admin@glassfish.java.net

Is login to the DAS from a remote host broken?

From: Paul M Davies (Oracle) <"Paul>
Date: Mon, 06 Dec 2010 19:50:02 -0800

Hi,

I know that some security holes in GF have been fixed, but as I result,
I feel as if somebody has changed the locks on my house while I was out
for my own security.

On the DAS host, I have created a domain with a nondefault admin user
and password, started the domain, and logged in to the domain:

    sr1-jurassic-04(87) asadmin create-domain domain1
    Enter admin user name [Enter to accept default "admin" / no
    password]> pmd
    Enter the admin password [Enter to accept default of no password]>
    Enter the admin password again>
    ...
    Domain domain1 created.
    Domain domain1 admin port is 4848.
    Domain domain1 admin user is "pmd".
    Command create-domain executed successfully.

    sr1-jurassic-04(88) asadmin start-domain domain1
    Waiting for domain1 to start
    .................................................................
    Successfully started the domain : domain1
    domain Location:
    /home/pmdavies/glassfish-installations/glassfish3/glassfish/domains/domain1
    Log File:
    /home/pmdavies/glassfish-installations/glassfish3/glassfish/domains/domain1/logs/server.log
    Admin Port: 4848
    Command start-domain executed successfully.

    sr1-jurassic-04(89) asadmin login
    Enter admin user name [default: admin]> pmd
    Enter admin password>
    Login information relevant to admin user name [pmd]
    for host [localhost] and admin port [4848] stored at
    [/home/pmdavies/.asadminpass] successfully.
    Make sure that this file remains protected.
    Information stored in this file will be used by
    asadmin commands to manage the associated domain.
    Command login executed successfully.
    sr1-jurassic-04(90)

But when I try to log in to the domain from a remote host with the
credentials that I specified when I created the domain, I am denied access:

    sr1-usca-02(52) asadmin --host sr1-jurassic-04 login
    Enter admin user name [default: admin]> pmd
    Enter admin password>
    Authorization has been refused for credentials [user: pmd] given in
    this request.
    (Usually, this means invalid user name and/or password)
    Command login failed.



Does anybody know what is happening here and how I can contact the DAS
from a remote host?

Thanks!
-- 
Oracle <http://www.oracle.com>
Paul Davies| Principal Technical Writer| +1.408.276.3413
Oracle GlassFish Server Documentation
4140 Network Circle, Santa Clara CA 95054, USA
Green Oracle <http://www.oracle.com/commitment> 	Oracle is committed to 
developing practices and products that help protect the environment