I am using remote connection in java applet using the following code.
Hashtable jndiProps = new Hashtable<Object,Object>();
jndiProps.put(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.naming.remote.client.InitialContextFactory");
jndiProps.put(Context.PROVIDER_URL, "http-remoting://" + myhost + ":" + "8080");
jndiProps.put("jboss.naming.client.ejb.context", true);
jndiProps.put("org.jboss.ejb.client.scoped.context", true);;
//jndiProps.put(Context.URL_PKG_PREFIXES,"org.jboss.ejb.client.naming");
jndiProps.put("endpoint.name", "client-endpoint");
jndiProps.put("remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", false);
jndiProps.put("remote.connections", "default");
jndiProps.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS", false);
jndiProps.put("remote.connection.default.host", myhost);
jndiProps.put("remote.connection.default.port", "8080");
jndiProps.put(Context.SECURITY_PRINCIPAL, "demouser");
jndiProps.put(Context.SECURITY_CREDENTIALS, "demouser123");
InitialContext ctx = null;
try {
ctx = new InitialContext(jndiProps);
} catch(NamingException nex) {
nex.printStackTrace();
} catch(Exception ex) {
ex.printStackTrace();
}
RemoteInterface remote = (RemoteInterface)ctx.lookup(ejbUrl);
Here the SECURITY_PRINCIPAL is created using the add-user.sh script. The the applet loads, everything works well. But after sometime in java console , a message appears saying
Jul 13, 2016 3:04:21 PM org.jboss.ejb.client.remoting.ChannelAssociation$ResponseReceiver handleEnd
INFO: EJBCLIENT000016: Channel Channel ID 98a848d6 (outbound) of Remoting connection 22d8b2a8 to cms8sf.cdotd.ernet.in/192.168.5.240:8080 can no longer process messages.
And after that , whenever I try to access any method of remote bean Exception in thrown.
java.lang.IllegalStateException: EJBCLIENT000025: No EJB receiver available for handling [appName:app, moduleName:app-ejb, distinctName:] combination for invocation context org.jboss.ejb.client.EJBClientInvocationContext#490f0e4e
at org.jboss.ejb.client.EJBClientContext.requireEJBReceiver(EJBClientContext.java:774)
I am quite unsure why this is happening. Can someone please help me. Thank in advance.
I am using java 1.8 and wildfly 9.0.2.
Perhaps, this option will help you
remote.connection.default.connect.options.org.jboss.remoting3.RemotingOptions.HEARTBEAT_INTERVAL=5000
it's some kind of a ping
Related
I have a client app that runs as a servlet on Apache Tomcat connecting to either a WildFly 10.1 or a WebLogic 12c application server. The application was recently ported from JBoss 6.1 and WebLogic 11g to work on these newer application servers. The application is working as expected when using WildFly 10.1, but I keep getting 'User has insufficient permissions to access EJB' when it tries to communicate with the main application running on WebLogic 12c.
I did come across an Oracle reference regarding JNDI Contexts and Threads, saying that users are associated with threads, and another reference that mentioned there was a change in behaviour in WebLogic 9.0 removing
support for a VM-wide default user, and that you must be in the same thread (or a child thread) in order for the authentication to work.
I was able to write a simple test client that confirms this behaviour. If I instantiate my InitialContext in one thread, but then try to use it in another thread, I get the 'User ' error. If I try again, but this time instantiating the InitialContext in the main application, I am able to successfully communicated with the application server through the main application, as well as any other threads that I create.
