Skip to main content

Standalone EJB Client & SSL

15 replies [Last post]
ajvok
Offline
Joined: 2010-02-26
Points: 0

I just got my standalone EJB client to work over SSL.
My setup is described below.

The SSL traffic is on port 3820.
if I use tcpdump (I'm on linux) to monitor the traffic coming to/from 3700 (non SSL port) I see that each time I do a ctx.lookup() there is activity on this port.
My guess (please correct me) is that an initial attempt is made on non-SSL, but the config causes this attempt to fail, then somehow, the server tells the client (guessing this) to retry using SSL on port 3820.
I'd really appreciate any explanation of what is really happening here.

Anyway, it works. ***But***, I really would like it to work on SLL from the get-go.
I want to avoid all non-SSL traffic - perhaps disable port 3700.
Is this possible?

[ Setting props.setProperty("org.omg.CORBA.ORBInitialPort", "3820"); Did not work.]

Thanks for any advice.

============================================

The client:
=============================================
Properties props = new Properties();
props.setProperty("java.naming.factory.initial", "com.sun.enterprise.naming.SerialInitContextFactory");
props.setProperty("java.naming.factory.url.pkgs", "com.sun.enterprise.naming");
props.setProperty("java.naming.factory.state",
"com.sun.corba.ee.impl.presentation.rmi.JNDIStateFactoryImpl");
props.setProperty("org.omg.CORBA.connection.ORBSocketFactory",
"com.sun.enterprise.iiop.IIOPSSLSocketFactory");

System.setProperty("javax.net.ssl.trustStore", "myTrustStore") ;
//System.setProperty("javax.net.debug", "all");

Context ctx = new InitialContext(props);
ColourManagerBeanRemote cm = (ColourManagerBeanRemote)ctx.lookup("MyTestBean");
=============================================
The sun-ejb-jar.xml on the server:
=============================================

MyFirstTestBean

MyTestBean

required
required

=============================================

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
monzillo
Offline
Joined: 2004-05-08
Points: 0

If you are willing to try something else, please try doing the following in your client (presumably in combination with setting the initial pot to 3820), and such that the property is set before any lookups are performed (including by injection).

// This property is true (in appclient Main)
// if SSL is required to be used by clients.

public static final String ORB_SSL_CLIENT_REQUIRED = "com.sun.CSIV2.ssl.client.required";

GlassFishORBHelper.getOrb(). setCSIv2Prop(ORB_SSL_CLIENT_REQUIRED,"true');

GlassFishORBHelper is in: glassfishv3/glassfish/modules/orb-connector.jar

Ron

ajvok
Offline
Joined: 2010-02-26
Points: 0

Ron-

Thanks for the idea.

I tried your suggested:
GlassFishORBHelper.getOrb(). setCSIv2Prop(ORB_SSL_CLIENT_REQUIRED,"true');

I may be mis-reading you but,
- because getORB() isn't static, I have to instantiate a GlassFishORBHelper object:
- getORB() returns an ORB, which doesn't have a setCSIv2Prop(), although GlassFishORBHelper does.

I tried:
GlassFishORBHelper orbHelper = new GlassFishORBHelper();
// ORB o = orbHelper.getORB() ; // This gives an "Orb initialization erorr - java.lang.NullPointerException"
orbHelper.setCSIv2Prop(ORB_SSL_CLIENT_REQUIRED,"true");
This gives a "javax.enterprise.resource.corba" exception.

Looking at v3/orb/orb-connector/src/main/java/org/glassfish/enterprise/iiop/api/GlassFishORBHelper.java , in getORB(), I see an "if (isServer)" clause - I'm guessing that your approach might work if this app was not a standalone client.

Thanks for the hint. At least it got me looking at the source.

I assume that what I want must be possible otherwise anyone connecting remote EJB clients over the web (assuming they don't VPN or tunnel) to GF would be exposing to any sniffer what they were doing - well, at least what objects they were using as the first part of any lookup wouldn't be encrypted (via port 3700). That just can't be right.

Thanks for any help.

nitkal
Offline
Joined: 2008-10-22
Points: 0

One way to get this working in Glassfish v2 is to use a Glasfish appclient instead of a standalone client. To secure the name-service port, you could modify /config/sun-acc.xml to include the property:

along with the other properties. You could also change the port of the targer server from 3700 to 3820. You would then be able to contact the name service securely.

This seems to be an issue with the same procedure in v3 which we are trying to fix.

HTH
Nithya

ajvok
Offline
Joined: 2010-02-26
Points: 0

Nithya-

Sounds like it might work.

I did try, but quickly ran into http://forums.java.net/jive/thread.jspa?messageID=384886

I tried both the suggested work-arounds without success.

I will try again when I get time to download v3.1.

Although, it does seem a bit extreme to have to run an embedded server in order to satisfy a fairly simple aim.

Thanks for the idea.

nitkal
Offline
Joined: 2008-10-22
Points: 0

The embedded appclient is not supported in v2. And in v3, it currently has an issue regarding the secure naming service cal , which we are working on. Until then, you could try deploying the java class as an appclient and invoke it using the appclient CLI.

nitkal
Offline
Joined: 2008-10-22
Points: 0

The issue with the standalone client and appclient in contacting the naming service securely has been fixed. Please see http://blogs.sun.com/nithya/entry/accessing_orb_service_securely_in

HTH
Nithya

mjremijan
Offline
Joined: 2003-07-18
Points: 0

I have read this entire thread a number of times and have tried implementing some of the suggestions but after quite a few number of days I am still not getting SSL communication to work. I can get NON-SSL remote calls over the IIOP Listener on port 3700 to work fine.

I have 2 "GlassFish Server Open Source Edition 3.0.1 (build 22)" servers. One for the web-tier (servlet/jsf) one for the business-tier (ejbs). I need to secure the EJB communication between the web-tier and the business-tier, and I want to use the SSL_MUTUALAUTH IIOP Listener on port 3920.

Below is a summary of my configuration. What about this is not correct?

[b]~~~CLIENT WEB-TIER~~~[/b]

The web-tier is a "GlassFish Server Open Source Edition 3.0.1 (build 22)" server.

The web-tier's /config/cacerts.jks has been updated with the trustedCertEntry of the s1as alias exported from the business-tier's /config/keystore.jks -- the keystore.jks is the DEFAULT one generated by GlassFish.

The web-tier's /config/sun-acc.xml has been updated with:

[i]



[/i]

The WAR client app contains the interfaces of the remote EJBs it needs to call.

The WAR client app attempts to inject an EJB using:
[i]
@EJB(lookup="java:comp/env/ejb/Sam")
AccountService accountService;[/i]

The WAR client app has the following in web.xml
[i]
ejb/Sam
org.ferris.ejb.account.AccountService
[/i]

The WAR client app has the following sun-web.xml

[i] GlassFish Application Server 3.0 Servlet 3.0//EN"
"http://www.sun.com/software/appserver/dtds/sun-web-app_3_0-0.dtd">

research

ejb/Sam

corbaname:iiop:business-services.ferrisbank.com:3920#java:global/ferris-bank-business-services/account/AccountServiceBean!org.ferris.ejb.account.AccountService


[/i]

[b]~~~SERVER BUSINESS-TIER~~~[/b]

The business-tier is a "GlassFish Server Open Source Edition 3.0.1 (build 22)" server.

