Ronge wrote:
>>>>>>>>>> Hi, is there any instruction to handle starting/stopping
>>>>>>>>>> domain differently now?
>>>>>>>>>> The behavior has changed ~ with build b55 as now i can see >
>>>>>>>>>>
>>>>>>>>>> start-a-domain:
>>>>>>>>>> [echo] STARTING domain domain1...
>>>>>>>>>> [echo] stuff.dir
>>>>>>>>>> /space/test4u/cvswork/sunsw/tango/qe-tests/gf-setup...
>>>>>>>>>> [exec] Deprecated syntax: start-domain, Options:
>>>>>>>>>> [passwordfile, user]
>>>>>>>>>> [exec] No valid master password found
>>>>>>>>>> [exec] No console, no prompting possible
>>>>>>>>>> [exec] Command start-domain failed.
>>>>>>>>>> [exec] Result: 1
>>>>>>>>>> [echo] STARTED domain domain1...
>>>>>>>>>>
>>>>>>>>>> it says "deprecated" but the coming syntax simply doesn't work
>>>>>>>>>> without change.
>>>>>>>>>> Can someone please give me a clue?
>>>>>>>>>> Our team tests Metro/jaxws webservices on V2/V3/Tomcat... so
>>>>>>>>>> managing GF administration is sort of routine for us.
>>>>>>>>>> (Still, if there's page to look at when something stops
>>>>>>>>>> working the old way it would be nice.)
>>>>>>>>>>
>>>>>>>>>> Thank you much in advance.
>>>>>>>>>>
>>>>>>>>>> Regards,
>>>>>>>>>> David
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> ---------------------------------------------------------------------
>>>>>>>>>>
>>>>>>>>>> To unsubscribe, e-mail: admin-unsubscribe_at_glassfish.dev.java.net
>>>>>>>>>> For additional commands, e-mail:
>>>>>>>>>> admin-help_at_glassfish.dev.java.net
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> ---------------------------------------------------------------------
>>>>>>>>
>>>>>>>> To unsubscribe, e-mail: admin-unsubscribe_at_glassfish.dev.java.net
>>>>>>>> For additional commands, e-mail: admin-help_at_glassfish.dev.java.net
>>>>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: admin-unsubscribe_at_glassfish.dev.java.net
>>>>> For additional commands, e-mail: admin-help_at_glassfish.dev.java.net
>>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: admin-unsubscribe_at_glassfish.dev.java.net
>>>> For additional commands, e-mail: admin-help_at_glassfish.dev.java.net
>>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: admin-unsubscribe_at_glassfish.dev.java.net
>>> For additional commands, e-mail: admin-help_at_glassfish.dev.java.net
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: admin-unsubscribe_at_glassfish.dev.java.net
>> For additional commands, e-mail: admin-help_at_glassfish.dev.java.net
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: admin-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: admin-help_at_glassfish.dev.java.net
>