[JBoss JIRA] Created: (JBAS-5815) Bug in DomainServerSocketFactory - SSL clientAuth
by Scott M Stark (JIRA)
Bug in DomainServerSocketFactory - SSL clientAuth
--------------------------------------------------
Key: JBAS-5815
URL: https://jira.jboss.org/jira/browse/JBAS-5815
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: Security
Reporter: Scott M Stark
Assignee: Scott M Stark
Fix For: JBossAS-5.0.0.CR2
Daniel Straub <ds(a)ctrlaltdel.de> reports:
I had to enable some settings on the RMISSLServerSocketFactory, but the solution for this - shown in wiki.jboss.org/wiki/JRMPInvoker or JBAS-1983 doesn't work. This ends with a nullpointer exception because the the initialization of securityDomain failed.
To deal with this, I derive a class from the RMISSLServerSocketFactory like this
public class ServerSocketFactory extends RMISSLServerSocketFactory {
public ServerSocketFactory() {
super();
setNeedsClientAuth(true);
//setWantsClientAuth(false);
}
}
and use this as RMIServerSocketFactory of the JRMPInvoker. But this solution also doesn't work ;-(
There is another problem in the DomainServerSocketFactory :
public ServerSocket createServerSocket(int port, int backlog, InetAddress ifAddress)
throws IOException
{
initSSLContext();
SSLServerSocketFactory factory = sslCtx.getServerSocketFactory();
SSLServerSocket socket = (SSLServerSocket) factory.createServerSocket(port, backlog, ifAddress);
SSLSessionContext ctx = sslCtx.getServerSessionContext();
System.out.println(ctx);
if( log.isTraceEnabled() )
{
String[] supportedProtocols = socket.getSupportedProtocols();
log.debug("Supported protocols: " + Arrays.asList(supportedProtocols));
String[] supportedCipherSuites = socket.getSupportedCipherSuites();
log.debug("Supported CipherSuites: " + Arrays.asList(supportedCipherSuites));
}
socket.setNeedClientAuth(needsClientAuth);
socket.setWantClientAuth(wantsClientAuth);
...
- to make a long story short, the "bug" is in the implementation of SSLServerSocket.
This class uses only one instance variable to store the setting of clientAuth ("doClientAuth").
socket.setNeedClientAuth(needsClientAuth) set these to the value "2". fine.
but the next call socket.setWantClientAuth(wantsClientAuth) set these to "1" if wantsClientAuth is true, otherwise to "0".
in both cases, the first call is override. bad.
Here is the decompiled class (com.sun.net.ssl.internal.ssl. SSLServerSocketImpl) :
...
public void setNeedClientAuth(boolean flag) {
doClientAuth = ((byte)(flag ? 2 : 0));
}
public boolean getNeedClientAuth() {
return doClientAuth == 2;
}
public void setWantClientAuth(boolean flag) {
doClientAuth = ((byte)(flag ? 1 : 0));
}
public boolean getWantClientAuth() {
return doClientAuth == 1;
}
...
well, what for a strange implementation ...
I modified my ServerSockeFactory >
@Override
public ServerSocket createServerSocket(int port) throws IOException {
SSLServerSocket sslSocket = (SSLServerSocket) super.createServerSocket(port);
sslSocket.setNeedClientAuth(true);
return sslSocket;
}
and now the client authentification works. But can we provide a fix for this problems (initialization of RMISSLServerSocketFactory and SSLServerSocket - e.g if needsClientAuth, why set also wantsClientAuth) ?
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
14 years, 8 months
[JBoss JIRA] Created: (JBAS-4654) JacORB throwing spurious UNKNOWN NoSuchMethodException
by Adrian Brock (JIRA)
JacORB throwing spurious UNKNOWN NoSuchMethodException
------------------------------------------------------
Key: JBAS-4654
URL: http://jira.jboss.com/jira/browse/JBAS-4654
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: IIOP service
Affects Versions: JBossAS-4.2.1.GA
Reporter: Adrian Brock
Assigned To: Francisco Reverbel
Fix For: JBossAS-5.0.0.GA
When a RemoteException contains an exception that isn't mapped to a CorbaException,
JacORB is throwing a spurious NoSuchMethodException.
