1 2 3 Previous Next 37 Replies Latest reply: Jan 20, 2014 7:59 AM by jansi senthil Go to original post RSS
      • 15. Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)
        jw Newbie

        Pretty much the same as apparaonali's:

         

        jboss-ejb-client.properties

         

        remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false
        remote.connections=default
        remote.connection.default.host=localhost
        remote.connection.default.port=4447
        remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false
        remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER
        remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false
        

         

         

         

        jndi.properties

         

        java.naming.factory.url.pkgs=org.jboss.ejb.client.naming
        java.naming.factory.initial=org.jboss.naming.remote.client.InitialContextFactory
        

         

         

         

        Remote client code:

         

        ctx = loadFromJndiPropertiesFile();
        
        ctx.put("jboss.naming.client.ejb.context", true); // can not be in jndi.properties. Requieres boolean, does not accept String
        ctx.put(InitialContext.PROVIDER_URL,  "remote://localhost:4447");
        ctx.put(InitialContext.SECURITY_PRINCIPAL, username);
        ctx.put(InitialContext.SECURITY_CREDENTIALS, password);
        
        ctx.lookup(.....);
        
        

         

         

         

         

        Server config:

         

        
                <subsystem xmlns="urn:jboss:domain:remoting:1.1">
                    <connector name="remoting-connector" socket-binding="remoting"/>
                </subsystem>
        
        
                <subsystem xmlns="urn:jboss:domain:security:1.1">
                    <security-domains>
        
                        <security-domain name="my-security-domain" cache-type="default">
                            <authentication>
                                <login-module code="Database" flag="required">
                                    <module-option name="dsJndiName" value="java:/MyDS"/>
                                    <module-option name="principalsQuery" value="......."/>
                                    <module-option name="rolesQuery" value="......."/>
                                    <module-option name="hashAlgorithm" value="SHA"/>
                                    <module-option name="hashEncoding" value="BASE64"/>
                                </login-module>
                            </authentication>
                        </security-domain>
                    </security-domains>
               </subsystem>
        
        
        

         

         

        In addition I wanted to link the ApplicationRealm to my-security-domain:

         

        
           <management>
                <security-realms>
                    <security-realm name="ApplicationRealm">
                        <authentication>
                            <jaas name="my-security-domain"/>
                        </authentication>
                    </security-realm>
                </security-realms>
            </management>
        
        

         

         

        but that hasn't worked, so I had to remove the security realm of remoting

         

         

         

        jboss-app.xml (in META-INF of my ear):

         

        
        <jboss-app>
          <security-domain>my-security-domain</security-domain>
        </jboss-app>
        
        

         

        • 16. Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)
          Darran Lofthouse Master

          Without the security realm on the remoting connection there is no way you can call a secured EJB - lets take a step back and restore that and look at the issue you encounter when that is in place.

          • 17. Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)
            apparaonali Newbie

            Thanks for the suggestions and with these suggestions it went ahead, I am getting below errors(Underlined) at server side while accessing the secured ejb. Now user name and password are getting passed to server, however password is not matching. Same database was working for jboss6.

             

            I attached testcase and standalone.xml.

             

            13:38:17,435 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (Remoting "alh-anxp-dt" task-1) initialize
            13:38:17,435 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (Remoting "alh-anxp-dt" task-1) Security domain: AppuLogin
            13:38:17,435 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (Remoting "alh-anxp-dt" task-1) Password hashing activated: algorithm = SHA-256, encoding = base64, charset = {default}, callback = null, storeCallback = null
            13:38:17,435 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (Remoting "alh-anxp-dt" task-1) DatabaseServerLoginModule, dsJndiName=java:/jdbc/MyDs