The business-tier's /config/cacerts.jks has been updated with the trustedCertEntry of the s1as alias exported from the web-tier's /config/keystore.jks -- the keystore.jks is the DEFAULT one generated by GlassFish.

The EJB server app has the following remote interface:
[i]
@Remote
public interface AccountService { . . . }[/i]

The EJB server app has the following bean implementation:
[i]
@Stateless
public class AccountServiceBean implements AccountService { . . . }[/i]

The EJB server app has the following in sun-ejb-jar.xml:
[i]


AccountServiceBean

REQUIRED
REQUIRED
SUPPORTED
REQUIRED

none
default
false


none



[/i]

The problem I have when I try to use this configuration is the same as what's described in this thread. When the web client tries to make a connection to the ejb, it looks like it is trying to do so plaintext. I get this in the server log:

[i]Caused by: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?[/i]

How can I get this configured properly??

nitkal
Offline
Joined: 2008-10-22
Points: 0

Changing sun-acc.xml to include the ssl element is required only when an appclient is used to invoke an EJB. Since the webtier here is a servlet, it is not required.
Can you pass on the stack traces on the webtier server and the ejb tier sides?
If you are trying mutual authentication, can you please try a one-way ssl connection, by turning in the ejb to SUPPORTED? This would help to isolate the problem.

Thanks
Nithya

mjremijan
Offline
Joined: 2003-07-18
Points: 0

Here are stack traces based on the following:

is still REQUIRED

Log levels on web-tier are INFO except for java.util.logging.ConsoleHandler which is FINEST.

Log levels on ejb-tier are INFO except for java.util.logging.ConsoleHandler and javax.enterprise.resource.corba which are FINEST.

[b]~~~~~~~WEB-TIER CLIENT~~~~~~~[/b]
[#|2010-10-26T09:22:09.850-0500|INFO|glassfish3.0.1|javax.enterprise.system.container.web.com.sun.enterprise.web|_ThreadID=37;_ThreadName=http-thread-pool-8080-(1);|PWC1412: WebModule[/cassett] ServletContext.log():PWC1409: Marking servlet AccountServlet as unavailable|#]

[#|2010-10-26T09:22:09.850-0500|INFO|glassfish3.0.1|javax.enterprise.system.container.web.com.sun.enterprise.web|_ThreadID=37;_ThreadName=Thread-1;|PWC1412: WebModule[/cassett] ServletContext.log():PWC1409: Marking servlet AccountServlet as unavailable|#]

[#|2010-10-26T09:22:09.850-0500|INFO|glassfish3.0.1|javax.enterprise.system.container.web.com.sun.enterprise.web|_ThreadID=37;_ThreadName=http-thread-pool-8080-(1);|PWC1412: WebModule[/cassett] ServletContext.log():PWC1409: Marking servlet AccountServlet as unavailable|#]

