Sankar Neelakandan wrote:
>
>
> Kedar Mhaswade wrote:
>> That's because master password was NEVER enforced for v3. I
>> implemented it
>> for the first time for v3. If you ran the commands like you did for V2,
>> this would always work. Remember, for V2, a domain startup would always
>> require to open the stores otherwise the server startup fails.
> Yes but in V2 when the masterpassword is not provided for the
> create-domain command the password is assumed to be "changeit".
> The start-domain command never prompted for masterpassword in this
> default case.
And it never does. Like I said, there was some create-domain related
change that Bill made after I was done and I am not sure if this is
the fallout of that.
e.g. try this out:
passwords:
AS_ADMIN_MASTERPASSWORD=changeit
AS_ADMIN_PASSWORD=adminadmin
AS_ADMIN_ADMINPASSWORD=adminadmin
asadmin --passwordfile passwords create-domain --portbase 5000 d2
asadmin start-domain d2 (note: no passwordfile given)
and it *does* start without prompting.
Again, I don't know why it does not work when passwords does NOT contain
AS_ADMIN_MASTERPASSWORD. It's a separate issue.
>>
>> Since the master password was enforced only since b55, the start-domain
>> needs this to be provided while doing the startup.
>>
>> Now, in most cases, this is not a problem. In the "default" case, i.e.
>> when the domain is *created* with default master password, startup would
>> have it.
> Does this mean the masterpassword has to be explicitly provided as
> "changeit" ?.
No.
> When the masterpassword is not provided the create-domain command still
> goes ahead and creates a domain. What is the masterpassword used in this
> case ?.
Investigating. Not related to my changes ...
> If it is "changeit" why does the start-domain command still prompts for
> masterpassword ?.
Correct, it should not and it does not.
>
>> In another case, where you choose the do --savemasterpassword during
>> create-domain, start-domain would have that password read
>> automatically for
>> you, so that you don't have to provide it during startup.
>
>>
>> -Kedar
>>
>>
>> Sankar Neelakandan wrote:
>>> Kedar,
>>> The exact problem is,
>>> In B55 when the domain is created without MASTERPASSWORD in
>>> passwordfile the start-domain works without prompting for
>>> masterpassword.
>>> But in B56 when the domain is created without MASTERPASSWORD in
>>> passwordfile the start-domain doesn't work without providing the
>>> master password. (If the domain is started without a console there is
>>> no prompting for masterpassword and fails with the noconsole message)
>>>
>>> Please see the following logs.
>>>
>>>
>>> bash-3.00# cat /password.txt
>>> AS_ADMIN_PASSWORD=adminadmin
>>>
>>>
>>> bash-3.00# glassfishv3/glassfish/bin/asadmin create-domain
>>> --adminport 4848 --user admin --passwordfile /password.txt domain1
>>> Deprecated syntax: create-domain, Options: [passwordfile, user]
>>> Using port 4848 for Admin.
>>> Using default port 8080 for HTTP Instance.
>>> Using default port 7676 for JMS.
>>> Using default port 3700 for IIOP.
>>> Using default port 8181 for HTTP_SSL.
>>> Using default port 3820 for IIOP_SSL.
>>> Using default port 3920 for IIOP_MUTUALAUTH.
>>> Using default port 8686 for JMX_ADMIN.
>>> Distinguished Name of the self-signed X.509 Server Certificate is:
>>> [CN=easqesf4,OU=GlassFish,O=Sun Microsystems,L=Santa
>>> Clara,ST=California,C=US]
>>> Domain domain2 created.
>>> Command create-domain executed successfully.
>>>
>>> bash-3.00# glassfishv3/glassfish/bin/asadmin start-domain domain2
>>> No valid master password found
>>> Enter master password (3 attempt(s) remain)> Sorry, incorrect master
>>> password, retry
>>> Enter master password (2 attempt(s) remain)> Sorry, incorrect master
>>> password, retry
>>> Enter master password (1 attempt(s) remain)> Sorry, incorrect master
>>> password, retry
>>> Number of attempts (3) exhausted, giving up
>>> Command start-domain failed.
