6 Replies Latest reply on Jan 8, 2009 6:06 AM by danielen

    EJB3 and remote client EJB access

    dhartford

      Hi all,
      Trying to use EJB3-9 patch to 4.0.4.GA. Trying to use LdapLoginModule and AppCallbackHandler.

      server-side error:

      15:47:55,783 ERROR [ServerThread] failed to process invocation.
      java.io.NotSerializableException: com.sun.jndi.ldap.LdapCtx
      ...
       at org.jboss.remoting.serialization.impl.java.JavaSerializationManager.sendObject(JavaSerializationManager.java:
      81)
       at org.jboss.remoting.marshal.serializable.SerializableMarshaller.write(SerializableMarshaller.java:84)
       at org.jboss.remoting.transport.socket.ServerThread.processInvocation(ServerThread.java:381)
       at org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.java:398)
       at org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.java:239)
      



      I've had very poor success understanding any documentation related to secure remote-EJB access, so forgive my ignorance.

      client.java
      AppCallbackHandler("myuser","mypassword".toCharArray());
       try {
       LoginContext lc = new LoginContext("other",myHandler);
       lc.login();
       }catch (LoginException le)
       {
       System.out.println("Login failed");
       le.printStackTrace();
       }
      


        • 1. Re: EJB3 and remote client EJB access
          dhartford

          Also tested UsernamePasswordHandler with same server-side issue/remoting issue.

          Since my requirements need LDAP authentication, kinda stuck.

          • 2. Re: EJB3 and remote client EJB access
            dhartford

            If the problem is NotSerializableException, should I post this into the Remoting forum?

            I'm stuck and I would like to solve this problem.

            • 3. Re: EJB3 and remote client EJB access
              dhartford

              so....
              Also tried "org.jboss.security.jndi.JndiLoginInitialContextFactory" without the AppcallbackHandler

              Properties env = new Properties();
               env.setProperty(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.security.jndi.JndiLoginInitialContextFactory");
               env.put("java.naming.provider.url", "jbossserver:1099");
               env.put("java.naming.factory.url.pkgs", "org.jboss.naming:org.jnp.interfaces");
               env.setProperty(Context.SECURITY_PRINCIPAL, "username");
               env.setProperty(Context.SECURITY_CREDENTIALS, "password");
              
               InitialContext results = null;
               try{
               results = new InitialContext(env);
               }catch(Exception e){
               e.printStackTrace();
               }
              


              And still getting

              java.io.NotSerializableException: com.sun.jndi.ldap.LdapCtx


              Is this the wrong forum or am I just doing something really wrong?

              • 4. Re: EJB3 and remote client EJB access
                dhartford

                so...yeah, problem still not resolved. The problem occurs when entering incorrect credentials, but the client does NOT get any feedback.

                Needless to say, hard to handle credential requests from the client-side when you have no feedback if the credential was incorrect because the server-side swallows it with a NotSerializableException.

                Is this a bug? The server side is just EJB3 annotations, hard to do something wrong I would think.

                @SecurityDomain("testLdap")
                ....
                @RolesAllowed("good")
                public String returnGood(){return "good!";}
                @RolesAllowed("bad")
                public String returnBad(){return "this should not work";}
                


                Please, really stuck here....


                • 5. Re: EJB3 and remote client EJB access
                  danielen

                  Im using JBoss 4.3 EAP and have the same problem. Is there a solution for this?

                  • 6. Re: EJB3 and remote client EJB access
                    danielen

                    Im using LdapExtLoginModule and in the code I can see that it in the validatePassword() method stores the AuthenticationException from failed validation in the super class.

                    Then in the super class UsernamePasswordLoginModule, the AuthenticationException is retrieved again in the login() method and used as initCause() on the FailedLoginException that is thrown out of login().

                    The problem seems to be that the original AuthenticationException has a resolvedObject set with LdapCtx which is not serializable, and when the FailedLoginException is serialized to be sent over to the client, it blows up with NotSerializableException.