            13:38:17,451 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (Remoting "alh-anxp-dt" task-1) principalsQuery=select password from sessionuser where name=?
            13:38:17,451 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (Remoting "alh-anxp-dt" task-1) rolesQuery=select role, 'Roles' from sessionrole where name=?
            13:38:17,451 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (Remoting "alh-anxp-dt" task-1) suspendResume=true
            13:38:17,451 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (Remoting "alh-anxp-dt" task-1) login
            13:38:17,451 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (Remoting "alh-anxp-dt" task-1) suspendAnyTransaction
            13:38:17,451 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (Remoting "alh-anxp-dt" task-1) Excuting query: select password from sessionuser where name=?, with username: admin
            13:38:17,545 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (Remoting "alh-anxp-dt" task-1) Obtained user password
            13:38:17,545 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (Remoting "alh-anxp-dt" task-1) resumeAnyTransaction
            13:38:17,545 DEBUG [org.jboss.security.auth.spi.DatabaseServerLoginModule] (Remoting "alh-anxp-dt" task-1) Bad password for username=admin
            13:38:17,545 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (Remoting "alh-anxp-dt" task-1) abort

             

             

             

            I am getting below exceptions at client side.

             

            Feb 22, 2012 1:38:17 PM org.jboss.remoting3.remote.RemoteConnection handleException


            ERROR: JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
            Feb 22, 2012 1:38:17 PM org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector setupEJBReceivers
            WARN: Could not register a EJB receiver for connection to remote://localhost:4447
            java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
            at org.jboss.ejb.client.remoting.IoFutureHelper.get(IoFutureHelper.java:91)
            at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.setupEJBReceivers(ConfigBasedEJBClientContextSelector.java:115)
            at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.<init>(ConfigBasedEJBClientContextSelector.java:77)
            at org.jboss.ejb.client.EJBClientContext.<clinit>(EJBClientContext.java:76)
            at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:120)
            at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:104)
            at $Proxy0.getPrincipal(Unknown Source)
            at demo.RemoteEJBClient.invokeStatelessBean(RemoteEJBClient.java:73)
            at demo.RemoteEJBClient.main(RemoteEJBClient.java:65)
            Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
            at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:315)
            at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:214)
            at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)
            at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189)
            at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103)
            at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)
            at org.xnio.nio.NioHandle.run(NioHandle.java:90)
            at org.xnio.nio.WorkerThread.run(WorkerThread.java:184)
            at ...asynchronous invocation...(Unknown Source)
            at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:270)
            at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:251)
            at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:349)
            at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:333)
            at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.setupEJBReceivers(ConfigBasedEJBClientContextSelector.java:113)
            ... 7 more
            java.lang.IllegalStateException: No EJB receiver available for handling [appName:TestEAR,modulename:TestEJB,distinctname:] combination
            at org.jboss.ejb.client.EJBClientContext.requireEJBReceiver(EJBClientContext.java:530)
            at org.jboss.ejb.client.ReceiverInterceptor.handleInvocation(ReceiverInterceptor.java:84)
            at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:175)
            at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:136)
            at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:121)
            at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:104)
            at $Proxy0.getPrincipal(Unknown Source)
            at demo.RemoteEJBClient.invokeStatelessBean(RemoteEJBClient.java:73)

            at demo.RemoteEJBClient.main(RemoteEJBClient.java:65)

            My test details: Added below bold proprties for management realm

             

            jboss-ejb-client.properties:

             

            endpoint.name=client-endpoint
            remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false
            remote.connections=default
            remote.connection.default.host=localhost
            remote.connection.default.port = 4447
            remote.connection.default.username=admin
            remote.connection.default.password=admin
            remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false
            remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false
            remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER

             

             

            • 18. Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)
              Darran Lofthouse Master

              Thanks for the detailed output - at this point this suggests the realm / domain configuration is correctly configured to be working together, we may need to double check that the correct password is being passed to the login module but from the information I have if the correct username is arriving there I would not suspect the wrong password to be arriving there.

               

              Within your security domain configuration you have configured the module to use both a hashAlgorithm and hashEncoding - what is the actual value stored in the password field of that row of the table?

               

              I would suggest that as a next step to at least verify end to end of this call  that you remove both the hashAlgorithm and hashEncoding values from the domain configuration and update that row of the table so that the password field contains the plain text value 'admin' - if the call can be verified to that point it will mean that attention can then be focussed on the final settings for the DatabaseLoginModule.

