[jboss-user] [Remoting] - make ejb3 client use ServerAuthMode=false on sslsocket to jb
deckrider
do-not-reply at jboss.com
Fri Mar 27 10:38:27 EDT 2009
My client works fine, but I don't want it to require the trust store. I've read how one can use SSLSocketFactory to somehow configure the client to use SSLSocketBuilder.REMOTING_SERVER_AUTH_MODE=false, but I also don't want the client to know about port 3873, only port 1099.
How would I change my stand alone test client to make this work?
I have changed jboss-4.2.3.GA/server/default/deploy/ejb3.deployer/META-INF/jboss-service.xml as follows:
| <mbean code="org.jboss.remoting.transport.Connector"
| name="jboss.remoting:type=Connector,name=DefaultEjb3Connector,handler=ejb3">
| <depends>jboss.aop:service=AspectDeployer</depends>
| <attribute name="InvokerLocator">sslsocket://${jboss.bind.address}:3873</attribute>
| <attribute name="Configuration">
| <handlers>
| <handler subsystem="AOP">org.jboss.aspects.remoting.AOPRemotingInvocationHandler</handler>
| </handlers>
| </attribute>
| </mbean>
|
And I have this stand alone test client:
| import java.util.Hashtable;
| import javax.naming.InitialContext;
| import javax.naming.NamingException;
| public class TestClient {
| public static void main(String[] args) throws Exception {
| InitialContext ctx = null;
| Hashtable<String, String> props = new Hashtable<String, String>();
| props.put("java.naming.factory.initial", "org.jnp.interfaces.NamingContextFactory");
| props.put("java.naming.provider.url", "jnp://localhost:1099");
| props.put("java.naming.factory.url.pkgs", "org.jboss.naming:org.jnp.interfaces");
| try {
| ctx = new InitialContext(props);
| } catch (NamingException e) {
| e.printStackTrace();
| }
| HelloWorld hello = null;
| try {
| hello = (HelloWorld) ctx.lookup("HelloWorldBean/remote");
| } catch (NamingException e) {
| e.printStackTrace();
| }
| System.setProperty("javax.net.ssl.trustStore", "/home/deckrider/jboss-4.2.3.GA-ssl/server/default/conf/localhost.keystore");
| System.setProperty("javax.net.ssl.trustStorePassword", "opensource");
|
| System.out.println(hello.getMessage());
| }
| }
|
|
And just for reference, here's my EJBs:
| import javax.ejb.Remote;
| import javax.ejb.Stateless;
| @Stateless
| @Remote(HelloWorld.class)
| public class HelloWorldBean implements HelloWorld {
| public String getMessage() {
| return "Hello EJB World";
| }
| }
|
| import javax.ejb.Remote;
| @Remote
| public interface HelloWorld {
| public String getMessage();
| }
|
My client works fine, but I don't want it to require the trust store. I've read how one can use SSLSocketFactory to somehow configure the client to use SSLSocketBuilder.REMOTING_SERVER_AUTH_MODE=false, but I also don't want the client to know about port 3873, only port 1099.
How would I change my stand alone test client to make this work?
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4221574#4221574
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4221574
More information about the jboss-user
mailing list