[#|2010-10-26T09:22:09.866-0500|WARNING|glassfish3.0.1|javax.enterprise.system.container.web.com.sun.enterprise.web|_ThreadID=37;_ThreadName=Thread-1;|StandardWrapperValve[AccountServlet]: PWC1382: Allocate exception for servlet AccountServlet
com.sun.enterprise.container.common.spi.util.InjectionException: Error creating managed object for class org.ferris.cassett.AccountServlet
at com.sun.enterprise.container.common.impl.util.InjectionManagerImpl.createManagedObject(InjectionManagerImpl.java:312)
at com.sun.enterprise.web.WebContainer.createServletInstance(WebContainer.java:709)
at com.sun.enterprise.web.WebModule.createServletInstance(WebModule.java:1937)
at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1252)
at org.apache.catalina.core.StandardWrapper.allocate(StandardWrapper.java:1059)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:187)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:188)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:641)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:97)
at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:85)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:185)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:325)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:226)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:165)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:791)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:693)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:954)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:170)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:135)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:102)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:88)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:76)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:53)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:57)
at com.sun.grizzly.ContextTask.run(ContextTask.java:69)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:330)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:309)
at java.lang.Thread.run(Thread.java:619)
Caused by: com.sun.enterprise.container.common.spi.util.InjectionException: Exception attempting to inject Remote ejb-ref name=org.ferris.cassett.AccountServlet/accountService,Remote 3.x interface =org.ferris.ejb.account.AccountService,ejb-link=null,lookup=java:comp/env/ejb/Sam,mappedName=,jndi-name=,refType=Session into class org.ferris.cassett.AccountServlet
at com.sun.enterprise.container.common.impl.util.InjectionManagerImpl._inject(InjectionManagerImpl.java:614)
at com.sun.enterprise.container.common.impl.util.InjectionManagerImpl.inject(InjectionManagerImpl.java:384)
at com.sun.enterprise.container.common.impl.util.InjectionManagerImpl.injectInstance(InjectionManagerImpl.java:141)
at com.sun.enterprise.container.common.impl.util.InjectionManagerImpl.injectInstance(InjectionManagerImpl.java:127)
at com.sun.enterprise.container.common.impl.util.InjectionManagerImpl.createManagedObject(InjectionManagerImpl.java:306)
... 27 more
Caused by: javax.naming.NamingException: Lookup failed for 'java:comp/env/org.ferris.cassett.AccountServlet/accountService' in SerialContext [Root exception is javax.naming.NamingException: Lookup failed for 'java:comp/env/ejb/Sam' in SerialContext [Root exception is javax.naming.NamingException: Exception resolving Ejb for 'Remote ejb-ref name=ejb/Sam,Remote 3.x interface =org.ferris.ejb.account.AccountService,ejb-link=null,lookup=null,mappedName=,jndi-name=corbaname:iiop:stl-dt-slv-084.ad.sherpa.int:3920#java:global/ferris-bank-business-services/account/AccountServiceBean!org.ferris.ejb.account.AccountService,refType=Session' . Actual (possibly internal) Remote JNDI name used for lookup is 'corbaname:iiop:stl-dt-slv-084.ad.sherpa.int:3920#java:global/ferris-bank-business-services/account/AccountServiceBean__3_x_Internal_RemoteBusinessHome__' [Root exception is org.omg.CORBA.BAD_PARAM: vmcid: OMG minor code: 9 completed: No]]]
at com.sun.enterprise.naming.impl.SerialContext.lookup(SerialContext.java:442)
at javax.naming.InitialContext.lookup(InitialContext.java:392)
at com.sun.enterprise.container.common.impl.util.InjectionManagerImpl._inject(InjectionManagerImpl.java:513)
... 31 more
Caused by: javax.naming.NamingException: Lookup failed for 'java:comp/env/ejb/Sam' in SerialContext [Root exception is javax.naming.NamingException: Exception resolving Ejb for 'Remote ejb-ref name=ejb/Sam,Remote 3.x interface =org.ferris.ejb.account.AccountService,ejb-link=null,lookup=null,mappedName=,jndi-name=corbaname:iiop:stl-dt-slv-084.ad.sherpa.int:3920#java:global/ferris-bank-business-services/account/AccountServiceBean!org.ferris.ejb.account.AccountService,refType=Session' . Actual (possibly internal) Remote JNDI name used for lookup is 'corbaname:iiop:stl-dt-slv-084.ad.sherpa.int:3920#java:global/ferris-bank-business-services/account/AccountServiceBean__3_x_Internal_RemoteBusinessHome__' [Root exception is org.omg.CORBA.BAD_PARAM: vmcid: OMG minor code: 9 completed: No]]
at com.sun.enterprise.naming.impl.SerialContext.lookup(SerialContext.java:442)
at javax.naming.InitialContext.lookup(InitialContext.java:392)
at com.sun.ejb.EjbNamingReferenceManagerImpl.resolveEjbReference(EjbNamingReferenceManagerImpl.java:98)
at com.sun.enterprise.container.common.impl.ComponentEnvManagerImpl$EjbReferenceProxy.create(ComponentEnvManagerImpl.java:1040)
at com.sun.enterprise.naming.impl.GlassfishNamingManagerImpl.lookup(GlassfishNamingManagerImpl.java:688)
at com.sun.enterprise.naming.impl.GlassfishNamingManagerImpl.lookup(GlassfishNamingManagerImpl.java:657)
at com.sun.enterprise.naming.impl.JavaURLContext.lookup(JavaURLContext.java:148)
at com.sun.enterprise.naming.impl.SerialContext.lookup(SerialContext.java:428)
... 33 more
Caused by: javax.naming.NamingException: Exception resolving Ejb for 'Remote ejb-ref name=ejb/Sam,Remote 3.x interface =org.ferris.ejb.account.AccountService,ejb-link=null,lookup=null,mappedName=,jndi-name=corbaname:iiop:stl-dt-slv-084.ad.sherpa.int:3920#java:global/ferris-bank-business-services/account/AccountServiceBean!org.ferris.ejb.account.AccountService,refType=Session' . Actual (possibly internal) Remote JNDI name used for lookup is 'corbaname:iiop:stl-dt-slv-084.ad.sherpa.int:3920#java:global/ferris-bank-business-services/account/AccountServiceBean__3_x_Internal_RemoteBusinessHome__' [Root exception is org.omg.CORBA.BAD_PARAM: vmcid: OMG minor code: 9 completed: No]
at com.sun.ejb.EjbNamingReferenceManagerImpl.resolveEjbReference(EjbNamingReferenceManagerImpl.java:174)
at com.sun.enterprise.container.common.impl.ComponentEnvManagerImpl$EjbReferenceProxy.create(ComponentEnvManagerImpl.java:1040)
at com.sun.enterprise.naming.impl.GlassfishNamingManagerImpl.lookup(GlassfishNamingManagerImpl.java:688)
at com.sun.enterprise.naming.impl.GlassfishNamingManagerImpl.lookup(GlassfishNamingManagerImpl.java:657)
at com.sun.enterprise.naming.impl.JavaURLContext.lookup(JavaURLContext.java:148)
at com.sun.enterprise.naming.impl.SerialContext.lookup(SerialContext.java:428)
... 40 more
Caused by: org.omg.CORBA.BAD_PARAM: vmcid: OMG minor code: 9 completed: No
at com.sun.corba.ee.impl.logging.OMGSystemException.soBadSchemaSpecific(OMGSystemException.java:1075)
at com.sun.corba.ee.impl.logging.OMGSystemException.soBadSchemaSpecific(OMGSystemException.java:1093)
at com.sun.corba.ee.impl.resolver.INSURLOperationImpl.resolveCorbaname(INSURLOperationImpl.java:228)
at com.sun.corba.ee.impl.resolver.INSURLOperationImpl.resolveINSURL(INSURLOperationImpl.java:154)
at com.sun.corba.ee.impl.resolver.INSURLOperationImpl.operate(INSURLOperationImpl.java:144)
at com.sun.corba.ee.impl.orb.ORBImpl.string_to_object(ORBImpl.java:954)
at com.sun.ejb.EjbNamingReferenceManagerImpl.resolveEjbReference(EjbNamingReferenceManagerImpl.java:167)
... 45 more
Caused by: org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 208 completed: Maybe
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.connectionAbort(ORBUtilSystemException.java:3603)
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.connectionAbort(ORBUtilSystemException.java:3621)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.doOptimizedReadStrategy(SocketOrChannelConnectionImpl.java:1726)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.doWork(SocketOrChannelConnectionImpl.java:1216)
at com.sun.corba.ee.impl.orbutil.threadpool.ThreadPoolImpl$WorkerThread.performWork(ThreadPoolImpl.java:492)
at com.sun.corba.ee.impl.orbutil.threadpool.ThreadPoolImpl$WorkerThread.run(ThreadPoolImpl.java:528)
Caused by: org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 211 completed: No
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.ioexceptionWhenReadingConnection(ORBUtilSystemException.java:3687)
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.ioexceptionWhenReadingConnection(ORBUtilSystemException.java:3706)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.nonBlockingRead(SocketOrChannelConnectionImpl.java:1938)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.doOptimizedReadStrategy(SocketOrChannelConnectionImpl.java:1651)
... 3 more
Caused by: java.io.IOException: End-of-stream
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.nonBlockingRead(SocketOrChannelConnectionImpl.java:1927)
... 4 more
|#]