Here is the sample test client that replicates the error:
import java.text.SimpleDateFormat;
import java.util.Properties;
import javax.ejb.FinderException;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import com.supportsoft.encore.inventory.dto.DeviceDTO;
import com.supportsoft.encore.inventory.ejb.InventoryInterfaceFactory;
import com.supportsoft.encore.inventory.ejb.remote.DeviceManager;
import com.supportsoft.encore.system.exception.RealmViolationException;
public class GetInitialContextThreaded {
private static InitialContext ic;
public static void main(String[] args) {
try {
// Use a thread to initialize the initial context
Thread thread1 = new Thread() {
public void run() {
log("THREAD1: Getting InitialContext.");
Properties icProps = new Properties();
icProps.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
icProps.put(Context.PROVIDER_URL, "t3://localhost:6002");
// icProps.put(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.naming.remote.client.InitialContextFactory");
// icProps.put(Context.PROVIDER_URL, "http-remoting://localhost:7777");
icProps.put(Context.SECURITY_PRINCIPAL, "system");
icProps.put(Context.SECURITY_CREDENTIALS, "system");
// icProps.put("jboss.naming.client.ejb.context", false);
// icProps.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");
// icProps.put("jboss.naming.client.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS", "false");
// icProps.put("jboss.naming.client.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", "false");
icProps.put("java.naming.factory.url.pkgs", "weblogic.jndi.factories:weblogic.corba.j2ee.naming.url");
// icProps.put("weblogic.jndi.enableDefaultUser", "true");
try {
ic = new InitialContext(icProps);
log("THREAD1: Have InitialContext.");
} catch (NamingException e) {
e.printStackTrace();
}
}
};
thread1.start();
try {
Thread.sleep(5000);
} catch (InterruptedException e1) {
e1.printStackTrace();
}
// Test connection
log("MAIN: Testing connection to app server.");
InventoryInterfaceFactory iFactory = getInventoryInterfaceFactory(ic, "MAIN");
log("MAIN: Getting DeviceManager handle");
DeviceManager devMgr = iFactory.getDeviceManager();
log("MAIN: Have DeviceManager handle");
log("MAIN: Get device");
DeviceDTO device = devMgr.getByID(1000L);
log("MAIN: Have device");
Thread thread2 = new Thread() {
public void run() {
log("THREAD2: Testing connection to app server.");
InventoryInterfaceFactory iFactory = getInventoryInterfaceFactory(ic, "THREAD2");
try {
log("THREAD2: Getting DeviceManager handle");
DeviceManager devMgr = iFactory.getDeviceManager();
log("THREAD2: Have DeviceManager handle");
log("THREAD2: Get device");
DeviceDTO device = devMgr.getByID(1000L);
log("THREAD2: Have device");
} catch (Exception e) {
e.printStackTrace();
}
}
};
thread2.start();
try {
Thread.sleep(2000);
} catch (InterruptedException e) {
e.printStackTrace();
}
log("MAIN: Successfully connected to app server.");
} catch (NamingException e) {
e.printStackTrace();
} catch (FinderException e) {
e.printStackTrace();
} catch (RealmViolationException e) {
e.printStackTrace();
}
}
private static InventoryInterfaceFactory getInventoryInterfaceFactory(InitialContext ctx, String logPrefix) {
InventoryInterfaceFactory factory = null;
try {
log(logPrefix + ": Instantiating factory");
factory = InventoryInterfaceFactory.getInstance(ctx);
log(logPrefix + ": Instantiated factory");
} catch (NamingException e) {
e.printStackTrace();
}
return factory;
}
private static void log(String message) {
SimpleDateFormat time_formatter = new SimpleDateFormat("EEE MMM dd HH:mm:ss.SSS z yyyy");
String current_time_str = time_formatter.format(System.currentTimeMillis());
System.out.println(current_time_str + ": " + message);
}
}
And here is the output that I see when I run it:
Tue Oct 22 15:34:35.395 ADT 2019: THREAD1: Getting InitialContext.
Tue Oct 22 15:34:37.469 ADT 2019: THREAD1: Have InitialContext.
Tue Oct 22 15:34:40.371 ADT 2019: MAIN: Testing connection to app server.
Tue Oct 22 15:34:40.372 ADT 2019: MAIN: Instantiating factory
Tue Oct 22 15:34:40.401 ADT 2019: MAIN: Instantiated factory
Tue Oct 22 15:34:40.402 ADT 2019: MAIN: Getting DeviceManager handle
Tue Oct 22 15:34:40.580 ADT 2019: MAIN: Have DeviceManager handle
Tue Oct 22 15:34:40.580 ADT 2019: MAIN: Get device
Exception in thread "main" javax.ejb.EJBAccessException: [EJB:010160]Security violation: User <anonymous> has insufficient permission to access EJB type=<ejb>, application=xyz, module=xyz-impl.jar, ejb=XYZManagerBean, method=getByID, methodInterface=Remote, signature={java.lang.Long}.
at weblogic.utils.StackTraceDisabled.unknownMethod()
It is fairly straight forward to resolve this in my test client, as I mentioned above, by having the main application instantiate the InitialContext.
My problem is how to handle this in a servlet deployed and running on Apache Tomcat. When the application starts up, the initialize() method does a number of things such as load properties files, instantiate the InitialContext, and test the connection to the application server. That all works fine. The problem is when the servlet starts processing a new request and tries to communicate with the WebLogic 12c application server. It is at this point that I get the 'User ' error.