              • 19. Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)
                jw Newbie

                login is ok now using the following configuration

                 

                 

                server config:

                 

                            <security-realm name="ApplicationRealm">
                                <authentication>
                                    <properties path="application-users.properties" relative-to="jboss.server.config.dir"/>
                                </authentication>
                            </security-realm>
                
                
                                <security-domain name="my-security-domain" cache-type="default">
                                    <authentication>
                                        <login-module code="Remoting" flag="optional">
                                            <module-option name="password-stacking" value="useFirstPass"/>
                                        </login-module>
                                        <login-module code="Database" flag="required">
                                            <module-option name="dsJndiName" value="java:/MyDS"/>
                                            <module-option name="principalsQuery" value="select password from ......."/>
                                            <module-option name="rolesQuery" value="select r.role, 'Roles' from ...."/>
                                            <module-option name="hashAlgorithm" value="SHA"/>
                                            <module-option name="hashEncoding" value="BASE64"/>
                                            <module-option name="password-stacking" value="useFirstPass"/>
                                        </login-module>
                                    </authentication>
                                </security-domain>
                

                 

                 

                 

                 

                client initial context:

                 

                ctx.put("java.naming.factory.initial", "org.jboss.naming.remote.client.InitialContextFactory");
                ctx.put("jboss.naming.client.ejb.context", true); // can not be in jndi.properties. Requieres boolean, does not accept String 
                ctx.put(InitialContext.PROVIDER_URL,  "remote://localhost:4447"); 
                ctx.put(InitialContext.SECURITY_PRINCIPAL, "test"); 
                ctx.put(InitialContext.SECURITY_CREDENTIALS, "tset"); 
                

                 


                 

                 

                jboss-ejb-client:

                 

                remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false
                remote.connections=default
                remote.connection.default.host=localhost
                remote.connection.default.port=4447
                remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=true
                remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER
                remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false
                remote.connection.default.username=test
                remote.connection.default.password=tset
                

                 

                 

                 

                The key thing was that the username/password must be passed in on 2 places: in the jboss-ejb-client file AND in InitialContext. Is this how it should be or does anyone knows a better solution?

                 

                Redirecting the ApplicationRealm to my-security-domain still doesn't work. How has this to be done?

                 

                            <security-realm name="ApplicationRealm">
                                <authentication>
                                    <jaas name="my-security-domain"/>
                                </authentication>
                            </security-realm>
                

                 

                 

                Error is:

                 

                 

                Caused by: javax.naming.NamingException: Failed to create remoting connection [Root exception is java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed]

                          at org.jboss.naming.remote.client.ClientUtil.namingException(ClientUtil.java:36)

                          at org.jboss.naming.remote.client.InitialContextFactory.getInitialContext(InitialContextFactory.java:117)

                          at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)

                          at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:307)

                          at javax.naming.InitialContext.init(InitialContext.java:242)

                          at javax.naming.InitialContext.<init>(InitialContext.java:216)

                          at ch.syseca.edis.swing.presentation.ServiceLocator$3.getContext(ServiceLocator.java:123)

                          at ch.syseca.sstl.eutil.resourcelocator.ResourceLocator.lookup(ResourceLocator.java:67)

                          ... 13 more

                Caused by: java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed

                          at org.jboss.naming.remote.protocol.IoFutureHelper.get(IoFutureHelper.java:87)

                          at org.jboss.naming.remote.client.cache.ConnectionCache.get(ConnectionCache.java:42)

                          at org.jboss.naming.remote.client.InitialContextFactory.createConnection(InitialContextFactory.java:153)

                          at org.jboss.naming.remote.client.InitialContextFactory.getOrCreateConnection(InitialContextFactory.java:126)

                          at org.jboss.naming.remote.client.InitialContextFactory.getInitialContext(InitialContextFactory.java:106)

                          ... 19 more

                Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed

                          at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:365)

                          at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:214)

                          at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

                          at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189)

                          at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103)

                          at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)

                          at org.xnio.nio.NioHandle.run(NioHandle.java:90)

                          at org.xnio.nio.WorkerThread.run(WorkerThread.java:184)

                          at ...asynchronous invocation...(Unknown Source)

                          at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:270)

                          at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:251)

                          at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:349)

                          at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:333)

                          at org.jboss.naming.remote.client.cache.EndpointCache$EndpointWrapper.connect(EndpointCache.java:110)

                          at org.jboss.naming.remote.client.cache.ConnectionCache.get(ConnectionCache.java:41)

                          ... 22 more

                • 20. Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)
                  Darran Lofthouse Master

                  Looking at your stack trace the error is reported when the connection is being established for the InitialContext, have a look towards the end of the following post with examples to set the same xnio Options for the JNDI connection: -

                   

                  Custom jdbc login module for remoting

                  • 21. Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)
                    apparaonali Newbie

                    Thanks for your reply.

