This content has been marked as final.
Show 1 reply
-
1. Re: SSO/SPNEGO using 4.2.3GA possible?
schorsch07 Dec 30, 2010 2:47 AM (in response to schorsch07)Now I tried the following:
I downloaded the Trunk version of Negotiation. It seems that it is the one that is used in the tutorial (http://community.jboss.org/wiki/EJB3AuthenticationWithSPNEGO).
Somewhere in the documentation it is mentioned that a MBean is required to use the custom SocketFactory. Using SSLSocketFactory is also done this way.
So I created an MBean with interface in the package:
package org.jboss.security.negotiation.spnego.net;
import java.io.IOException;
import java.net.InetAddress;
import java.net.ServerSocket;
import javax.naming.InitialContext;
public class SPNEGOServerSocketFactoryService implements
SPNEGOServerSocketFactoryServiceMBean {
private String securityDomain = "SPNEGO";
private String hostDomain = "host";
private SPNEGOServerSocketFactory serverSocketFactory = null;
public void setSecurityDomain(String securityDomain) {
this.securityDomain = securityDomain;
}
public String getSecurityDomain() {
return securityDomain;
}
public void setHostDomain(String hostDomain) {
this.hostDomain = hostDomain;
}
public String getHostDomain() {
return hostDomain;
}
public void start() throws Exception {
if(securityDomain != null){
serverSocketFactory = new SPNEGOServerSocketFactory(securityDomain, "host" );
}
else{
throw new Exception("Can not create server socket factory due to the SecurityDomain not being set.");
}
}
public void create() throws Exception {
// NOOP
}
public void stop() {
// NOOP
}
public void destroy() {
// NOOP
}
public ServerSocket createServerSocket() throws IOException {
return serverSocketFactory.createServerSocket();
}
public ServerSocket createServerSocket(int i) throws IOException {
return serverSocketFactory.createServerSocket( i );
}
public ServerSocket createServerSocket(int i, int i1) throws IOException {
return serverSocketFactory.createServerSocket( i, i1 );
}
public ServerSocket createServerSocket(int i, int i1,
InetAddress inetAddress) throws IOException {
return serverSocketFactory.createServerSocket( i, i1, inetAddress );
}
}Then I changed the configuration in ejb3.deployer\META-INF\jboss-service.xml:
<mbean code="org.jboss.security.negotiation.spnego.net.SPNEGOServerSocketFactoryService"
name="jboss.remoting:service=ServerSocketFactory,type=SPNEGOSecurityDomainAdvanced"
display-name="SPNEGO SecurityDomain Server Socket Factory">
<attribute name="SecurityDomain">SPNEGO</attribute>
</mbean>
<mbean code="org.jboss.remoting.transport.Connector"
name="jboss.remoting:type=Connector,name=DefaultEjb3Connector,transport=socket,handler=ejb3"
display-name="SPNEGO Socket transport Connector">
<depends>jboss.aop:service=AspectDeployer</depends>
<attribute name="InvokerLocator"><![CDATA[socket://${jboss.bind.address}:3873/?loaderport=4873&serverSocketFactory=jboss.remoting:service=ServerSocketFactory,type=SPNEGOSecurityDomainAdvanced]]></attribute>
<attribute name="Configuration">
<handlers>
<handler subsystem="AOP">org.jboss.aspects.remoting.AOPRemotingInvocationHandler</handler>
</handlers>
</attribute>
</mbean>Now when I invoke the test.jar form the tutorial I get an error:
08:31:38,817 ERROR [SocketServerInvoker] SocketServerInvoker[192.168.1.10:3873]
failed to handle socket
java.io.IOException: java.lang.NegativeArraySizeException
at org.jboss.security.negotiation.spnego.net.SPNEGOServerSocket.accept(SPNEGOServerSocket.java:137)
at org.jboss.remoting.transport.socket.SocketServerInvoker.run(SocketServerInvoker.java:520)
at java.lang.Thread.run(Thread.java:619)
Caused by: java.lang.NegativeArraySizeException
at org.jboss.security.negotiation.spnego.net.SPNEGOServerSocket.acceptSocket(SPNEGOServerSocket.java:181)
at org.jboss.security.negotiation.spnego.net.SPNEGOServerSocket.accept(SPNEGOServerSocket.java:132)
... 2 moreMaybe someone could tell if it is really necessary to use my own MBean to call the SocketFactory - where and how should I configure it correctly?
Thank you,
Georg