Is there a way to configure Tomcat or the servlet so that the InitialContext can be shared between the servlet threads without "losing" the authenticated principal? In WebLogic 11g we included a context property called "weblogic.jndi.enableDefaultUser" and set it to "true", but that does not appear to be supported in WebLogic 12c.
Any ideas?
Trying to answer as this could be useful for someone looking for an answer.
Do you see this issue happening at the server Startup?
If yes, then pls pass Principle name in the Weblogic descriptor file
Just For ex
XXX.YYYY.CREATE.PRINCIPAL
Can anyone help to solve the below issue:
I am trying to upgrade my application server from JBOSS 6 to Wildfly 12/13.
My Application is EJB based. When i am using Jboss 6, I was using Jdk 1.7
Now for Wildfly, I'm using jdk 1.8.
And, while upgrading to Wildfly, previous jndi settings wasn't working so I updated jndi configurations from
configurations file:
INITIAL_CONTEXT_FACTORY = org.jnp.interfaces.NamingContextFactory
PROVIDER_URL = jnp://localhost:1099
URL_PKG_PREFIXES = org.jboss.naming:org.jnp.interfaces
JNDI_VOOR_DS=java:/VOORSDB
to:
INITIAL_CONTEXT_FACTORY = org.wildfly.naming.client.WildFlyInitialContextFactory
PROVIDER_URL = remote+http://localhost:8080
URL_PKG_PREFIXES = org.jboss.ejb.client.naming
JNDI_VOOR_DS=java:/VOORSDB
Now i am getting error as:
ERROR [com.aithent.voor.service.ServiceLocator] (ServerService ThreadPool -- 79) Exception whichle retrieving the home object for the EJB :UserServiceEJB
ERROR [com.aithent.voor.service.ServiceLocator] (ServerService Thread Pool -- 79) org.wildfly.naming.client.store.RelativeContext cannot be cast to javax.ejb.EJBHome
ERROR [com.aithent.voor.service.ServiceFactory] (ServerService Thread Pool -- 79) java.lang.ClassCastException: org.wildfly.naming.client.store.RelativeContext cannot be cast to javax.ejb.EJBHome
This is my ServiceLocator class:
private ServiceLocator() throws Exception{
createContext();
}
public void createContext() throws Exception{
Hashtable env = new Hashtable();
cachedObject=new HashMap(10,0.8f);
env.put(Context.INITIAL_CONTEXT_FACTORY, ConfigurationManager.getInstance().getPropertyValue(WebConstants.INITIAL_CONTEXT_FACTORY));
System.out.println(ConfigurationManager.getInstance().getPropertyValue(WebConstants.INITIAL_CONTEXT_FACTORY));
env.put(Context.PROVIDER_URL, ConfigurationManager.getInstance().getPropertyValue(WebConstants.PROVIDER_URL));
env.put(Context.URL_PKG_PREFIXES, ConfigurationManager.getInstance().getPropertyValue(WebConstants.URL_PKG_PREFIXES));
env.put("jboss.naming.client.ejb.context", true);
context = new WildFlyInitialContext(env);
System.out.println("context: "+context);
log.debug("ServiceLocator createContext method ends ");
}
public EJBHome getHome(String ejbName) throws Exception{
EJBHome ejbHome = null;
log.debug("ServiceLocator getHome() starts ");
try{
System.out.println("Context: "+context);
if(context != null){
Object home = context.lookup("ejb:/"+ejbName);
System.out.println(home);
ejbHome = (EJBHome) home;
System.out.println(ejbHome);
}
}catch(Exception e){
log.error("Exception whichle retrieving the home object for the EJB : " + ejbName);
log.error(e.getMessage());
throw new Exception(e);
}
log.debug("ServiceLocator getHome() ends ");
return ejbHome;
}
I even added jboss-client from wildfly-13 - bin/client folder. I tried almost everyway posted in other Q&A's but nothing worked.
I didn't understand how to attach files, if anyone guide me, i will attach server.log and standalone-full.xml for review.
Thanks for help in advance!
I was facing the same issue on a basic HelloWorld project for EJB.
I am using wildfly 14.0.1.
It magically started working when I removed the "ejb:" from the JNDI string "ejb:ejbsample-1.0-SNAPSHOT/HelloWorld!com.ejbsample.HelloWorld"
If it would help please check the server and client code.
I am developing the web service where in I want to connect to the SOA server. It's giving connection exception.
