users@glassfish.java.net

SSL call on EJB

From: <glassfish_at_javadesktop.org>
Date: Sun, 15 Aug 2010 07:58:42 PDT

Hi,

I want to access a Remote EJB (running on GF v2) over SSL and therefore have configured the ORB listeners on that server as follows:
- on port 3700 runs the non-SSL ORB listener
- on port 3820 runs the SSL ORB listener (without client authentication)

The EJB is cofigured like this:

[i]<enterprise-beans>
      <ejb>
          <ejb-name>PsiCtrBean</ejb-name>
          <jndi-name>ems.ebs.control.PsiCtrRemote</jndi-name>
          <ior-security-config>
              <transport-config>
                  <integrity>required</integrity>
                  <confidentiality>required</confidentiality>
                  <establish-trust-in-target>supported</establish-trust-in-target>
                  <establish-trust-in-client>supported</establish-trust-in-client>
              </transport-config>
              <sas-context>
                  <caller-propagation>supported</caller-propagation>
              </sas-context>
          </ior-security-config>
      </ejb>
  </enterprise-beans>[/i]

When my Web client (running on a GV v3 instance on the same machine) calls this EJB when integrity and confidentiality is not set, everything works fine. But when I turn integrity and confidentiality to [i]required[/i] then I get the following exception (server log of GV v3 instance):

