2 Replies Latest reply on Oct 15, 2013 10:29 AM by Wolf-Dieter Fink

    JBoss-6.1.0.Final EJB via HTTP(s)

    underflyer Newbie

      Hi Community,

       

      I am running JBoss-6.1.0.Final application server on an Gentoo System and Sun JDK 1.6.0.p30. I want to add to my already running EJB-SSL-Communication the EJB-HTTPs-Communication.

       

      Unfortunately there are only only Tutorials for JBoss-5.x AS Systems like this https://community.jboss.org/wiki/EJB3OverHTTPHTTPSInJBossAS-5 . Are there any changes since then? I've tried this tutorial, but it seems like something is missing, or i missed one or two steps.

       

      my rich-client code

      environment.put("java.naming.factory.initial", "org.jboss.naming.HttpNamingContextFactory");
      environment.put("java.naming.provider.url", "https://vvv.xxx.yyy.zzz:8443/invoker/restricted/JNDIFactory");
      environment.put("java.naming.factory.url.pkgs", "org.jboss.naming:org.jnp.interfaces");
      environment.put(Context.SECURITY_PRINCIPAL, "username");
      environment.put(Context.SECURITY_CREDENTIALS, "mypassword");
      
      InitialContext context = new InitialContext(environment);
      mysbr = (MySessionBeanRemote)context.lookup("apphttps/mysessionbean/remote"); //ejb-name
      

       

       

      when running this code i get following Exception (some German Response):

      javax.naming.AuthenticationException: Failed to login using protocol=other [Root exception is javax.security.auth.login.LoginException: Für other sind keine Anmeldemodule konfiguriert.]
          at org.jboss.naming.HttpNamingContextFactory.tryLogin(HttpNamingContextFactory.java:146)
          at org.jboss.naming.HttpNamingContextFactory.getInitialContext(HttpNamingContextFactory.java:84)
          at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
          at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:305)
          at javax.naming.InitialContext.init(InitialContext.java:240)
          at javax.naming.InitialContext.<init>(InitialContext.java:214)
          at de.riebesells.drverein.client.base.DRDlgAuth.authenticate(DRDlgAuth.java:304)
          at de.riebesells.drverein.client.base.DRDlgAuth$3.actionPerformed(DRDlgAuth.java:202)
          at javax.swing.AbstractButton.fireActionPerformed(AbstractButton.java:2012)
          at javax.swing.AbstractButton$Handler.actionPerformed(AbstractButton.java:2335)
          at javax.swing.DefaultButtonModel.fireActionPerformed(DefaultButtonModel.java:404)
          at javax.swing.DefaultButtonModel.setPressed(DefaultButtonModel.java:259)
          at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(BasicButtonListener.java:253)
          at java.awt.Component.processMouseEvent(Component.java:6268)
          at javax.swing.JComponent.processMouseEvent(JComponent.java:3267)
          at java.awt.Component.processEvent(Component.java:6033)
          at java.awt.Container.processEvent(Container.java:2045)
          at java.awt.Component.dispatchEventImpl(Component.java:4629)
          at java.awt.Container.dispatchEventImpl(Container.java:2103)
          at java.awt.Component.dispatchEvent(Component.java:4455)
          at java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4633)
          at java.awt.LightweightDispatcher.processMouseEvent(Container.java:4297)
          at java.awt.LightweightDispatcher.dispatchEvent(Container.java:4227)
          at java.awt.Container.dispatchEventImpl(Container.java:2089)
          at java.awt.Window.dispatchEventImpl(Window.java:2517)
          at java.awt.Component.dispatchEvent(Component.java:4455)
          at java.awt.EventQueue.dispatchEventImpl(EventQueue.java:649)
          at java.awt.EventQueue.access$000(EventQueue.java:96)
          at java.awt.EventQueue$1.run(EventQueue.java:608)
          at java.awt.EventQueue$1.run(EventQueue.java:606)
          at java.security.AccessController.doPrivileged(Native Method)
          at java.security.AccessControlContext$1.doIntersectionPrivilege(AccessControlContext.java:105)
          at java.security.AccessControlContext$1.doIntersectionPrivilege(AccessControlContext.java:116)
          at java.awt.EventQueue$2.run(EventQueue.java:622)
          at java.awt.EventQueue$2.run(EventQueue.java:620)
          at java.security.AccessController.doPrivileged(Native Method)
          at java.security.AccessControlContext$1.doIntersectionPrivilege(AccessControlContext.java:105)
          at java.awt.EventQueue.dispatchEvent(EventQueue.java:619)
          at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:275)
          at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:200)
          at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:194)
          at java.awt.Dialog$1.run(Dialog.java:1072)
          at java.awt.event.InvocationEvent.dispatch(InvocationEvent.java:226)
          at java.awt.EventQueue.dispatchEventImpl(EventQueue.java:647)
          at java.awt.EventQueue.access$000(EventQueue.java:96)
          at java.awt.EventQueue$1.run(EventQueue.java:608)
          at java.awt.EventQueue$1.run(EventQueue.java:606)
          at java.security.AccessController.doPrivileged(Native Method)
          at java.security.AccessControlContext$1.doIntersectionPrivilege(AccessControlContext.java:105)
          at java.security.AccessControlContext$1.doIntersectionPrivilege(AccessControlContext.java:116)
          at java.awt.EventQueue$2.run(EventQueue.java:622)
          at java.awt.EventQueue$2.run(EventQueue.java:620)
          at java.security.AccessController.doPrivileged(Native Method)
          at java.security.AccessControlContext$1.doIntersectionPrivilege(AccessControlContext.java:105)
          at java.awt.EventQueue.dispatchEvent(EventQueue.java:619)
          at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:275)
          at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:200)
          at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:190)
          at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:185)
          at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:177)
          at java.awt.EventDispatchThread.run(EventDispatchThread.java:138)
      Caused by: javax.security.auth.login.LoginException: Für other sind keine Anmeldemodule konfiguriert.
          at javax.security.auth.login.LoginContext.init(LoginContext.java:273)
          at javax.security.auth.login.LoginContext.<init>(LoginContext.java:514)
          at org.jboss.naming.HttpNamingContextFactory.tryLogin(HttpNamingContextFactory.java:141)
          ... 60 more
      

