7 Replies Latest reply on Dec 20, 2006 6:46 AM by clarich

    No connection possible after an illegitimate attempt

    ente

      There is a very bad problem:
      If a third person has tried to connect to the server, then it is not possible to build up a connection between client and server.
      So it is not possible to use the server wiht a new client after e.g. someone has tried to infiltrate the server.

      And if a client has no permission to connect to a certain server (auth. through a client certificate) then Client c=new Client(locator, "subsystem", configuration) will hang up the application

      affects ssl and multiplex connections

        • 1. Re: No connection possible after an illegitimate attempt

          Not sure I understand the problem. So you are saying that if a client tries to connect to a server (using sslsocket for example) and the connection failes (due to ssl handshake failure for example), then no one else will be able to connect to the server?

          You wouldn't happen to have a test case handy for this issue?

          • 2. Re: No connection possible after an illegitimate attempt
            ente

            yes

            already sent you a email (May,11th) to <tom@jboss.org>
            maybe came in 04:06

            • 3. Re: No connection possible after an illegitimate attempt

              Ok. I see it, just have not gotten to it yet. Can you open a jira issue for it (or post the jira issue id if there already is one)?

              Thanks.

              -Tom

              • 4. Re: No connection possible after an illegitimate attempt

                Never mind, found the jira issue - http://jira.jboss.com/jira/browse/JBREM-468.

                I'll attach the test case to the issue.

                • 5. Re: No connection possible after an illegitimate attempt
                  clarich

                  I don't know if this matches the previous mentioned issue or if this is an issue for its own, but I have the problem that when running two Clients using Transporters to connect to a target POJO on the server side and using SSL to do this, always the second client is handled as beeing the first client.

                  I mean when the first Client is trusted by the Server, the second client is also, althogh it should not. The other way round, if the first Client is not trusted the second is not ,too, althogh it should be trusted.

                  here is some sample code describing my problem:

                  ---Client code---

                  package client;
                  
                  import java.net.MalformedURLException;
                  
                  import org.jboss.remoting.InvokerLocator;
                  import org.jboss.remoting.security.SSLSocketBuilder;
                  import org.jboss.remoting.transporter.TransporterClient;
                  
                  import server.HandlerInterface;
                  
                  public class Client {
                   /**
                   * the Object containing all information about the Server location
                   */
                   protected InvokerLocator locator;
                  
                   /**
                   * Constructor - initializes the locator and sets properties
                   */
                   public Client(String user) {
                   if (user == "user1") {
                   System.setProperty(SSLSocketBuilder.STANDARD_KEY_STORE_FILE_PATH,
                   "./certificates/client/user1.keystore");
                   System.setProperty(SSLSocketBuilder.STANDARD_KEY_STORE_PASSWORD,
                   "client");
                   System.setProperty(SSLSocketBuilder.STANDARD_TRUST_STORE_FILE_PATH,
                   "./certificates/client/user1.truststore");
                   System.setProperty(SSLSocketBuilder.STANDARD_TRUST_STORE_PASSWORD,
                   "client");
                   System.setProperty(InvokerLocator.FORCE_REMOTE, "true");
                   }
                   if (user == "user2") {
                   System.setProperty(SSLSocketBuilder.STANDARD_KEY_STORE_FILE_PATH,
                   "./certificates/client/user2.keystore");
                   System.setProperty(SSLSocketBuilder.STANDARD_KEY_STORE_PASSWORD,
                   "client");
                   System.setProperty(SSLSocketBuilder.STANDARD_TRUST_STORE_FILE_PATH,
                   "./certificates/client/user2.truststore");
                   System.setProperty(SSLSocketBuilder.STANDARD_TRUST_STORE_PASSWORD,
                   "client");
                   System.setProperty(InvokerLocator.FORCE_REMOTE, "true");
                   }
                  
                   try {
                   locator = new InvokerLocator("sslsocket://127.0.0.1:7070");
                   } catch (MalformedURLException e) {
                   e.printStackTrace();
                   }
                   }
                  
                   /**
                   * reqests the Server for an handle
                   */
                   public void requestHandle() {
                   HandlerInterface handler = null;
                   try {
                   handler = (HandlerInterface) TransporterClient
                   .createTransporterClient(locator, HandlerInterface.class);
                   System.out.println("server returned: " + handler.doHandle());
                  