[#|2010-10-26T09:22:09.866-0500|WARNING|glassfish3.0.1|javax.enterprise.system.container.web.com.sun.enterprise.web|_ThreadID=37;_ThreadName=http-thread-pool-8080-(1);|StandardWrapperValve[AccountServlet]: PWC1382: Allocate exception for servlet AccountServlet
com.sun.enterprise.container.common.spi.util.InjectionException: Error creating managed object for class org.ferris.cassett.AccountServlet
at com.sun.enterprise.container.common.impl.util.InjectionManagerImpl.createManagedObject(InjectionManagerImpl.java:312)
at com.sun.enterprise.web.WebContainer.createServletInstance(WebContainer.java:709)
at com.sun.enterprise.web.WebModule.createServletInstance(WebModule.java:1937)
at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1252)
at org.apache.catalina.core.StandardWrapper.allocate(StandardWrapper.java:1059)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:187)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:188)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:641)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:97)
at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:85)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:185)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:325)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:226)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:165)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:791)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:693)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:954)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:170)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:135)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:102)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:88)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:76)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:53)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:57)
at com.sun.grizzly.ContextTask.run(ContextTask.java:69)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:330)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:309)
at java.lang.Thread.run(Thread.java:619)
Caused by: com.sun.enterprise.container.common.spi.util.InjectionException: Exception attempting to inject Remote ejb-ref name=org.ferris.cassett.AccountServlet/accountService,Remote 3.x interface =org.ferris.ejb.account.AccountService,ejb-link=null,lookup=java:comp/env/ejb/Sam,mappedName=,jndi-name=,refType=Session into class org.ferris.cassett.AccountServlet
at com.sun.enterprise.container.common.impl.util.InjectionManagerImpl._inject(InjectionManagerImpl.java:614)
at com.sun.enterprise.container.common.impl.util.InjectionManagerImpl.inject(InjectionManagerImpl.java:384)
at com.sun.enterprise.container.common.impl.util.InjectionManagerImpl.injectInstance(InjectionManagerImpl.java:141)
at com.sun.enterprise.container.common.impl.util.InjectionManagerImpl.injectInstance(InjectionManagerImpl.java:127)
at com.sun.enterprise.container.common.impl.util.InjectionManagerImpl.createManagedObject(InjectionManagerImpl.java:306)
... 27 more
Caused by: javax.naming.NamingException: Lookup failed for 'java:comp/env/org.ferris.cassett.AccountServlet/accountService' in SerialContext [Root exception is javax.naming.NamingException: Lookup failed for 'java:comp/env/ejb/Sam' in SerialContext [Root exception is javax.naming.NamingException: Exception resolving Ejb for 'Remote ejb-ref name=ejb/Sam,Remote 3.x interface =org.ferris.ejb.account.AccountService,ejb-link=null,lookup=null,mappedName=,jndi-name=corbaname:iiop:stl-dt-slv-084.ad.sherpa.int:3920#java:global/ferris-bank-business-services/account/AccountServiceBean!org.ferris.ejb.account.AccountService,refType=Session' . Actual (possibly internal) Remote JNDI name used for lookup is 'corbaname:iiop:stl-dt-slv-084.ad.sherpa.int:3920#java:global/ferris-bank-business-services/account/AccountServiceBean__3_x_Internal_RemoteBusinessHome__' [Root exception is org.omg.CORBA.BAD_PARAM: vmcid: OMG minor code: 9 completed: No]]]
at com.sun.enterprise.naming.impl.SerialContext.lookup(SerialContext.java:442)
at javax.naming.InitialContext.lookup(InitialContext.java:392)
at com.sun.enterprise.container.common.impl.util.InjectionManagerImpl._inject(InjectionManagerImpl.java:513)
... 31 more
Caused by: javax.naming.NamingException: Lookup failed for 'java:comp/env/ejb/Sam' in SerialContext [Root exception is javax.naming.NamingException: Exception resolving Ejb for 'Remote ejb-ref name=ejb/Sam,Remote 3.x interface =org.ferris.ejb.account.AccountService,ejb-link=null,lookup=null,mappedName=,jndi-name=corbaname:iiop:stl-dt-slv-084.ad.sherpa.int:3920#java:global/ferris-bank-business-services/account/AccountServiceBean!org.ferris.ejb.account.AccountService,refType=Session' . Actual (possibly internal) Remote JNDI name used for lookup is 'corbaname:iiop:stl-dt-slv-084.ad.sherpa.int:3920#java:global/ferris-bank-business-services/account/AccountServiceBean__3_x_Internal_RemoteBusinessHome__' [Root exception is org.omg.CORBA.BAD_PARAM: vmcid: OMG minor code: 9 completed: No]]
at com.sun.enterprise.naming.impl.SerialContext.lookup(SerialContext.java:442)
at javax.naming.InitialContext.lookup(InitialContext.java:392)
at com.sun.ejb.EjbNamingReferenceManagerImpl.resolveEjbReference(EjbNamingReferenceManagerImpl.java:98)
at com.sun.enterprise.container.common.impl.ComponentEnvManagerImpl$EjbReferenceProxy.create(ComponentEnvManagerImpl.java:1040)
at com.sun.enterprise.naming.impl.GlassfishNamingManagerImpl.lookup(GlassfishNamingManagerImpl.java:688)
at com.sun.enterprise.naming.impl.GlassfishNamingManagerImpl.lookup(GlassfishNamingManagerImpl.java:657)
at com.sun.enterprise.naming.impl.JavaURLContext.lookup(JavaURLContext.java:148)
at com.sun.enterprise.naming.impl.SerialContext.lookup(SerialContext.java:428)
... 33 more
Caused by: javax.naming.NamingException: Exception resolving Ejb for 'Remote ejb-ref name=ejb/Sam,Remote 3.x interface =org.ferris.ejb.account.AccountService,ejb-link=null,lookup=null,mappedName=,jndi-name=corbaname:iiop:stl-dt-slv-084.ad.sherpa.int:3920#java:global/ferris-bank-business-services/account/AccountServiceBean!org.ferris.ejb.account.AccountService,refType=Session' . Actual (possibly internal) Remote JNDI name used for lookup is 'corbaname:iiop:stl-dt-slv-084.ad.sherpa.int:3920#java:global/ferris-bank-business-services/account/AccountServiceBean__3_x_Internal_RemoteBusinessHome__' [Root exception is org.omg.CORBA.BAD_PARAM: vmcid: OMG minor code: 9 completed: No]
at com.sun.ejb.EjbNamingReferenceManagerImpl.resolveEjbReference(EjbNamingReferenceManagerImpl.java:174)
at com.sun.enterprise.container.common.impl.ComponentEnvManagerImpl$EjbReferenceProxy.create(ComponentEnvManagerImpl.java:1040)
at com.sun.enterprise.naming.impl.GlassfishNamingManagerImpl.lookup(GlassfishNamingManagerImpl.java:688)
at com.sun.enterprise.naming.impl.GlassfishNamingManagerImpl.lookup(GlassfishNamingManagerImpl.java:657)
at com.sun.enterprise.naming.impl.JavaURLContext.lookup(JavaURLContext.java:148)
at com.sun.enterprise.naming.impl.SerialContext.lookup(SerialContext.java:428)
... 40 more
Caused by: org.omg.CORBA.BAD_PARAM: vmcid: OMG minor code: 9 completed: No
at com.sun.corba.ee.impl.logging.OMGSystemException.soBadSchemaSpecific(OMGSystemException.java:1075)
at com.sun.corba.ee.impl.logging.OMGSystemException.soBadSchemaSpecific(OMGSystemException.java:1093)
at com.sun.corba.ee.impl.resolver.INSURLOperationImpl.resolveCorbaname(INSURLOperationImpl.java:228)
at com.sun.corba.ee.impl.resolver.INSURLOperationImpl.resolveINSURL(INSURLOperationImpl.java:154)
at com.sun.corba.ee.impl.resolver.INSURLOperationImpl.operate(INSURLOperationImpl.java:144)
at com.sun.corba.ee.impl.orb.ORBImpl.string_to_object(ORBImpl.java:954)
at com.sun.ejb.EjbNamingReferenceManagerImpl.resolveEjbReference(EjbNamingReferenceManagerImpl.java:167)
... 45 more
Caused by: org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 208 completed: Maybe
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.connectionAbort(ORBUtilSystemException.java:3603)
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.connectionAbort(ORBUtilSystemException.java:3621)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.doOptimizedReadStrategy(SocketOrChannelConnectionImpl.java:1726)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.doWork(SocketOrChannelConnectionImpl.java:1216)
at com.sun.corba.ee.impl.orbutil.threadpool.ThreadPoolImpl$WorkerThread.performWork(ThreadPoolImpl.java:492)
at com.sun.corba.ee.impl.orbutil.threadpool.ThreadPoolImpl$WorkerThread.run(ThreadPoolImpl.java:528)
Caused by: org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 211 completed: No
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.ioexceptionWhenReadingConnection(ORBUtilSystemException.java:3687)
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.ioexceptionWhenReadingConnection(ORBUtilSystemException.java:3706)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.nonBlockingRead(SocketOrChannelConnectionImpl.java:1938)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.doOptimizedReadStrategy(SocketOrChannelConnectionImpl.java:1651)
... 3 more
Caused by: java.io.IOException: End-of-stream
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.nonBlockingRead(SocketOrChannelConnectionImpl.java:1927)
... 4 more
|#]

