-
1. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
jaikiran Apr 9, 2012 1:53 AM (in response to abhi0123)abhi0123 wrote:
The article here nicely explains how to do the JNDI look up for an EJB with a remote view. What about when there isn't one?
You cannot use EJBs from a remote client if it doesn't expose remote views. That's the whole purpose of having remote views.
-
2. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
abhi0123 Apr 9, 2012 10:45 AM (in response to jaikiran)jaikiran pai wrote:
abhi0123 wrote:
The article here nicely explains how to do the JNDI look up for an EJB with a remote view. What about when there isn't one?
You cannot use EJBs from a remote client if it doesn't expose remote views.
I thought, and I could be wrong here, that even if you don't create a Remote Interface, the container does it for you. It just has the same name as the Bean class.
In the same context, would you also shed some light on how to invoke an EJB method secured using @RolesAllowed from standalone client? I tried by putting the username and password in the JNDI properties used for getting the InitialContext and it did not work. I am still getting the routine exception for a non-authorized client.
-
3. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
swd847 Apr 9, 2012 8:25 PM (in response to abhi0123)What you are after should be covered here: https://docs.jboss.org/author/display/AS71/EJB+invocations+from+a+remote+client+using+JNDI
In the "Setting up EJB client context properties" section.
-
4. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
abhi0123 Apr 9, 2012 10:00 PM (in response to swd847)Stuart Douglas wrote:
What you are after should be covered here: https://docs.jboss.org/author/display/AS71/EJB+invocations+from+a+remote+client+using+JNDI
In the "Setting up EJB client context properties" section.
I read that article several times, in fact I start my discussion saying "The article here nicely explains how to do the JNDI look up for an EJB with a remote view". Unfortunately, it does not seem like the credential is passed to the server as you'd think. It is returning Principal name as $local. If it matters,following is the code:
SecureBeanRemote.java
{code}
@Remote
public interface SecureBeanRemote {
public String secureMethod();
public String unsecureMethod();
}
{code}
SecureBean.java
{code}
@Stateless
@LocalBean
@DeclareRoles({ "user", "guest" })
public class SecureBean implements SecureBeanRemote {
@Resource
SessionContext context;
@RolesAllowed("user")
public String secureMethod() {
return "Hello user:" + context.getCallerPrincipal().getName();
}
@PermitAll
public String unsecureMethod() {
return "Hello: " + context.getCallerPrincipal().getName();
}
}
{code}
ejb-jar.xml
{code:xml}
<ejb-jar xmlns="http://java.sun.com/xml/ns/javaee" version="3.1"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/ejb-jar_3_1.xsd">
<enterprise-beans>
<session>
<ejb-name>SecureBean</ejb-name>
<ejb-class>edu.certification.abhijitsarkar.ocewsd.ejb3.SecureBean</ejb-class>
<security-role-ref>
<role-name>user</role-name>
<role-link>AppUser</role-link>
</security-role-ref>
<security-role-ref>
<role-name>guest</role-name>
<role-link>AppGuest</role-link>
</security-role-ref>
</session>
</enterprise-beans>
<assembly-descriptor>
<security-role>
<role-name>AppUser</role-name>
</security-role>
<security-role>
<role-name>AppGuest</role-name>
</security-role>
</assembly-descriptor>
</ejb-jar>
{code}
jboss-ejb3.xml
{code:xml}
<?xml version="1.1" encoding="UTF-8"?>
<jboss:ejb-jar xmlns:jboss="http://www.jboss.com/xml/ns/javaee"
xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:c="urn:clustering:1.0"
xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee http://www.jboss.org/j2ee/schema/jboss-ejb3-2_0.xsd http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/ejb-jar_3_1.xsd"
version="3.1" impl-version="2.0">
<assembly-descriptor xmlns="http://java.sun.com/xml/ns/javaee">
<security:security xmlns:security="urn:security">
<security:security-domain>other</security:security-domain>
<ejb-name>SecureBean</ejb-name>
</security:security>
</assembly-descriptor>
</jboss:ejb-jar>
{code}
application-users.properties
{code}
Abhijit$ tail -5 application-users.properties
# is for illustration only and does not correspond to a usable password.
#
#admin=2a0923285184943425d1f53ddd58ec7a
user=8544a03c79aee5b1c99458d83ee0f9e0
guest=1bb6b7c18b5c1dab17f5141fa398905a
{code}
application-roles.properties
{code}
Abhijit$ tail -5 application-roles.properties
#
#admin=PowerUser,BillingAdmin,
#guest=guest
user=AppUser
guest=AppGuest
{code}
JBossEjb3Client.java
{code}
private Context getContext(final String username, final String password)
throws NamingException {
final Hashtable<String, String> jndiProperties = new Hashtable<String, String>();
jndiProperties.put(Context.URL_PKG_PREFIXES,
"org.jboss.ejb.client.naming");
jndiProperties.put(Context.SECURITY_PRINCIPAL, username);
jndiProperties.put(Context.SECURITY_CREDENTIALS, password);
return new InitialContext(jndiProperties);
}
{code}
{code}
SecureBeanRemote remote = (SecureBeanRemote) getContext(username, password).lookup("ejb:/ejb3-security-1.0/SecureBean!edu.certification.abhijitsarkar.ocewsd.ejb3.SecureBeanRemote");
System.out.println(remote.unsecureMethod());
{code}
jboss-ejb-client.properties
{code}
remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false
remote.connections=default
remote.connection.default.host=localhost
remote.connection.default.port = 4447
remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false
remote.connection.default.username=user
remote.connection.default.password=***
{code}
-
5. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
swd847 Apr 9, 2012 9:00 PM (in response to abhi0123)1 of 1 people found this helpfulAdd the following to your file:
remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER
(JBOSS-LOCAL-USER is the mechanism that allows for transparent auth when running on the same machine with the same user name, it authenticates with the user name $local).