[i][#|2010-08-15T16:16:53.873+0200|SEVERE|glassfish3.0.1|javax.enterprise.system.std.com.sun.enterprise.v3.services.impl|_ThreadID=28;_ThreadName=Thread-1;|javax.naming.NamingException: Lookup failed for 'java:comp/env/ejb/psiCtrBeanEjb' in SerialContext [Root exception is javax.naming.NamingException: ejb ref resolution error for remote business interfaceems.ebs.control.PsiCtrRemote [Root exception is org.omg.CORBA.OBJECT_NOT_EXIST: vmcid: OMG minor code: 2 completed: No]]
        at com.sun.enterprise.naming.impl.SerialContext.lookup(SerialContext.java:442)
        at javax.naming.InitialContext.lookup(InitialContext.java:392)
        at javax.naming.InitialContext.lookup(InitialContext.java:392)
        at psigui.control.SessionBeanGeneral.getInto(SessionBeanGeneral.java:84)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at com.sun.el.parser.AstValue.invoke(AstValue.java:234)
        at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:297)
        at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:43)
        at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:72)
        at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:98)
        at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:88)
        at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102)
        at javax.faces.component.UICommand.broadcast(UICommand.java:315)
        at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:775)
        at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1267)
        at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:82)
        at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
        at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
        at javax.faces.webapp.FacesServlet.service(FacesServlet.java:312)
        at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1523)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:279)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:188)
        at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:641)
        at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:97)
        at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:85)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:185)
        at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:325)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:226)
        at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:165)
        at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:791)
        at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:693)
        at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:954)
        at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:170)
        at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:135)
        at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:102)
        at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:88)
        at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:76)
        at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:53)
        at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:57)
        at com.sun.grizzly.ContextTask.run(ContextTask.java:69)
        at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:330)
        at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:309)
        at java.lang.Thread.run(Thread.java:619)
Caused by: javax.naming.NamingException: ejb ref resolution error for remote business interfaceems.ebs.control.PsiCtrRemote [Root exception is org.omg.CORBA.OBJECT_NOT_EXIST: vmcid: OMG minor code: 2 completed: No]
        at com.sun.ejb.EJBUtils.lookupRemote30BusinessObject(EJBUtils.java:430)
        at com.sun.ejb.EJBUtils.resolveEjbRefObject(EJBUtils.java:378)
        at com.sun.ejb.EjbNamingReferenceManagerImpl.resolveEjbReference(EjbNamingReferenceManagerImpl.java:186)
        at com.sun.enterprise.container.common.impl.ComponentEnvManagerImpl$EjbReferenceProxy.create(ComponentEnvManagerImpl.java:1040)
        at com.sun.enterprise.naming.impl.GlassfishNamingManagerImpl.lookup(GlassfishNamingManagerImpl.java:688)
        at com.sun.enterprise.naming.impl.GlassfishNamingManagerImpl.lookup(GlassfishNamingManagerImpl.java:657)
        at com.sun.enterprise.naming.impl.JavaURLContext.lookup(JavaURLContext.java:148)
        at com.sun.enterprise.naming.impl.SerialContext.lookup(SerialContext.java:428)
        ... 45 more
Caused by: org.omg.CORBA.OBJECT_NOT_EXIST: vmcid: OMG minor code: 2 completed: No
        at com.sun.corba.ee.impl.logging.OMGSystemException.noObjectAdaptor(OMGSystemException.java:3457)
        at com.sun.corba.ee.impl.logging.OMGSystemException.noObjectAdaptor(OMGSystemException.java:3475)
        at com.sun.corba.ee.impl.oa.poa.POAFactory.find(POAFactory.java:222)
        at com.sun.corba.ee.impl.protocol.ServantCacheLocalCRDBase.updateCachedInfo(ServantCacheLocalCRDBase.java:109)
        at com.sun.corba.ee.impl.protocol.ServantCacheLocalCRDBase.getCachedInfo(ServantCacheLocalCRDBase.java:90)
        at com.sun.corba.ee.impl.protocol.FullServantCacheLocalCRDImpl.internalPreinvoke(FullServantCacheLocalCRDImpl.java:72)
        at com.sun.corba.ee.impl.protocol.LocalClientRequestDispatcherBase.servant_preinvoke(LocalClientRequestDispatcherBase.java:218)
        at com.sun.corba.ee.impl.protocol.CorbaClientDelegateImpl.servant_preinvoke(CorbaClientDelegateImpl.java:543)
        at com.sun.corba.ee.impl.presentation.rmi.StubInvocationHandlerImpl.privateInvoke(StubInvocationHandlerImpl.java:205)
        at com.sun.corba.ee.impl.presentation.rmi.StubInvocationHandlerImpl.invoke(StubInvocationHandlerImpl.java:147)
        at com.sun.corba.ee.impl.presentation.rmi.codegen.CodegenStubBase.invoke(CodegenStubBase.java:225)
        at com.sun.ejb.codegen._GenericEJBHome_Generated_DynamicStub.create(com/sun/ejb/codegen/_GenericEJBHome_Generated_DynamicStub.java)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at com.sun.ejb.EJBUtils.lookupRemote30BusinessObject(EJBUtils.java:418)
        ... 52 more
Caused by: org.omg.PortableServer.POAPackage.AdapterNonExistent: IDL:omg.org/PortableServer/POA/AdapterNonExistent:1.0
        at com.sun.corba.ee.impl.oa.poa.POAImpl.find_POA(POAImpl.java:997)
        at com.sun.corba.ee.impl.oa.poa.POAFactory.find(POAFactory.java:218)
        ... 66 more
|#][/i]


I did not change the web client's ejb-ref compared to the call to the non-secured EJB variant, so the ejb-ref is:

[i]<ejb-ref>
        <ejb-ref-name>ejb/psiCtrBeanEjb</ejb-ref-name>
        <jndi-name>corbaname:iiop:localhost:3700#ems.ebs.control.PsiCtrRemote</jndi-name>
    </ejb-ref>[/i]


I also put that the public key of GV v2 instance into the truststore of the v3 instance and vice versa.

Can anyone help on this issue? I have aleady read a lot of relating forum postings, but all of them deal with application/standalone clients and not web clients and none of them had the above mentioned exception (e. g. http://forums.java.net/jive/message.jspa?messageID=389750).

Thanks,
Martin
[Message sent by forum member 'martyj']

http://forums.java.net/jive/thread.jspa?messageID=480235
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.