EJB with SSL does not work with JBoss AS 4.2.2
jthinaka Mar 2, 2008 4:01 PMHello,
I am trying to connect to my EJB via SSL and I have tried all the different approaches including the ones in the 4.2.2 administration guide as well as the JBoss Remoting guide and nothing seems to work. I would really appreciate any and all help in resolving this.
First, let me describe the error:
On the Client
Exception in thread "main" org.jboss.remoting.CannotConnectException: Can not get connection to server. Problem establishing socket connection for InvokerLocator [sslsocket://127.0.0.1:3843/]
at org.jboss.remoting.transport.socket.MicroSocketClientInvoker.transport(MicroSocketClientInvoker.java:532)
at org.jboss.remoting.MicroRemoteClientInvoker.invoke(MicroRemoteClientInvoker.java:122)
at org.jboss.remoting.Client.invoke(Client.java:1634)
at org.jboss.remoting.Client.invoke(Client.java:548)
at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:62)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.aspects.tx.ClientTxPropagationInterceptor.invoke(ClientTxPropagationInterceptor.java:67)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.aspects.security.SecurityClientInterceptor.invoke(SecurityClientInterceptor.java:53)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.ejb3.remoting.IsLocalInterceptor.invoke(IsLocalInterceptor.java:74)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.ejb3.stateless.StatelessRemoteProxy.invoke(StatelessRemoteProxy.java:107)
at $Proxy0.echo(Unknown Source)
at SSLEJBClient.main(SSLEJBClient.java:22)
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at org.jboss.remoting.transport.socket.SocketClientInvoker.createClientSocket(SocketClientInvoker.java:152)
at org.jboss.remoting.transport.socket.MicroSocketClientInvoker.getConnection(MicroSocketClientInvoker.java:856)
at org.jboss.remoting.transport.socket.MicroSocketClientInvoker.transport(MicroSocketClientInvoker.java:525)
at org.jboss.remoting.MicroRemoteClientInvoker.invoke(MicroRemoteClientInvoker.java:122)
at org.jboss.remoting.Client.invoke(Client.java:1634)
at org.jboss.remoting.Client.invoke(Client.java:548)
at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:62)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.aspects.tx.ClientTxPropagationInterceptor.invoke(ClientTxPropagationInterceptor.java:67)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.aspects.security.SecurityClientInterceptor.invoke(SecurityClientInterceptor.java:53)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.ejb3.remoting.IsLocalInterceptor.invoke(IsLocalInterceptor.java:74)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.ejb3.stateless.StatelessRemoteProxy.invoke(StatelessRemoteProxy.java:107)
at $Proxy0.echo(Unknown Source)
at SSLEJBClient.main(SSLEJBClient.java:22)
at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:74)
... 10 more
Caused by: java.net.SocketException: Socket Closed
at java.net.PlainSocketImpl.setOption(Unknown Source)
at java.net.Socket.setSoTimeout(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.setSoTimeout(Unknown Source)
at org.jboss.remoting.transport.socket.SocketWrapper.setTimeout(SocketWrapper.java:85)
at org.jboss.remoting.transport.socket.ClientSocketWrapper.createStreams(ClientSocketWrapper.java:168)
at org.jboss.remoting.transport.socket.ClientSocketWrapper.<init>(ClientSocketWrapper.java:66)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at org.jboss.remoting.transport.socket.SocketClientInvoker.createClientSocket(SocketClientInvoker.java:152)
at org.jboss.remoting.transport.socket.MicroSocketClientInvoker.getConnection(MicroSocketClientInvoker.java:856)
at org.jboss.remoting.transport.socket.MicroSocketClientInvoker.transport(MicroSocketClientInvoker.java:525)
at org.jboss.remoting.MicroRemoteClientInvoker.invoke(MicroRemoteClientInvoker.java:122)
at org.jboss.remoting.Client.invoke(Client.java:1634)
at org.jboss.remoting.Client.invoke(Client.java:548)
at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:62)
... 10 more
From the Server Side