       

       

       

       

      MySessionBean Annotations

      @RemoteBindings({
          @RemoteBinding(clientBindUrl="sslsocket://0.0.0.0:3843"),
          @RemoteBinding(clientBindUrl = "https://0.0.0.0:8443/servlet-invoker/SSLServerInvokerServlet",jndiBinding="apphttps/mysessionbean/remote"),
          @RemoteBinding(clientBindUrl = "http://0.0.0.0:8080/servlet-invoker/ServerInvokerServlet",jndiBinding="apphttp/mysessionbean/remote") //For unsecured testing only, to be removed
      

       

      http-invoker.sar/invoker.war/WEB-INF/web.xml

       

      <?xml version="1.0" encoding="UTF-8"?>
      <!DOCTYPE web-app PUBLIC
         "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
         "http://java.sun.com/dtd/web-app_2_3.dtd">
      
      <!-- The http-invoker.sar/invoker.war web.xml descriptor
      $Id: web.xml 96504 2009-11-18 19:01:09Z scott.stark@jboss.org $
      -->
      <web-app>
          <filter>
            <filter-name>ReadOnlyAccessFilter</filter-name>
            <filter-class>org.jboss.invocation.http.servlet.ReadOnlyAccessFilter</filter-class>
            <init-param>
               <param-name>readOnlyContext</param-name>
               <param-value>readonly</param-value>
               <description>The top level JNDI context the filter will enforce
               read-only access on. If specified only Context.lookup operations
               will be allowed on this context. Another other operations or lookups
               on any other context will fail. Do not associate this filter with the
               JMXInvokerServlets if you want unrestricted access.
               </description>
            </init-param>
            <init-param>
               <param-name>invokerName</param-name>
                <param-value>jboss:service=NamingBeanImpl</param-value>
               <description>The JMX ObjectName of the naming service mbean
               </description>
            </init-param>
          </filter>
      