[#|2010-10-26T09:22:09.866-0500|WARNING|glassfish3.0.1|javax.enterprise.system.container.web.com.sun.enterprise.web|_ThreadID=37;_ThreadName=http-thread-pool-8080-(1);|StandardWrapperValve[AccountServlet]: PWC1382: Allocate exception for servlet AccountServlet
com.sun.enterprise.container.common.spi.util.InjectionException: Error creating managed object for class org.ferris.cassett.AccountServlet
at com.sun.enterprise.container.common.impl.util.InjectionManagerImpl.createManagedObject(InjectionManagerImpl.java:312)
at com.sun.enterprise.web.WebContainer.createServletInstance(WebContainer.java:709)
at com.sun.enterprise.web.WebModule.createServletInstance(WebModule.java:1937)
at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1252)
at org.apache.catalina.core.StandardWrapper.allocate(StandardWrapper.java:1059)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:187)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:188)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:641)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:97)
at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:85)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:185)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:325)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:226)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:165)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:791)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:693)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:954)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:170)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:135)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:102)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:88)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:76)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:53)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:57)
at com.sun.grizzly.ContextTask.run(ContextTask.java:69)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:330)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:309)
at java.lang.Thread.run(Thread.java:619)
Caused by: com.sun.enterprise.container.common.spi.util.InjectionException: Exception attempting to inject Remote ejb-ref name=org.ferris.cassett.AccountServlet/accountService,Remote 3.x interface =org.ferris.ejb.account.AccountService,ejb-link=null,lookup=java:comp/env/ejb/Sam,mappedName=,jndi-name=,refType=Session into class org.ferris.cassett.AccountServlet
at com.sun.enterprise.container.common.impl.util.InjectionManagerImpl._inject(InjectionManagerImpl.java:614)
at com.sun.enterprise.container.common.impl.util.InjectionManagerImpl.inject(InjectionManagerImpl.java:384)
at com.sun.enterprise.container.common.impl.util.InjectionManagerImpl.injectInstance(InjectionManagerImpl.java:141)
at com.sun.enterprise.container.common.impl.util.InjectionManagerImpl.injectInstance(InjectionManagerImpl.java:127)
at com.sun.enterprise.container.common.impl.util.InjectionManagerImpl.createManagedObject(InjectionManagerImpl.java:306)
... 27 more
Caused by: javax.naming.NamingException: Lookup failed for 'java:comp/env/org.ferris.cassett.AccountServlet/accountService' in SerialContext [Root exception is javax.naming.NamingException: Lookup failed for 'java:comp/env/ejb/Sam' in SerialContext [Root exception is javax.naming.NamingException: Exception resolving Ejb for 'Remote ejb-ref name=ejb/Sam,Remote 3.x interface =org.ferris.ejb.account.AccountService,ejb-link=null,lookup=null,mappedName=,jndi-name=corbaname:iiop:stl-dt-slv-084.ad.sherpa.int:3920#java:global/ferris-bank-business-services/account/AccountServiceBean!org.ferris.ejb.account.AccountService,refType=Session' . Actual (possibly internal) Remote JNDI name used for lookup is 'corbaname:iiop:stl-dt-slv-084.ad.sherpa.int:3920#java:global/ferris-bank-business-services/account/AccountServiceBean__3_x_Internal_RemoteBusinessHome__' [Root exception is org.omg.CORBA.BAD_PARAM: vmcid: OMG minor code: 9 completed: No]]]
at com.sun.enterprise.naming.impl.SerialContext.lookup(SerialContext.java:442)
at javax.naming.InitialContext.lookup(InitialContext.java:392)
at com.sun.enterprise.container.common.impl.util.InjectionManagerImpl._inject(InjectionManagerImpl.java:513)
... 31 more
Caused by: javax.naming.NamingException: Lookup failed for 'java:comp/env/ejb/Sam' in SerialContext [Root exception is javax.naming.NamingException: Exception resolving Ejb for 'Remote ejb-ref name=ejb/Sam,Remote 3.x interface =org.ferris.ejb.account.AccountService,ejb-link=null,lookup=null,mappedName=,jndi-name=corbaname:iiop:stl-dt-slv-084.ad.sherpa.int:3920#java:global/ferris-bank-business-services/account/AccountServiceBean!org.ferris.ejb.account.AccountService,refType=Session' . Actual (possibly internal) Remote JNDI name used for lookup is 'corbaname:iiop:stl-dt-slv-084.ad.sherpa.int:3920#java:global/ferris-bank-business-services/account/AccountServiceBean__3_x_Internal_RemoteBusinessHome__' [Root exception is org.omg.CORBA.BAD_PARAM: vmcid: OMG minor code: 9 completed: No]]
at com.sun.enterprise.naming.impl.SerialContext.lookup(SerialContext.java:442)
at javax.naming.InitialContext.lookup(InitialContext.java:392)
at com.sun.ejb.EjbNamingReferenceManagerImpl.resolveEjbReference(EjbNamingReferenceManagerImpl.java:98)
at com.sun.enterprise.container.common.impl.ComponentEnvManagerImpl$EjbReferenceProxy.create(ComponentEnvManagerImpl.java:1040)
at com.sun.enterprise.naming.impl.GlassfishNamingManagerImpl.lookup(GlassfishNamingManagerImpl.java:688)
at com.sun.enterprise.naming.impl.GlassfishNamingManagerImpl.lookup(GlassfishNamingManagerImpl.java:657)
at com.sun.enterprise.naming.impl.JavaURLContext.lookup(JavaURLContext.java:148)
at com.sun.enterprise.naming.impl.SerialContext.lookup(SerialContext.java:428)
... 33 more
Caused by: javax.naming.NamingException: Exception resolving Ejb for 'Remote ejb-ref name=ejb/Sam,Remote 3.x interface =org.ferris.ejb.account.AccountService,ejb-link=null,lookup=null,mappedName=,jndi-name=corbaname:iiop:stl-dt-slv-084.ad.sherpa.int:3920#java:global/ferris-bank-business-services/account/AccountServiceBean!org.ferris.ejb.account.AccountService,refType=Session' . Actual (possibly internal) Remote JNDI name used for lookup is 'corbaname:iiop:stl-dt-slv-084.ad.sherpa.int:3920#java:global/ferris-bank-business-services/account/AccountServiceBean__3_x_Internal_RemoteBusinessHome__' [Root exception is org.omg.CORBA.BAD_PARAM: vmcid: OMG minor code: 9 completed: No]
at com.sun.ejb.EjbNamingReferenceManagerImpl.resolveEjbReference(EjbNamingReferenceManagerImpl.java:174)
at com.sun.enterprise.container.common.impl.ComponentEnvManagerImpl$EjbReferenceProxy.create(ComponentEnvManagerImpl.java:1040)
at com.sun.enterprise.naming.impl.GlassfishNamingManagerImpl.lookup(GlassfishNamingManagerImpl.java:688)
at com.sun.enterprise.naming.impl.GlassfishNamingManagerImpl.lookup(GlassfishNamingManagerImpl.java:657)
at com.sun.enterprise.naming.impl.JavaURLContext.lookup(JavaURLContext.java:148)
at com.sun.enterprise.naming.impl.SerialContext.lookup(SerialContext.java:428)
... 40 more
Caused by: org.omg.CORBA.BAD_PARAM: vmcid: OMG minor code: 9 completed: No
at com.sun.corba.ee.impl.logging.OMGSystemException.soBadSchemaSpecific(OMGSystemException.java:1075)
at com.sun.corba.ee.impl.logging.OMGSystemException.soBadSchemaSpecific(OMGSystemException.java:1093)
at com.sun.corba.ee.impl.resolver.INSURLOperationImpl.resolveCorbaname(INSURLOperationImpl.java:228)
at com.sun.corba.ee.impl.resolver.INSURLOperationImpl.resolveINSURL(INSURLOperationImpl.java:154)
at com.sun.corba.ee.impl.resolver.INSURLOperationImpl.operate(INSURLOperationImpl.java:144)
at com.sun.corba.ee.impl.orb.ORBImpl.string_to_object(ORBImpl.java:954)
at com.sun.ejb.EjbNamingReferenceManagerImpl.resolveEjbReference(EjbNamingReferenceManagerImpl.java:167)
... 45 more
Caused by: org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 208 completed: Maybe
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.connectionAbort(ORBUtilSystemException.java:3603)
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.connectionAbort(ORBUtilSystemException.java:3621)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.doOptimizedReadStrategy(SocketOrChannelConnectionImpl.java:1726)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.doWork(SocketOrChannelConnectionImpl.java:1216)
at com.sun.corba.ee.impl.orbutil.threadpool.ThreadPoolImpl$WorkerThread.performWork(ThreadPoolImpl.java:492)
at com.sun.corba.ee.impl.orbutil.threadpool.ThreadPoolImpl$WorkerThread.run(ThreadPoolImpl.java:528)
Caused by: org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 211 completed: No
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.ioexceptionWhenReadingConnection(ORBUtilSystemException.java:3687)
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.ioexceptionWhenReadingConnection(ORBUtilSystemException.java:3706)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.nonBlockingRead(SocketOrChannelConnectionImpl.java:1938)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.doOptimizedReadStrategy(SocketOrChannelConnectionImpl.java:1651)
... 3 more
Caused by: java.io.IOException: End-of-stream
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.nonBlockingRead(SocketOrChannelConnectionImpl.java:1927)
... 4 more
|#]