>>>
>>> When started without console it fails with the following error message
>>>
>>>
>>> bash-3.00# glassfishv3/glassfish/bin/asadmin start-domain domain1
>>> Deprecated syntax: start-domain, Options: [passwordfile, user]
>>> No valid master password found
>>> Command start-domain failed.
>>> No console, no prompting possible
>>>
>>>
>>>
>>> Kedar Mhaswade wrote:
>>>> Dave,
>>>>
>>>> It should be AS_ADMIN_MASTERPASSWORD. AS_ADMIN_USERPASSWORD is
>>>> for (an entirely) different purpose.
>>>>
>>>> If you don't really care about master password (:-0) you can just
>>>> have AS_ADMIN_MASTERPASSWORD=changeit added to this password.txt
>>>> file and I am pretty sure this will be fixed.
>>>>
>>>> But I think we need to address this use case. My understanding was
>>>> that in this case, (i.e. the way your password.txt seems) we should
>>>> have defaulted the master password to "changeit". I am not sure if
>>>> this is due to recent changes to create-domain command as well. We'll
>>>> investigate.
>>>>
>>>> For now, just add this one more line to password.txt to get unblocked.
>>>>
>>>> -Kedar
>>>>
>>>> David Ronge wrote:
>>>>> Hi Kedar,
>>>>>
>>>>> yes, we delete domain1 first to be sure the eventual setup change
>>>>> of default domain won't give us some obscure diffs and to keep
>>>>> setup stable.
>>>>>
>>>>> (delete-domain.1:
>>>>> [exec] Domain domain1 deleted.
>>>>> [exec] Command delete-domain executed successfully.
>>>>> No passwd used.)
>>>>> content of the password.txt is here:
>>>>> AS_ADMIN_PASSWORD=adminadmin
>>>>> AS_ADMIN_USERPASSWORD=changeit
>>>>>
>>>>> create-by-admin-command:
>>>>> [echo] exec: create-domain --user admin --passwordfile
>>>>> /space/test4u/cvswork/sunsw/tango/qe-tests/gf-setup/password.txt
>>>>> domain1
>>>>> [echo] With properties:
>>>>> [echo] http.ssl.port=8181:orb.listener.port=3007:imq.port=7676
>>>>> [exec] Deprecated syntax: create-domain, Options:
>>>>> [passwordfile, user]
>>>>> [exec] Using port 4848 for Admin.
>>>>> [exec] Using port 8080 for HTTP Instance.
>>>>> [exec] Using default port 7676 for JMS.
>>>>> [exec] Using port 3007 for IIOP.
>>>>> [exec] Using port 8181 for HTTP_SSL.
>>>>> [exec] Using default port 3820 for IIOP_SSL.
>>>>> [exec] Using default port 3920 for IIOP_MUTUALAUTH.
>>>>> [exec] Using default port 8686 for JMX_ADMIN.
>>>>> [exec] Distinguished Name of the self-signed X.509 Server
>>>>> Certificate is:
>>>>> [exec] [CN=eas-x2100-1.India.Sun.COM,OU=GlassFish,O=Sun
>>>>> Microsystems,L=Santa Clara,ST=California,C=US]
>>>>> [exec] Domain domain1 created.
>>>>> [exec] Command create-domain executed successfully.
