geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rick McGuire <rick...@gmail.com>
Subject Re: Yoko Corba client cannot reach EJB via SSL
Date Mon, 28 Sep 2009 10:01:01 GMT
The Yoko ORB does not directly support SLL connections.  That capability 
can only be added by building an SSL capable ORB using the appropriate 
interceptors and plugins to enable the SLL transport.  That is 
capability that the Geronimo server and client provide for the ORB 
instances it uses to publish and access CORBA objects, and it requires a 
bit of ORB configuration to get it to work.  I'm not aware of any ORB 
implementation that provides "out-of-the-box" SLL transport client support.

Rick

Juergen Weber wrote:
> Hi,
>
> with your 
> http://www.nabble.com/NameService-returns-IOR-pointing-to-host-0.0.0.0-td25391214s134.html
> help  I got a Yoko pure Corba Client calling an EJB.
> (2.2-SNAPSHOT
> Build 	2009.09.16-14:12:22.112-0400)
>
> Now I want to try the same with SSL enabled. I got the 
> http://svn.apache.org/viewvc/geronimo/sandbox/magicGball/magicGball-ear/src/main/plan/magicgball-corba-plan.xml
> magicGball SSL TSS definition  and linked the EJB to it. It deploys and
> seems to run. Firefox can get Geronimo's SSL certificate from
> https://linda:2001.
>
> The client can get the IOR, but home.create() fails with
> Exception in thread "main" org.omg.CORBA.TRANSIENT: attempt to establish
> connection failed: connect: Address is invalid on local machine, or port is
> not valid on remote machine  vmcid: 0x41534000  minor code: 1  completed: No
> 	at
> org.apache.yoko.orb.OCI.IIOP.Connector_impl.connect(Connector_impl.java:124)
>
> How can you get Yoko to use the SSL definitions in the IOR and correctly
> address the SSL port? There should be all necessary information in the IOR.
>
> Thanks,
> Juergen
>
> The JacORB dior parsed IOR:
> ------IOR components-----
> TypeId	:
> RMI:org.apache.geronimo.testsuite.corba.mytime.MyTimeHome:0000000000000000
> TAG_INTERNET_IOP Profiles:
> 	Profile Id:		0
> 	IIOP Version:		1.2
> 	Host:			192.168.44.128
> 	Port:			0
> 	Object key (URL):
> %AB%AC%AB11253952623%00_RootPOA%00SSLClientPassword%00corba-mytime-ejb-2.0.2.jar/MyTime%00%00corba-mytime-ejb-2.0.2.jar/MyTime
> 	Object key (hex):	0xAB AC AB 31 31 32 35 33 39 35 32 36 32 33 00 5F 52 6F
> 6F 74 50 4F 41 00 53 53 4C 43 6C 69 65 6E 74 50 61 73 73 77 6F 72 64 00 63
> 6F 72 62 61 2D 6D 79 74 69 6D 65 2D 65 6A 62 2D 32 2E 30 2E 32 2E 6A 61 72
> 2F 4D 79 54 69 6D 65 00 00 63 6F 72 62 61 2D 6D 79 74 69 6D 65 2D 65 6A 62
> 2D 32 2E 30 2E 32 2E 6A 61 72 2F 4D 79 54 69 6D 65 
> 	-- Found 4 Tagged Components--
> 	#0: TAG_CODE_SETS
> 		ForChar native code set Id: ISO8859_1
> 		Char Conversion Code Sets: Unknown TCS: 0x00010020
> , UTF8
> 		ForWChar native code set Id: UTF16
> 		WChar Conversion Code Sets: 	Unknown tag : 32
> 	Unknown tag : 31
> 	#3: TAG_CSI_SEC_MECH_LIST
> 		is stateful: false
> 		CompoundSecMech #0
> 			target_requires: 70
> 			transport mechanism tag: TAG_TLS_SEC_TRANS
> 			TLS SEC TRANS target requires: 6
> 			TLS SEC TRANS target supports: 38
> 			TLS SEC TRANS address: linda:2001
> 			AS_ContextSec target_supports: 64
> 			AS_ContextSec target_requires: 64
> 			AS_ContextSec mech: 06 06 67 81 02 01 01 01 
> 			AS_ContextSec target_name: default
> 			SAS_ContextSec target_supports: 0
> 			SAS_ContextSec target_requires: 0
> 			SAS_ContextSec Naming types: 0
>
>
>
>
>
>   


Mime
View raw message