petals-bc-ejb and rmi security

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

petals-bc-ejb and rmi security

rnaudin-3
Hello

We try to implement the ejb component for invoke an ejb on oc4j container.
Either, how Petals propagate some credential to an external rmi server ?
Because, our <a href="ormi://" target="_blank">ormi:// doesnt' accept anonymous connections.

Thank's for all




-------------------- m2f --------------------

Read this forum topic online here:
http://petals.ebmwebsourcing.com/forum/viewtopic.php?p=248#248

-------------------- m2f --------------------

_______________________________________________
Users mailing list
[hidden email]
http://forum-list.petalslink.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: petals-bc-ejb and rmi security

rnaudin-3
with the anonymous acces activated, nevertheless, we have this response :
Code:
Error : can't install service assembly : org.ow2.petals.jmx.exception.PerformActionErrorException: java.lang.Exception: The deployment of the Service Assembly 'http://50.40.2.114:7878/upload/1224489284666/sa-testejb.zip' failed. Caused by:Error occured during the deployment of a Service Unit Caused by:The ServiceUnit listener failed to process. Caused by:Error creating a connection pool for SU: /C:/encours/SOA_BPEL/petals-quickstart-2.2/repository/service-assemblies/sa-ejb-10-20-2008-095444822/install/su-ejb/ Caused by:Can't retrieve ejb for name :AbsencesSessionEJB Caused by:oracle.oc4j.security.ExchangingEncryptor.getEncryptedValue(ExchangingEncryptor.java:161) com.evermind.server.rmi.RMIProtocol$SecureCredentials.send(RMIProtocol.java:246) com.evermind.server.rmi.RMIProtocol.sendCredentials(RMIProtocol.java:95) oracle.oc4j.rmi.ClientRmiTransport.connectToServer(ClientRmiTransport.java:91) oracle.oc4j.rmi.ClientSocketRmiTransport.connectToServer(ClientSocketRmiTransport.java:68) com.evermind.server.rmi.RMIClientConnection.connect(RMIClientConnection.java:646) com.evermind.server.rmi.RMIClientConnection.sendLookupRequest(RMIClientConnection.java:190) com.evermind.server.rmi.RMIClientConnection.lookup(RMIClientConnection.java:174) com.evermind.server.rmi.RMIClient.lookup(RMIClient.java:287) com.evermind.server.rmi.RMIClientContext.lookup(RMIClientContext.java:51) org.ow2.petals.bc.ejb.EjbBC.retrieveObject(EjbBC.java:143) org.ow2.petals.bc.ejb.su.EjbServiceUnitListener.registerEjb(EjbServiceUnitListener.java:116) org.ow2.petals.bc.ejb.su.EjbServiceUnitListener.onSUDeployed(EjbServiceUnitListener.java:66) org.ow2.petals.component.framework.su.ServiceUnitManager.deploy(ServiceUnitManager.java:163) org.ow2.petals.jbi.management.task.deployment.deploy.DeploySUToComponentTask.deploySUtoComponent(DeploySUToComponentTask.java:139) org.ow2.petals.jbi.management.task.deployment.deploy.DeploySUToComponentTask.execute(DeploySUToComponentTask.java:80) org.ow2.petals.processor.TaskProcessor.process(TaskProcessor.java:80) org.ow2.petals.jbi.management.task.deployment.deploy.DeployAllSUTask.deploySU(DeployAllSUTask.java:189) org.ow2.petals.jbi.management.task.deployment.deploy.DeployAllSUTask.deploySUS(DeployAllSUTask.java:131) org.ow2.petals.jbi.management.task.deployment.deploy.DeployAllSUTask.execute(DeployAllSUTask.java:97) org.ow2.petals.processor.TaskProcessor.process(TaskProcessor.java:80) org.ow2.petals.jbi.management.deployment.DeploymentServiceImpl.deploy(DeploymentServiceImpl.java:406) org.objectweb.fractal.julia.generated.C2dea9382_0.deploy(INTERCEPTOR[DeploymentServiceMBean]) org.objectweb.fractal.julia.generated.C7566203_0.deploy(INTERFACE[DeploymentServiceMBean]) sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) java.lang.reflect.Method.invoke(Unknown Source) sun.reflect.misc.Trampoline.invoke(Unknown Source) sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) java.lang.reflect.Method.invoke(Unknown Source) sun.reflect.misc.MethodUtil.invoke(Unknown Source) javax.management.modelmbean.RequiredModelMBean.invokeMethod(Unknown Source) javax.management.modelmbean.RequiredModelMBean.invoke(Unknown Source) mx4j.server.interceptor.InvokerMBeanServerInterceptor.invoke(InvokerMBeanServerInterceptor.java:221) mx4j.server.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:120) mx4j.server.interceptor.SecurityMBeanServerInterceptor.invoke(SecurityMBeanServerInterceptor.java:84) mx4j.server.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:120) mx4j.server.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:120) mx4j.server.interceptor.ContextClassLoaderMBeanServerInterceptor.invoke(ContextClassLoaderMBeanServerInterceptor.java:203) mx4j.server.MX4JMBeanServer.invoke(MX4JMBeanServer.java:1043) com.sun.jmx.remote.security.MBeanServerAccessController.invoke(Unknown Source) javax.management.remote.rmi.RMIConnectionImpl.doOperation(Unknown Source) javax.management.remote.rmi.RMIConnectionImpl.access$200(Unknown Source) javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(Unknown Source) java.security.AccessController.doPrivileged(Native Method) javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(Unknown Source) javax.management.remote.rmi.RMIConnectionImpl.invoke(Unknown Source) sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) java.lang.reflect.Method.invoke(Unknown Source) sun.rmi.server.UnicastServerRef.dispatch(Unknown Source) sun.rmi.transport.Transport$1.run(Unknown Source) java.security.AccessController.doPrivileged(Native Method) sun.rmi.transport.Transport.serviceCall(Unknown Source) sun.rmi.transport.tcp.TCPTransport.handleMessages(Unknown Source) sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(Unknown Source) sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(Unknown Source) java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source) java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) java.lang.Thread.run(Unknown Source) caused by: Illegal key size or default parameters Caused by:Illegal key size or default parameters


