Gluu-Radius Security Mode wasn't initialized

By: Richard More user 18 May 2022 at 12:48 p.m. CDT

5 Responses
Richard More gravatar
Hi Team, Radlogin should have tested fine. I have installed Gluu-Radius during Gluu setup, opened ports 1812, 1813 UDP and TCP as well on Ubuntu. After adding a client in the web UI, Radlogin (to test radius functionality) times out. IN the logs I see: ``` root@gluu:~# cat /opt/gluu/radius/logs/gluu-radius.log [INFO ] 2022-05-17 17:36:53.673 [main] ServerEntry - [INFO ] 2022-05-17 17:36:53.676 [main] ServerEntry - [INFO ] 2022-05-17 17:36:53.676 [main] ServerEntry - +---------------------------------------------------------+ [INFO ] 2022-05-17 17:36:53.677 [main] ServerEntry - + Gluu Radius Server + [INFO ] 2022-05-17 17:36:53.677 [main] ServerEntry - + Copyright (c) Gluu Inc. + [INFO ] 2022-05-17 17:36:53.677 [main] ServerEntry - +---------------------------------------------------------+ [INFO ] 2022-05-17 17:36:53.677 [main] ServerEntry - Starting application in server mode. Configuration file: /etc/gluu/conf/radius/gluu-radius.properties [INFO ] 2022-05-17 17:36:53.677 [main] ServerEntry - Initializing security components [INFO ] 2022-05-17 17:36:53.910 [main] ServerEntry - Security components initialization successful [INFO ] 2022-05-17 17:36:53.910 [main] ServerEntry - Registering bootstrap configuration service [INFO ] 2022-05-17 17:36:53.934 [main] ServerEntry - Bootstrap configuration service registered [INFO ] 2022-05-17 17:36:53.934 [main] ServerEntry - Initializing persistence layer [INFO ] 2022-05-17 17:36:54.099 [main] Reflections - Reflections took 92 ms to scan 11 urls, producing 41 keys and 130 values [INFO ] 2022-05-17 17:36:54.135 [main] PersistanceFactoryService - Found '5' PersistenceEntryManagerFactory [INFO ] 2022-05-17 17:36:54.135 [main] PersistanceFactoryService - Found PersistenceEntryManagerFactory 'class org.gluu.orm.couchbase.impl.CouchbaseEntryManagerFactory' [INFO ] 2022-05-17 17:36:54.168 [main] PersistanceFactoryService - Found PersistenceEntryManagerFactory 'class org.gluu.persist.sql.impl.SqlEntryManagerFactory' [INFO ] 2022-05-17 17:36:54.170 [main] PersistanceFactoryService - Found PersistenceEntryManagerFactory 'class org.gluu.orm.hybrid.impl.HybridEntryManagerFactory' [INFO ] 2022-05-17 17:36:54.170 [main] PersistanceFactoryService - Found PersistenceEntryManagerFactory 'class org.gluu.persist.ldap.impl.LdapEntryManagerFactory' [INFO ] 2022-05-17 17:36:54.171 [main] PersistanceFactoryService - Found PersistenceEntryManagerFactory 'class org.gluu.persist.cloud.spanner.impl.SpannerEntryManagerFactory' [INFO ] 2022-05-17 17:36:54.404 [main] LdapConnectionProvider - Attempting to create connection pool: 1 [INFO ] 2022-05-17 17:36:54.864 [main] LdapConnectionProvider - Attempting to create connection pool: 1 [INFO ] 2022-05-17 17:36:54.980 [main] LdapConnectionProvider - Attempting to create connection pool: 1 [INFO ] 2022-05-17 17:36:55.470 [main] LdapEntryManagerFactory - Created LdapEntryManager: org.gluu.persist.ldap.operation.impl.LdapOperationServiceImpl@5fb7183b [INFO ] 2022-05-17 17:36:55.470 [main] ServerEntry - Persistence layer initialization successful [INFO ] 2022-05-17 17:36:55.470 [main] ServerEntry - Registering clients service [INFO ] 2022-05-17 17:36:55.471 [main] ServerEntry - Clients service registration successful [INFO ] 2022-05-17 17:36:55.471 [main] ServerEntry - Registering server configuration service [INFO ] 2022-05-17 17:36:55.472 [main] ServerEntry - Server configuration service registration failed [INFO ] 2022-05-17 17:36:55.472 [main] ServerEntry - Registering OpenID configuration service [INFO ] 2022-05-17 17:36:56.216 [main] ServerEntry - OpenID configuration service registration successful [INFO ] 2022-05-17 17:36:56.216 [main] ServerEntry - Registering cryptographic service [ERROR] 2022-05-17 17:36:56.229 [main] ServerEntry - Security Mode wasn't initialized. Call installBCProvider() before java.security.InvalidParameterException: Security Mode wasn't initialized. Call installBCProvider() before at org.gluu.oxauth.model.crypto.OxAuthCryptoProvider.solveKeyStorageType(OxAuthCryptoProvider.java:560) ~[oxauth-model-4.4.0.Final.jar:?] at org.gluu.oxauth.model.crypto.OxAuthCryptoProvider.<init>(OxAuthCryptoProvider.java:104) ~[oxauth-model-4.4.0.Final.jar:?] at org.gluu.oxauth.model.crypto.OxAuthCryptoProvider.<init>(OxAuthCryptoProvider.java:94) ~[oxauth-model-4.4.0.Final.jar:?] at org.gluu.oxauth.model.crypto.OxAuthCryptoProvider.<init>(OxAuthCryptoProvider.java:90) ~[oxauth-model-4.4.0.Final.jar:?] at org.gluu.radius.service.CryptoService.<init>(CryptoService.java:63) ~[super-gluu-radius-server.jar:?] at org.gluu.radius.ServerEntry.registerCryptoService(ServerEntry.java:355) ~[super-gluu-radius-server.jar:?] at org.gluu.radius.ServerEntry.main(ServerEntry.java:145) ~[super-gluu-radius-server.jar:?] [ERROR] 2022-05-17 17:36:56.236 [main] ServerEntry - Cryptographic service registration failed ``` Is there any other module needed to make it work?
Gluu 4.4 Ubuntu 20.04
closed