          <filter-mapping>
            <filter-name>ReadOnlyAccessFilter</filter-name>
            <url-pattern>/readonly/*</url-pattern>
          </filter-mapping>
      <!-- ### Servlets -->
          <servlet>
              <servlet-name>EJBInvokerServlet</servlet-name>
              <description>The EJBInvokerServlet receives posts containing serlized
              MarshalledInvocation objects that are routed to the EJB invoker given by
              the invokerName init-param. The return content is a serialized
              MarshalledValue containg the return value of the inovocation, or any
              exception that may have been thrown.
              </description>
              <servlet-class>org.jboss.invocation.http.servlet.InvokerServlet</servlet-class>
              <init-param>
                  <param-name>invokerName</param-name>
                  <param-value>jboss:service=invoker,type=http</param-value>
                  <description>The RMI/HTTP EJB compatible invoker</description>
              </init-param>
              <load-on-startup>1</load-on-startup>
          </servlet>
         <servlet>
             <servlet-name>JMXInvokerServlet</servlet-name>
             <description>The JMXInvokerServlet receives posts containing serlized
             MarshalledInvocation objects that are routed to the invoker given by
             the the MBean whose object name hash is specified by the
             invocation.getObjectName() value. The return content is a serialized
             MarshalledValue containg the return value of the inovocation, or any
             exception that may have been thrown.
             </description>
             <servlet-class>org.jboss.invocation.http.servlet.InvokerServlet</servlet-class>
             <load-on-startup>1</load-on-startup>
         </servlet>
      
          <servlet>
              <servlet-name>JNDIFactory</servlet-name>
              <description>A servlet that exposes the JBoss JNDI Naming service stub
              through http. The return content is a serialized
              MarshalledValue containg the org.jnp.interfaces.Naming stub. This
              configuration handles requests for the standard JNDI naming service.
              </description>
              <servlet-class>org.jboss.invocation.http.servlet.NamingFactoryServlet</servlet-class>
              <init-param>
                  <param-name>namingProxyMBean</param-name>
                  <param-value>jboss:service=invoker,type=http,target=Naming</param-value>
              </init-param>
            <init-param>
               <param-name>proxyAttribute</param-name>
               <param-value>Proxy</param-value>
            </init-param>
            <load-on-startup>2</load-on-startup>
          </servlet>
         <servlet>
             <servlet-name>ReadOnlyJNDIFactory</servlet-name>
             <description>A servlet that exposes the JBoss JNDI Naming service stub
             through http, but only for a single read-only context. The return content
             is a serialized MarshalledValue containg the org.jnp.interfaces.Naming
             stub.
             </description>
             <servlet-class>org.jboss.invocation.http.servlet.NamingFactoryServlet</servlet-class>
            <init-param>
                <param-name>namingProxyMBean</param-name>
                <param-value>jboss:service=invoker,type=http,target=Naming,readonly=true</param-value>
            </init-param>
            <init-param>
               <param-name>proxyAttribute</param-name>
               <param-value>Proxy</param-value>
            </init-param>
             <load-on-startup>2</load-on-startup>
         </servlet>
      <!-- ### Servlet Mappings
          -->
          <servlet-mapping>
              <servlet-name>JNDIFactory</servlet-name>
              <url-pattern>/JNDIFactory/*</url-pattern>     
          </servlet-mapping>
          <!-- A mapping for the NamingFactoryServlet that only allows invocations
          of lookups under a read-only context. This is enforced by the
          ReadOnlyAccessFilter
          -->
          <servlet-mapping> 
              <servlet-name>ReadOnlyJNDIFactory</servlet-name>
              <url-pattern>/ReadOnlyJNDIFactory/*</url-pattern>    
          </servlet-mapping> 
          <servlet-mapping>
              <servlet-name>EJBInvokerServlet</servlet-name>
              <url-pattern>/EJBInvokerServlet/*</url-pattern>
          </servlet-mapping>
         <servlet-mapping>
             <servlet-name>JMXInvokerServlet</servlet-name>
             <url-pattern>/JMXInvokerServlet/*</url-pattern>
         </servlet-mapping>
          <!-- A mapping for the JMXInvokerServlet that only allows invocations
          of lookups under a read-only context. This is enforced by the
          ReadOnlyAccessFilter
          <servlet-mapping>
              <servlet-name>JMXInvokerServlet</servlet-name>
              <url-pattern>/readonly/JMXInvokerServlet/*</url-pattern>
          </servlet-mapping>
          -->
          <!-- Alternate mappings that place the servlets under the restricted
          path to required authentication for access. Remove the unsecure mappings
          if only authenticated users should be allowed.
          -->
         <security-constraint>
            <web-resource-collection>
               <web-resource-name>HttpInvokers</web-resource-name>
               <description>An example security config that only allows users with the
                  role HttpInvoker to access the HTTP invoker servlets
               </description>
               <url-pattern>/restricted/*</url-pattern>
               <http-method>GET</http-method>
               <http-method>POST</http-method>
            </web-resource-collection>
            <auth-constraint>
               <role-name>HttpInvoker</role-name>
            </auth-constraint>
         </security-constraint>
         <login-config>
            <auth-method>BASIC</auth-method>
            <realm-name>JBoss HTTP Invoker</realm-name>
         </login-config>
      