12:25:31,367 ERROR [ServerThread] Worker thread initialization failure java.lang.reflect.InvocationTargetException at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27) at java.lang.reflect.Constructor.newInstance(Constructor.java:513) at org.jboss.remoting.transport.socket.ServerThread.createServerSocketWrapper(ServerThread.java:720) at org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.java:368) at org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.java:166) Caused by: java.net.SocketException: Socket Closed at java.net.PlainSocketImpl.setOption(PlainSocketImpl.java:201) at java.net.Socket.setSoTimeout(Socket.java:997) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.setSoTimeout(SSLSocketImpl.java:2047) at org.jboss.remoting.transport.socket.SocketWrapper.setTimeout(SocketWrapper.java:85) at org.jboss.remoting.transport.socket.ClientSocketWrapper.createStreams(ClientSocketWrapper.java:168) at org.jboss.remoting.transport.socket.ClientSocketWrapper.<init>(ClientSocketWrapper.java:66) at org.jboss.remoting.transport.socket.ServerSocketWrapper.<init>(ServerSocketWrapper.java:46)
My server side configuration looks like the following:
SSL-Service-xml
<?xml version="1.0" encoding="UTF-8"?> <server> <mbean code="org.jboss.remoting.transport.Connector" name="jboss.remoting:service=Connector,transport=sslsocket" display-name="SSL Socket transport Connector"> <attribute name="Configuration"> <config> <invoker transport="sslsocket"> <attribute name="dataType" isParam="true">invocation</attribute> <attribute name="marshaller" isParam="true">org.jboss.invocation.unified.marshall.InvocationMarshaller</attribute> <attribute name="unmarshaller" isParam="true">org.jboss.invocation.unified.marshall.InvocationUnMarshaller</attribute> <attribute name="numAcceptThreads">100</attribute> <attribute name="maxPoolSize">303</attribute> <attribute name="clientMaxPoolSize" isParam="true">304</attribute> <attribute name="socketTimeout" isParam="true">600000</attribute> <attribute name="serverBindAddress">${jboss.bind.address}</attribute> <attribute name="serverBindPort">3843</attribute> <attribute name="clientConnectPort">7777</attribute> <attribute name="enableTcpNoDelay" isParam="true">true</attribute> </invoker> <handlers> <handler subsystem="invoker">jboss:service=invoker,type=unified</handler> </handlers> </config> </attribute> <depends>jboss.remoting:service=NetworkRegistry</depends> </mbean> <mbean code="org.jboss.remoting.security.SSLSocketBuilder" name="jboss.remoting:service=SocketBuilder,type=SSL" display-name="SSL Server Socket Factory Builder"> <attribute name="UseSSLServerSocketFactory">true</attribute> <attribute name="KeyStoreURL">c:/java/jboss-4.2.2.GA/server/default/conf/example.keystore</attribute> <attribute name="KeyStorePassword">SomePassword</attribute> <attribute name="SecureSocketProtocol">TLS</attribute> <attribute name="KeyStoreType">JKS</attribute> </mbean> <mbean code="org.jboss.remoting.security.SSLServerSocketFactoryService" name="jboss.remoting:service=ServerSocketFactory,type=SSL" display-name="SSL Server Socket Factory"> <depends optional-attribute-name="SSLSocketBuilder" proxy-type="attribute">jboss.remoting:service=SocketBuilder,type=SSL</depends> </mbean> </server>
My EJB is very simple, it has one method called echo (taken from the Jboss test suites). However, instead of using annotations, I used the jboss.xml configuration route as shown below:
<?xml version="1.0" encoding="UTF-8"?> <jboss> <enterprise-beans> <session> <ejb-name>CallFireStatelessBean</ejb-name> <remote-binding> <jndi-name>CallFireStatelessBeanSSL</jndi-name> <client-bind-url>sslsocket://0.0.0.0:3843</client-bind-url> </remote-binding> </session> </enterprise-beans> </jboss>
My Client Code Looks like this:
Properties props = System.getProperties(); props.setProperty("java.naming.factory.initial", "org.jnp.interfaces.NamingContextFactory"); props.setProperty("java.naming.provider.url", "localhost:1099"); Context ctx = new InitialContext(); Object obj = ctx.lookup("java:/CallFireStatelessBeanSSL"); CallFireBusinessInterface cf = (CallFireBusinessInterface) obj; cf.echo("This works!");
To answer some possible questions:
Yes, I can telnet into that port.
Yes, the key store and passoword have been generated
Yes, the JVM arguments have been modified to point to the keystore.
Yes, the client gets a references to the EJB but fails when trying to call the echo method.
Yes, all firewalls have been disabled.
Yes, I am using the jbossall-client.jar from version 4.2.2 when running the client.
The JRE version is 1.6.
As stated earlier, any and all help will be greatly appreciated.
Regards,
TJ
-------------------------------