[b]~~~~~~~~~ EJB-TIER SERVER ~~~~~~~~~~~[/b]

[#|2010-10-26T09:21:42.977-0500|WARNING|glassfish3.0.1|javax.enterprise.resource.corba|_ThreadID=26;_ThreadName=Thread-1;|Can not find resource bundle for this logger. class name that failed: org.glassfish.enterprise.iiop.impl.IIOPSSLSocketFactory|#]

[#|2010-10-26T09:21:42.976-0500|FINE|glassfish3.0.1|javax.enterprise.resource.corba.org.glassfish.enterprise.iiop.impl|_ThreadID=26;_ThreadName=Thread-1;ClassName=org.glassfish.enterprise.iiop.impl.IIOPSSLSocketFactory;MethodName=setAcceptedSocketOptions;|setAcceptedSocketOptions: SocketOrChannelAcceptorImpl[3920 SSL_MUTUALAUTH false true] [SSL: ServerSocket[addr=0.0.0.0/0.0.0.0,port=0,localport=3920]] 2535dec9[SSL_NULL_WITH_NULL_NULL: Socket[addr=/172.21.0.17,port=3085,localport=3920]]|#]

[#|2010-10-26T09:21:42.978-0500|WARNING|glassfish3.0.1|javax.enterprise.resource.corba|_ThreadID=34;_ThreadName=Thread-1;|Can not find resource bundle for this logger. class name that failed: org.glassfish.enterprise.iiop.impl.IIOPSSLSocketFactory|#]

[#|2010-10-26T09:21:42.985-0500|FINE|glassfish3.0.1|javax.enterprise.resource.corba.ee._CORBA_.rpc.protocol|_ThreadID=27;_ThreadName=Thread-1;ClassName=com.sun.corba.ee.impl.protocol.giopmsgheaders.MessageBase;MethodName=readGIOPHeader;|"IOP00410211: (COMM_FAILURE) IOException received when reading from connection SocketOrChannelConnectionImpl[ 2535dec9[SSL_NULL_WITH_NULL_NULL: Socket[addr=/172.21.0.17,port=3085,localport=3920]] ESTABLISHED false false]"
org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 211 completed: No
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.ioexceptionWhenReadingConnection(ORBUtilSystemException.java:3687)
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.ioexceptionWhenReadingConnection(ORBUtilSystemException.java:3706)
at com.sun.corba.ee.impl.protocol.giopmsgheaders.MessageBase.readGIOPHeader(MessageBase.java:136)
at com.sun.corba.ee.impl.protocol.giopmsgheaders.MessageBase.readGIOPMessage(MessageBase.java:121)
at com.sun.corba.ee.impl.transport.CorbaContactInfoBase.createMessageMediator(CorbaContactInfoBase.java:150)
at com.sun.corba.ee.impl.transport.CorbaAcceptorBase.createMessageMediator(CorbaAcceptorBase.java:312)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.readBits(SocketOrChannelConnectionImpl.java:377)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.read(SocketOrChannelConnectionImpl.java:341)
at com.sun.corba.ee.impl.transport.ReaderThreadImpl.doWork(ReaderThreadImpl.java:118)
at com.sun.corba.ee.impl.orbutil.threadpool.ThreadPoolImpl$WorkerThread.performWork(ThreadPoolImpl.java:492)
at com.sun.corba.ee.impl.orbutil.threadpool.ThreadPoolImpl$WorkerThread.run(ThreadPoolImpl.java:528)
Caused by: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
at com.sun.net.ssl.internal.ssl.InputRecord.handleUnknownRecord(InputRecord.java:523)
at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:355)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:789)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1120)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:744)
at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.readFully(SocketOrChannelConnectionImpl.java:653)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.read(SocketOrChannelConnectionImpl.java:477)
at com.sun.corba.ee.impl.protocol.giopmsgheaders.MessageBase.readGIOPHeader(MessageBase.java
:133)
... 8 more
|#]

[#|2010-10-26T09:21:42.985-0500|FINE|glassfish3.0.1|javax.enterprise.resource.corba.ee.S1AS-ORB.rpc.transport|_ThreadID=27;_ThreadName=Thread-1;ClassName=com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl;MethodName=readBits;|"IOP00410208: (COMM_FAILURE) Connection abort"
org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 208 completed: Maybe
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.connectionAbort(ORBUtilSystemException.java:3603)
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.connectionAbort(ORBUtilSystemException.java:3621)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.readBits(SocketOrChannelConnectionImpl.java:420)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.read(SocketOrChannelConnectionImpl.java:341)
at com.sun.corba.ee.impl.transport.ReaderThreadImpl.doWork(ReaderThreadImpl.java:118)
at com.sun.corba.ee.impl.orbutil.threadpool.ThreadPoolImpl$WorkerThread.performWork(ThreadPoolImpl.java:492)
at com.sun.corba.ee.impl.orbutil.threadpool.ThreadPoolImpl$WorkerThread.run(ThreadPoolImpl.java:528)
Caused by: org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 211 completed: No
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.ioexceptionWhenReadingConnection(ORBUtilSystemException.java:3687)
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.ioexceptionWhenReadingConnection(ORBUtilSystemException.java:3706)
at com.sun.corba.ee.impl.protocol.giopmsgheaders.MessageBase.readGIOPHeader(MessageBase.java:136)
at com.sun.corba.ee.impl.protocol.giopmsgheaders.MessageBase.readGIOPMessage(MessageBase.java:121)
at com.sun.corba.ee.impl.transport.CorbaContactInfoBase.createMessageMediator(CorbaContactInfoBase.java:150)
at com.sun.corba.ee.impl.transport.CorbaAcceptorBase.createMessageMediator(CorbaAcceptorBase.java:312)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.readBits(SocketOrChannelConnectionImpl.java:377)
... 4 more
Caused by: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
at com.sun.net.ssl.internal.ssl.InputRecord.handleUnknownRecord(InputRecord.java:523)
at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:355)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:789)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1120)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:744)
at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.readFully(SocketOrChannelConnectionImpl.java:653)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.read(SocketOrChannelConnectionImpl.java:477)
at com.sun.corba.ee.impl.protocol.giopmsgheaders.MessageBase.readGIOPHeader(MessageBase.java:133)
... 8 more
|#]

