geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeremy Whitlock <jcscoob...@gmail.com>
Subject Re: JNDI remote authentication problem
Date Fri, 09 Dec 2005 23:51:12 GMT
That should work.  Dain found the issue while I was working on
GERONIMO-1151:

http://issues.apache.org/jira/browse/GERONIMO-1151

Now that we know that OpenEJB is retaining the proper values from the
config.xml, I would retry.

Take care,

Jeremy

On 12/9/05, David Jencks <david_jencks@yahoo.com> wrote:
>
> We did a little experiment and think that this works:
>
> <configuration name="geronimo/j2ee-server/1.0/car">
>       <gbean name="geronimo:name=EJB,type=NetworkService">
>        <attribute name="host">0.0.0.0</attribute>
>        <attribute name="port">4201</attribute>
>        <attribute name="allowHosts">0.0.0.0</attribute>
>      </gbean>
>   </configuration>
>
> However we are not the experts, maybe dblevins will have more to say.
>
> many thanks
> david jencks
>
> On Dec 7, 2005, at 5:18 PM, Zakharov, Vasily M wrote:
>
> > John,
> >
> > Thank you very much for your answer!
> >
> >> Let me know what happens.
> >
> > Well, I tried correcting j2ee-server-plan.xml and config.xml, and I
> > also
> > tried to provide the proper value for allowHosts in GUI installer - it
> > all didn't help.
> >
> > What really helped is correcting modules/assembly/maven.xml file and
> > specifying the IP address of the client in line 247 (specifying host
> > name or 255.255.255.255 mask also didn't help):
> >
> >    <j:set var="PlanClientAddresses"
> > value="<MY_CLIENT_HOST_IP_ADDRESS>"/>
> >
> > and then rebuilding Geronimo.
> >
> > However, it didn't helped much.
> > I made additional investigation for the problem location and here's
> > what
> > I've found:
> >
> > The problem occurs in file org/openejb/client/Client.java:
> > http://cvs.codehaus.org/viewrep/openejb/openejb/modules/core/src/java/
> > or
> > g/openejb/client/Client.java?r=1.5
> >
> > Previously the problem occured at line 171 (see code, the exceptions
> > are
> > wrapped badly there):
> >
> > javax.naming.AuthenticationException: Cannot deternmine server protocol
> > version: Received null/0.0; nested exception is:
> >       java.io.IOException: Unable to read protocol version.  Reached
> > the end of the stream.
> >       at
> > org.openejb.client.JNDIContext.authenticate(JNDIContext.java:196)
> >       at
> > org.openejb.client.JNDIContext.getInitialContext(JNDIContext.java:181)
> >       at javax.naming.spi.NamingManager.getInitialContext(Unknown
> > Source)
> >       at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
> >       at javax.naming.InitialContext.init(Unknown Source)
> >       at javax.naming.InitialContext.<init>(Unknown Source)
> >
> > And after the fix to maven.xml and rebuilding Geronimo another error
> > occurs a bit later, at line 192:
> >
> > javax.naming.AuthenticationException: Cannot read the response from the
> > server (OEJP/2.0) : null; nested exception is:
> >       java.io.EOFException
> >       at
> > org.openejb.client.JNDIContext.authenticate(JNDIContext.java:196)
> >       at
> > org.openejb.client.JNDIContext.getInitialContext(JNDIContext.java:181)
> >       at javax.naming.spi.NamingManager.getInitialContext(Unknown
> > Source)
> >       at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
> >       at javax.naming.InitialContext.init(Unknown Source)
> >       at javax.naming.InitialContext.<init>(Unknown Source)
> >
> > Previous problem was clearly a configuration issue, that was at last
> > resolved, but I have completely no idea on what to do with this new
> > problem. :(
> >
> > Can it be that Geronimo/OpenEJB does not accept remote JNDI connections
> > at all??
> >
> > With best regards,
> >    Vasily Zakharov, Intel Managed Runtime Division
> >
> >
> >
> > -----Original Message-----
> > From: John Sisson [mailto:jrsisson@gmail.com]
> > Sent: Wednesday, November 23, 2005 3:23 PM
> > To: user@geronimo.apache.org
> > Subject: Re: JNDI remote authentication problem
> >
> > Hi Vasily,
> >
> > In the j2ee-server-plan.xml file it configures the IP addresses that
> > the
> >
> > (OpenEJB) EJB daemon will accept connections from in the "allowHosts"
> > attribute.  For example:
> >
> >     <!-- EJB Protocol -->
> >     <gbean gbeanName="geronimo:type=NetworkService,name=EJB"
> > class="org.activeio.xnet.StandardServiceStackGBean">
> >         <attribute name="name">EJB</attribute>
> >         <attribute name="port">${PlanOpenEJBPort}</attribute>
> >         <attribute name="host">${PlanServerHostname}</attribute>
