1 Reply Latest reply on Apr 6, 2005 6:08 PM by Mark Priest

    Problem using HTTPS IL in an MDB configured for a remote top

    Mark Priest Newbie

      Hi,

      I am a JBosss newbie so please forgive me if the answer is obvious. I am using JBossAS 4.0.1sp1.

      I followed the instructions in the Wiki for accessing JBossMQ over https. I can successfully publish to the topic using JNDI and JMS over https as described in the Wiki.

      I followed the instructions in the Wiki for configuring an MDB to use a remote topic. I can now access a topic on a remote JBossMQ instance from another JBossAS. However, I want to use HTTPS rather than RMI for JNDI and JMS to the remote topic. When I change the configuration to accomplish this the MDB does not receive any of the messages. When I access the same topic from a stand-alone client (adapted from the J2EE tutorial) with the same HTTPs configuration I do get the messages. It appears that the JBossAS hosting the MDB does connect to the remote JNDI provider on startup because I see this in the remote server log:

      2005-04-01 17:31:22,321 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Security checking request GET /invoker/JNDIFactorySSL
      2005-04-01 17:31:22,321 DEBUG [org.apache.catalina.realm.RealmBase] Checking constraint 'SecurityConstraint[HttpInvokers]' against GET /JNDIFactorySSL --> false
      2005-04-01 17:31:22,321 DEBUG [org.apache.catalina.realm.RealmBase] No applicable constraint located
      2005-04-01 17:31:22,321 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Not subject to any constraint
      2005-04-01 17:31:22,321 DEBUG [org.apache.catalina.core.StandardWrapper] Returning non-STM instance
      2005-04-01 17:31:22,351 DEBUG [org.apache.coyote.http11.Http11Protocol] IOException reading request
      javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLException: java.net.SocketException: Software caused connection abort: recv failed


      Both JBossAS server instances are running on the same host if that matters.

      Here is the configuraiotn that works using the normal JNDI and JMS configuration:

      <!--
      This works

      RemoteJMSProvider
      org.jboss.jms.jndi.JNDIProviderAdapter
      XAConnectionFactory
      XAConnectionFactory


      java.naming.factory.initial=org.jnp.interfaces.NamingContextFactory
      java.naming.factory.url.pkgs=org.jnp.interfaces
      java.naming.provider.url=jnp://localhost:1999


      -->


      This is the configuration with HTTPS that does not receive any messages (or errors):


      RemoteJMSProvider
      org.jboss.jms.jndi.JNDIProviderAdapter
      <!-- The queue connection factory -->
      HTTPConnectionFactory
      <!-- The topic factory -->
      HTTPConnectionFactory
      <!-- Connect to HAJNDI on the host whatever -->

      java.naming.factory.initial=org.jboss.naming.HttpNamingContextFactory
      java.naming.factory.url.pkgs=org.jboss.naming:org.jnp.interfaces;java.protocol.handler.pkgs
      java.naming.provider.url=https://localhost:8443/invoker/JNDIFactorySSL



      Can anyone tell me what I am doing wrong?

      Thanks,
      Mark



        • 1. Re: Problem using HTTPS IL in an MDB configured for a remote
          Mark Priest Newbie

          Hi,

          I believe that the problem I am experiencing is due to a bug in the JBossAS JMX implementation. To summarize my earlier posting, I am able to access a topic from JBossAS server "topichost" with the http il using JNDI over HTTP from a stand-alone client but not using a message-driven bean on JBossAS server "mdbhost".

          I am runnign JBossAS 4.0.1sp1

          Steps to reproduce:

          1. Deploy a simple MDB on mdbhost such as SimpleMessageBean from the ejb/simplemessage section of the J2EE tutorial.

          2. Deploy the HttpProxyFactory on both topichost and mdbhost by including the http-invoker.sar in the deploy directory of the default server on each host.

          3. On both hosts the HTTPProxyFactory binds the value of the JMX ObjectName of "jboss:service=Naming" in the org.jboss.system.Registry under the hash of that ObjectName (line 188 of org.jboss.invocation.http.server.HttpProxyFactory).

          4. On mdbhost, create a remote JMSProviderLoader to access the JNDI of the topichost by adding the following to jms-ds.xml (I can't seeem to get the xml here to render correctly but basically this matches the example on the Wiki except I am using the HTTP JNDI provider):


          RemoteJMSProvider
          org.jboss.jms.jndi.JNDIProviderAdapter
          HTTPConnectionFactory
          HTTPConnectionFactory

          java.naming.factory.initial=org.jboss.naming.HttpNamingContextFactory
          java.naming.factory.url.pkgs=org.jboss.naming:org.jnp.interfaces
          java.naming.provider.url=https://topichost:8443/invoker/JNDIFactorySSL



          5. The JNDIProviderAdapter creates an InitialContext which defers to the HttpNamingContextFactory. This context factory connects to topichost and retrieves a context with the HTTPInvoker wrapped in a ClientContainer.

          6. The JMSContainerInvoker on mdbhost looks up the TopicConnectinFactory. It eventually gets to the last Invoker in the ClientConnector chain which is the InvokerInterceptor that wraps the HTTPInvoker.

          7. The InvokerInterceptor first must determine if the invoker is local using its isLocal(Invocation invocation) method.

          8. Because both topichost and mdbhost have an entry in the Registry for ObjectName "jboss:service=Naming" the InvokerInterceptor finds a value for the ObjectName and mistakenly decides that the local JNDI server on mdbhost should be used instead of the remote JNDI server on topichost. The InvokerInterceptor uses the local JNDI server and returns
          a Naming Exception indicating the TopicConnectionFactory is not bound.

          9. Remove the HttpProxyFactory from mdbhost by deleting the entire http-invoker.sar directory.

          10. Restart mdbhost

          11. Now nothing is bound in the Registry of mdbhost for ObjectName "jboss:service=Naming" (i.e. there is no proxy naming service with an "InvokerName" attribue set to "jboss:service=Naming").

          12. The InvokerInterceptor executes its isLocal() method, does not find a binding in the Registry and it returns false.

          13. The marshalled remote JNDI proxy is used intead.

          14. The MDB on mdbhost can successfully access the topic and receive messages from the topic on topichost.

          Due to this bug there is not way to use the HttpProxyFactory on a remote JBossAS with the JNDIProviderAdapter unless the local JBossAS does NOT have the HttpProxyFactory deployed.

          I will be happy to enter this bug in JIRA if you can tell me the correct project. If I am mistaken about this bug somewhow then please let me know that as well.

          Thanks,
          Mark