3 Replies Latest reply on Sep 1, 2005 6:25 PM by tlien

Hang on secure jrmp lookup

tlien Aug 31, 2005 4:30 PM

My problem is that a lookup on a session bean hangs after I change it to use the jrmp over SSL. I am using jboss-3.2.3. Here are the configs I added. If I take out the invoker-bindings in the jboss.xml to use the default jrmp it works again. Any help is appreciated.

################
Client code
################

InitialContext ctx = new InitialContext();
try {
 // lookup hangs here when I change to use the ssl invoker
 ctx.lookup("SetupMasterHome");
} finally {
 ctx.close();
}

###################
jboss-service.xml
###################

<mbean code="org.jboss.security.plugins.JaasSecurityDomain"
 name="jboss.security:service=JaasSecurityDomain,domain=RMI+SSL">
 <constructor>
 <arg type="java.lang.String" value="RMI+SSL"/>
 </constructor>
 <attribute name="KeyStoreURL">c:/Alliance/cacerts</attribute>
 <attribute name="KeyStorePass">changeit</attribute>
</mbean>

<mbean code="org.jboss.invocation.jrmp.server.JRMPInvoker"
 name="jboss:service=invoker,type=jrmp,socketType=SSL">
 <attribute name="RMIObjectPort">14445</attribute>
 <attribute name="RMIClientSocketFactory">org.jboss.security.ssl.RMISSLClientSocketFactory</attribute>
 <attribute name="RMIServerSocketFactory">org.jboss.security.ssl.RMISSLServerSocketFactory</attribute>
 <attribute name="SecurityDomain">java:/jaas/RMI+SSL</attribute>
 <depends>jboss.security:service=JaasSecurityDomain,domain=RMI+SSL</depends>
</mbean>

##############
jboss.xml
##############

<session>
 <ejb-name>SetupMasterHome</ejb-name>
 <invoker-bindings>
 <invoker>
<invoker-proxy-binding-name>stateless-ssl-invoker</invoker-proxy-binding-name>
 </invoker>
 </invoker-bindings>
 <resource-ref>
 <res-ref-name>jdbc/DefaultDS</res-ref-name>
 <resource-name>DefaultDS</resource-name>
 </resource-ref>
</session>

1. Re: Hang on secure jrmp lookup

tlien Aug 31, 2005 5:11 PM (in response to tlien)

I forget the invoker declaration in jboss.xml. Here it is

 <invoker-proxy-bindings>
 <invoker-proxy-binding>
 <name>stateless-ssl-invoker</name>
 <invoker-mbean>jboss:service=invoker,type=jrmp,socketType=SSL</invoker-mbean>
 <proxy-factory>org.jboss.proxy.ejb.ProxyFactory</proxy-factory>
 <proxy-factory-config>
 <client-interceptors>
 <home>
 <interceptor>org.jboss.proxy.ejb.HomeInterceptor</interceptor>
 <interceptor>org.jboss.proxy.SecurityInterceptor</interceptor>
 <interceptor>org.jboss.proxy.TransactionInterceptor</interceptor>
 <interceptor>org.jboss.invocation.InvokerInterceptor</interceptor>
 </home>
 <bean>
 <interceptor>org.jboss.proxy.ejb.StatelessSessionInterceptor</interceptor>
 <interceptor>org.jboss.proxy.SecurityInterceptor</interceptor>
 <interceptor>org.jboss.proxy.TransactionInterceptor</interceptor>
 <interceptor>org.jboss.invocation.InvokerInterceptor</interceptor>
 </bean>
 </client-interceptors>
 </proxy-factory-config>
 </invoker-proxy-binding>
 </invoker-proxy-bindings>

2. Re: Hang on secure jrmp lookup

tlien Sep 1, 2005 1:29 PM (in response to tlien)

I updated to jboss 4.0.2 to see if that would help. Same thing. It is still locking up. I do get the following debugging line now before it does though.

DEBUG [RMISSLClientSocketFactory] createSocket, host=192.168.1.34, port=14445,needsClientAuth=false, wantsClientAuth=true

I ran it through the debugger and its just hangs up on a socketRead forever. What am I doing wrong here? Any ideas?