e.g. the following error thrown by the server in the testsuite:
2007-08-31 11:42:48,113 TRACE [org.jboss.proxy.ejb.EjbObjectCorbaServant.bank-iiop/Account] Exception in EJBObject invocation
javax.management.MBeanException
at org.jboss.mx.interceptor.ReflectedDispatcher.handleInvocationExceptions(ReflectedDispatcher.java:184)
at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:165)
at org.jboss.mx.server.Invocation.dispatch(Invocation.java:96)
at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:668)
at org.jboss.proxy.ejb.EjbObjectCorbaServant._invoke(EjbObjectCorbaServant.java:287)
at org.jacorb.poa.RequestProcessor.invokeOperation(Unknown Source)
at org.jacorb.poa.RequestProcessor.process(Unknown Source)
at org.jacorb.poa.RequestProcessor.run(Unknown Source)
Caused by: java.rmi.ServerException: EJBException:; nested exception is:
javax.ejb.EJBException: Internal error getting results for field member owner
at org.jboss.ejb.plugins.LogInterceptor.handleException(LogInterceptor.java:365)
at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:209)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor.java:138)
at org.jboss.ejb.EntityContainer.internalInvoke(EntityContainer.java:532)
at org.jboss.ejb.Container.invoke(Container.java:989)
at sun.reflect.GeneratedMethodAccessor97.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:157)
... 8 more
Caused by: javax.ejb.EJBException: Internal error getting results for field member owner
at org.jboss.ejb.plugins.cmp.jdbc.bridge.JDBCAbstractCMPFieldBridge.loadArgumentResults(JDBCAbstractCMPFieldBridge.java:498)
at org.jboss.ejb.plugins.cmp.jdbc.bridge.JDBCAbstractCMPFieldBridge.loadArgumentResults(JDBCAbstractCMPFieldBridge.java:432)
at org.jboss.ejb.plugins.cmp.jdbc.bridge.JDBCAbstractCMPFieldBridge.loadInstanceResults(JDBCAbstractCMPFieldBridge.java:393)
at org.jboss.ejb.plugins.cmp.jdbc.JDBCLoadEntityCommand.execute(JDBCLoadEntityCommand.java:207)
at org.jboss.ejb.plugins.cmp.jdbc.JDBCLoadEntityCommand.execute(JDBCLoadEntityCommand.java:88)
at org.jboss.ejb.plugins.cmp.jdbc.JDBCStoreManager.loadEntity(JDBCStoreManager.java:646)
at org.jboss.ejb.plugins.cmp.jdbc.JDBCStoreManager.loadEntity(JDBCStoreManager.java:628)
at org.jboss.ejb.plugins.CMPPersistenceManager.loadEntity(CMPPersistenceManager.java:406)
at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.loadEntity(CachedConnectionInterceptor.java:252)
at org.jboss.ejb.plugins.EntitySynchronizationInterceptor.invoke(EntitySynchronizationInterceptor.java:243)
at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:158)
at org.jboss.ejb.plugins.EntityReentranceInterceptor.invoke(EntityReentranceInterceptor.java:126)
at org.jboss.ejb.plugins.EntityInstanceInterceptor.invoke(EntityInstanceInterceptor.java:280)
at org.jboss.ejb.plugins.EntityLockInterceptor.invoke(EntityLockInterceptor.java:104)
at org.jboss.ejb.plugins.EntityCreationInterceptor.invoke(EntityCreationInterceptor.java:76)
at org.jboss.ejb.plugins.CallValidationInterceptor.invoke(CallValidationInterceptor.java:63)
at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:121)
at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:350)
at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:181)
at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:238)
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.invoke(PreSecurityInterceptor.java:105)
at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:205)
... 15 more
Caused by: java.sql.SQLException: Got a org.omg.stub.javax.ejb._EJBObject_Stub[cl=org.jboss.mx.loading.UnifiedClassLoader3@ff45de{ url=vfsfile:/home/ejort/jboss-head/b
Results in the following on the client:
"CORBA UNKNOWN 0 No; nested exception is:
org.omg.CORBA.UNKNOWN: org.omg.CORBA.portable.UnknownException vmcid: 0x0 minor code: 0 completed: No" type="java.rmi.RemoteException">java.rmi.RemoteExcept
ion: CORBA UNKNOWN 0 No; nested exception is:
org.omg.CORBA.UNKNOWN: org.omg.CORBA.portable.UnknownException vmcid: 0x0 minor code: 0 completed: No
at com.sun.corba.se.impl.javax.rmi.CORBA.Util.mapSystemException(Util.java:282)
at javax.rmi.CORBA.Util.mapSystemException(Util.java:67)
at org.jboss.proxy.ejb.DynamicIIOPStub.invoke(DynamicIIOPStub.java:148)
at org.jboss.test.bankiiop.interfaces._Account_Stub.getPrimaryKey(Unknown Source)
at org.jboss.test.bankiiop.test.BankStressTestCase.testTeller(BankStressTestCase.java:88)
at junit.extensions.TestDecorator.basicRun(TestDecorator.java:24)
at junit.extensions.TestSetup$1.protect(TestSetup.java:21)
at junit.extensions.TestSetup.run(TestSetup.java:25)
Caused by: org.omg.CORBA.UNKNOWN: org.omg.CORBA.portable.UnknownException vmcid: 0x0 minor code: 0 completed: No
at org.jacorb.orb.SystemExceptionHelper.read(Unknown Source)
at org.jacorb.orb.ReplyReceiver.getReply(Unknown Source)
at org.jacorb.orb.Delegate.invoke_internal(Unknown Source)
at org.jacorb.orb.Delegate.invoke(Unknown Source)
at org.omg.CORBA.portable.ObjectImpl._invoke(ObjectImpl.java:457)
at org.jboss.proxy.ejb.DynamicIIOPStub.invoke(DynamicIIOPStub.java:123)
... 23 more
Caused by: java.lang.NoSuchMethodException: org.omg.CORBA.portable.UnknownException.<init>(java.lang.String, int, org.omg.CORBA.CompletionStatus)
at java.lang.Class.getConstructor0(Class.java:2678)
at java.lang.Class.getConstructor(Class.java:1629)
... 29 more
The NoSuchMethodException is obviously not the cause.