         <security-role>
            <role-name>HttpInvoker</role-name>
         </security-role>
      </web-app>
      
      

       

       

      http-invoker.sar/invoker.war/WEB-INF/jboss-web.xml

      <!DOCTYPE jboss-web PUBLIC
         "-//JBoss//DTD Web Application 5.0//EN"
         "http://www.jboss.org/j2ee/dtd/jboss-web_5_0.dtd">
      
      <jboss-web>
         <security-domain>java:/jaas/jmx-console</security-domain>
      </jboss-web>
      

       

       

      servlet-invoker.war/WEB-INF/web.xml

      <?xml version="1.0" encoding="UTF-8"?>
      <!DOCTYPE web-app PUBLIC
         "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
         "http://java.sun.com/dtd/web-app_2_3.dtd">
      
      
      
      <web-app>
          <servlet>
              <servlet-name>ServerInvokerServlet</servlet-name>
              <description>The ServerInvokerServlet receives requests via HTTP
                 protocol from within a web container and passes it onto the
                 ServletServerInvoker for processing.
              </description>
              <servlet-class>org.jboss.remoting.transport.servlet.web.ServerInvokerServlet</servlet-class>
      
              <init-param>
                  <param-name>locatorUrl</param-name>
                  <param-value>servlet://${jboss.bind.address}:8080/servlet-invoker/ServerInvokerServlet</param-value>
                  <description>The servlet server invoker</description>
              </init-param>
      
      
              <load-on-startup>1</load-on-startup>
          </servlet>
      
          <servlet>
              <servlet-name>SSLServerInvokerServlet</servlet-name>
              <description>The ServerInvokerServlet receives requests via HTTPS
                 protocol from within a web container and passes it onto the
                 ServletServerInvoker for processing.
              </description>
              <servlet-class>org.jboss.remoting.transport.servlet.web.ServerInvokerServlet</servlet-class>
      
              <init-param>
                  <param-name>locatorUrl</param-name>
                  <param-value>sslservlet://${jboss.bind.address}:8443/servlet-invoker/SSLServerInvokerServlet</param-value>
                  <description>The servlet server invoker</description>
              </init-param>
      
      
              <load-on-startup>2</load-on-startup>
          </servlet>
      
      
      
          <servlet-mapping>
              <servlet-name>ServerInvokerServlet</servlet-name>
              <url-pattern>/ServerInvokerServlet/*</url-pattern>
          </servlet-mapping>
      
          <servlet-mapping>
              <servlet-name>SSLServerInvokerServlet</servlet-name>
              <url-pattern>/SSLServerInvokerServlet/*</url-pattern>
          </servlet-mapping>
      </web-app>
      

       

       

      servlet-invoker-service.xml

      <?xml version="1.0" encoding="UTF-8"?>
      
      
      <server>
      
      
        <mbean code="org.jboss.remoting.transport.Connector" name="jboss.remoting:service=connector,transport=servlet"
          display-name="Servlet transport Connector">
          <attribute name="InvokerLocator">servlet://${jboss.bind.address}:8080/servlet-invoker/ServerInvokerServlet</attribute>
          <attribute name="Configuration">
            <handlers>
              <handler subsystem="AOP">org.jboss.aspects.remoting.AOPRemotingInvocationHandler</handler>
            </handlers>
          </attribute>
        </mbean>
      
        <mbean code="org.jboss.remoting.transport.Connector" name="jboss.remoting:service=connector,transport=sslservlet"
          display-name="Servlet transport Connector">
          <attribute name="InvokerLocator">sslservlet://${jboss.bind.address}:8443/servlet-invoker/SSLServerInvokerServlet</attribute>
          <attribute name="Configuration">
            <handlers>
              <handler subsystem="AOP">org.jboss.aspects.remoting.AOPRemotingInvocationHandler</handler>
            </handlers>
          </attribute>
        </mbean>
      
      </server>
      
      

       

       

      Thanks for any help

      Dirk R.