 [1] java.net.SocketInputStream.socketRead0 (native method)
 [2] java.net.SocketInputStream.read (SocketInputStream.java:129)
 [3] com.sun.net.ssl.internal.ssl.InputRecord.a (null)
 [4] com.sun.net.ssl.internal.ssl.InputRecord.read (null)
 [5] com.sun.net.ssl.internal.ssl.SSLSocketImpl.a (null)
 [6] com.sun.net.ssl.internal.ssl.SSLSocketImpl.j (null)
 [7] com.sun.net.ssl.internal.ssl.SSLSocketImpl.a (null)
 [8] com.sun.net.ssl.internal.ssl.AppOutputStream.write (null)
 [9] java.io.BufferedOutputStream.flushBuffer (BufferedOutputStream.java:66)
 [10] java.io.BufferedOutputStream.flush (BufferedOutputStream.java:124)
 [11] java.io.DataOutputStream.flush (DataOutputStream.java:101)
 [12] sun.rmi.transport.tcp.TCPChannel.createConnection (TCPChannel.java:198)
 [13] sun.rmi.transport.tcp.TCPChannel.newConnection (TCPChannel.java:171)
 [14] sun.rmi.server.UnicastRef.newCall (UnicastRef.java:313)
 [15] sun.rmi.transport.DGCImpl_Stub.dirty (null)
 [16] sun.rmi.transport.DGCClient$EndpointEntry.makeDirtyCall (DGCClient.java:3
8)
 [17] sun.rmi.transport.DGCClient$EndpointEntry.registerRefs (DGCClient.java:27
)
 [18] sun.rmi.transport.DGCClient.registerRefs (DGCClient.java:112)
 [19] sun.rmi.transport.LiveRef.read (LiveRef.java:274)
 [20] sun.rmi.server.UnicastRef2.readExternal (UnicastRef2.java:54)
 [21] java.rmi.server.RemoteObject.readObject (RemoteObject.java:420)
 [22] sun.reflect.NativeMethodAccessorImpl.invoke0 (native method)
 [23] sun.reflect.NativeMethodAccessorImpl.invoke (NativeMethodAccessorImpl.jav
:39)
 [24] sun.reflect.DelegatingMethodAccessorImpl.invoke (DelegatingMethodAccessor
mpl.java:25)
 [25] java.lang.reflect.Method.invoke (Method.java:324)
 [26] java.io.ObjectStreamClass.invokeReadObject (ObjectStreamClass.java:838)
 [27] java.io.ObjectInputStream.readSerialData (ObjectInputStream.java:1,746)
 [28] java.io.ObjectInputStream.readOrdinaryObject (ObjectInputStream.java:1,64
)
 [29] java.io.ObjectInputStream.readObject0 (ObjectInputStream.java:1,274)
 [30] java.io.ObjectInputStream.readObject (ObjectInputStream.java:324)
 [31] org.jboss.invocation.jrmp.interfaces.JRMPInvokerProxy.readExternal (JRMPI
vokerProxy.java:183)
 [32] java.io.ObjectInputStream.readExternalData (ObjectInputStream.java:1,686)

 [33] java.io.ObjectInputStream.readOrdinaryObject (ObjectInputStream.java:1,64
)
 [34] java.io.ObjectInputStream.readObject0 (ObjectInputStream.java:1,274)
 [35] java.io.ObjectInputStream.readObject (ObjectInputStream.java:324)
 [36] java.util.HashMap.readObject (HashMap.java:1,006)
 [37] sun.reflect.NativeMethodAccessorImpl.invoke0 (native method)
 [38] sun.reflect.NativeMethodAccessorImpl.invoke (NativeMethodAccessorImpl.jav
:39)
 [39] sun.reflect.DelegatingMethodAccessorImpl.invoke (DelegatingMethodAccessor
mpl.java:25)
 [40] java.lang.reflect.Method.invoke (Method.java:324)
 [41] java.io.ObjectStreamClass.invokeReadObject (ObjectStreamClass.java:838)
 [42] java.io.ObjectInputStream.readSerialData (ObjectInputStream.java:1,746)
 [43] java.io.ObjectInputStream.readOrdinaryObject (ObjectInputStream.java:1,64
)
 [44] java.io.ObjectInputStream.readObject0 (ObjectInputStream.java:1,274)
 [45] java.io.ObjectInputStream.defaultReadFields (ObjectInputStream.java:1,845

 [46] java.io.ObjectInputStream.readSerialData (ObjectInputStream.java:1,769)
 [47] java.io.ObjectInputStream.readOrdinaryObject (ObjectInputStream.java:1,64
)
 [48] java.io.ObjectInputStream.readObject0 (ObjectInputStream.java:1,274)
 [49] java.io.ObjectInputStream.readObject (ObjectInputStream.java:324)
 [50] org.jboss.proxy.ClientContainer.readExternal (ClientContainer.java:143)
 [51] java.io.ObjectInputStream.readExternalData (ObjectInputStream.java:1,686)

 [52] java.io.ObjectInputStream.readOrdinaryObject (ObjectInputStream.java:1,64
)
 [53] java.io.ObjectInputStream.readObject0 (ObjectInputStream.java:1,274)
 [54] java.io.ObjectInputStream.defaultReadFields (ObjectInputStream.java:1,845

 [55] java.io.ObjectInputStream.readSerialData (ObjectInputStream.java:1,769)
 [56] java.io.ObjectInputStream.readOrdinaryObject (ObjectInputStream.java:1,64
)
 [57] java.io.ObjectInputStream.readObject0 (ObjectInputStream.java:1,274)
 [58] java.io.ObjectInputStream.readObject (ObjectInputStream.java:324)
 [59] java.rmi.MarshalledObject.get (MarshalledObject.java:135)
 [60] org.jnp.interfaces.MarshalledValuePair.get (MarshalledValuePair.java:57)
 [61] org.jnp.interfaces.NamingContext.lookup (NamingContext.java:637)
 [62] org.jnp.interfaces.NamingContext.lookup (NamingContext.java:572)
 [63] javax.naming.InitialContext.lookup (InitialContext.java:347)

3. Re: Hang on secure jrmp lookup

tlien Sep 1, 2005 6:25 PM (in response to tlien)

I generated a new keystore file and tested it and now it works fine. I'm not sure why the other one did not work though. I generated it in the same way. Well, it works now even if it is voodoo magic.
Actions

Go to original post