Code:
public class ConnectSOA{
public static void main(String[] args){
Map<IWorkflowServiceClientConstants.CONNECTION_PROPERTY, String> connProperties = new HashMap<IWorkflowServiceClientConstants.CONNECTION_PROPERTY, String>();
connProperties.put(IWorkflowServiceClientConstants.CONNECTION_PROPERTY.CLIENT_TYPE,WorkflowServiceClientFactory.REMOTE_CLIENT);
connProperties.put(IWorkflowServiceClientConstants.CONNECTION_PROPERTY.EJB_PROVIDER_URL,"t3://10.10.78.79:8001");
connProperties.put(IWorkflowServiceClientConstants.CONNECTION_PROPERTY.EJB_INITIAL_CONTEXT_FACTORY,"weblogic.jndi.WLInitialContextFactory");
try {
workflowServiceClient = WorkflowServiceClientFactory
.getWorkflowServiceClient(connProperties, null, null);
itaskQueryService = workflowServiceClient.getTaskQueryService();
statePredicate = new Predicate(
TableConstants.WFTASK_STATE_COLUMN, Predicate.OP_EQ,
IWorkflowConstants.TASK_STATE_ASSIGNED);
iworkFlowContext = itaskQueryService.authenticate("demouser","demo1".toCharArray(), null);
} catch(Exception e ){
e.printStackTrace();
}
}
}
Exception :
java.net.ConnectException: t3://10.10.78.79:8001 Bootstrap to: hostname/'10.10.78.79:8001' over: 't3' got an error or timed out
I have check the soa server its up and running on the machine.
Can you ping your weblogic?
java weblogic.Admin -url t3://IP:8001 -username xxx -password xxx PING 10
I see that you have 10.10.78.79:8001 and in Exception IP:8001
Could be that your server is not ok. Check the config. See your config.xml and what the listen address for the server is and verify that you can ping it.
I am trying to call RES server (v 7.1) from EAR deployed on WAS (8.5) instance. I was able to invoke rule server from standalone program and its working without any problems.
However my main problem is to invoke EJB deployed on RES server remotely from another EAR deployed on some other WAS instance. In this case we are not able to look-up the EJB remotely.
As per below thread we should bypass the EJB3 IlrSessionFactory API and should use Java EJB API to look up rule sessions directly.
http://www-01.ibm.com/support/docview.wss?uid=swg21586621
Recommendation from IBM is to use standard java api for ejb lookup or to upgrade to Rule Server 7.5 (latest 8.x).
Code snippet
// Initialization
Map<String, Object> outputParms = null;
IlrStatelessSession session=null;
IlrSessionResponse response=null;
// IlrSessionFactory factory = getFactory();
try {
sessionFactory = JRulesInvoker.getFactory();
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.ibm.websphere.naming.WsnInitialContextFactory");
env.put(Context.PROVIDER_URL,"corbaloc:iiop:localhost:28004");
Context ctx = new InitialContext(env);
Object lookupResult = ctx.lookup("ilog.rules.res.session.impl.ejb3.IlrStatelessSessionRemote");
PortableRemoteObject aPortableRemoteObject = new PortableRemoteObject();
session = (IlrStatelessSession) aPortableRemoteObject.narrow(lookupResult, IlrStatelessSession.class);
IlrPath path = new IlrPath(ruleApp, ruleSet);
IlrSessionRequest request = sessionFactory.createRequest();
request.setRulesetPath(path);
request.setInputParameters(inputParms);
request.getTraceFilter().setInfoTotalRulesFired(true);
request.getTraceFilter().setInfoExecutionEvents(true);
request.setTraceEnabled(true);
// session = sessionFactory.createStatelessSession();
System.out.println("created session " + IlrJNDIConstants.STATELESS_SESSION_EJB3_NAME);
response = session.execute(request);
System.out.println(response.getRulesetExecutionTrace().getTotalRulesFired() + " rule(s) fired.");
System.out.println("Execution output=" + response.getRulesetExecutionOutput());
// Return the result(s)
outputParms = response.getOutputParameters();
if (logger.isEnabledFor(Level.DEBUG)) {
if (response.getRulesetExecutionOutput() != null) {
logger.debug("RuleSet execution output: \n" + response.getRulesetExecutionOutput());
}
}
}catch (IlrSessionCreationException cx) {
if (logger.isEnabledFor(Level.ERROR)) {
logger.error(cx.getMessage(), cx);
}
} catch (IlrSessionException e) {
if (logger.isEnabledFor(Level.ERROR)) {
logger.error(e.getMessage(), e);
}
} catch (NamingException e) {
if (logger.isEnabledFor(Level.ERROR)) {
logger.error(e.getMessage(), e);
}
}
Error
Context: idewas/nodes/ide/servers/server1, name: ilog.rules.res.session.impl.ejb3.IlrStatelessSessionRemote: First component in name ilog.rules.res.session.impl.ejb3.IlrStatelessSessionRemote not found.
