10 Replies Latest reply on Jul 9, 2010 8:15 AM by jaikiran

    EJB3 SSL tutorial

    agronosky

      Hi all,

       

      I am trying to run the SSL tutorial for EJB3 on jboss-5.1.0.GA and I'm having a hard time with it.

       

      I've read the AccessingEJB3soverSSL Wiki page but it seems to be written for JBoss 4. What file do I need to edit to set up the SSL connector?  The Wiki page says to add an mbean $JBOSS_HOME/server/default/deploy/ejb3.deployer/META-INF/jboss-service.xml but that file doesn't exist in JBoss 5.  Here's what I see in that directory:


      ejb3-deployers-jboss-beans.xml    jpa-deployers-jboss-beans.xml

       

      No jboss-service.xml to be found.  So where should I insert the mbean:

       

      <mbean code="org.jboss.remoting.transport.Connector"
            name="jboss.remoting:type=Connector,transport=socket3843,handler=ejb3">
            <depends>jboss.aop:service=AspectDeployer</depends>
            <attribute name="InvokerLocator">sslsocket://0.0.0.0:3843</attribute>
            <attribute name="Configuration">
               <handlers>
                  <handler subsystem="AOP">org.jboss.aspects.remoting.AOPRemotingInvocationHandler</handler>
               </handlers>
            </attribute>
         </mbean>

       

      Thanks in advance for any help you can give.

       

      -Andrew Gronosky

        • 1. Re: EJB3 SSL tutorial
          jaikiran

          The EJB3 tutorials for AS-5 might be useful http://www.jboss.org/ejb3/docs.html

           

          The SSL tutorial source is here http://anonsvn.jboss.org/repos/jbossas/projects/ejb3/trunk/docs/tutorial/ssl/

          • 2. Re: EJB3 SSL tutorial
            agronosky

            Thank you for the links to the documentation.  I am afraid they did not help me too much because I am specifically trying to set up SSL transport.  I did not find any reference to SSL in the HTML documentation that you pointed me to (thank you for writing that, though!).

             

            Likewise, there is an SSL example in the EJB3 tutorial source code.  What I can't tell from that example is how to configure the server to use SSL transport.

            • 3. Re: EJB3 SSL tutorial
              jaikiran

              You can create your own *-service.xml file with these contents http://anonsvn.jboss.org/repos/jbossas/projects/ejb3/trunk/docs/tutorial/ssl/META-INF/ssl-service.xml and place it in the deploy folder. Then you can configure your bean to use this connector (using the @org.jboss.ejb3.annotaion.RemoteBinding annotation).

               

              P.S: I don't know why the SSL tutorial chapter is missing from the tutorial docs. I'll look into it.

              1 of 1 people found this helpful
              • 4. Re: EJB3 SSL tutorial
                agronosky

                This worked.  Thanks very much!

                • 5. Re: EJB3 SSL tutorial
                  agronosky

                  Actually, I wrote a bit too soon when I said it worked perfectly.  It works when the client and the server are running on the same host, but I run into problems when I run the client from a different host.

                   

                  On the client side, I updated jndi.properties to point to the JNDI service on the server.  I verified that the same jndi.properties do work for non-SSL EJBS (using the stateless session bean example from the tutorials) so it's not a basic connectivity problem.

                   

                  There's something I'm still missing here... I've tried making my own certs/keystores using the exact host names, but it didn't seem to help.

                   