> >         <attribute name="allowHosts">${PlanClientAddresses}</attribute>
> >         <attribute
> > name="logOnSuccess">HOST,NAME,THREADID,USERID</attribute>
> >         <attribute name="logOnFailure">HOST,NAME</attribute>
> >         <reference
> > name="Executor"><name>DefaultThreadPool</name></reference>
> >         <reference
> > name="Server"><gbean-name>openejb:type=Server,name=EJB</gbean-name></
> > ref
> > erence>
> >     </gbean>
> >
> > The In the geronimo\var\config.xml file (where you can specify
> > attribute
> >
> > values that can override the values in the deployed plan) you should
> > see
> >
> > the following section:
> >
> >     <configuration name="org/apache/geronimo/Server">
> >         <gbean name="openejb:type=NetworkService,name=EJB">
> >             <attribute name="host">0.0.0.0</attribute>
> >             <attribute name="port">4201</attribute>
> >         </gbean>
> >     </configuration>
> >
> > In theory, you should be able to edit the config.xml file and specify
> > the allowable remote host by doing something like:
> >
> >     <configuration name="org/apache/geronimo/Server">
> >         <gbean name="openejb:type=NetworkService,name=EJB">
> >             <attribute name="host">0.0.0.0</attribute>
> >             <attribute name="port">4201</attribute>
> >             <attribute name="allowHosts">myhostname</attribute>
> >         </gbean>
> >     </configuration>
> >
> > *** But I have a bug currently open where the port number in the
> > config.xml file as shown in the example above is not actually used and
> > I
> >
> > have a feeling the same problem will happen for allowHosts (see
> > http://issues.apache.org/jira/browse/GERONIMO-1151 ).  I haven't had a
> > chance to debug this yet.  Let me know what happens.
> >
> > I think most of the testing so far has been done on the localhost with
> > the default port.
> >
> > Regards,
> >
> > John
> >
> > Zakharov, Vasily M wrote:
> >
> >> Hello, all.
> >>
> >>
> >>
> >> I'm trying to run an application that should access the beans
> >> (deployed in a Geronimo server running on other machine) with a JNDI
> >> request.
> >>
> >>
> >>
> >> However, I get the following exception immediately at "new
> >> InitialContext()" statement:
> >>
> >>
> >>
> >> javax.naming.AuthenticationException: Cannot deternmine server
> >> protocol version: Received null/0.0; nested exception
> >> is:
> >>
> >>         java.io.IOException: Unable to read protocol version.  Reached
> >
> >> the end of the stream.
> >>
> >>
> >>
> >> The Geronimo console states the following at that moment:
> >>
> >>
> >>
> >> 15:31:20,132 ERROR [EJB] Host <app-host> is not authorized to access
> >> this service.
> >>
> >> java.lang.SecurityException: Host <app-host> is not authorized to
> >> access this service.
> >>
> >>         at
> >>
> > org.activeio.xnet.hba.ServiceAccessController.checkHostsAuthorization(S
> > e
> > rviceAccessController.java:78)
> >>
> >>         at
> >>
> > org.activeio.xnet.hba.ServiceAccessController.service(ServiceAccessCont
> > r
> > oller.java:51)
> >>
> >>         at
> > org.activeio.xnet.ServiceLogger.service(ServiceLogger.java:74)
> >>
> >>         at
> >>
> > org.activeio.xnet.ServiceDaemon$SocketListener.run(ServiceDaemon.java:
> > 15
> > 1)
> >>
> >>         at java.lang.Thread.run(Unknown Source)
> >>
> >>
> >>
> >> (here <app-host> replaces the IP address of the machine where I run my
> >
> >> application)
> >>
> >>
> >>
> >> I'm using a default installation of Geronimo 1.0 M5, and Windows XP
> >> SP2 and Sun's JRE 1.4.2_08 on both machines.
> >>
> >>
> >>
> >> The client application's system properties include:
> >>
> >>
> > java.naming.factory.initial=org.openejb.client.RemoteInitialContextFact
> > o
> > ry
> >>
> >> java.naming.provider.url=<geronimo-host>:4201
> >>
> >> java.naming.security.principal=system
> >>
> >> java.naming.security.credentials=manager
> >>
> >>
> >>
> >> (here <geronimo-host> replaces the name of the machine where Geronimo
> >> is running and principal/credentials are the same I use to login to
> >> Geronimo console)
> >>
> >>
> >>
> >> Also, I've put a local copy of openejb-core-2.0-G1M5.jar to the
> >> application's classpath for context factory to be found.
> >>
> >>
> >>
> >> Could somebody please point me at what I'm doing wrong and how can I
> >> tune Geronimo to accept JNDI connections from the remote machine?
> >>
> >>
> >>
> >> Thanks in advance,
> >>
> >>
> >>
> >>    Vasily Zakharov, Intel Managed Runtime Division
> >>
> >
>
>

Mime
View raw message