                     

                    I tried the following things but I am getting the same exceptions as mentioned above and server log is also same "Bad Password"

                    1. Disabled encrypting of passwords by removing the below two lines from standalone.xml

                        <module-option name="hashAlgorithm" value="SHA-256"/>
                        <module-option name="hashEncoding" value="base64"/>

                     

                       Updated the password in database table to plain text

                     

                    Ran the application appliaction.

                     

                    2. Tried with blank password, result is same.

                    • 22. Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)
                      jw Newbie

                      Thanks for the link. Added the following lines to jndi.properties:

                       

                      jboss.naming.client.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=true

                      jboss.naming.client.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER

                      jboss.naming.client.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false

                       

                       

                      Now I get also the 'Bad Password' message as in the posting before.

                      • 23. Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)
                        Darran Lofthouse Master

                        Are either of you familiar with debugging JBoss AS source?  If so the easiest thing would be to set a breakpoint and check the values being passed into the validatePassword of UsernamePasswordLoginModule and verify that they are as expected (To be getting the error we see one of them must be wrong)

                         

                        If not I will see if we can use byteman to output the values for us to vefify.

                        • 24. Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)
                          Petr Mates Newbie

                          Do you know, what is managed by jboss.naming.client.ejb.context?

                          • 25. Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)
                            apparaonali Newbie

                            Finally the issue for fixed and able to connect to remote ejbs successfuly.

                             

                            Actually there is space in password value in ejb client proprties file and due to that it failed.

                             

                            I build Jboss picketbox(Jboss security) libraries and debugged then I found the reason for the issue.

                            Once I update the ejb client priorities file I am able to connect to ejbs.

                             

                            Thanks Darren for constant support to fix the issue.

                            • 26. Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)
                              Ganesh Saithala Newbie

                              Thanks Daren for helping to fix this issue.

                               

                              Iam posting below working EJB client API based test program.

                               

                              package demo;


                              import java.io.IOException;
                              import java.net.URI;
                              import java.security.Security;
                              import java.util.concurrent.TimeUnit;

                              import javax.naming.NamingException;
                              import javax.security.auth.login.LoginException;

                              import org.jboss.ejb.client.ContextSelector;
                              import org.jboss.ejb.client.EJBClient;
                              import org.jboss.ejb.client.EJBClientContext;
                              import org.jboss.ejb.client.EJBClientTransactionContext;
                              import org.jboss.ejb.client.StatelessEJBLocator;
                              import org.jboss.ejb.client.remoting.IoFutureHelper;
                              import org.jboss.remoting3.Connection;
                              import org.jboss.remoting3.Endpoint;
                              import org.jboss.remoting3.Remoting;
                              import org.jboss.remoting3.remote.RemoteConnectionProviderFactory;
                              import org.jboss.sasl.JBossSaslProvider;
                              import org.xnio.IoFuture;
                              import org.xnio.OptionMap;
                              import org.xnio.Options;


                              public class RemoteEJBClient {
                                 
                                  /**
                                   * User login name
                                   */
                                  private static final String USER_LOGIN_NAME = "admin";

                                  /**
                                   * User password
                                   */
                                  private static final String USER_PASSWORD = "admin";
                                 
                                  private static Connection connection;
                                  private static EJBClientContext ejbClientContext;
                                  private static Endpoint endpoint;


                                  static {
                                      Security.addProvider(new JBossSaslProvider());
                                  }


                                  public static void main(String[] args) throws Exception {
                                     

                                      endpoint = Remoting.createEndpoint("ejb-remote-client-endpoint", OptionMap.EMPTY);

                                      endpoint.addConnectionProvider("remote", new RemoteConnectionProviderFactory(),
                                                                     OptionMap.create(Options.SSL_ENABLED, Boolean.FALSE, Options.SASL_SERVER_AUTH,
                                                                                      Boolean.FALSE));
                                     
