4 Replies Latest reply on Jun 24, 2008 11:05 AM by robert.geisler

    Accessing Applet behind NAT firewall [EJB application]

    Sandeep Dhamale Newbie

      Hi Everyone,

      I need to know the details of using applet based application in JBOSS - the clients are connecting from NAT enviornments.
      I have implementd RMI over HTTP protocol for EJB communication.
      But the Client Connect address configuration which is used in Nat'ed IP scenario is to be done at startup.
      Even the configuration in HTTP-invoker.sar file where we can form the URL has to be done at the start up; if I provide the NAT IP which client uses here then it binds the domain to that particular client only.

      And the same domain can not be used by any other client as they might NAT to diffrent IP.


      I need a solution which will allow me to form the URL's from the client end using NAT IP at the runtime; if this can be done the same JBOSS instance can be used by all clients - thos who NAT and those who do not NAT as well.

      Please suggest a way out if you have come across similar issue where you need to support many clients out of the same domain and some of them NAT the IP's on client side.

      Any help on this will be very much appreciated !!

      Thank you
      Sandeep

      The JBOSS remoting document says that the ClientConnectAddress can not be changed at the runtime.

      5.4.2. Configurations affecting the invoker client
      There are some configurations which will impact the invoker client. These will be communicated to the client invoker
      via parameters in the Locator URI. These configurations can not be changed during runtime, so can only be
      set up upon initial configuration of the server invoker on the server side. The following is a list of these and their
      effects.
      clientConnectPort - the port the client will use to connect to the remoting server. This would be needed in the case
      that the client will be going through a router that forwards requests made externally to a different port internally.
      clientConnectAddress - the ip or hostname the client will use to connect to the remoting server. This would be
      needed in the case that the client will be going through a router that forwards requests made externally to a different
      ip or host internally.
      If no client connect address or server bind address specified, will use the local host's address (via InetAddress.
      getLocalHost().getHostAddress() ).

        • 1. Re: Accessing Applet behind NAT firewall [EJB application]
          Sandeep Dhamale Newbie

          Guys -

          now i am completely using RMI over HTTP solution implemented using the following URL

          http://wiki.jboss.org/wiki/EJBOverHTTPWithLegacyInvoker
          But the problem still persists

          The problem is that I want to have diffrent customers using my application. If they connect directly to the IP then ther is no problem. But some of them do Client Side NAT.

          It is very important for me to have Client Connect URL to be determind/ Changed at the Applet VM level.
          I want to change this value depending upon what client is connecting whether NAT or direct.

          Hardcoding the InvokerURL does not work for me as I have mulitple clients connect to it.

          I need a solution which will allow me to form the URL's from the client end using NAT IP at the runtime; if this can be done the same JBOSS instance can be used by all clients - thos who NAT and those who do not NAT as well.

          Please suggest a way out if you have come across similar issue where you need to support many clients out of the same domain and some of them NAT the IP's on client side.

          Any help on this will be very much appreciated !!

          Thank you
          Sandeep

          • 2. Re: Accessing Applet behind NAT firewall [EJB application]
            robert.geisler Newbie

            hi, sandeep,

            did you find a solution for your problem?
            if i do understand you correctly, you are using JMXInvokerServlet and EJBInvokerServlet and everything breaks, because you have to static declare the InvokerURLs for the servlets?

            maybe this could be a hint for you: you are allowed to declare a String as a key of a system property for the InvokerURL, "jboss.ejb2.invoker.http" for example (see above). then you can set the value of the system property "jboss.ejb2.invoker.http" within your application/ applet, "to form the URLs from the client [...] at the runtime"...?

            service-binding.xml:

            <service-bindings>
            
             <server name="JBOSS">
            
             ...
            
             <!-- **************** http-invoker.sar & httpha-invoker.sar*************** -->
             <!-- EJBInvoker -->
             <service-config name="jboss:service=invoker,type=http"
             delegateClass="org.jboss.services.binding.AttributeMappingDelegate">
             <delegate-config> <attribute name="InvokerURL">jboss.ejb2.invoker.http</attribute> </delegate-config>
             <binding port="8230"/>
             </service-config>
            
             ...
            
             </server>
            
            </service-bindings>

            client.java:
             ...
             String url = "http://" + this.ip + ":" + this.port + "/" + "invoker/EJBInvokerServlet"; System.setProperty("jboss.ejb2.invoker.http", url); ...
            

            let me know if this works for you
            robert

            • 3. Re: Accessing Applet behind NAT firewall [EJB application]
              Sandeep Dhamale Newbie

              Thanks Robert!!

              I have already implemented this solution in my project sometime back...
              This definitely works !!

              Sandeep

              • 4. Re: Accessing Applet behind NAT firewall [EJB application]
                robert.geisler Newbie

                works for me, too : )

                but do you have any ideas how it could work for ejb 3.0?
                if yes, let me know: http://www.jboss.com/index.html?module=bb&op=viewtopic&t=138029

                robert