[#|2010-10-26T09:21:42.986-0500|FINE|glassfish3.0.1|javax.enterprise.resource.corba.ee.S1AS-ORB.rpc.transport|_ThreadID=27;_ThreadName=Thread-1;ClassName=com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl;MethodName=readBits;|"IOP00410217: (COMM_FAILURE) Throwable received in ReadBits"
org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 217 completed: No
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.throwableInReadBits(ORBUtilSystemException.java:3865)
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.throwableInReadBits(ORBUtilSystemException.java:3883)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.readBits(SocketOrChannelConnectionImpl.java:429)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.read(SocketOrChannelConnectionImpl.java:341)
at com.sun.corba.ee.impl.transport.ReaderThreadImpl.doWork(ReaderThreadImpl.java:118)
at com.sun.corba.ee.impl.orbutil.threadpool.ThreadPoolImpl$WorkerThread.performWork(ThreadPoolImpl.java:492)
at com.sun.corba.ee.impl.orbutil.threadpool.ThreadPoolImpl$WorkerThread.run(ThreadPoolImpl.java:528)
Caused by: org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 211 completed: No
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.ioexceptionWhenReadingConnection(ORBUtilSystemException.java:3687)
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.ioexceptionWhenReadingConnection(ORBUtilSystemException.java:3706)
at com.sun.corba.ee.impl.protocol.giopmsgheaders.MessageBase.readGIOPHeader(MessageBase.java:136)
at com.sun.corba.ee.impl.protocol.giopmsgheaders.MessageBase.readGIOPMessage(MessageBase.java:121)
at com.sun.corba.ee.impl.transport.CorbaContactInfoBase.createMessageMediator(CorbaContactInfoBase.java:150)
at com.sun.corba.ee.impl.transport.CorbaAcceptorBase.createMessageMediator(CorbaAcceptorBase.java:312)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.readBits(SocketOrChannelConnectionImpl.java:377)
... 4 more
Caused by: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
at com.sun.net.ssl.internal.ssl.InputRecord.handleUnknownRecord(InputRecord.java:523)
at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:355)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:789)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1120)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:744)
at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.readFully(SocketOrChannelConnectionImpl.java:653)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.read(SocketOrChannelConnectionImpl.java:477)
at com.sun.corba.ee.impl.protocol.giopmsgheaders.MessageBase.readGIOPHeader(MessageBase.java:133)
... 8 more
|#]

[#|2010-10-26T09:21:42.986-0500|FINE|glassfish3.0.1|javax.enterprise.resource.corba.ee.S1AS-ORB.rpc.transport|_ThreadID=27;_ThreadName=Thread-1;ClassName=com.sun.corba.ee.impl.transport.ReaderThreadImpl;MethodName=doWork;|"IOP00710332: (INTERNAL) Exception occurred in reader thread"
org.omg.CORBA.INTERNAL: vmcid: SUN minor code: 332 completed: No
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.exceptionInReaderThread(ORBUtilSystemException.java:8516)
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.exceptionInReaderThread(ORBUtilSystemException.java:8534)
at com.sun.corba.ee.impl.transport.ReaderThreadImpl.doWork(ReaderThreadImpl.java:128)
at com.sun.corba.ee.impl.orbutil.threadpool.ThreadPoolImpl$WorkerThread.performWork(ThreadPoolImpl.java:492)
at com.sun.corba.ee.impl.orbutil.threadpool.ThreadPoolImpl$WorkerThread.run(ThreadPoolImpl.java:528)
Caused by: org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 217 completed: No
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.throwableInReadBits(ORBUtilSystemException.java:3865)
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.throwableInReadBits(ORBUtilSystemException.java:3883)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.readBits(SocketOrChannelConnectionImpl.java:429)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.read(SocketOrChannelConnectionImpl.java:341)
at com.sun.corba.ee.impl.transport.ReaderThreadImpl.doWork(ReaderThreadImpl.java:118)
... 2 more
Caused by: org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 211 completed: No
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.ioexceptionWhenReadingConnection(ORBUtilSystemException.java:3687)
at com.sun.corba.ee.impl.logging.ORBUtilSystemException.ioexceptionWhenReadingConnection(ORBUtilSystemException.java:3706)
at com.sun.corba.ee.impl.protocol.giopmsgheaders.MessageBase.readGIOPHeader(MessageBase.java:136)
at com.sun.corba.ee.impl.protocol.giopmsgheaders.MessageBase.readGIOPMessage(MessageBase.java:121)
at com.sun.corba.ee.impl.transport.CorbaContactInfoBase.createMessageMediator(CorbaContactInfoBase.java:150)
at com.sun.corba.ee.impl.transport.CorbaAcceptorBase.createMessageMediator(CorbaAcceptorBase.java:312)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.readBits(SocketOrChannelConnectionImpl.java:377)
... 4 more
Caused by: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
at com.sun.net.ssl.internal.ssl.InputRecord.handleUnknownRecord(InputRecord.java:523)
at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:355)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:789)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1120)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:744)
at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.readFully(SocketOrChannelConnectionImpl.java:653)
at com.sun.corba.ee.impl.transport.SocketOrChannelConnectionImpl.read(SocketOrChannelConnectionImpl.java:477)
at com.sun.corba.ee.impl.protocol.giopmsgheaders.MessageBase.readGIOPHeader(MessageBase.java:133)
... 8 more
|#]

Dies Koper

My understanding, but I didn't design GF's CORBA implementation, is that
the naming server runs on the IIOP port (3700), so any JNDI lookup/DI
goes to this port first.
The logic listening to this port then sends a reply back with an IOR
with the host/port where to send your requests for the Bean instance
over SSL.
I don't think it's a simple retry as the IOR was sent back the first
time, so I don't think it can work without the non-SSL port.

Hopefully one of the GF CORBA developers will chime in to confirm?

