0 Replies Latest reply on Nov 9, 2006 3:00 AM by Micha? ?elechowski

    EJB3 SSL remote connection from rich client application

    Micha? ?elechowski Newbie

      Hello!

      I'm trying to connect to remote EJB from rich client, using SSL.
      I add following configuration to jboss-service.xml at ejb3.deployer:

       <mbean code="org.jboss.remoting.transport.Connector"
       xmbean-dd="org/jboss/remoting/transport/Connector.xml"
       name="jboss.remoting:type=Connector,transport=socket3843,handler=ejb3">
       <depends>jboss.aop:service=AspectDeployer</depends>
       <attribute name="InvokerLocator">sslsocket://${jboss.bind.address}:3843</attribute>
       <attribute name="Configuration">
       <handlers>
       <handler subsystem="AOP">org.jboss.aspects.remoting.AOPRemotingInvocationHandler</handler>
       </handlers>
       </attribute>
       </mbean>
      

      I also generated localhost.truststore and put it to $JBOSS_HOME/server/default/conf. I added "-Djavax.net.ssl.keyStore=$JBOSS_HOME/server/default/conf/localhost.keystore -Djavax.net.ssl.keyStorePassword=opensource" to jboss launch script (where $JBOSS_HOME is expanded to my local server path and opensource is keystore password). This line is added to client launch script too.
      To my EJB I added:
      @RemoteBinding(clientBindUrl="sslsocket://0.0.0.0:3843", jndiBinding="ApplicationName/EJBSSLName/remote")
      

      After deployment EJB is visible in JNDI. When I perform lookup remotly at rich client I got following exception:
      javax.naming.NamingException: Could not dereference object [Root exception is org.jboss.remoting.CannotConnectException: Can not get connection to server. Problem establishing socket connection.]
       at org.jnp.interfaces.NamingContext.getObjectInstanceWrapFailure(NamingContext.java:1150)
       at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:705)
       at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:587)
       at javax.naming.InitialContext.lookup(InitialContext.java:351)
      ...
      Caused by: org.jboss.remoting.CannotConnectException: Can not get connection to server. Problem establishing socket connection.
       at org.jboss.remoting.transport.socket.SocketClientInvoker.transport(SocketClientInvoker.java:267)
       at org.jboss.remoting.RemoteClientInvoker.invoke(RemoteClientInvoker.java:143)
       at org.jboss.remoting.Client.invoke(Client.java:525)
       at org.jboss.remoting.Client.invoke(Client.java:488)
       at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:55)
       at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
       at org.jboss.aspects.remoting.IsLocalInterceptor.invoke(IsLocalInterceptor.java:48)
       at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
       at org.jboss.aspects.remoting.PojiProxy.invoke(PojiProxy.java:61)
       at $Proxy0.createProxy(Unknown Source)
       at org.jboss.ejb3.JndiProxyFactory.getObjectInstance(JndiProxyFactory.java:52)
       at javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:304)
       at org.jnp.interfaces.NamingContext.getObjectInstance(NamingContext.java:1125)
       at org.jnp.interfaces.NamingContext.getObjectInstanceWrapFailure(NamingContext.java:1142)
       ... 56 more
      Caused by: java.lang.reflect.InvocationTargetException
       at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
       at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
       at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
       at java.lang.reflect.Constructor.newInstance(Constructor.java:494)
       at org.jboss.remoting.transport.socket.SocketClientInvoker.createClientSocket(SocketClientInvoker.java:518)
       at org.jboss.remoting.transport.socket.SocketClientInvoker.getConnection(SocketClientInvoker.java:485)
       at org.jboss.remoting.transport.socket.SocketClientInvoker.transport(SocketClientInvoker.java:263)
       ... 69 more
      Caused by: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:742)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1030)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:678)
       at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75)
       at java.io.BufferedInputStream.fill(BufferedInputStream.java:218)
       at java.io.BufferedInputStream.read1(BufferedInputStream.java:256)
       at java.io.BufferedInputStream.read(BufferedInputStream.java:313)
       at java.io.ObjectInputStream$PeekInputStream.read(ObjectInputStream.java:2213)
       at java.io.ObjectInputStream$PeekInputStream.readFully(ObjectInputStream.java:2226)
       at java.io.ObjectInputStream$BlockDataInputStream.readShort(ObjectInputStream.java:2694)
       at java.io.ObjectInputStream.readStreamHeader(ObjectInputStream.java:761)
       at java.io.ObjectInputStream.<init>(ObjectInputStream.java:277)
       at org.jboss.remoting.loading.ObjectInputStreamWithClassLoader.<init>(ObjectInputStreamWithClassLoader.java:73)
       at org.jboss.remoting.serialization.impl.java.JavaSerializationManager.createInput(JavaSerializationManager.java:52)
       at org.jboss.remoting.transport.socket.ClientSocketWrapper.createInputStream(ClientSocketWrapper.java:83)
       at org.jboss.remoting.transport.socket.ClientSocketWrapper.createStreams(ClientSocketWrapper.java:76)
       at org.jboss.remoting.transport.socket.ClientSocketWrapper.<init>(ClientSocketWrapper.java:54)
       ... 76 more
      Caused by: java.io.EOFException: SSL peer shut down incorrectly
       at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:333)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:723)
       ... 92 more
      


      When I remove '@RemoteBinding', non-SSL conenction works fine.
      Am I missing something?

      regards

      Micha?