remote authentication=>no route to host found
Hello all,
I am testing authenticated access to a web service, with a security domain of my own and username/password taken from a mySQL database. I am using JBoss 4.0.5 and JBossWS 2.0.3, and on my localhost I have the mySQL database from where the username and password are taken, as well as the client.
Everything works perfectly when I have all things deployed locally (web service, database, client). However, I run into problems when invoking the web service deployed on a remote machine.
On the remote server console a "no route to host" error appears:
Caused by: com.mysql.jdbc.CommunicationsException: Communications link failure due to underlying exception:
** BEGIN NESTED EXCEPTION **
java.net.SocketException
MESSAGE: java.net.NoRouteToHostException: No route to host
STACKTRACE:
java.net.SocketException: java.net.NoRouteToHostException: No route to host
at com.mysql.jdbc.StandardSocketFactory.connect(StandardSocketFactory.java:156)
at com.mysql.jdbc.MysqlIO.<init>(MysqlIO.java:284)
On the client side I receive an "Unauthorized" error:
3875 [main] DEBUG org.jboss.remoting.transport.http.HTTPClientInvoker - Error invoking http client invoker.
org.jboss.ws.WSException: Invalid HTTP server response [401] - Unauthorized
at org.jboss.ws.core.soap.SOAPMessageUnMarshaller.read(SOAPMessageUnMarshaller.java:77)
at org.jboss.remoting.transport.http.HTTPClientInvoker.useHttpURLConnection(HTTPClientInvoker.java:175)
...
javax.xml.ws.WebServiceException: java.io.IOException: Could not transmit message
Using the default "JBossWS" security domain, with username "kermit" and password "thefrog" taken from users.properties, works with both local and remote deployment of my web service. So I was thinking maybe the data source is not found?
However, the database seems to be correctly bound, judging by the server log data:
INFO [org.jboss.resource.adapter.jdbc.remote.WrapperDataSourceService] Bound ConnectionManager 'jboss.jca:service=DataSourceBinding,name=jdbc/WSTwoDS' to JNDI name 'java:jdbc/WSTwoDS'
Perhaps my client needs special jndi.properties settings? (pure brainstorming, potentially stupid, based on some forum posts I browsed)
How my files look like:
Security-relevant annotations on Web Service (which is deployed as SLSB in an ear):
@org.jboss.wsf.spi.annotation.WebContext(contextRoot = "/webservices-ws", urlPattern="/services/WSTwo/*", authMethod="BASIC", transportGuarantee="NONE", secureWSDLAccess=false)
@SecurityDomain("wstwo")
@RolesAllowed("friend")In server/default/conf/login-config.xml on the remote machine I have added the "wstwo" application policy thus:
<application-policy name="wstwo"> <authentication> <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required"> <module-option name="dsJndiName">java:/jdbc/WSTwoDS</module-option> <module-option name="principalsQuery"> select pass from USERS where login=? </module-option> <module-option name="rolesQuery"> select role,'Roles' from USER_ROLES where login=? </module-option> </login-module> </authentication> </application-policy>
And the data source for the web service is defined in the server/default/deploy/*-ds.xml file like this:
<local-tx-datasource> <jndi-name>jdbc/WSTwoDS</jndi-name> <connection-url>jdbc:mysql://IP_OF_MY_LOCALHOST:3306/security</connection-url> ... </local-tx-datasource>
And of course the tables as described in the application policy are defined on my local machine.
In the client I pass the username and password:
((BindingProvider)wstwo).getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "user"); ((BindingProvider)wstwo).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "pass");
Does anyone have any idea about where I'm doing something wrong? Thank you!
