3 Replies Latest reply on Feb 12, 2014 1:32 PM by thammoud

Wildfly Problems calling EJB's with SSL

thammoud Feb 11, 2014 8:40 AM

Hello,

Using Wildfly nightly build February 5th. We are able to successfully invoke EJB's using a non-SSL configuration. We have configured an https listener in our standalone.xml which we can successfully invoke from using REST. However, EJB invocation is failing with a "Connection Closed" error.

Non-SSL calls (Success) are configured as such:

Hashtable properties = new Hashtable();

properties.put(Context.URL_PKG_PREFIXES , "org.jboss.ejb.client.naming");

properties.put("org.jboss.ejb.client.scoped.context", "true");

final String connectionName = "foobar";

properties.put("remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "false");

properties.put("remote.connections", connectionName);

properties.put("remote.connection." + connectionName + ".host", hostName);

properties.put("remote.connection." + connectionName + ".port", "8080");

properties.put("remote.connection." + connectionName + ".username", userName);

properties.put("remote.connection." + connectionName + ".password", password);

properties.put("remote.connection." + connectionName + ".connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS", "false");

properties.put("remote.connection." + connectionName + ".connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", "false");

For the SSL calls (Failure), we add/replace:

properties.put("remote.connection." + connectionName + ".port", "8443");

properties.put("remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "true");

properties.put("remote.connection." + connectionName + ".protocol", "https-remoting");

properties.put("remote.connection." + connectionName + ".connect.options.org.xnio.Options.SSL_STARTTLS", "true");

Any hint will be greatly appreciated.

1. Re: Wildfly Problems calling EJB's with SSL

ybxiang.china Feb 11, 2014 8:07 PM (in response to thammoud)

Pelase try bellow properties:

	Properties p = new Properties();
	p.put("remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "true");//(a) true: SSL MODE (b) false: PlainText MODE
		p.put("remote.connections", "default");
		p.put("remote.connection.default.host", serverIP);
		p.put("remote.connection.default.port", "80");
	p.put("remote.connection.default.username", username);
	p.put("remote.connection.default.password", password);
	p.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS", "false");
	p.put("remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS", "JBOSS-LOCAL-USER");
	p.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", "false");
	p.put("remote.connection.default.connect.options.org.xnio.Options.SSL_STARTTLS", "true");
	p.put("remote.connection.default.connect.timeout", "30000");

2. Re: Wildfly Problems calling EJB's with SSL

thammoud Feb 12, 2014 9:16 AM (in response to ybxiang.china)

Thanks for your attempt to help. My post shows the properties that worked and ones that did not work. I have tried setting:

properties.put("remote.connection." + connectionName + ".port", "8443");
properties.put("remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "true");
properties.put("remote.connection." + connectionName + ".protocol", "https-remoting");
properties.put("remote.connection." + connectionName + ".connect.options.org.xnio.Options.SSL_STARTTLS", "true");

That still did not work. Also, you suggest using port 80?
Actions
3. Re: Wildfly Problems calling EJB's with SSL

thammoud Feb 12, 2014 1:32 PM (in response to thammoud)

I added:

p.put("remote.connection.default.connect.timeout", "30000");
and the issue became even more bizarre. I constantly see a long wait (about 15/20 seconds). A warning then shows up:

12:23:38,845 WARN [ConfigBasedEJBClientContextSelector] (main) Could not register a EJB receiver for connection to foo:8443
java.lang.RuntimeException: Operation failed with status WAITING
        at org.jboss.ejb.client.remoting.IoFutureHelper.get(IoFutureHelper.java:94)
        at org.jboss.ejb.client.remoting.ConnectionPool.getConnection(ConnectionPool.java:77)
        at org.jboss.ejb.client.remoting.RemotingConnectionManager.getConnection(RemotingConnectionManager.java:51)
        at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.setupEJBReceivers(ConfigBasedEJBClientContextSelector.java:155)
        at org.jboss.ejb.client.remoting.ConfigBasedEJBClientContextSelector.getCurrent(ConfigBasedEJBClientContextSelector.java:115)
        at org.jboss.ejb.client.naming.ejb.EjbNamingContext.createIdentifiableEjbClientContext(EjbNamingContext.java:258)
        at org.jboss.ejb.client.naming.ejb.EjbNamingContext.setupScopedEjbClientContextIfNeeded(EjbNamingContext.java:123)
        at org.jboss.ejb.client.naming.ejb.EjbNamingContext.<init>(EjbNamingContext.java:98)
        at org.jboss.ejb.client.naming.ejb.ejbURLContextFactory.getObjectInstance(ejbURLContextFactory.java:38)
        at javax.naming.spi.NamingManager.getURLObject(NamingManager.java:601)
        at javax.naming.spi.NamingManager.getURLContext(NamingManager.java:550)
        at javax.naming.InitialContext.getURLOrDefaultInitCtx(InitialContext.java:339)
        at javax.naming.InitialContext.lookup(InitialContext.java:411)
        at com.enfusion.common.JBossUtils.getServiceRemote(JBossUtils.java:174)
        at com.enfusion.common.JBossUtils.getService(JBossUtils.java:74)
,,,,,,,,,,,,,,,,,,,,,,,,,,,,

But the call subsequently works. What's even more strange is sometimes it simply works without any delay. The server is local and load is not an issue. This code is using the latest JBOSS build (Final). This only shows up when using SSL. Works perfect on 8080 without SSL.
Actions

Go to original post