-
6. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
abhi0123 Apr 9, 2012 9:33 PM (in response to swd847)With remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER
{code}
java.lang.IllegalStateException: No EJB receiver available for handling [appName:,modulename:ejb3-security-1.0,distinctname:] combination for invocation context org.jboss.ejb.client.EJBClientInvocationContext@ee51b2c
at org.jboss.ejb.client.EJBClientContext.requireEJBReceiver(EJBClientContext.java:584)
at org.jboss.ejb.client.ReceiverInterceptor.handleInvocation(ReceiverInterceptor.java:119)
at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:181)
at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:136)
at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:121)
at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:104)
at $Proxy4.unsecureMethod(Unknown Source)
at edu.certification.abhijitsarkar.ocewsd.ejb3.client.JBossEjb3Client.unsecureMethod(JBossEjb3Client.java:22)
{code}
Seems like this guy has posted the exact same issue I am getting now and had a resolution, here but his lookup is different. He's using a class org.jboss.naming.remote.client.InitialContextFactory for initial context factory which I do not have as a dependency. I am searching to see what I need.
-
7. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
swd847 Apr 9, 2012 9:35 PM (in response to abhi0123)It sounds like your authenticatoin is failing, are you sure you have the correct username and password? (also there should be something in the logs to that effect)
-
8. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
abhi0123 Apr 9, 2012 9:59 PM (in response to swd847)It finally worked, I had removed the default username and password from the jboss-ejb-client.properties which was causing the issue. My true purpose is to expose the EJB as a JAX-WS WebService. Since with WebServices, there's no initial context and no look up involved, how can I achieve the same result? Or can I?.
On a separate note, I'd suggest updating the article you referred to. That'd save a lot of people's time when they face a similar issue, not to mention your time if you choose to help them.
-
9. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
abhi0123 Apr 9, 2012 11:36 PM (in response to abhi0123)For those who came across this post desparate for a solution, you've 2 choices as follows. Maven dependencies are posted too whereas the dependency jboss-as-ejb-client-bom is only required for choice #2.
1.
{code}
private Context getContext(final String username, final String password) throws NamingException {
final Properties jndiProperties = new Properties();
jndiProperties.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");
return new InitialContext(jndiProperties);
{code}{code}
SecureBeanRemote remote = (SecureBeanRemote) getContext(username, password).lookup("ejb:/ejb3-security-1.0/SecureBean!edu.certification.abhijitsarkar.ocewsd.ejb3.SecureBeanRemote");
remote.secureMethod();{code}
{code}
remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false
remote.connections=default
remote.connection.default.host=localhost
remote.connection.default.port = 4447
remote.connection.x1.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false
remote.connection.x1.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false
remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER
remote.connection.default.username=user
remote.connection.default.password=***
{code}
2.
{code}
private Context getContext(final String username, final String password) throws NamingException {
final Properties jndiProperties = new Properties();
jndiProperties.put(Context.SECURITY_PRINCIPAL, username);
jndiProperties.put(Context.SECURITY_CREDENTIALS, password);
jndiProperties.put(Context.PROVIDER_URL, "remote://localhost:4447");
jndiProperties.put("jboss.naming.client.ejb.context", true);
jndiProperties.put("jboss.naming.client.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT","false");
jndiProperties.put(Context.INITIAL_CONTEXT_FACTORY, org.jboss.naming.remote.client.InitialContextFactory.class.getName());
jndiProperties.put("jboss.naming.client.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT","false");
return new InitialContext(jndiProperties);
}
{code}
{code}
SecureBeanRemote remote = (SecureBeanRemote) getContext(username, password).lookup("ejb3-security-1.0/SecureBean!edu.certification.abhijitsarkar.ocewsd.ejb3.SecureBeanRemote");
remote.secureMethod();{code}
{code}
remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false
remote.connections=default
remote.connection.default.host=localhost
remote.connection.default.port = 4447
remote.connection.x1.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false
remote.connection.x1.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false
remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER
{code}
{code:xml}
<profile>
<id>jboss</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<dependencies>
<dependency>
<groupId>org.jboss</groupId>
<artifactId>jboss-ejb-client</artifactId>
<version>1.0.5.Final</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.jboss.xnio</groupId>
<artifactId>xnio-nio</artifactId>
<version>3.0.0.GA</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.jboss.marshalling</groupId>
<artifactId>jboss-marshalling-river</artifactId>
<version>1.3.10.GA</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.jboss.sasl</groupId>
<artifactId>jboss-sasl</artifactId>
<version>1.0.0.Final</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.jboss.remoting3</groupId>
<artifactId>jboss-remoting</artifactId>
<version>3.2.3.GA</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.jboss.spec</groupId>
<artifactId>jboss-javaee-6.0</artifactId>
<version>3.0.0.Final</version>
<type>pom</type>
<scope>provided</scope>
<exclusions>
<exclusion>
<groupId>xalan</groupId>
<artifactId>xalan</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>xalan</groupId>
<artifactId>xalan</artifactId>
<version>2.7.1</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.jboss.as</groupId>
<artifactId>jboss-as-ejb-client-bom</artifactId>
<version>7.1.1.Final</version>
<type>pom</type>
</dependency>
</dependencies>
</profile>
{code}