[jboss-user] [EJB 3.0] - EJB with SSL does not work with JBoss AS 4.2.2

jthinaka do-not-reply at jboss.com
Sun Mar 2 16:01:12 EST 2008 

Hello,
I am trying to connect to my EJB via SSL and I have tried all the different approaches including the ones in the 4.2.2 administration guide as well as the JBoss Remoting guide and nothing seems to work. I would really appreciate any and all help in resolving this.

First, let me describe the error:
On the Client
anonymous wrote : 
  | Exception in thread "main" org.jboss.remoting.CannotConnectException: Can not get connection to server. Problem establishing socket connection for InvokerLocator [sslsocket://127.0.0.1:3843/]
  |         at org.jboss.remoting.transport.socket.MicroSocketClientInvoker.transport(MicroSocketClientInvoker.java:532)
  |         at org.jboss.remoting.MicroRemoteClientInvoker.invoke(MicroRemoteClientInvoker.java:122)
  |         at org.jboss.remoting.Client.invoke(Client.java:1634)
  |         at org.jboss.remoting.Client.invoke(Client.java:548)
  |         at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:62)
  |         at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  |         at org.jboss.aspects.tx.ClientTxPropagationInterceptor.invoke(ClientTxPropagationInterceptor.java:67)
  |         at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  |         at org.jboss.aspects.security.SecurityClientInterceptor.invoke(SecurityClientInterceptor.java:53)
  |         at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  |         at org.jboss.ejb3.remoting.IsLocalInterceptor.invoke(IsLocalInterceptor.java:74)
  |         at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  |         at org.jboss.ejb3.stateless.StatelessRemoteProxy.invoke(StatelessRemoteProxy.java:107)
  |         at $Proxy0.echo(Unknown Source)
  |         at SSLEJBClient.main(SSLEJBClient.java:22)
  | Caused by: java.lang.reflect.InvocationTargetException
  |         at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
  |         at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
  |         at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
  |         at java.lang.reflect.Constructor.newInstance(Unknown Source)
  |         at org.jboss.remoting.transport.socket.SocketClientInvoker.createClientSocket(SocketClientInvoker.java:152)
  |         at org.jboss.remoting.transport.socket.MicroSocketClientInvoker.getConnection(MicroSocketClientInvoker.java:856)
  |         at org.jboss.remoting.transport.socket.MicroSocketClientInvoker.transport(MicroSocketClientInvoker.java:525)
  |         at org.jboss.remoting.MicroRemoteClientInvoker.invoke(MicroRemoteClientInvoker.java:122)
  |         at org.jboss.remoting.Client.invoke(Client.java:1634)
  |         at org.jboss.remoting.Client.invoke(Client.java:548)
  |         at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:62)
  |         at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  |         at org.jboss.aspects.tx.ClientTxPropagationInterceptor.invoke(ClientTxPropagationInterceptor.java:67)
  |         at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  |         at org.jboss.aspects.security.SecurityClientInterceptor.invoke(SecurityClientInterceptor.java:53)
  |         at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  |         at org.jboss.ejb3.remoting.IsLocalInterceptor.invoke(IsLocalInterceptor.java:74)
  |         at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
  |         at org.jboss.ejb3.stateless.StatelessRemoteProxy.invoke(StatelessRemoteProxy.java:107)
  |         at $Proxy0.echo(Unknown Source)
  |         at SSLEJBClient.main(SSLEJBClient.java:22)
  |         at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:74)
  |         ... 10 more
  | Caused by: java.net.SocketException: Socket Closed
  |         at java.net.PlainSocketImpl.setOption(Unknown Source)
  |         at java.net.Socket.setSoTimeout(Unknown Source)
  |         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.setSoTimeout(Unknown Source)
  |         at org.jboss.remoting.transport.socket.SocketWrapper.setTimeout(SocketWrapper.java:85)
  |         at org.jboss.remoting.transport.socket.ClientSocketWrapper.createStreams(ClientSocketWrapper.java:168)
  |         at org.jboss.remoting.transport.socket.ClientSocketWrapper.(ClientSocketWrapper.java:66)
  |         at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
  |         at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
  |         at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
  |         at java.lang.reflect.Constructor.newInstance(Unknown Source)
  |         at org.jboss.remoting.transport.socket.SocketClientInvoker.createClientSocket(SocketClientInvoker.java:152)
  |         at org.jboss.remoting.transport.socket.MicroSocketClientInvoker.getConnection(MicroSocketClientInvoker.java:856)
  |         at org.jboss.remoting.transport.socket.MicroSocketClientInvoker.transport(MicroSocketClientInvoker.java:525)
  |         at org.jboss.remoting.MicroRemoteClientInvoker.invoke(MicroRemoteClientInvoker.java:122)
  |         at org.jboss.remoting.Client.invoke(Client.java:1634)
  |         at org.jboss.remoting.Client.invoke(Client.java:548)
  |         at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:62)
  |         ... 10 more
  | 