javax.naming.NameNotFoundException: Context: idewas/nodes/ide/servers/server1, name: ilog.rules.res.session.impl.ejb3.IlrStatelessSessionRemote: First component in name ilog.rules.res.session.impl.ejb3.IlrStatelessSessionRemote not found. [Root exception is org.omg.CosNaming.NamingContextPackage.NotFound: IDL:omg.org/CosNaming/NamingContext/NotFound:1.0]
at com.ibm.ws.naming.jndicos.CNContextImpl.mapNotFoundException(CNContextImpl.java:4563)
at com.ibm.ws.naming.jndicos.CNContextImpl.doLookup(CNContextImpl.java:1821)
at com.ibm.ws.naming.jndicos.CNContextImpl.doLookup(CNContextImpl.java:1776)
at com.ibm.ws.naming.jndicos.CNContextImpl.lookupExt(CNContextImpl.java:1433)
at com.ibm.ws.naming.jndicos.CNContextImpl.lookup(CNContextImpl.java:615)
at com.ibm.ws.naming.util.WsnInitCtx.lookup(WsnInitCtx.java:165)
at com.ibm.ws.naming.util.WsnInitCtx.lookup(WsnInitCtx.java:179)
at org.apache.aries.jndi.DelegateContext.lookup(DelegateContext.java:161)
at javax.naming.InitialContext.lookup(InitialContext.java:436)
Check in the SystemOut.log of the RES server what are the binding names for EJBs as it looks like there is no ilog.rules.res.session.impl.ejb3.IlrStatelessSessionRemote there. Also if you have two servers on the same host under the same name e.g. server1 you may have interoberability issues and need to set JVM property com.ibm.websphere.orb.uniqueServerName to true. For more details check the following page Application access problems
Failing to connect to Tomcat JMX instance
Ok i am stuck now - Im trying to configure JMX with Tomcat as follows
$CATALINA_BASE/setenv.sh:
CATALINA_OPTS="-Dcom.sun.management.jmxremote.port=18070 -Dcom.sun.management.jmxremote.password.file=$CATALINA_BASE/conf/jmxremote.password -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=true -Dcom.sun.management.jmxremote.access.file=$CATALINA_BASE/conf/jmxremote.access"
export CATALINA_OPTS
$CATALINA_BASE/conf/jmxremote.password
monitorRole monitorpass
controlRole controlpass
$CATALINA_BASE/conf/jmxremote.access
monitorRole readonly
controlRole readwrite
The client tool i am using to access the Tomcat JMX server is running on the same machine as the Tomcat instance. when i start tomcat i can see that there is something listening at port 18070 but when i try to connect i get the following error
Exception in thread "main" java.lang.SecurityException: Authentication failed! Credentials required
at com.sun.jmx.remote.security.JMXPluggableAuthenticator.authenticationFailure(JMXPluggableAuthenticator.java:193)
at com.sun.jmx.remote.security.JMXPluggableAuthenticator.authenticate(JMXPluggableAuthenticator.java:145)
at sun.management.jmxremote.ConnectorBootstrap$AccessFileCheckerAuthenticator.authenticate(ConnectorBootstrap.java:185)
at javax.management.remote.rmi.RMIServerImpl.doNewClient(RMIServerImpl.java:213)
I connect using the following bit of code
try {
url = new JMXServiceURL("service:jmx:rmi:///jndi/rmi://localhost:18070/jmxrmi");
jmxc = JMXConnectorFactory.connect(url,null);
mbsc = jmxc.getMBeanServerConnection();
} catch (MalformedURLException e) {
throw new Exception(methodName + ":" + e);
} catch (IOException e) {
throw new Exception(methodName + ":" + "Failed to connect to the Tomcat Server " + e);
}
It works fine if i set com.sun.management.jmxremote.authenticate=true to false. Other than that it just fails. The client tool is running on the same machine as the tomcat instance so there should not be any issues with the firewall. Any clues
This
JMXServiceURL url = ...;
Map env = ...;
String[] creds = {"monitorRole", "mrpasswd"};
env.put(JMXConnector.CREDENTIALS, creds);
JMXConnector cc = JMXConnectorFactory.connect(url, env);
MBeanServerConnection mbsc = cc.getMBeanServerConnection();
from http://blogs.oracle.com/lmalventosa/entry/jmx_authentication_authorization
should help