                   } catch (Exception e) {
                   e.printStackTrace();
                   } finally {
                   if (handler != null) {
                   TransporterClient.destroyTransporterClient(handler);
                   }
                   }
                   }
                  
                   public static void main(String[] args) {
                   System.out.println("starting client for claudia");
                   Client client = new Client("user1");// is trusted
                  
                   // should print a String
                   client.requestHandle();
                  
                   System.out.println("starting client for michael");
                   Client client2 = new Client("user2");// is not trusted
                  
                   // should not print a String but throw an exception
                   client2.requestHandle();
                   }
                  }
                  


                  ---Server Code---
                  package server;
                  
                  import java.io.IOException;
                  import java.util.HashMap;
                  import java.util.Map;
                  
                  import org.jboss.remoting.security.SSLSocketBuilder;
                  import org.jboss.remoting.transporter.TransporterServer;
                  
                  public class Server {
                  
                   private static TransporterServer server;
                  
                   /**
                   * runs and starts the Server
                   *
                   * @param args
                   */
                   public static void main(String[] args) {
                   String locatorURL = "sslsocket://127.0.0.1:7070";
                  
                   HandlerInterface handler = new Handler();
                   try {
                   Map config = getConfiguration();
                   server = TransporterServer.createTransporterServer(locatorURL,
                   handler, HandlerInterface.class.getName(), config, false);
                   server.start();
                   } catch (Exception e) {
                   e.printStackTrace();
                   }
                  
                   }
                  
                   /**
                   * creates a ServerSocketFactory that is configured by using an
                   * SSLSocketBuilder
                   *
                   * @return configuration Map
                   * @throws IOException
                   * if the Factory could not be created
                   */
                   private static HashMap getConfiguration() {
                   HashMap<String, String> sslConfig = new HashMap<String, String>();
                  
                   sslConfig.put(SSLSocketBuilder.REMOTING_KEY_STORE_FILE_PATH,
                   "./certificates/server/Server.keystore");
                   sslConfig.put(SSLSocketBuilder.REMOTING_KEY_STORE_PASSWORD, "pass");
                   sslConfig.put(SSLSocketBuilder.REMOTING_TRUST_STORE_FILE_PATH,
                   "./certificates/server/Server.truststore");
                   sslConfig.put(SSLSocketBuilder.REMOTING_TRUST_STORE_PASSWORD,
                   "pass");
                   sslConfig.put(SSLSocketBuilder.REMOTING_CLIENT_AUTH_MODE,
                   SSLSocketBuilder.CLIENT_AUTH_MODE_NEED);
                   sslConfig.put("numAcceptThreads", "2");
                   return sslConfig;
                   }
                  }
                  


                  ---HandlerInterface (POJO) returning a String to the Client if trusted---
                  package server;
                  
                  public interface HandlerInterface {
                  
                   public abstract String doHandle();
                  
                  }
                  


                  The keystore of user1 is stored in the servers truststore, but the keystore of user2 is not

                  I switched around the two client in the Client.main method and got the result I described above.

                  Could anybody tell me why this happens? Might this be another Bug?

                  • 6. Re: No connection possible after an illegitimate attempt

                    The problem lies in our use of javax.net.ssl.SSLSocketFactory.getDefault() internally when explicit ssl config is missing (more on this in a min), which can be found within org.jboss.remoting.security.SSLSocketBuilder (line 421). The jdk (at least Sun's implementation) will cache this factory once created, including the system property values used to create it. Therefore, once a transporter client is created using ssl based transport, this default SSLSocketFactory is created and will be re-used for any other transporter clients created using a ssl based transport.

                    Unfortunately, can't do much about jdk's default SSLSocketFactory not re-checking the system properties after it has been created once. However, will add to the remoting transporter client code so can pass in explicit ssl configuration, so don't have to rely on the default ssl socket factory (see http://jira.jboss.com/jira/browse/JBREM-652).

                    • 7. Re: No connection possible after an illegitimate attempt
                      clarich

                      great thing. So I will wait and hope, that this issue is solved soon ;-).