All, as this has been a frequent complaint recently and I have done this
successfully with version 2.1.1 in the past, let's see whether I can be of
some help (or whether there indeed is a new bug in 3.x somewhere)... Please
note that I am a field guy and currently don't have access to an installation
behind a firewall and/or NATing device right now, so I cannot check whether
it still works as it should in recent releases, but to the best of my
knowledge, the following approach worked fine since some SJS AS 8.2 patch
level and is supposed to still work in GF v3.x: Here is the public doc link
about that:
http://docs.oracle.com/cd/E26576_01/doc.312/e24930/java-clients.htm#ghbpc But
please note that there is one pitfall about that: By setting the JVM-wide
system properties -Dcom.sun.corba.ee.ORBVAAHost=/public-IP-adress/
-Dcom.sun.corba.ee.ORBVAAPort=/public-port/
-Dcom.sun.corba.ee.ORBUserConfigurators.com.sun.corba.ee.impl.plugin.hwlb.VirtualAddressAgentImpl=dummy
as shown in the doc link, *all* client-side RMI/IIOP connections must go
through the NATing device (which means that the instance you are using does
no longer support non-NATed clients from the LAN): The problem is that there
is an outbound ORB connection pool. You can see that the IIOP connections are
reused and cache by setting specific ORB debug flags, such as the JVM option
-Dcom.sun.corba.ee.ORBDebug=transport,subcontract In order to only affect the
ORB instance dealing with a particular client that wishes to connect from
outside a firewall/behind a NATing device, you need to to the following when
creating the InitialContext: Properties env = new Properties();
env.put("java.naming.factory.initial","com.sun.enterprise.naming.SerialInitContextFactory");
env.put("java.naming.factory.url.pkgs","com.sun.enterprise.naming");
env.put("java.naming.factory.state","com.sun.corba.ee.impl.presentation.rmi.JNDIStateFactoryImpl");
env.put("org.omg.CORBA.ORBInitialHost","/public IP address of GF behind
NATting device/")); env.put("org.omg.CORBA.ORBInitialPort","/public port of
GF behind NATting device/")); env.put("com.sun.corba.ee.ORBVAAHost","/public
IP address of GF behind NATting device/"));
env.put("com.sun.corba.ee.ORBVAAPort","/public port of GF behind NATting
device/"));
env.put("com.sun.corba.ee.ORBUserConfigurators.com.sun.corba.ee.impl.plugin.hwlb.VirtualAddressAgentImpl","dummy");
The following property is optional and additionally switches off connection
caching, such as e.g. is needed when your NATing device is a hardware
loadbalancer or your firewall cuts off idle connections without sending a
TCP/IP RST packet to inform the client the connection has been terminated:
env.put("com.sun.corba.ee.ORBUserConfigurators.com.sun.corba.ee.impl.plugin.hwlb.NoConnectionCacheImpl","dummy");
Each remote ORB call requires that a TCP/IP connection is created and
destroyed when the NoConnectionCacheImpl option is used. By using it via the
custom InitialContext properties approach, the impact of the
NoConnectionCache option is limited to a specific InitialContext/ORB that is
being used to invoke the remote EJB that is protected by the firewall. Then
do the context creation and lookup based on the custom context properties:
InitialContext ic = new InitialContext(env); Object objref =
ic.lookup("java:comp/env/ejb/SomeRemoteEJB"); Those of you who have access to
MyOracleSupport should additionally check Doc ID 1276760.1. If it still will
not work for you after following the above advice, then unfortunately I am at
my wits' end and can only suggest to buy a license/support contract and raise
a SR about it, as AFAIK, this is supposed to work. Hope this helps & best
regards, Andreas -- Andreas Loew | Senior Java Architect ACS Principal
Service Delivery Engineer ORACLE Germany
--
[Message sent by forum member 'al130959']
View Post: http://forums.java.net/node/891564