[jboss-jira] [JBoss JIRA] (WFLY-5274) EJB IOR contains wrong port (non-SSL port) information when SSL is required
RH Bugzilla Integration (JIRA)
issues at jboss.org
Thu Feb 16 12:05:00 EST 2017
[ https://issues.jboss.org/browse/WFLY-5274?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13364936#comment-13364936 ]
RH Bugzilla Integration commented on WFLY-5274:
-----------------------------------------------
Vladimir Dosoudil <dosoudil at redhat.com> changed the Status of [bug 1259902|https://bugzilla.redhat.com/show_bug.cgi?id=1259902] from MODIFIED to ON_QA
> EJB IOR contains wrong port (non-SSL port) information when SSL is required
> ---------------------------------------------------------------------------
>
> Key: WFLY-5274
> URL: https://issues.jboss.org/browse/WFLY-5274
> Project: WildFly
> Issue Type: Bug
> Components: IIOP
> Reporter: Derek Horton
> Assignee: Tomasz Adamski
>
> Description of problem:
> - Configure JBoss to only allow IIOP connections over SSL
> - It is possible to do this, but the configuration is confusing (possibly a bug)
> Details of the setup/issue:
> - When enabling SSL for jacorb, it normally listens on both the non-ssl port and the ssl port
> - Setting server-requires="ServerAuth" causes the server to stop listening on non-ssl port
> - However, the IOR tells client to connect to non-ssl port ...even though its not listening on it
> String lookup = "corbaname:iiop:" + host + ":" + port +"#" + ejbLookupPath;
> // lookup the IIOP EJB
> Object iiopObj = ctx.lookup(lookup);
> // the call to the EJB will fail due to the port being wrong non-ssl vs ssl
> - The workaround is to use the following ior-setting to correct the port settings in the IOR
> /subsystem=jacorb/ior-settings=default/setting=transport-config:add(confidentiality=required)
> - Shouldn't setting "server-requires=ServerAuth" change the port info in the IOR?
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list