Posting the complete setup here again:
Suppose our IP on the server is 10.10.10.10
We're using JBoss 5.1.0.GA
Our EJB is defined as:
| @RemoteBinding(clientBindUrl="sslsocket://0.0.0.0:3843",
jndiBinding="SystemEJB")
| public class SystemEJB implements SystemEJBRemote {
|
The jboss.xml file which is placed into our myapp.ear file under META-INF/jboss.xml
together with
the application.xml and jboss-app.xml. It looks like this:
| <?xml version="1.0" encoding="UTF-8"?>
| <jboss
xmlns="http://www.jboss.com/xml/ns/javaee"
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee
http://www.jboss.org/j2ee/schema/jboss_5_0.xsd"
| version="3.0">
| <enterprise-beans>
| <session>
| <ejb-name>SystemEJB</ejb-name>
| <remote-binding>
| <jndi-name>SystemEJB</jndi-name>
| <client-bind-url>sslsocket://10.10.10.10</client-bind-url>
| </remote-binding>
| </session>
| </enterprise-beans>
| </jboss>
|
We have a ssl-service.xml file which we during deploy copies to the /deploy dir of the
jboss server and
it looks like this:
| <?xml version="1.0" encoding="UTF-8"?>
| <server>
|
| <!-- ====================================================================
-->
| <!-- For SSL with EJB3
-->
| <!-- ====================================================================
-->
|
| <!-- The server socket factory mbean to be used as attribute to socket invoker
-->
| <!-- which uses the JaasSecurityDomain -->
| <mbean
code="org.jboss.remoting.security.domain.DomainServerSocketFactoryService"
|
name="jboss.remoting:service=ServerSocketFactory,type=SecurityDomainAdvanced"
| display-name="SecurityDomain Server Socket Factory">
| <attribute
name="SecurityDomain">java:/jaas/SSLAdvanced</attribute>
|
<depends>jboss.security:service=JaasSecurityDomain,domain=SSLAdvanced</depends>
| <depends>JBossSecurityJNDIContextEstablishment</depends>
| </mbean>
|
| <mbean code="org.jboss.security.plugins.JaasSecurityDomain"
|
name="jboss.security:service=JaasSecurityDomain,domain=SSLAdvanced">
| <!-- This must correlate with the java:/jaas/SSL above -->
| <constructor>
| <arg type="java.lang.String" value="SSLAdvanced"/>
| </constructor>
| <!-- The location of the keystore
| resource: loads from the classloaders conf/ is the first classloader -->
| <attribute name="KeyStoreURL">ourapp.keystore</attribute>
| <attribute name="KeyStorePass">ourpassword</attribute>
| </mbean>
|
| <!-- The Connector is the core component of the remoting server service. -->
| <!-- It binds the remoting invoker (transport protocol, callback configuration,
-->
| <!-- data marshalling, etc.) with the invocation handlers. -->
| <mbean code="org.jboss.remoting.transport.Connector"
|
|
name="jboss.remoting:type=Connector,transport=socket3843,handler=ejb3">
| display-name="Socket transport Connector">
|
| <attribute name="Configuration">
| <config>
| <invoker transport="sslsocket">
| <attribute name="dataType"
isParam="true">invocation</attribute>
| <attribute name="marshaller"
isParam="true">org.jboss.invocation.unified.marshall.InvocationMarshaller</attribute>
| <attribute name="unmarshaller"
isParam="true">org.jboss.invocation.unified.marshall.InvocationUnMarshaller</attribute>
| <!-- The following is for setting the server socket factory. If
want ssl support -->
| <!-- use a server socket factory that supports ssl. The only
requirement is that -->
| <!-- the server socket factory value must be an ObjectName, meaning
the -->
| <!-- server socket factory implementation must be a MBean and also
-->
| <!-- MUST implement the
org.jboss.remoting.security.ServerSocketFactoryMBean interface. -->
| <attribute
name="serverSocketFactory">jboss.remoting:service=ServerSocketFactory,type=SecurityDomainAdvanced</attribute>
| <!-- <attribute
name="serverBindAddress">${jboss.bind.address}</attribute> -->
| <attribute
name="serverBindAddress">10.10.10.10</attribute>
| <attribute
name="serverBindPort">3843</attribute>
| </invoker>
| <handlers>
| <handler
subsystem="AOP">org.jboss.aspects.remoting.AOPRemotingInvocationHandler</handler>
| </handlers>
| </config>
| </attribute>
|
<depends>jboss.remoting:service=ServerSocketFactory,type=SecurityDomainAdvanced</depends>
|
| </mbean>
|
| </server>
|
When starting up jboss we provide the following arguments to the run.bat:
| -Djboss.bind.address=10.10.10.10 -Djava.rmi.server.hostname=10.10.10.10
|
When trying to run the client we get the following error:
| javax.naming.NamingException: Could not dereference object [Root exception is
org.jboss.remoting.CannotConnectException: Can not get connection to server. Problem
establishing socket connection for InvokerLocator [sslsocket://0.0.0.0:3843/]]
|
So it seems the clientBindUrl in the bean is not overriden by our jboss.xml file... anyone
have any idea how we should approach this now? It is frutstrating that there is no
functional documentation or working examples to actually get SSL working in server and a
REMOTELY connecting client...
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4253504#...
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...