Hello,
I have 2 Glassfish servers version 3.1: a FRONT server and a BACK server.
The FRONT server is in a DMZ.
The BACK server is in on a private lan, not accessible directly from the DMZ,
but through a firewall that does a NAT on the IP of the BACK server.
-> IP-PU-B = Public IP address of the BACK
-> IP-PR-B = Private IP address of the BACK
Thus, the FRONT server only knows the public IP of the BACK server (the
"NATed" IP). The Glassfish on the BACK server knows only its own "private" IP
address, not its NATed address (it is only valid for machines on the DMZ).
Here is my client code:
try {
InitialContext context = new InitialContext();
System.out.println("Context initialized!");
HelloService service = (HelloService) context.lookup("HelloEJB");
System.out.println("Service retrieved!");
String name = service.countryCount();
System.out.println("Hello " + name);
} catch (Exception e) {
e.printStackTrace();
}
And here is my jndi.properties content in my client app:
java.naming.factory.initial =
com.sun.enterprise.naming.SerialInitContextFactory
java.naming.factory.url.pkgs = com.sun.enterprise.naming
java.naming.factory.state =
com.sun.corba.ee.impl.presentation.rmi.JNDIStateFactoryImpl
org.omg.CORBA.ORBInitialHost = IP-PU-B
org.omg.CORBA.ORBInitialPort = 3700
This code doesn't work if I launch my application from the DMZ trying to
access the EJB remote via the IP address IP-PU-B.
This code works if I launch the application from "inside the network" trying
to access the EJB remote via the IP address IP-PR-B.
The problem is due to the IIOP protocol as implemented on the Glassfish
server. It does a first call on the ORB to locate the EJB (which is deployed
on the same server as the ORB). Thus, the ORB sends the private IP to the
client, instead of the public IP (which it has no way of knowing, as it is
determined by the firewall)... The client then tries to connect on the
private IP, which does not go though the firewall.
We have already tried the following solutions:
- Connecting to a Remote EJB Module Through a Firewall
Link:
http://download.oracle.com/docs/cd/E19226-01/820-7695/6niugesud/index.html
We have put the IP-PR-B as value for the variable
"com.sun.corba.ee.ORBVAAHost".
In that case, the problem between the FRONT and the BACK still exists, and
moreover there is also a problem when I try to access the EJB remote from the
Java application run on the BACK to the EJB remote on the BACK.
- Replace Network address of the orb-listener-1, no better result.
- Use of variable "java.rmi.server.hostname", no better result.
Is there a specific way to configure Glassfish behind a NAT to make it send
the public IP instead of the private one?
Thanks in advance for your help!
--
[Message sent by forum member 'bgbw']
View Post: http://forums.java.net/node/828571