                  [java] Exception in thread "main" javax.naming.NamingException: Could not dereference object [Root exception is org.jboss.remoting.CannotConnectException: Can not get connection to server. Problem establishing socket connection for InvokerLocator [sslsocket://0.0.0.0:3843/]]
                       [java]     at org.jnp.interfaces.NamingContext.getObjectInstanceWrapFailure(NamingContext.java:1504)
                       [java]     at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:822)
                       [java]     at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:686)
                       [java]     at javax.naming.InitialContext.lookup(InitialContext.java:409)
                       [java]     at org.jboss.tutorial.ssl.client.Client.main(Client.java:45)
                       [java] Caused by: org.jboss.remoting.CannotConnectException: Can not get connection to server. Problem establishing socket connection for InvokerLocator [sslsocket://0.0.0.0:3843/]
                       [java]     at org.jboss.remoting.transport.socket.MicroSocketClientInvoker.transport(MicroSocketClientInvoker.java:776)
                       [java]     at org.jboss.remoting.MicroRemoteClientInvoker.invoke(MicroRemoteClientInvoker.java:165)
                       [java]     at org.jboss.remoting.Client.invoke(Client.java:1724)
                       [java]     at org.jboss.remoting.Client.invoke(Client.java:629)
                       [java]     at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:60)
                       [java]     at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
                       [java]     at org.jboss.ejb3.proxy.impl.remoting.IsLocalProxyFactoryInterceptor.invoke(IsLocalProxyFactoryInterceptor.java:72)
                       [java]     at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
                       [java]     at org.jboss.aspects.remoting.PojiProxy.invoke(PojiProxy.java:62)
                       [java]     at $Proxy0.createProxyBusiness(Unknown Source)
                       [java]     at org.jboss.ejb3.proxy.impl.objectfactory.session.SessionProxyObjectFactory.createProxy(SessionProxyObjectFactory.java:129)
                       [java]     at org.jboss.ejb3.proxy.impl.objectfactory.session.stateless.StatelessSessionProxyObjectFactory.getProxy(StatelessSessionProxyObjectFactory.java:79)
                       [java]     at org.jboss.ejb3.proxy.impl.objectfactory.ProxyObjectFactory.getObjectInstance(ProxyObjectFactory.java:158)
                       [java]     at javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:321)
                       [java]     at org.jnp.interfaces.NamingContext.getObjectInstance(NamingContext.java:1479)
                       [java]     at org.jnp.interfaces.NamingContext.getObjectInstanceWrapFailure(NamingContext.java:1496)
                       [java]     ... 4 more
                       [java] Caused by: java.net.ConnectException: Connection refused
                       [java]     at java.net.PlainSocketImpl.socketConnect(Native Method)
                       [java]     at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:310)
                       [java]     at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:174)
                       [java]     at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:163)
                       [java]     at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:384)
                       [java]     at java.net.Socket.connect(Socket.java:542)
                       [java]     at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:570)
                       [java]     at org.jboss.remoting.transport.sslsocket.SSLSocketClientInvoker.connect(SSLSocketClientInvoker.java:243)
                       [java]     at org.jboss.remoting.transport.sslsocket.SSLSocketClientInvoker.createSocket(SSLSocketClientInvoker.java:186)
                       [java]     at org.jboss.remoting.transport.socket.MicroSocketClientInvoker.getConnection(MicroSocketClientInvoker.java:1089)
                       [java]     at org.jboss.remoting.transport.socket.MicroSocketClientInvoker.transport(MicroSocketClientInvoker.java:762)
                       [java]     at org.jboss.remoting.MicroRemoteClientInvoker.invoke(MicroRemoteClientInvoker.java:165)
                       [java]     at org.jboss.remoting.Client.invoke(Client.java:1724)
                       [java]     at org.jboss.remoting.Client.invoke(Client.java:629)
                       [java]     at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:60)
                       [java]     at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
                       [java]     at org.jboss.ejb3.proxy.impl.remoting.IsLocalProxyFactoryInterceptor.invoke(IsLocalProxyFactoryInterceptor.java:72)
                       [java]     at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
                       [java]     at org.jboss.aspects.remoting.PojiProxy.invoke(PojiProxy.java:62)
                       [java]     at $Proxy0.createProxyBusiness(Unknown Source)
                       [java]     at org.jboss.ejb3.proxy.impl.objectfactory.session.SessionProxyObjectFactory.createProxy(SessionProxyObjectFactory.java:129)
                       [java]     at org.jboss.ejb3.proxy.impl.objectfactory.session.stateless.StatelessSessionProxyObjectFactory.getProxy(StatelessSessionProxyObjectFactory.java:79)
                       [java]     at org.jboss.ejb3.proxy.impl.objectfactory.ProxyObjectFactory.getObjectInstance(ProxyObjectFactory.java:158)
                       [java]     at javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:321)
                       [java]     at org.jnp.interfaces.NamingContext.getObjectInstance(NamingContext.java:1479)
                       [java]     at org.jnp.interfaces.NamingContext.getObjectInstanceWrapFailure(NamingContext.java:1496)
                       [java]     at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:822)
                       [java]     at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:686)
                       [java]     at javax.naming.InitialContext.lookup(InitialContext.java:409)
                       [java]     at org.jboss.tutorial.ssl.client.Client.main(Client.java:45)
                       [java]     at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:72)
                       [java]     ... 15 more
                       [java] Java Result: 1

                  • 6. Re: EJB3 SSL tutorial
                    peterj

                    Did you use the -b option on the command line when starting JBoss AS? See:

                    https://community.jboss.org/wiki/JBoss42FAQ

                     

                    Are you running on Linux? If so, is your /etc/hosts file configured correctly? See this discussion:

                    http://community.jboss.org/thread/120995

                     

                    Finally, based on this part of the error message: "sslsocket://0.0.0.0:3843/", I hope that you did not use 0.0.0.0 in your remote client's configuration, that will not work as there is no such IP address.

                    1 of 1 people found this helpful
                    • 7. Re: EJB3 SSL tutorial
                      agronosky

                      It turns out the -b option was my problem.  Using -b (IP address), and setting the java.naming.provider.url in the client's jndi.properties, made it work.

                       

                      Oh, I should also mention, I needed to edit the source code for the example EJB.  On lines 35-36 of ${EJB3_TUTORIAL_HOME}/ssl/src/org/jboss/tutorial/ssl/bean/CalculatorBean.java,

                       

                       

                      @RemoteBindings(
                      {@RemoteBinding(clientBindUrl = "sslsocket://0.0.0.0:3843"), @RemoteBinding(jndiBinding = "CalculatorNormal")})

                       

                      you have to update the IP address to match the address to which the server is bound.

                       

                      So really I had two problems.

                       

                      Thanks very much!

                      • 8. Re: EJB3 SSL tutorial
                        jaikiran

                        Andrew Gronosky wrote:

                         

                         

                         

                        Oh, I should also mention, I needed to edit the source code for the example EJB.  On lines 35-36 of ${EJB3_TUTORIAL_HOME}/ssl/src/org/jboss/tutorial/ssl/bean/CalculatorBean.java,

                         

                         

                        @RemoteBindings(
                        {@RemoteBinding(clientBindUrl = "sslsocket://0.0.0.0:3843"), @RemoteBinding(jndiBinding = "CalculatorNormal")})

                         

                        Yes, for some reason that particular tutorial seems to have been left behind (it doesn't figure in the tutorial chapters). I'll be fixing this soon. Thanks for bringing this up.

                        • 9. Re: EJB3 SSL tutorial
                          minibiti

                          Hi Jaikiran, could you post the link to the SVN repo for the source code in the EJB3 tutorial article (aka here http://www.jboss.org/ejb3/docs.html) please?

                          It is a pain not to have that directly there and have to google it

                          • 10. Re: EJB3 SSL tutorial
                            jaikiran

                            Here it is http://anonsvn.jboss.org/repos/jbossas/projects/ejb3/trunk/docs/tutorial/. I'll add a link to this in the docs during our next release.