My understanding, but I didn't design GF's CORBA implementation, is that
the naming server runs on the IIOP port (3700), so any JNDI lookup/DI
goes to this port first.
The logic listening to this port then sends a reply back with an IOR
with the host/port where to send your requests for the Bean instance
over SSL.
I don't think it's a simple retry as the IOR was sent back the first
time, so I don't think it can work without the non-SSL port.
Hopefully one of the GF CORBA developers will chime in to confirm?
On 2/03/2010 19:51, glassfish_at_javadesktop.org wrote:
> I just got my standalone EJB client to work over SSL.
> My setup is described below.
>
> The SSL traffic is on port 3820.
> if I use tcpdump (I'm on linux) to monitor the traffic coming to/from 3700 (non SSL port) I see that [b]each [/b]time I do a ctx.lookup() there is activity on this port.
> My guess (please correct me) is that an initial attempt is made on non-SSL, but the<ior-security-config> config causes this attempt to fail, then somehow, the server tells the client (guessing this) to retry using SSL on port 3820.
> I'd really appreciate any explanation of what is really happening here.
>
> Anyway, it works. ***But***, I really would like it to work on SLL from the get-go.
> I want to avoid all non-SSL traffic - perhaps disable port 3700.
> Is this possible?
>
> [ Setting props.setProperty("org.omg.CORBA.ORBInitialPort", "3820"); Did not work.]
>
> Thanks for any advice.
>
> ============================================
>
> The client:
> =============================================
> Properties props = new Properties();
> props.setProperty("java.naming.factory.initial", "com.sun.enterprise.naming.SerialInitContextFactory");
> props.setProperty("java.naming.factory.url.pkgs", "com.sun.enterprise.naming");
> props.setProperty("java.naming.factory.state",
> "com.sun.corba.ee.impl.presentation.rmi.JNDIStateFactoryImpl");
> props.setProperty("org.omg.CORBA.connection.ORBSocketFactory",
> "com.sun.enterprise.iiop.IIOPSSLSocketFactory");
>
> System.setProperty("javax.net.ssl.trustStore", "myTrustStore") ;
> //System.setProperty("javax.net.debug", "all");
>
> Context ctx = new InitialContext(props);
> ColourManagerBeanRemote cm = (ColourManagerBeanRemote)ctx.lookup("MyTestBean");
> =============================================
> The sun-ejb-jar.xml on the server:
> =============================================
> <ejb>
> <ejb-name>MyFirstTestBean</ejb-name>
> <jndi-name>
> MyTestBean
> </jndi-name>
> <ior-security-config>
> <transport-config>
> <integrity>required</integrity>
> <confidentiality>required</confidentiality>
> </transport-config>
> </ior-security-config>
> =============================================[u][/u]
> [Message sent by forum member 'ajvok' (ajvok1_at_gmail.com)]
>
> http://forums.java.net/jive/thread.jspa?messageID=389577