>>>>>
>>>>> is the target used, more precisely, target corresponding to the
>>>>> above log is here:
>>>>> <target name="create-by-admin-command" depends="get-asadmin"
>>>>> if="create.by.admin.command">
>>>>> <!-- propertyset refid="full.domain.propertyset"/ -->
>>>>> <echo message="exec: create-domain --user admin --passwordfile
>>>>> ${basedir}/password.txt ${domain.name}"/>
>>>>> <property name="dmn.specif.1"
>>>>> value="http.ssl.port=${https.port}" />
>>>>> <property name="dmn.specif.2"
>>>>> value="${dmn.specif.1}:orb.listener.port=${orb.port}" />
>>>>> <property name="dmn.specif.0"
>>>>> value="${dmn.specif.2}:imq.port=${imq.port}" />
>>>>> <echo message="With properties:"/>
>>>>> <echo message="${dmn.specif.0}"/>
>>>>>
>>>>> <exec executable="${asadmin.executable}" dir="${basedir}"
>>>>> resultproperty="asadmin.result">
>>>>> <!-- in ${gf.install.home} or ${basedir} ? -->
>>>>> <arg value="create-domain"/>
>>>>> <arg value="--user"/>
>>>>> <arg value="admin"/>
>>>>> <arg value="--passwordfile"/>
>>>>> <arg value="password.txt"/><!-- ${basedir}/... -->
>>>>> <arg value="--instanceport"/>
>>>>> <arg value="${instance.port}"/>
>>>>> <arg value="--adminport"/>
>>>>> <arg value="${admin.port}"/>
>>>>> <arg value="--domaindir"/>
>>>>> <arg value="${gf.install.home}/domains"/>
>>>>> <arg value="--domainproperties"/>
>>>>> <arg value="${dmn.specif.0}"/>
>>>>> <!-- leave as last item value - (first that is not an
>>>>> option) -->
>>>>> <arg value="${domain.name}"/>
>>>>> </exec>
>>>>> </target>
>>>>>
>>>>> with --domainproperties echoed as visible.
>>>>> There's alternative setup target using setup.xml but that is used
>>>>> with V2 only for continuity.
>>>>> (The property set contains the original default ports mainly - i
>>>>> think these are exclusively defaults - you can see better.)
>>>>>
>>>>> The master password claimed is AS_ADMIN_PASSWORD - according to the
>>>>> password.txt? Or the other entry?
>>>>>
>>>>> ~dave
>>>>>
>>>>> Kedar Mhaswade wrote:
>>>>>> Hi David,
>>>>>>
>>>>>> VB Kumar told me that you guys were seeing some issues here.
>>>>>>
>>>>>> Yes, I made some changes to the master password handling in b55.
>>>>>> It was
>>>>>> not a big deal as far as users are concerned. I am sorry that it
>>>>>> seems to
>>>>>> affect you. But I do think that you guys are creating domain
>>>>>> differently.
>>>>>> As you can see the console output of start-domain, it contains:
>>>>>>
>>>>>> >>> [exec] No valid master password found
>>>>>> >>> [exec] No console, no prompting possible
>>>>>> >>> [exec] Command start-domain failed.
>>>>>> >>> [exec] Result: 1
>>>>>>
>>>>>> So, it's not failing for deprecated syntax, but for something else.
>>>>>> Can I get the entire sequence of commands you run? For example, is
>>>>>> the
>>>>>> same password.txt provided to both create-domain and start-domain
>>>>>> commands?
>>>>>> I somehow think that the master password for this domain is not
>>>>>> the default
>>>>>> ("changeit") or there is a bug in what I recently did ...
>>>>>>
>>>>>> Let me know either way. My commit log is here:
>>>>>> http://fisheye4.atlassian.com/changelog/glassfish-svn/trunk/v3/admin/cli/src/main/java/com/sun/enterprise/admin/cli/commands?cs=29406
>>>>>>
>>>>>>
>>>>>> -Kedar
>>>>>>
>>>>>>
>>>>>> David Ronge wrote:
>>>>>>> This way:
>>>>>>>
>>>>>>> <target name="start-a-domain" if="a.domain.exists"
>>>>>>> unless="skip.domain" depends="check.domain.exists">
>>>>>>> <property name="a.domain.name"
>>>>>>> value="${default.domain}"/><!-- convenience default -->
>>>>>>> <echo message="STARTING domain ${a.domain.name}..." />
>>>>>>> <echo message="stuff.dir ${stuff.dir}..." />
>>>>>>> <exec executable="${gf.install.home}/bin/asadmin.bat"
>>>>>>> os="Windows XP,Windows 2000,Windows 2003"
>>>>>>> dir="${stuff.dir}" spawn="true" failonerror="false">
>>>>>>> <arg value="start-domain"/>
>>>>>>> <arg value="--user"/>
>>>>>>> <arg value="admin"/>
>>>>>>> <arg value="--passwordfile"/>
>>>>>>> <arg value="password.txt"/>
>>>>>>> <arg value="${a.domain.name}"/>
>>>>>>> </exec>
>>>>>>> <exec executable="${gf.install.home}/bin/asadmin"
>>>>>>> dir="${stuff.dir}" os="SunOS,Linux,AIX,Mac OS X">
>>>>>>> <arg line="start-domain --user admin --passwordfile
>>>>>>> password.txt ${a.domain.name}"/>
>>>>>>> </exec>
>>>>>>> <echo message="STARTED domain ${a.domain.name}..." />
>>>>>>> </target>
>>>>>>>
>>>>>>> (start-domain command seemed not to be obligatory with user and
>>>>>>> passwd data but stop-domain did when file-user was added etc.
