[jboss-jira] [JBoss JIRA] (WFLY-5274) [GSS] (6.4.z) EJB IOR contains wrong port (non-SSL port) information when SSL is required
Derek Horton (JIRA)
issues at jboss.org
Thu Sep 3 16:16:01 EDT 2015
Derek Horton created WFLY-5274:
----------------------------------
Summary: [GSS] (6.4.z) EJB IOR contains wrong port (non-SSL port) information when SSL is required
Key: WFLY-5274
URL: https://issues.jboss.org/browse/WFLY-5274
Project: WildFly
Issue Type: Bug
Reporter: Derek Horton
Assignee: Jason Greene
Description of problem:
- Configure JBoss to only allow IIOP connections over SSL
- It is possible to do this, but the configuration is confusing (possibly a bug)
Details of the setup/issue:
- When enabling SSL for jacorb, it normally listens on both the non-ssl port and the ssl port
- Setting server-requires="ServerAuth" causes the server to stop listening on non-ssl port
- However, the IOR tells client to connect to non-ssl port ...even though its not listening on it
String lookup = "corbaname:iiop:" + host + ":" + port +"#" + ejbLookupPath;
// lookup the IIOP EJB
Object iiopObj = ctx.lookup(lookup);
// the call to the EJB will fail due to the port being wrong non-ssl vs ssl
- The workaround is to use the following ior-setting to correct the port settings in the IOR
/subsystem=jacorb/ior-settings=default/setting=transport-config:add(confidentiality=required)
- Shouldn't setting "server-requires=ServerAuth" change the port info in the IOR?
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list