Issue with Azure Active Directory Authentication to Azure SQL DB
248 views
Skip to first unread message
Joseph Mullen
Apr 23, 2021, 2:06:16 PM4/23/21
to WildFly
Hi,
We have a Wildfly 18 server on an Azure VM. The application requires a JTA datasource be created and onPrem, the datasource could be configured pretty easily in the domain.xml. The requirement is to use AAD Authentication for this datasource. After creating a module with the SQL Server driver, MSAL4J and all associated dependencies, we've gotten the server to stop throwing errors pertaining to missing dependencies as it did not load from the CLASSPATH variable, but now it's giving this error and I cannot figure out the root cause:
[Server:podc-dev] 2021-04-22 20:07:37,178 WARN [org.jboss.jca.core.connectionmanager.pool.strategy.OnePool] () IJ000610: Unable to fill pool: java:jboss/datasources/PODC_DS: javax.resource.ResourceException: IJ031084: Unable to create connection
[Server:podc-dev] at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:345)
[Server:podc-dev] at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.getLocalManagedConnection(LocalManagedConnectionFactory.java:352)
[Server:podc-dev] at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createManagedConnection(LocalManagedConnectionFactory.java:287)
[Server:podc-dev] at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.createConnectionEventListener(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:1328) [ironjacamar-core-impl-1.4.17.Final.jar:1.4.17.Final]
[Server:podc-dev] at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.fillTo(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:1141) [ironjacamar-core-impl-1.4.17.Final.jar:1.4.17.Final]
[Server:podc-dev] at org.jboss.jca.core.connectionmanager.pool.mcp.PoolFiller.run(PoolFiller.java:97) [ironjacamar-core-impl-1.4.17.Final.jar:1.4.17.Final]
[Server:podc-dev] at java.lang.Thread.run(Thread.java:748) [rt.jar:1.8.0_271]
[Server:podc-dev] Caused by: com.microsoft.sqlserver.jdbc.SQLServerException: Failed to authenticate the user xx...@co.com in Active Directory (Authentication=ActiveDirectoryPassword).
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerMSAL4JUtils.getCorrectedException(SQLServerMSAL4JUtils.java:227)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerMSAL4JUtils.getSqlFedAuthToken(SQLServerMSAL4JUtils.java:65)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection.getFedAuthToken(SQLServerConnection.java:4525)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection.onFedAuthInfo(SQLServerConnection.java:4498)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection.processFedAuthInfo(SQLServerConnection.java:4458)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.TDSTokenHandler.onFedAuthInfo(tdsparser.java:289)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.TDSParser.parse(tdsparser.java:125)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.TDSParser.parse(tdsparser.java:37)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection.sendLogon(SQLServerConnection.java:5333)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection.logon(SQLServerConnection.java:4066)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection.access$000(SQLServerConnection.java:85)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection$LogonCommand.doExecute(SQLServerConnection.java:4004)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.TDSCommand.execute(IOBuffer.java:7418)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection.executeCommand(SQLServerConnection.java:3272)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(SQLServerConnection.java:2768)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection.login(SQLServerConnection.java:2418)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectInternal(SQLServerConnection.java:2265)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection.connect(SQLServerConnection.java:1291)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerDriver.connect(SQLServerDriver.java:881)
[Server:podc-dev] at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:321)
[Server:podc-dev] ... 6 more
[Server:podc-dev] Caused by: java.util.concurrent.ExecutionException: java.lang.RuntimeException: java.net.SocketTimeoutException: connect timed out
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerMSAL4JUtils.getCorrectedException(SQLServerMSAL4JUtils.java:225)
[Server:podc-dev] ... 25 more
[Server:podc-dev] Caused by: java.lang.RuntimeException: java.net.SocketTimeoutException: connect timed out
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerMSAL4JUtils.getCorrectedException(SQLServerMSAL4JUtils.java:219)
[Server:podc-dev] ... 25 more
[Server:podc-dev]
[Server:podc-dev] at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:345)
[Server:podc-dev] at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.getLocalManagedConnection(LocalManagedConnectionFactory.java:352)
[Server:podc-dev] at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createManagedConnection(LocalManagedConnectionFactory.java:287)
[Server:podc-dev] at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.createConnectionEventListener(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:1328) [ironjacamar-core-impl-1.4.17.Final.jar:1.4.17.Final]
[Server:podc-dev] at org.jboss.jca.core.connectionmanager.pool.mcp.SemaphoreConcurrentLinkedDequeManagedConnectionPool.fillTo(SemaphoreConcurrentLinkedDequeManagedConnectionPool.java:1141) [ironjacamar-core-impl-1.4.17.Final.jar:1.4.17.Final]
[Server:podc-dev] at org.jboss.jca.core.connectionmanager.pool.mcp.PoolFiller.run(PoolFiller.java:97) [ironjacamar-core-impl-1.4.17.Final.jar:1.4.17.Final]
[Server:podc-dev] at java.lang.Thread.run(Thread.java:748) [rt.jar:1.8.0_271]
[Server:podc-dev] Caused by: com.microsoft.sqlserver.jdbc.SQLServerException: Failed to authenticate the user xx...@co.com in Active Directory (Authentication=ActiveDirectoryPassword).
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerMSAL4JUtils.getCorrectedException(SQLServerMSAL4JUtils.java:227)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerMSAL4JUtils.getSqlFedAuthToken(SQLServerMSAL4JUtils.java:65)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection.getFedAuthToken(SQLServerConnection.java:4525)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection.onFedAuthInfo(SQLServerConnection.java:4498)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection.processFedAuthInfo(SQLServerConnection.java:4458)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.TDSTokenHandler.onFedAuthInfo(tdsparser.java:289)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.TDSParser.parse(tdsparser.java:125)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.TDSParser.parse(tdsparser.java:37)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection.sendLogon(SQLServerConnection.java:5333)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection.logon(SQLServerConnection.java:4066)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection.access$000(SQLServerConnection.java:85)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection$LogonCommand.doExecute(SQLServerConnection.java:4004)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.TDSCommand.execute(IOBuffer.java:7418)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection.executeCommand(SQLServerConnection.java:3272)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectHelper(SQLServerConnection.java:2768)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection.login(SQLServerConnection.java:2418)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection.connectInternal(SQLServerConnection.java:2265)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerConnection.connect(SQLServerConnection.java:1291)
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerDriver.connect(SQLServerDriver.java:881)
[Server:podc-dev] at org.jboss.jca.adapters.jdbc.local.LocalManagedConnectionFactory.createLocalManagedConnection(LocalManagedConnectionFactory.java:321)
[Server:podc-dev] ... 6 more
[Server:podc-dev] Caused by: java.util.concurrent.ExecutionException: java.lang.RuntimeException: java.net.SocketTimeoutException: connect timed out
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerMSAL4JUtils.getCorrectedException(SQLServerMSAL4JUtils.java:225)
[Server:podc-dev] ... 25 more
[Server:podc-dev] Caused by: java.lang.RuntimeException: java.net.SocketTimeoutException: connect timed out
[Server:podc-dev] at com.microsoft.sqlserver.jdbc.SQLServerMSAL4JUtils.getCorrectedException(SQLServerMSAL4JUtils.java:219)
[Server:podc-dev] ... 25 more
[Server:podc-dev]
I have tested using SSMS that the x...@co.com can log in using AAD Auth. I've also tested connectivity from the Azure VM to the Azure SQL using SQL Authentication and the same driver. I can post the complete log of a load if it will help diagnose the issue.
Thanks for your help!
Reply all
Reply to author
Forward
0 new messages