[jboss-user] [EJB 3.0] - EJB3 & SSL not working in JBoss 5 Beta3?

javidjamae do-not-reply at jboss.com
Wed Feb 6 22:29:48 EST 2008 

I'm trying to get a standalone client to communicate with an EJB over SSL. I tried following the directions here, but they didn't work: http://labs.jboss.com/jbossejb3/docs/tutorial/ssl/ssl.html

It complained that it didn't know what "jboss.aop:service=AspectDeployer" was. I figured that is because this was converted from an MBean into a Microcontainer bean since the time that article was written (or maybe a difference between 4.2 and 5.0). 

This document (http://wiki.jboss.org/wiki/Wiki.jsp?page=JBossMicrocontainerFAQ) told me that an MBean could depend on a Microcontainer bean, so I changed the depends in the configuration to this:


  |    <mbean code="org.jboss.remoting.transport.Connector"
  |       name="jboss.remoting:type=Connector,transport=socket3843,handler=ejb3">
  |       <depends>AspectDeployer</depends>
  |       <attribute name="InvokerLocator">sslsocket://0.0.0.0:3843</attribute>
  |       <attribute name="Configuration">
  |          <handlers>
  |             <handler subsystem="AOP">
  |    org.jboss.aspects.remoting.AOPRemotingInvocationHandler
  |             </handler>
  |          </handlers>
  |       </attribute>
  |    </mbean>
  | 

Unfortunately, that threw ClassNotFoundException's because of the whitespace around the classname in the handler tag. After getting rid of the whitespace, the server seemed to start without any errors.

But, when I try to access a remote bean without specifying a truststore on the client side (i.e. without using -Djavax.net.ssl.keyStore and keyStorePass), I am able to access the bean. I would expect that I wouldn't be able to. Here is my bean's remote interface:


  | @Remote
  | @RemoteBinding(clientBindUrl = "sslsocket://0.0.0.0:3843")
  | public interface Greeter {
  | 	public void greet(String message);
  | 
  | 	public List<Greeting> getAllGreetings();
  | }
  | 

As you can see, I have the RemoteBinding annotation with the clientBindUrl parameter specified. 

Am I missing something? I expect to NOT be able to access the bean without having the server certificate in my client truststore and the truststore specified on the command line, but I am still able to. What's the best way to ensure that SSL is actually working?

...

As a side note, I opened a bug about whitespace in the jboss-web.xml files- http://jira.jboss.org/jira/browse/JBAS-5173 - and I've seen this in other places as well. It seems likely that these whitespace issues all be related to the same XML parsing code??

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4127240#4127240

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4127240

More information about the jboss-user mailing list