>>>>>>> So we include it for start too.)
>>>>>>> This worked reliably unless some integration fault prevented
>>>>>>> proper start due to bundling error or start failure of some
>>>>>>> essential service.
>>>>>>>
>>>>>>> ~dave
>>>>>>>
>>>>>>> Jane Young wrote:
>>>>>>>> Can you provide the syntax used to start the domain?
>>>>>>>>
>>>>>>>> Thanks,
>>>>>>>> Jane
>>>>>>>>
>>>>>>>>
>>>>>>>> David Ronge wrote:
>>>>>>>>> Hi, is there any instruction to handle starting/stopping domain
>>>>>>>>> differently now?
>>>>>>>>> The behavior has changed ~ with build b55 as now i can see >
>>>>>>>>>
>>>>>>>>> start-a-domain:
>>>>>>>>> [echo] STARTING domain domain1...
>>>>>>>>> [echo] stuff.dir
>>>>>>>>> /space/test4u/cvswork/sunsw/tango/qe-tests/gf-setup...
>>>>>>>>> [exec] Deprecated syntax: start-domain, Options:
>>>>>>>>> [passwordfile, user]
>>>>>>>>> [exec] No valid master password found
>>>>>>>>> [exec] No console, no prompting possible
>>>>>>>>> [exec] Command start-domain failed.
>>>>>>>>> [exec] Result: 1
>>>>>>>>> [echo] STARTED domain domain1...
>>>>>>>>>
>>>>>>>>> it says "deprecated" but the coming syntax simply doesn't work
>>>>>>>>> without change.
>>>>>>>>> Can someone please give me a clue?
>>>>>>>>> Our team tests Metro/jaxws webservices on V2/V3/Tomcat... so
>>>>>>>>> managing GF administration is sort of routine for us.
>>>>>>>>> (Still, if there's page to look at when something stops working
>>>>>>>>> the old way it would be nice.)
>>>>>>>>>
>>>>>>>>> Thank you much in advance.
>>>>>>>>>
>>>>>>>>> Regards,
>>>>>>>>> David
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ---------------------------------------------------------------------
>>>>>>>>>
>>>>>>>>> To unsubscribe, e-mail: admin-unsubscribe_at_glassfish.dev.java.net
>>>>>>>>> For additional commands, e-mail: admin-help_at_glassfish.dev.java.net
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> ---------------------------------------------------------------------
>>>>>>>
>>>>>>> To unsubscribe, e-mail: admin-unsubscribe_at_glassfish.dev.java.net
>>>>>>> For additional commands, e-mail: admin-help_at_glassfish.dev.java.net
>>>>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: admin-unsubscribe_at_glassfish.dev.java.net
>>>> For additional commands, e-mail: admin-help_at_glassfish.dev.java.net
>>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: admin-unsubscribe_at_glassfish.dev.java.net
>>> For additional commands, e-mail: admin-help_at_glassfish.dev.java.net
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: admin-unsubscribe_at_glassfish.dev.java.net
>> For additional commands, e-mail: admin-help_at_glassfish.dev.java.net
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: admin-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: admin-help_at_glassfish.dev.java.net
>