This content has been marked as final.
Show 5 replies
-
1. Re: Stateless Session Bean behind firewall/proxy -- RMI over
benoitx Aug 3, 2005 5:16 AM (in response to rockhopper)Hi Johann,
I am facing exactly the same problem and have reached the same point: port 4444 is used...
I have reached this without having to change the jboss.xml. Why do you have to?<container-configurations> <container-configuration extends="Standard Stateless SessionBean"> <container-name>HTTP Session</container-name> <home-invoker>jboss:service=invoker,type=http</home-invoker> <bean-invoker>jboss:service=invoker,type=http</bean-invoker> </container-configuration> </container-configurations>
I have done the JNDI over https, details of which I can send if you want.
Have you solved your problem with port 4444?
I tried this:
http://www.nemesisit.ro/opendocs/ejboverhttp.html
But that did not seem to work for me either...
Anyone who solved this, please share it...
Thanks
Tot ziens,
Benoit -
2. Re: Stateless Session Bean behind firewall/proxy -- RMI over
rockhopper Aug 4, 2005 3:39 AM (in response to rockhopper)Hi Benoit,
I have reached this without having to change the jboss.xml. Why do you have to?
I've followed the tutorial :
http://www.nemesisit.ro/opendocs/ejboverhttp.html
In practice, I'm not sure it's mandatory.
I have done the JNDI over https, details of which I can send if you want.
It could be interesting, so please send me details.
Have you solved your problem with port 4444?
Unfortunately not, else I would have post my solution here ;-)
It seems to me like a standard way of using JBoss (behind a firewall over http) so it sounds strange to me that no one has a response for this!?
Regards.
Johann -
3. Re: Stateless Session Bean behind firewall/proxy -- RMI over
benoitx Aug 4, 2005 7:09 AM (in response to rockhopper)Hi Johann,
Yes I find it surprising that nobody seems to have an answer... Guys, please share it!!!
Here is how I managed to use https to access JNDI:
Client code:System.out.println("Connect HTTPS"); Properties prop = System.getProperties(); prop.put("java.naming.factory.initial", "org.jboss.naming.HttpNamingContextFactory"); prop.put("org.jboss.security.ignoreHttpsHost", "true"); prop.put("java.naming.provider.url", "https://myserver.com:8443/invoker/JNDIFactory"); // Create a trust manager that does not validate certificate chains (if it is self signed) TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted( java.security.cert.X509Certificate[] certs, String authType) { } public void checkServerTrusted( java.security.cert.X509Certificate[] certs, String authType) { } } }; // Install the all-trusting trust manager try { SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); HttpsURLConnection .setDefaultSSLSocketFactory(sc.getSocketFactory()); } catch (Exception e) { } MyEJBHome home; try { System.err.println("About to connect to JNDI HTTPS"); home = (MyEJBHome) connect("MyJNDINameBean", MyEJBHome.class, prop); System.err.println("Got the HOME interface"); MyEJBRemote remote = home.create(); System.err.println("Got the REMOTE interface"); } catch (NamingException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (RemoteException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (CreateException e) { // TODO Auto-generated catch block e.printStackTrace(); }
and the jboss-service.xml in http-invoker.sar/META-INF<!-- Expose the Naming service interface via HTTPS --> <mbean code="org.jboss.invocation.http.server.HttpProxyFactory" name="jboss:service=invoker,type=http,target=Naming"> <!-- The Naming service we are proxying --> <attribute name="InvokerName">jboss:service=Naming</attribute> <!-- Compose the invoker URL from the cluster node address --> <attribute name="InvokerURLPrefix">https://</attribute> <attribute name="InvokerURLSuffix">:8443/invoker/JMXInvokerServlet</attribute> <attribute name="UseHostName">true</attribute> <attribute name="ExportedInterface">org.jnp.interfaces.Naming</attribute> <attribute name="JndiName"></attribute> <attribute name="ClientInterceptors"> <interceptors> <interceptor>org.jboss.proxy.ClientMethodInterceptor</interceptor> <interceptor>org.jboss.proxy.SecurityInterceptor</interceptor> <interceptor>org.jboss.naming.interceptors.ExceptionInterceptor</interceptor> <interceptor>org.jboss.invocation.InvokerInterceptor</interceptor> </interceptors> </attribute> </mbean>
Hope this help
Benoit -
4. Re: Stateless Session Bean behind firewall/proxy -- RMI over
rockhopper Oct 19, 2005 12:31 PM (in response to rockhopper)Hi all,
Investigated more, here is the status.
By using the configuration above, ONLY JNDI over HTTP is enabled.
So my question is, how to enable RMI over HTTP? HTTPS? Especially on the client side.
Thanks for help.
Johann -
5. Re: Stateless Session Bean behind firewall/proxy -- RMI over
rockhopper Nov 3, 2005 11:04 AM (in response to rockhopper)Hi all,
I've got it.
Tutorial is for deployment on JBoss 3.0 and *NOT* JBoss 3.2:http://www.nemesisit.ro/opendocs/ejboverhttp.html
DTD of jboss.xml has changed in v3.2, configuration should be for each ejb:
<ejb-name>MyBean</ejb-name>
<jndi-name>ejb/MyBean</jndi-name>
<invoker-bindings>
<invoker-proxy-binding-name>stateless-http-invoker</invoker-proxy-binding-name>
</invoker-bindings>
<method-attributes>
</method-attributes>
and:
<invoker-proxy-bindings>
<!-- A custom invoker for RMI/HTTP -->
<invoker-proxy-binding>
stateless-http-invoker
<invoker-mbean>jboss:service=invoker,type=http</invoker-mbean>
<proxy-factory>org.jboss.proxy.ejb.ProxyFactory</proxy-factory>
<proxy-factory-config>
<client-interceptors>
org.jboss.proxy.ejb.HomeInterceptor
org.jboss.proxy.SecurityInterceptor
org.jboss.proxy.TransactionInterceptor
org.jboss.invocation.InvokerInterceptor
org.jboss.proxy.ejb.StatelessSessionInterceptor
org.jboss.proxy.SecurityInterceptor
org.jboss.proxy.TransactionInterceptor
org.jboss.invocation.InvokerInterceptor
</client-interceptors>
</proxy-factory-config>
</invoker-proxy-binding>
</invoker-proxy-bindings>
Modifying jboss.xml and jboss-service.xml allow to enable https if needed.
Regards.
Johann