Answers

By Richard More user 09 Jun 2022 at 11:08 a.m. CDT

Copy
Richard More gravatar
Any other logs that can help resolving this issue? I have tried reboots, reinstalls, but always get to the same error log. Anyone have any ideas?

By Mohib Zico Account Admin 20 Jun 2022 at 1:36 a.m. CDT

Copy
Mohib Zico gravatar
@Dzouato Djeumen.Rolain Bonaventure: can we check this if you get some time?

By Dzouato Djeumen Rolain Bonaventure staff 21 Jun 2022 at 10:33 p.m. CDT

Copy
Dzouato Djeumen Rolain Bonaventure gravatar
Hello Richard, This bug has been fixed. I'll assume you are using Gluu 4.4.0 as indicated. Download the file at [this link](https://jenkins.gluu.org/maven/org/gluu/super-gluu-radius-server/4.4.0.Final/super-gluu-radius-server-4.4.0.Final.jar). Then replace the file `/opt/gluu/radius/super-gluu-radius-server.jar` with it. Make sure it has the same file name as the old file , i.e. `super-gluu-radius-server.jar`. Restart radius with `service gluu-radius stop` then `service gluu-radius start`. That should do it.

By Richard More user 22 Jun 2022 at 8:58 a.m. CDT

Copy
Richard More gravatar
Hi, Thank you for the file, that made it start responding. Now when I try to authenticate I get bad response no matter what I try: My settings for Radius are the defaults: ``` Acr Value: super_gluu_ro OpenID Client: Gluu RO OpenID Client OpenID Scopes: openid super_gluu_ro_session ``` I have LDAP as authentication backen, and I can log in with the LDAp users, and supergluu is set for dault auth method: ``` Default acr: super_gluu oxTrust acr: super_gluu ``` In the radius logs all it says: ``` [INFO ] 2022-06-22 13:51:33.977 [Radius Auth Listener] RadiusServer - received packet from /192.168.95.103:57769 on local address 0.0.0.0/0.0.0.0:1812: Access-Request, ID 16 User-Name: someuser Acct-Session-Id: 1655905893C43dfx NAS-IP-Address: 127.0.0.1 NAS-Identifier: Localhost NAS-Port: 0 Calling-Station-Id: 1115551212 User-Password: 0xsomehash Message-Authenticator: 0xsomeotherhash [INFO ] 2022-06-22 13:51:34.144 [Radius Auth Listener] RadiusServer - send response: Access-Reject, ID 16 ``` Is there any other log file that could tell me why the correct username and password are not accepted?

By Dzouato Djeumen Rolain Bonaventure staff 15 Jul 2022 at 2:34 a.m. CDT

Copy
Dzouato Djeumen Rolain Bonaventure gravatar
Please can you open the file `/etc/gluu/conf/radius/gluu-radius-logging.xml` and change the line `<Root level="INFO">` to `<Root level="DEBUG">` ? It should give us more logging details to diagnose your issue.

Post an answer