thank




-------------------- m2f --------------------

Read this forum topic online here:
http://petals.ebmwebsourcing.com/forum/viewtopic.php?p=249#249

-------------------- m2f --------------------

_______________________________________________
Users mailing list
[hidden email]
http://forum-list.petalslink.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: petals-bc-ejb and rmi security

rnaudin-3
In reply to this post by rnaudin-3
Hi Antony,

The bc-ejb has been tested with JBoss and Jonas with EJB2 and EJB3.

We are updating it these weeks, and we expect to provide a new version of the component by two weeks working on the last PEtALS CDK.

Could you tell us what version of JEE container you use and what version of EJB you use so that we can test the EJB component against a similar context?

Regards,
Gaël




-------------------- m2f --------------------

Read this forum topic online here:
http://petals.ebmwebsourcing.com/forum/viewtopic.php?p=255#255

-------------------- m2f --------------------

_______________________________________________
Users mailing list
[hidden email]
http://forum-list.petalslink.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: petals-bc-ejb and rmi security

rnaudin-3
In reply to this post by rnaudin-3
Hi Gael

Thank's

But the problem is OC4J rmi call require Principal and Credentials. How can'I specify these ?
Have'I to implement in the code of EjbBC.java ?

Regards,

Antony




-------------------- m2f --------------------

Read this forum topic online here:
http://petals.ebmwebsourcing.com/forum/viewtopic.php?p=266#266

-------------------- m2f --------------------

_______________________________________________
Users mailing list
[hidden email]
http://forum-list.petalslink.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: petals-bc-ejb and rmi security on OC4J container

rnaudin-3
In reply to this post by rnaudin-3
Hello, it's me again !

Our OC4J container require definitively both principals and credentials. I succeeded invoke JNDI by implement in EjbBC.java

Code:
    public Context createInitialContext(Extensions extensions) throws EjbBCException {
        Properties environment = new Properties();
        environment.put(InitialContext.PROVIDER_URL, extensions.getValue(Context.PROVIDER_URL));
        environment.put(InitialContext.INITIAL_CONTEXT_FACTORY, extensions
                .getValue(InitialContext.INITIAL_CONTEXT_FACTORY));
        environment.put(InitialContext.SECURITY_PRINCIPAL, "oc4jadmin");
        environment.put(InitialContext.SECURITY_CREDENTIALS, "welcome");
        return createJNDIContext(environment);
    }


But, how can'I set the jaas.conf to use only a users.properties file (sample, just a users.porperties file winthin in oc4jadmin=welcome ...) ?

My jaas.conf is :

Code:
oc4j{
// loginModule utilisé par le client ejb
org.ow2.petals.bc.ejb.security.WSSUserPasswordLoginModule required
org.ow2.petals.users="user-passwords.properties";

//login module pour propager la sécurité sur le context oc4j
oracle.security.jazn.login.module.RealmLoginModule required globalCtx="true";
}


and, naturally, I set
Code:
 
oc4j
in the jbi.xml

Thank's for all.
And think about Jboss and Jonas aren't alone Applications Servers Very Happy

Regards




-------------------- m2f --------------------

Read this forum topic online here:
http://petals.ebmwebsourcing.com/forum/viewtopic.php?p=268#268

-------------------- m2f --------------------

_______________________________________________
Users mailing list
[hidden email]
http://forum-list.petalslink.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: petals-bc-ejb and rmi security on OC4J container

rnaudin-3
In reply to this post by rnaudin-3
Hi,

The EJB BC has never been released in a final version so we know that we have to work on it and that features are missing.
Hopefully, all this stuff is open source and contributors are welcome! You can checkout the sources, create a patch to add your features and send it to the developers.
So do not hesitate.




-------------------- m2f --------------------

Read this forum topic online here:
http://petals.ebmwebsourcing.com/forum/viewtopic.php?p=269#269

-------------------- m2f --------------------

_______________________________________________
Users mailing list
[hidden email]
http://forum-list.petalslink.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: petals-bc-ejb and rmi security on OC4J container

rnaudin-3
In reply to this post by rnaudin-3
Hi,

I'm currently updating the bc-ejb component. In order to test it with OC4J I need to package properly the OC4J Client in a jar file. Did you have such file ?




-------------------- m2f --------------------

Read this forum topic online here:
http://petals.ebmwebsourcing.com/forum/viewtopic.php?p=287#287

-------------------- m2f --------------------

_______________________________________________
Users mailing list
[hidden email]
http://forum-list.petalslink.org/cgi-bin/mailman/listinfo/users