It comes from jacorb assuming that all Corba SystemExceptions have a constructor of a certain signature
(something that is not true for UnknownException).
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
14 years, 8 months
[JBoss JIRA] Created: (JBAS-5741) Redeploying jbossweb.sar fails
by Remy Maucherat (JIRA)
Redeploying jbossweb.sar fails
------------------------------
Key: JBAS-5741
URL: http://jira.jboss.com/jira/browse/JBAS-5741
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: Web (Tomcat) service
Reporter: Remy Maucherat
Assigned To: Scott M Stark
Touching jboss-service.xml in deploy/jbossweb.sar causes NPEs redeploying the WARs:
15:19:50,881 ERROR [AbstractKernelController] Error installing to Start: name=jboss.web.deployment:war=/jbossws state=Create mode=Manual requiredState=Installed
java.lang.NullPointerException
at org.jboss.web.deployers.WebModule.startModule(WebModule.java:111)
at org.jboss.web.deployers.WebModule.start(WebModule.java:90)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:616)
at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:157)
at org.jboss.mx.server.Invocation.dispatch(Invocation.java:96)
at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:668)
at org.jboss.system.microcontainer.ServiceProxy.invoke(ServiceProxy.java:206)
at $Proxy35.start(Unknown Source)
at org.jboss.system.microcontainer.StartStopLifecycleAction.installAction(StartStopLifecycleAction.java:42)
at org.jboss.system.microcontainer.StartStopLifecycleAction.installAction(StartStopLifecycleAction.java:37)
at org.jboss.dependency.plugins.action.SimpleControllerContextAction.simpleInstallAction(SimpleControllerContextAction.java:62)
at org.jboss.dependency.plugins.action.AccessControllerContextAction.install(AccessControllerContextAction.java:71)
at org.jboss.dependency.plugins.AbstractControllerContextActions.install(AbstractControllerContextActions.java:51)
at org.jboss.dependency.plugins.AbstractControllerContext.install(AbstractControllerContext.java:348)
at org.jboss.system.microcontainer.ServiceControllerContext.install(ServiceControllerContext.java:271)
at org.jboss.dependency.plugins.AbstractController.install(AbstractController.java:1392)
at org.jboss.dependency.plugins.AbstractController.incrementState(AbstractController.java:784)
at org.jboss.dependency.plugins.AbstractController.resolveContexts(AbstractController.java:912)
at org.jboss.dependency.plugins.AbstractController.resolveContexts(AbstractController.java:834)
at org.jboss.dependency.plugins.AbstractController.change(AbstractController.java:672)
at org.jboss.dependency.plugins.AbstractController.change(AbstractController.java:455)
at org.jboss.system.ServiceController.doChange(ServiceController.java:664)
at org.jboss.system.ServiceController.start(ServiceController.java:436)
at org.jboss.system.deployers.ServiceDeployer.start(ServiceDeployer.java:150)
at org.jboss.system.deployers.ServiceDeployer.deploy(ServiceDeployer.java:108)
at org.jboss.system.deployers.ServiceDeployer.deploy(ServiceDeployer.java:46)
at org.jboss.deployers.spi.deployer.helpers.AbstractSimpleRealDeployer.internalDeploy(AbstractSimpleRealDeployer.java:62)
at org.jboss.deployers.spi.deployer.helpers.AbstractRealDeployer.deploy(AbstractRealDeployer.java:50)
at org.jboss.deployers.plugins.deployers.DeployerWrapper.deploy(DeployerWrapper.java:174)
at org.jboss.deployers.plugins.deployers.DeployersImpl.doInstallParentFirst(DeployersImpl.java:970)
at org.jboss.deployers.plugins.deployers.DeployersImpl.doInstallParentFirst(DeployersImpl.java:991)
at org.jboss.deployers.plugins.deployers.DeployersImpl.install(DeployersImpl.java:911)
at org.jboss.dependency.plugins.AbstractControllerContext.install(AbstractControllerContext.java:348)
at org.jboss.dependency.plugins.AbstractController.install(AbstractController.java:1392)
at org.jboss.dependency.plugins.AbstractController.incrementState(AbstractController.java:784)
at org.jboss.dependency.plugins.AbstractController.resolveContexts(AbstractController.java:912)
at org.jboss.dependency.plugins.AbstractController.resolveContexts(AbstractController.java:834)
