7 Replies Latest reply on Nov 26, 2015 4:38 AM by veeramanipalanisamy

    EJB over HTTP with JMX Authentication in JBoss 4.2

    veeramanipalanisamy

      Actually i did authentication in JMX Invoker, the aunthentication has properly configured, verified in the browsers. but when calling from client, it could not connecthe server, might be authentication is not feed properly or not. i received the belwo error. Please help if you have any idea about this.

       

      javax.naming.CommunicationException: Operation failed [Root exception is java.rmi.ServerException: IOE; nested exception is:

        java.net.ProtocolException: Server redirected too many  times (20)]

        at org.jboss.naming.interceptors.ExceptionInterceptor.invoke(ExceptionInterceptor.java:65)

        at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:70)

        at org.jboss.proxy.ClientMethodInterceptor.invoke(ClientMethodInterceptor.java:74)

        at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:100)

        at com.sun.proxy.$Proxy0.lookup(Unknown Source)

        • 1. Re: EJB over HTTP with JMX Authentication in JBoss 4.2
          jaysensharma

          You said that from browser it works but when calling from client, it could not connect the server.

           

          How are you passing the credentials from the client ? as following ?

           

          org.jboss.security.SecurityAssociation.setCredential("admin");
          org.jboss.security.SecurityAssociation.setPrincipal(new SimplePrincipal("admin"));
          
          • 2. Re: EJB over HTTP with JMX Authentication in JBoss 4.2
            veeramanipalanisamy

            Hi Jay SenSharma, Thanks for your reply.

             

            env.put("java.naming.factory.initial", "org.jboss.naming.HttpNamingContextFactory");

            env.put("java.naming.provider.url", "jnps://xxx.xxx.xxx.xxx:8443/invoker/JNDIFactory");

            env.put("java.naming.factory.url.pkgs", "org.jboss.naming:org.jnp.interfaces");

            env.put("java.naming.security.principal", "admin");     //added new

            env.put("java.naming.security.credentials", "admin");   //added new

            Context initial = new InitialContext(env)

             

            Actually i added the credentials line newly with existing working code. When invoking from web browser, i gave the same credentials, its connected. but when calling from Client i got the error. Could you please suggest to proceed further. Thanks.

            • 3. Re: EJB over HTTP with JMX Authentication in JBoss 4.2
              jaysensharma

              I did not test with the Https but i quickly tested with the following with http and it seems to be working fine:

               

              Hashtable<String, String> h = new Hashtable<String, String>();
              h.put(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.naming.HttpNamingContextFactory");
              h.put(Context.URL_PKG_PREFIXES, "org.jboss.naming:org.jnp.interfaces");
              h.put(Context.PROVIDER_URL, "http://localhost:8080/invoker/JNDIFactory");
              h.put(Context.SECURITY_PRINCIPAL, "admin");
              h.put(Context.SECURITY_CREDENTIALS, "admin");
              
              
              

               

              In your url i see "jnps://xxx.xxx.xxx.xxx:8443/invoker/JNDIFactory"  can you please let us know why are you using "jnp" there while using "HttpNamingContextFactory" ?

              Also please share the complete stackTrace of the exception which you are getting along with the http invoker configuration.

               

              Did you try with the URL: https://xxx.xxx.xxx.xxx:8443/invoker/JNDIFactory

              • 4. Re: EJB over HTTP with JMX Authentication in JBoss 4.2
                veeramanipalanisamy

                HI Jay, Thank you very much for your prompt reply.

                 

                The application is running currently as secure mode. so we used jnps over https communication from client and server. due to https communication we mapped HttpNamingContextFactory as context factory. When we configured the credentials we got that error, but without credentials, its working fine. I listed the below what i did and error log. Kindly help us to proceed further.


                http-invoker.sar/invoker.war/WEB-INF/web.xml

                Adding. under  <security-constraint>

                         <url-pattern>/restricted/*</url-pattern>

                         <url-pattern>/JMXInvokerServlet/*</url-pattern>

                 

                and given the proper credentials in jmx-console-roles.properties  jmx-console-users.properties file.

                 

                log file.

                javax.naming.CommunicationException: Operation failed [Root exception is java.rmi.ServerException: IOE; nested exception is:

                    java.net.ProtocolException: Server redirected too many  times (20)]

                    at org.jboss.naming.interceptors.ExceptionInterceptor.invoke(ExceptionInterceptor.java:65)

                    at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:70)

                    at org.jboss.proxy.ClientMethodInterceptor.invoke(ClientMethodInterceptor.java:74)

                    at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:100)

                    at com.sun.proxy.$Proxy0.lookup(Unknown Source)

                    at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:667)

                    at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:627)

                    at javax.naming.InitialContext.lookup(Unknown Source)

                • 5. Re: EJB over HTTP with JMX Authentication in JBoss 4.2
                  veeramanipalanisamy

                  Hi Jay SenSharma,

                  Please let us know if you have any idea to try in different scenario's. Thanks.



                  • 6. Re: EJB over HTTP with JMX Authentication in JBoss 4.2
                    jaysensharma

                    With the "HttpNamingContextFactory"  you are not supposed to use  "jnp" or "jnps" protocols.   That Context Factory is for HTTP / HTTPs protocols like following. So if you really want secure communication with the "HttpNamingContextFactory"  then try using the following approach

                     

                    env.setProperty(Context.PROVIDER_URL,  "https://localhost:8443/invoker/JNDIFactorySSL");

                     

                    Please see: Chapter 3. Naming on JBoss

                    • 7. Re: EJB over HTTP with JMX Authentication in JBoss 4.2
                      veeramanipalanisamy

                      Hi Jay,  I looked the exact calling from client to server communication, even though mapped in the "HttpNamingContextFactory", this Factory converting the request from jnps to https. Could you please see the below log file for actual calling context value.

                       

                      java.naming.factory.initial=org.jboss.naming.HttpNamingContextFactory, java.naming.provider.url=https://xxx.xxx.xxx.xxx:8443/invoker/JNDIFactory, java.naming.security.principal=admin, java.naming.factory.url.pkgs=org.jboss.naming:org.jnp.interfaces, java.naming.security.credentials=admin