[jboss-user] [Remoting] - make ejb3 client use ServerAuthMode=false on sslsocket to jb

deckrider do-not-reply at jboss.com
Fri Mar 27 10:38:27 EDT 2009 

My client works fine, but I don't want it to require the trust store.  I've read how one can use SSLSocketFactory to somehow configure the client to use SSLSocketBuilder.REMOTING_SERVER_AUTH_MODE=false, but I also don't want the client to know about port 3873, only port 1099.

How would I change my stand alone test client to make this work?

I have changed jboss-4.2.3.GA/server/default/deploy/ejb3.deployer/META-INF/jboss-service.xml as follows:


  |    <mbean code="org.jboss.remoting.transport.Connector"
  |           name="jboss.remoting:type=Connector,name=DefaultEjb3Connector,handler=ejb3">
  |       <depends>jboss.aop:service=AspectDeployer</depends>
  |        <attribute name="InvokerLocator">sslsocket://${jboss.bind.address}:3873</attribute>
  |       <attribute name="Configuration">
  |          <handlers>
  |             <handler subsystem="AOP">org.jboss.aspects.remoting.AOPRemotingInvocationHandler</handler>
  |          </handlers>
  |       </attribute>
  |    </mbean>
  | 

And I have this stand alone test client:


  | import java.util.Hashtable;
  | import javax.naming.InitialContext;
  | import javax.naming.NamingException;
  | public class TestClient {
  |     public static void main(String[] args) throws Exception {
  |         InitialContext ctx = null;
  |         Hashtable<String, String> props = new Hashtable<String, String>();
  |         props.put("java.naming.factory.initial", "org.jnp.interfaces.NamingContextFactory");
  |         props.put("java.naming.provider.url", "jnp://localhost:1099");
  |         props.put("java.naming.factory.url.pkgs", "org.jboss.naming:org.jnp.interfaces");
  |         try {
  |             ctx = new InitialContext(props);
  |         } catch (NamingException e) {
  |             e.printStackTrace();
  |         }
  |         HelloWorld hello = null;
  |         try {
  |             hello = (HelloWorld) ctx.lookup("HelloWorldBean/remote");
  |         } catch (NamingException e) {
  |             e.printStackTrace();
  |         }
  |         System.setProperty("javax.net.ssl.trustStore", "/home/deckrider/jboss-4.2.3.GA-ssl/server/default/conf/localhost.keystore");
  |         System.setProperty("javax.net.ssl.trustStorePassword", "opensource");
  | 
  |         System.out.println(hello.getMessage());
  |     }
  | }
  | 
  | 

And just for reference, here's my EJBs:


  | import javax.ejb.Remote;
  | import javax.ejb.Stateless;
  | @Stateless
  | @Remote(HelloWorld.class)
  | public class HelloWorldBean implements HelloWorld {
  |     public String getMessage() {
  |         return "Hello EJB World";
  |     }
  | }
  | 


  | import javax.ejb.Remote;
  | @Remote
  | public interface HelloWorld {
  |     public String getMessage();
  | }
  | 

My client works fine, but I don't want it to require the trust store.  I've read how one can use SSLSocketFactory to somehow configure the client to use SSLSocketBuilder.REMOTING_SERVER_AUTH_MODE=false, but I also don't want the client to know about port 3873, only port 1099.

How would I change my stand alone test client to make this work?

View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4221574#4221574

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4221574

More information about the jboss-user mailing list