5 Replies Latest reply on Dec 1, 2004 8:38 AM by Peter Lane

    How to set up SSL connection between Client and EJB server

    ha thai bao Newbie

      In Jboss document I only see guide to set up Authentication & Access Security throught user/pass. I think it is not enough!

      In my case i want to set up SSL connection between client & server. Pls guide me if it is possible.

      Client can be a Java client, Jsp web page or other EJB.

      Pls help me.


        • 1. Re: How to set up SSL connection between Client and EJB serv
          Dietmar Scheidl Newbie

          Hi,

          I presume you want to use SSL for your RMI connections so you have to change conf/jboss-service.xml to do so. First add a SecurityDomain with you key and certificate. Then modify the RMI/JRMP invoker config to use an alternative SocketFactory:

          conf/jboss-service.xml:


          ...
          ...
          <!-- ==================================================================== -->
          <!-- Certificate Store & Security Domain -->
          <!-- ==================================================================== -->





          yourstore
          yourpassword



          <!-- ==================================================================== -->
          <!-- Invokers to the JMX node -->
          <!-- ==================================================================== -->

          <!-- RMI/JRMP invoker -->


          rmissl.security:name=JaasSecuritydomain,domain=RMI+SSL

          4444

          <!-- Use Certificate -->
          org.jboss.security.ssl.RMISSLClientSocketFactory
          org.jboss.security.ssl.RMISSLServerSocketFactory
          java:/jaas/RMI+SSL

          <!--
          custom
          custom
          custom
          -->

          ...
          ...


          Didi

          • 2. Re: How to set up SSL connection between Client and EJB serv
            Szczepan Kuzniarz Newbie

            Hi,

            I can't make it work with JBoss 3.0.7. The security domain is added:

            INFO [JaasSecurityManagerService] Added RMI+SSL, org.jboss.security.plugins.JaasSecurityDomain@8f2ca6 to map
            INFO [JaasSecurityManagerService] setCachePolicy, c=org.jboss.util.TimedCachePolicy@89dd
            INFO [RMI+SSL] Started

            But JRPMInvoker throws an exception:

            INFO [JRMPInvoker] Starting
            WARN [ServiceController] Problem starting service jboss:service=invoker,type=jrmp
            javax.naming.NameNotFoundException: TransactionPropagationContextExporter not bound
            at org.jnp.server.NamingServer.getBinding(NamingServer.java:495)
            ...

            Do you have any ideas what is wrong?


            Regards,

            Szczepan

            • 3. Re: How to set up SSL connection between Client and EJB serv
              Gaurav Singh Newbie

              I just had the same problem

              All you have to do is add jboss:service=TransactionManager

              after you have added
              jboss.security:service=JaasSecurityDomain,domain=metaxl_server

              • 4. Re: How to set up SSL connection between Client and EJB serv
                Marc Sommer Newbie

                I am trying the same thing (RMI over SSL).
                I did all the things mentioned above (modified and added the jboss-service.xml in ..server/default/conf)

                But when starting JBoss I get the following errors in the server.log

                2003-05-16 13:34:40,515 ERROR [org.jboss.ejb.StatelessSessionContainer] Starting failed
                java.lang.RuntimeException: invoker is null: jboss:service=invoker,type=jrmp
                at org.jboss.proxy.ejb.ProxyFactory.setupInvokers(ProxyFactory.java:184)

                Has anyone an idee how to fix this problem ?

                Thanks for your help.
                Speedo77

                • 5. Re: How to set up SSL connection between Client and EJB serv
                  Peter Lane Newbie

                  I am getting this same exception with JBoss 4.0.0. I've performed the tasks indicated in Chap. 8 of the User's Guide:
                  - JSSE is present and working
                  - I successfully created a certificate
                  - I added the entries to jboss-service.xml to add a security domain
                  and JRMP Invoker
                  - I modified the jboss.xml for one of my stateless beans to use this
                  security domain

                  I notice that some time has passed since your post. Did you ever figure out how to make this work?