[jboss-user] [JBossWS] - remote authentication=>no route to host found

timeagentess do-not-reply at jboss.com
Fri Jul 4 11:06:36 EDT 2008

Hello all,

I am testing authenticated access to a web service, with a security domain of my own and username/password taken from a mySQL database. I am using JBoss 4.0.5 and JBossWS 2.0.3, and on my localhost I have the mySQL database from where the username and password are taken, as well as the client.

Everything works perfectly when I have all things deployed locally (web service, database, client). However, I run into problems when invoking the web service deployed on a remote machine. 

On the remote server console a "no route to host" error appears:
anonymous wrote : 
  | Caused by: com.mysql.jdbc.CommunicationsException: Communications link failure due to underlying exception: 
  | java.net.SocketException
  | MESSAGE: java.net.NoRouteToHostException: No route to host
  | java.net.SocketException: java.net.NoRouteToHostException: No route to host
  | 	at com.mysql.jdbc.StandardSocketFactory.connect(StandardSocketFactory.java:156)
  | 	at com.mysql.jdbc.MysqlIO.(MysqlIO.java:284)

On the client side I receive an "Unauthorized" error:
anonymous wrote : 3875 [main] DEBUG org.jboss.remoting.transport.http.HTTPClientInvoker  - Error invoking http client invoker.
  | org.jboss.ws.WSException: Invalid HTTP server response [401] - Unauthorized
  | 	at org.jboss.ws.core.soap.SOAPMessageUnMarshaller.read(SOAPMessageUnMarshaller.java:77)
  | 	at org.jboss.remoting.transport.http.HTTPClientInvoker.useHttpURLConnection(HTTPClientInvoker.java:175)
  | 	...
  | 	javax.xml.ws.WebServiceException: java.io.IOException: Could not transmit message

Using the default "JBossWS" security domain, with username "kermit" and password "thefrog" taken from users.properties, works with both local and remote deployment of my web service. So I was thinking maybe the data source is not found?

However, the database seems to be correctly bound, judging by the server log data:
anonymous wrote : INFO  [org.jboss.resource.adapter.jdbc.remote.WrapperDataSourceService] Bound ConnectionManager 'jboss.jca:service=DataSourceBinding,name=jdbc/WSTwoDS' to JNDI name 'java:jdbc/WSTwoDS'  

Perhaps my client needs special jndi.properties settings? (pure brainstorming, potentially stupid, based on some forum posts I browsed)

How my files look like: 

Security-relevant annotations on Web Service (which is deployed as SLSB in an ear):
@org.jboss.wsf.spi.annotation.WebContext(contextRoot = "/webservices-ws", urlPattern="/services/WSTwo/*", authMethod="BASIC", transportGuarantee="NONE", secureWSDLAccess=false)
  | @SecurityDomain("wstwo")
  | @RolesAllowed("friend")

In server/default/conf/login-config.xml on the remote machine I have added the "wstwo" application policy thus:
<application-policy name="wstwo">   
  | <authentication> 
  |         <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" 
  |                          flag="required"> 
  |             <module-option name="dsJndiName">java:/jdbc/WSTwoDS</module-option> 
  |             <module-option name="principalsQuery">   
  |                 select pass from USERS where login=? 
  |             </module-option> 
  |             <module-option name="rolesQuery"> 
  |                 select role,'Roles' from USER_ROLES where login=? 
  |             </module-option> 
  |         </login-module> 
  |     </authentication> 
  | </application-policy> 

And the data source for the web service is defined in the server/default/deploy/*-ds.xml file like this:
  |     <jndi-name>jdbc/WSTwoDS</jndi-name>
  |     <connection-url>jdbc:mysql://IP_OF_MY_LOCALHOST:3306/security</connection-url>
  | 	...
  |   </local-tx-datasource>

And of course the tables as described in the application policy are defined on my local machine.

In the client I pass the username and password:
((BindingProvider)wstwo).getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "user");
  | ((BindingProvider)wstwo).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "pass");

Does anyone have any idea about where I'm doing something wrong? Thank you!

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4162598#4162598

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4162598

More information about the jboss-user mailing list