KB-1008 "SecureIdentityLoginModule <password> Failed" error returned when trying to encrypt a data source password using the configure script

Symptoms

When running the configure script (configure.bat|sh located in <APPIAN_HOME>/_admin/_scripts/configure) after configuring an environment and selecting 6 - Tools > 1 - Encode passwords for use in JBoss data source configuration, the following error is returned:

ERROR encoding the datasource password: cmd /c java -cp <JBOSS_HOME>\modules\system\layers\base\org\picketbox\main\picketbox-4.X.X.X-redhat-X.jar;<JBOSS_HOME>\modules\system\layers\base\org\jboss\logging\main\jboss-logging-3.X.X.X-redhat-X.jar org.picketbox.datasource.security.SecureIdentityLoginModule XYZ failed

Cause

The configure script uses two Java classes, picketbox and jboss-logging, for the encoding tool. By default, Appian is configured to use the classes specific to JBoss EAP 6.3.x and not 6.4.0.

Action

To correct the issue, perform the following:

  1. Navigate to <JBOSS_HOME>/modules/system/layers/base/org/picketbox/main.
  2. Find a file beginning with picketbox-4. Take note of the file name. Ignore the picketbox-commons and picketbox-infinispan files.
  3. Navigate to <JBOSS_HOME>/modules/system/layers/base/org/jboss/logging/main.
  4. Find a file beginning with jboss-logging-3. Take note of the file name.
  5. Navigate to <APPIAN_HOME>/_admin/_scripts/configure/tasks. Take a backup of the configure.gradle file by copying the file and renaming the copy to configure.gradle.bak.
  6. Inside of the original configure.gradle file, search for the string picketbox.
  7. Replace the old picketbox filename with the one found in step 2 and replace the old jboss-logging file name with the one found in step 4.

Workaround

If unable to modify the configure.gradle file, follow steps 1–4 under the Action section of this technical note and proceed to the workaround depending on the operating system of the Appian machine where the error occurs:

Windows:

  1. Run a new command prompt window as administrator.
  2. Execute the following three scripts:
    1. set JBOSS_HOME=<JBOSS_HOME>
    2. set CLASSPATH=%JBOSS_HOME%\modules\system\layers\base\org\picketbox\main\<picketbox_file_from_step_2>;%JBOSS_HOME%\modules\system\layers\base\org\jboss\logging\main\<jboss_logging_file_from_step_4>;%CLASSPATH%
    3. java org.picketbox.datasource.security.SecureIdentityLoginModule <database_password>

Note: These three commands must be ran in the same instance of command prompt.

Unix:

  1. Open a new Terminal window.
  2. Log in as a super user using the su - command.
  3. Execute the following three scripts:
    1. export JBOSS_HOME=<JBOSS_HOME>
    2. export CLASSPATH=${JBOSS_HOME}/modules/system/layers/base/org/picketbox/main/<picketbox_file_from_step_2>:${JBOSS_HOME}/modules/system/layers/base/org/jboss/logging/main/<jboss_logging_file_from_step_4>:$CLASSPATH:
    3. java org.picketbox.datasource.security.SecureIdentityLoginModule <database_password>

Note: These three commands must be ran in the same instance of Terminal.

Affected Versions

This article applies to all versions of Appian using JBoss EAP 6.4.x as an application server.

Last Reviewed: July 2017

Related
Recommended