                                      MyCallbackHandler callbackhndlr = new MyCallbackHandler(USER_LOGIN_NAME, USER_PASSWORD);
                                       // open a connection
                                      final IoFuture<Connection> futureConnection = endpoint.connect(new URI("remote://localhost:" + "4447"),
                                                                                                     OptionMap.create(Options.SASL_POLICY_NOPLAINTEXT,
                                                                                                                      Boolean.FALSE), callbackhndlr);
                                      connection = IoFutureHelper.get(futureConnection, 5, TimeUnit.SECONDS);

                                      ejbClientContext = EJBClientContext.create();
                                      ejbClientContext.registerConnection(connection);
                                      @SuppressWarnings("unused")
                                      final ContextSelector<EJBClientContext> previousSelector = EJBClientContext.setConstantContext(ejbClientContext);

                                      // setting up something for transactions
                                      final EJBClientTransactionContext localUserTxContext = EJBClientTransactionContext.createLocal();
                                      EJBClientTransactionContext.setGlobalContext(localUserTxContext);
                                     
                                      invokeStatelessBean();
                                     

                                      if (connection != null) {
                                          try {
                                              connection.close();
                                          } catch (IOException ioe) {
                                              System.out.println("Failed to close connection" + ioe);
                                          }
                                      }
                                      if (endpoint != null) {
                                          try {
                                              endpoint.close();
                                          } catch (IOException ioe) {
                                              System.out.println("Failed to close endpoint" + ioe);
                                          }
                                      }

                                  }

                                  private static void invokeStatelessBean() throws NamingException, LoginException {

                                      final SessionBeanInterface statelessSessionBeanInterface = lookupRemoteStatelessCalculator();
                                      System.out.println("Obtained a remote stateless SessionBeanInterface for invocation");
                                      try {
                                          System.out.println("EJB principal " + statelessSessionBeanInterface.getPrincipal());
                                      } catch (RuntimeException e) {
                                          e.printStackTrace();
                                      }
                                  }


                                  private static SessionBeanInterface lookupRemoteStatelessCalculator() throws NamingException, LoginException {
                                      final String appName = "TestEAR";
                                      final String moduleName = "TestEJB";
                                      final String distinctName = "";
                                      final String beanName = "SessionBean";
                                      final String viewClassName = SessionBeanInterface.class.getName();
                                      System.out.println("ejb:" + appName + "/" + moduleName + "/" + distinctName + "/" + beanName + "!" + viewClassName);

                                      // create a locator depending on the type you are calling: StatelessEJBLocator, EntityEJBLocator, StatefulEJBLocator &
                                      // create the proxy given the locator
                                      final StatelessEJBLocator<SessionBeanInterface> locator = new StatelessEJBLocator<SessionBeanInterface>(
                                                                                                                                              SessionBeanInterface.class,
                                                                                                                                              appName,
                                                                                                                                              moduleName,
                                                                                                                                              beanName,
                                                                                                                                              distinctName);
                                      SessionBeanInterface bean = EJBClient.createProxy(locator);
                                      return bean;
                                  }

                              }

                               

                              • 27. Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)
                                jaikiran pai Master

                                apparaonali wrote:

                                 

                                Finally the issue for fixed and able to connect to remote ejbs successfuly.

                                 

                                Actually there is space in password value in ejb client proprties file and due to that it failed.

                                 

                                Trailing space to the password value? I wonder if it's a good idea if we trimmed the value.

                                • 28. Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)
                                  Darran Lofthouse Master

                                  @jaikiran - it probably does make sense to trip any trailing space at least

                                  • 29. Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)
                                    Darran Lofthouse Master

                                    One other point revealed by this thread (and a couple of others) is that it is quite difficult to get enough information from the logs to accurately see why a comparison is failing - all logging that outputs passwords has been removed so that passwords are not accidentally stored in the logs but I think there are still a couple of scenarios where there is no other option than logging the values so that they can be manually compared to make sure they are as expected.

                                     

                                    I am going to have a look at what options we have for a development environment at least to essentially evaluate the end to end authentication process so that the point of failure can be pinpointed more quickly.