On 2/03/2010 19:51, glassfish@javadesktop.org wrote:
> I just got my standalone EJB client to work over SSL.
> My setup is described below.
>
> The SSL traffic is on port 3820.
> if I use tcpdump (I'm on linux) to monitor the traffic coming to/from 3700 (non SSL port) I see that [b]each [/b]time I do a ctx.lookup() there is activity on this port.
> My guess (please correct me) is that an initial attempt is made on non-SSL, but the config causes this attempt to fail, then somehow, the server tells the client (guessing this) to retry using SSL on port 3820.
> I'd really appreciate any explanation of what is really happening here.
>
> Anyway, it works. ***But***, I really would like it to work on SLL from the get-go.
> I want to avoid all non-SSL traffic - perhaps disable port 3700.
> Is this possible?
>
> [ Setting props.setProperty("org.omg.CORBA.ORBInitialPort", "3820"); Did not work.]
>
> Thanks for any advice.
>
> ============================================
>
> The client:
> =============================================
> Properties props = new Properties();
> props.setProperty("java.naming.factory.initial", "com.sun.enterprise.naming.SerialInitContextFactory");
> props.setProperty("java.naming.factory.url.pkgs", "com.sun.enterprise.naming");
> props.setProperty("java.naming.factory.state",
> "com.sun.corba.ee.impl.presentation.rmi.JNDIStateFactoryImpl");
> props.setProperty("org.omg.CORBA.connection.ORBSocketFactory",
> "com.sun.enterprise.iiop.IIOPSSLSocketFactory");
>
> System.setProperty("javax.net.ssl.trustStore", "myTrustStore") ;
> //System.setProperty("javax.net.debug", "all");
>
> Context ctx = new InitialContext(props);
> ColourManagerBeanRemote cm = (ColourManagerBeanRemote)ctx.lookup("MyTestBean");
> =============================================
> The sun-ejb-jar.xml on the server:
> =============================================
>
> MyFirstTestBean
>
> MyTestBean
>

>
>
> required
> required
>
>

> =============================================[u][/u]
> [Message sent by forum member 'ajvok' (ajvok1@gmail.com)]
>
> http://forums.java.net/jive/thread.jspa?messageID=389577

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@glassfish.dev.java.net
For additional commands, e-mail: users-help@glassfish.dev.java.net

ajvok
Offline
Joined: 2010-02-26
Points: 0

Thank you for the quick reply.
The way you that describe it working sounds very plausible.

I'm new to this, so perhaps my approach is flawed, but I would expect to be able to make the initial request for the IOR over SSL. (Why not?)

Is there some way that GlassFish can be configured to listen on an SLL port for such requests?
I have tried setting 'security' on 3700 using the admin screen, but didn't get very far.
If that could be made to work then I guess the obvious next question is: how then would I tell the client make the initial request over SSL?

It seems odd that I can't encrypt the full traffic. Surely this is possible?

monzillo
Offline
Joined: 2004-05-08
Points: 0

Dies is correct. The initial non ssl interactions are to the name service to acquire the IOR. The IOR will contain the csiv2 mechanism definition derived from the ior-security-config that you configured for your ejb. It is this info that tells the client that it will be required to use SSL when
it invokes the ejb.

I believe every domain includes additional iiop-listener port configs for one-way and mutual ssl.
depending on your domain configuration you may need to enable these listeners; then you would configure your client to define the corresponding orb initial port.

if the client intends to do one-way ssl, you should ensure that the client has been configured to use a truststore containing the cert/public key of the issuer of the (name) server certificate. If you configure your client to contact a port that requires mutual ssl, you will also have to configure the client's keystore and key alias.

Properties p = new Properties();
p.put("org.omg.CORBA.ORBInitialPort","3820");
InitialContext ctx = new InitialContext(p);

you can also do this by setting a system property, or by redefining the default jndi properties.

ajvok
Offline
Joined: 2010-02-26
Points: 0

Thank you for your reply.

When I attempt to use port 3820 I get an exception: "org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 208 completed: Maybe"

Setting the log level to "Finest" for javax.enterprise.resource.corba, the server shows me a whole load of exceptions, but the clue seems to be: "Caused by: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?"

I tell my client to use an SSL port (3820), but I suspect it is attempting to talk 'plaintext' on that port.
[b]How can I tell my client to use SSL? [/b]

Properties props = new Properties();
props.setProperty("java.naming.factory.initial", "com.sun.enterprise.naming.SerialInitContextFactory");
props.setProperty("java.naming.factory.url.pkgs", "com.sun.enterprise.naming");
props.setProperty("java.naming.factory.state", "com.sun.corba.ee.impl.presentation.rmi.JNDIStateFactoryImpl");
props.setProperty("org.omg.CORBA.ORBInitialPort", "3820");
Context ctx = new InitialContext(props);
...and then the ctx.lookup

[u][/u]

Shing Wai Chan

You can try to look at one of my previous blogs:
http://blogs.sun.com/swchan/entry/enterprise_java_bean_over_ssl
Shing Wai Chan

glassfish@javadesktop.org wrote:
> Thank you for your reply.
>
> When I attempt to use port 3820 I get an exception: "org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 208 completed: Maybe"
>
> Setting the log level to "Finest" for javax.enterprise.resource.corba, the server shows me a whole load of exceptions, but the clue seems to be: "Caused by: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?"
>
> I tell my client to use an SSL port (3820), but I suspect it is attempting to talk 'plaintext' on that port.
> [b]How can I tell my client to use SSL? [/b]
>
> Properties props = new Properties();
> props.setProperty("java.naming.factory.initial", "com.sun.enterprise.naming.SerialInitContextFactory");
> props.setProperty("java.naming.factory.url.pkgs", "com.sun.enterprise.naming");
> props.setProperty("java.naming.factory.state", "com.sun.corba.ee.impl.presentation.rmi.JNDIStateFactoryImpl");
> props.setProperty("org.omg.CORBA.ORBInitialPort", "3820");
> Context ctx = new InitialContext(props);
> ...and then the ctx.lookup
>
> [u][/u]
> [Message sent by forum member 'ajvok' (ajvok1@gmail.com)]
>
> http://forums.java.net/jive/thread.jspa?messageID=389638
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@glassfish.dev.java.net
> For additional commands, e-mail: users-help@glassfish.dev.java.net
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@glassfish.dev.java.net
For additional commands, e-mail: users-help@glassfish.dev.java.net

ajvok
Offline
Joined: 2010-02-26
Points: 0

Thanks, Shing Wai, I read your blog.
Unfortunately, what you describe appears to have no significant difference from what I'm already doing.
I think you will find that, with your program, the initial request is still being made on a non-SSL.
Just turn off port 3700 and it will nolonger work.

My problem is *not* that I can't get SSL to work - I can.
The issues is (as Dies described): "..IIOP port (3700), so any JNDI lookup/DI goes to this port first.." Which is non-SSL.
I want to use the SSL port 3820 instead (including the initial lookup for the IOR).

Simply setting:
props.setProperty("org.omg.CORBA.ORBInitialPort", "3820");
Does not work. From what I can tell, this just seems to result in an attempt to contact port 3820 **withouut** using SSL, causing an exception on the server.

It seems that I am not the first to experience this.
http://forums.sun.com/thread.jspa?threadID=587662
..includes a suggestion for working around the problem by building a "custom ORBSocketFactory".
I would be happy to do this, but everywhere I see ORBSocketFactory, I see "deprecated", so suspect that the world has moved on since this post in 2005.
Any ideas how to make this idea work?

Has anyone got a client to work entirely over SSL (no use of port 3700)?
Must be possible. I hope.

Help much appreciated. Thanks.