>From the Server Side

  | 12:25:31,367 ERROR [ServerThread] Worker thread initialization failure
  | java.lang.reflect.InvocationTargetException
  |         at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
  |         at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
  |         at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
  |         at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
  |         at org.jboss.remoting.transport.socket.ServerThread.createServerSocketWrapper(ServerThread.java:720)
  |         at org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.java:368)
  |         at org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.java:166)
  | Caused by: java.net.SocketException: Socket Closed
  |         at java.net.PlainSocketImpl.setOption(PlainSocketImpl.java:201)
  |         at java.net.Socket.setSoTimeout(Socket.java:997)
  |         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.setSoTimeout(SSLSocketImpl.java:2047)
  |         at org.jboss.remoting.transport.socket.SocketWrapper.setTimeout(SocketWrapper.java:85)
  |         at org.jboss.remoting.transport.socket.ClientSocketWrapper.createStreams(ClientSocketWrapper.java:168)
  |         at org.jboss.remoting.transport.socket.ClientSocketWrapper.<init>(ClientSocketWrapper.java:66)
  |         at org.jboss.remoting.transport.socket.ServerSocketWrapper.<init>(ServerSocketWrapper.java:46)
  | 

My server side configuration looks like the following:
SSL-Service-xml


 
  | <?xml version="1.0" encoding="UTF-8"?>
  | <server>
  |    <mbean code="org.jboss.remoting.transport.Connector"
  |           name="jboss.remoting:service=Connector,transport=sslsocket"
  |           display-name="SSL Socket transport Connector">
  |       <attribute name="Configuration">
  |          <config>
  |             <invoker transport="sslsocket">
  |                <attribute name="dataType" isParam="true">invocation</attribute>
  |                <attribute name="marshaller" isParam="true">org.jboss.invocation.unified.marshall.InvocationMarshaller</attribute>
  |                <attribute name="unmarshaller" isParam="true">org.jboss.invocation.unified.marshall.InvocationUnMarshaller</attribute>
  |                <attribute name="numAcceptThreads">100</attribute>
  |                <attribute name="maxPoolSize">303</attribute>
  |                <attribute name="clientMaxPoolSize" isParam="true">304</attribute>
  |                <attribute name="socketTimeout" isParam="true">600000</attribute>
  |                <attribute name="serverBindAddress">${jboss.bind.address}</attribute>
  |                <attribute name="serverBindPort">3843</attribute>
  |                <attribute name="clientConnectPort">7777</attribute>
  |                <attribute name="enableTcpNoDelay" isParam="true">true</attribute>
  |             </invoker>
  |             <handlers>
  |                <handler subsystem="invoker">jboss:service=invoker,type=unified</handler>
  |             </handlers>
  |          </config>
  |       </attribute>
  |       <depends>jboss.remoting:service=NetworkRegistry</depends>
  |    </mbean>
  | <mbean code="org.jboss.remoting.security.SSLSocketBuilder"
  | 	  name="jboss.remoting:service=SocketBuilder,type=SSL"
  | 	  display-name="SSL Server Socket Factory Builder">
  |    <attribute name="UseSSLServerSocketFactory">true</attribute>
  |    <attribute name="KeyStoreURL">c:/java/jboss-4.2.2.GA/server/default/conf/example.keystore</attribute>
  |    <attribute name="KeyStorePassword">SomePassword</attribute>
  |    <attribute name="SecureSocketProtocol">TLS</attribute>
  |    <attribute name="KeyStoreType">JKS</attribute>
  | </mbean>
  | <mbean code="org.jboss.remoting.security.SSLServerSocketFactoryService"
  | 	   name="jboss.remoting:service=ServerSocketFactory,type=SSL"
  | 	   display-name="SSL Server Socket Factory">
  | 	<depends optional-attribute-name="SSLSocketBuilder"
  | 	   proxy-type="attribute">jboss.remoting:service=SocketBuilder,type=SSL</depends>
  | </mbean>
  | </server>
  |   

My EJB is very simple, it has one method called echo (taken from the Jboss test suites). However, instead of using annotations, I used the jboss.xml configuration route as shown below:

  | <?xml version="1.0" encoding="UTF-8"?>
  | <jboss>
  | <enterprise-beans>
  | 	<session>
  | 		<ejb-name>CallFireStatelessBean</ejb-name>
  | 		<remote-binding>
  |             <jndi-name>CallFireStatelessBeanSSL</jndi-name>
  |             <client-bind-url>sslsocket://0.0.0.0:3843</client-bind-url>
  |         </remote-binding>
  |        	</session>
  | </enterprise-beans>
  | </jboss>
  | 



My Client Code Looks like this:

  | 		Properties props = System.getProperties();
  | 		props.setProperty("java.naming.factory.initial", "org.jnp.interfaces.NamingContextFactory");
  | 		props.setProperty("java.naming.provider.url", "localhost:1099");
  | 		Context ctx = new InitialContext();
  | 		Object obj = ctx.lookup("java:/CallFireStatelessBeanSSL");
  | 		CallFireBusinessInterface cf = (CallFireBusinessInterface) obj;
  | 		cf.echo("This works!");
  | 


To answer some possible questions:

  | Yes, I can telnet into that port.
  | Yes, the key store and passoword have been generated
  | Yes, the JVM arguments have been modified to point to the keystore.
  | Yes, the client gets a references to the EJB but fails when trying to call the echo method.
  | Yes, all firewalls have been disabled.
  | Yes, I am using the jbossall-client.jar from version 4.2.2 when running the client.
  | The JRE version is 1.6.
  | 
  | 
  | As stated earlier, any and all help will be greatly appreciated.
  | Regards,
  | TJ
  | 
  | -------------------------------

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4133508#4133508

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4133508

More information about the jboss-user mailing list