at org.jboss.dependency.plugins.AbstractController.change(AbstractController.java:672)
at org.jboss.dependency.plugins.AbstractController.change(AbstractController.java:455)
at org.jboss.deployers.plugins.deployers.DeployersImpl.process(DeployersImpl.java:594)
at org.jboss.deployers.plugins.main.MainDeployerImpl.process(MainDeployerImpl.java:541)
at org.jboss.system.server.profileservice.hotdeploy.HDScanner.scan(HDScanner.java:290)
at org.jboss.system.server.profileservice.hotdeploy.HDScanner.run(HDScanner.java:221)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
at java.util.concurrent.FutureTask$Sync.innerRunAndReset(FutureTask.java:351)
at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:178)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:165)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:267)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
at java.lang.Thread.run(Thread.java:636)
Redployment of individual WARs works.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
14 years, 8 months
[JBoss JIRA] Created: (JBAS-4193) Validation requirement should come from the model factory
by Scott M Stark (JIRA)
Validation requirement should come from the model factory
---------------------------------------------------------
Key: JBAS-4193
URL: http://jira.jboss.com/jira/browse/JBAS-4193
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: Deployment services, XML services
Reporter: Scott M Stark
Assigned To: Scott M Stark
Fix For: JBossAS-5.0.0.Beta2
A regression relative to how we parse application.xml without validation jbossas4.2 and earlier is showing up in placeholder application.xml deployments like:
<!DOCTYPE application PUBLIC
"-//Sun Microsystems, Inc.//DTD J2EE Application 1.3//EN"
"http://java.sun.com/dtd/application_1_3.dtd">
<application>
<display-name>Resource Loading Ear</display-name>
</application>
This fails because this dtd requires at least one module as well:
Caused by: org.jboss.xb.binding.JBossXBException: Failed to parse source: vfsfil
e:/C:/home/svn/JBossHead/jboss-head/testsuite/output/lib/unpacked/loadingresourc
e2.ear/META-INF/application.xml@7,15
at org.jboss.xb.binding.parser.sax.SaxJBossXBParser.parse(SaxJBossXBPars
er.java:173)
at org.jboss.xb.binding.UnmarshallerImpl.unmarshal(UnmarshallerImpl.java
:180)
at org.jboss.deployers.plugins.deployers.helpers.ObjectModelFactoryDeplo
yer.parse(ObjectModelFactoryDeployer.java:83)
... 70 more
Caused by: org.xml.sax.SAXException: The content of element type "application" i
s incomplete, it must match "(icon?,display-name,description?,module+,security-r
ole*)". @ vfsfile:/C:/home/svn/JBossHead/jboss-head/testsuite/output/lib/unpacke
d/loadingresource2.ear/META-INF/application.xml[7,15]
at org.jboss.xb.binding.parser.sax.SaxJBossXBParser$MetaDataErrorHandler
.error(SaxJBossXBParser.java:406)
at org.apache.xerces.util.ErrorHandlerWrapper.error(Unknown Source)
at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
at org.apache.xerces.impl.dtd.XMLDTDValidator.handleEndElement(Unknown S
To allow for similar behavior, we need to allow the ObjectModelFactory used by the deployer to indicate whether validation is needed.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
14 years, 8 months
[JBoss JIRA] Created: (JBAS-5955) Re-package system deployments
by Sacha Labourey (JIRA)
Re-package system deployments
-----------------------------
Key: JBAS-5955
URL: https://jira.jboss.org/jira/browse/JBAS-5955
Project: JBoss Application Server
Issue Type: Feature Request
Security Level: Public (Everyone can see)
Reporter: Sacha Labourey
the current services started in /deploy must be repackaged in a way which makes it easy to remove one service. Examples:
- EJB-service
- WebServices
- JBoss Web
- Transactions
- Embedded Database
- JBoss Messaging
Today, most of these services are mixed together and there is no easy way to get rid of single service even though the underlying infrastructure (MC) enables us doing so.
Also see JBAS-5954
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
14 years, 8 months