You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomee.apache.org by weilu <we...@acl.com> on 2008/03/05 23:46:43 UTC

OpenEJB Client with secure socket / SSL

We have a java application that is a client to geronimo 2.0.2.  The client
communicates with the server using remote EJBs.  How can we enable or
configure OpenEJB to use secure sockets?  What server-side configuration is
needed, and if any, what is needed on the client?  Any help or hints that
would point me in the right direction would be appreciated.
(this was posted to the developer's forum by mistake.  my apologies)
-- 
View this message in context: http://www.nabble.com/OpenEJB-Client-with-secure-socket---SSL-tp15862349p15862349.html
Sent from the OpenEJB User mailing list archive at Nabble.com.

Re: OpenEJB Client with secure socket / SSL

Posted by David Blevins <da...@visi.com>.

On Mar 5, 2008, at 3:45 PM, Dain Sundstrom wrote:

> If weilu switched to the ejbd over http, can't he secure the  
> communication using the web container's https implementation?

That might work, but it'd take some hacking.

You'd need to add a servlet like this:

   import org.apache.openejb.loader.SystemInstance;
   import org.apache.openejb.server.ServiceException;
   import org.apache.openejb.server.ejbd.EjbServer;

   import javax.servlet.ServletConfig;
   import javax.servlet.ServletException;
   import javax.servlet.ServletInputStream;
   import javax.servlet.ServletOutputStream;
   import javax.servlet.http.HttpServlet;
   import javax.servlet.http.HttpServletRequest;
   import javax.servlet.http.HttpServletResponse;
   import java.io.IOException;

   public class ServerServlet extends HttpServlet {
       private EjbServer ejbServer;

       public void init(ServletConfig config) {
           ejbServer =  
SystemInstance.get().getComponent(EjbServer.class);
       }

       protected void service(HttpServletRequest request,  
HttpServletResponse response) throws ServletException, IOException {
           ServletInputStream in = request.getInputStream();
           ServletOutputStream out = response.getOutputStream();
           try {
               ejbServer.service(in, out);
           } catch (ServiceException e) {
               throw new ServletException("ServerService error: " +  
ejbServer.getClass().getName() + " -- " + e.getMessage(), e);
           }
       }
   }


Then set the servlet up to run over https.  Don't try and restrict the  
servlet to a specific user as the ejb login happens inside the  
ejbServer.service(..) call.

Finally, in your client code do this to get your InitialContext

   // we can detect urls of "http:" but it seems we don't yet check  
for "https:" so
   // installing this factory explicitly will get around that.
   org.apache.openejb.client.ConnectionManager.setFactory(new  
org.apache.openejb.client.HttpConnectionFactory());

   Properties p = new Properties();
   p.put("java.naming.factory.initial",  
"org.openejb.client.RemoteInitialContextFactory");
   p.put("java.naming.provider.url", "https://youhost:port/pathToTheServerServlet 
");
   // can add security related properties too

   InitialContext ctx = new InitialContext(p);


Not pretty, but it would work.  If it works out, we'll try and make  
the setup easier for the next release.  I've already updated trunk so  
you won't need the ConnectionManager.setFactory call.

-David

Re: OpenEJB Client with secure socket / SSL

Posted by Dain Sundstrom <da...@iq80.com>.

If weilu switched to the ejbd over http, can't he secure the  
communication using the web container's https implementation?

-dain

On Mar 5, 2008, at 3:10 PM, David Blevins wrote:

>
> On Mar 5, 2008, at 2:46 PM, weilu wrote:
>
>> We have a java application that is a client to geronimo 2.0.2.  The  
>> client
>> communicates with the server using remote EJBs.  How can we enable or
>> configure OpenEJB to use secure sockets?
>
> We don't have that feature quite yet.
>
> -David
>
>

Re: OpenEJB Client with secure socket / SSL

Posted by David Blevins <da...@visi.com>.

On Mar 5, 2008, at 2:46 PM, weilu wrote:

> We have a java application that is a client to geronimo 2.0.2.  The  
> client
> communicates with the server using remote EJBs.  How can we enable or
> configure OpenEJB to use secure sockets?

We don't have that feature quite yet.

-David

Re: OpenEJB Client with secure socket / SSL

Posted by weilu <we...@acl.com>.

Thanks very much for the suggestion!  

Wei

-- 
View this message in context: http://www.nabble.com/OpenEJB-Client-with-secure-socket---SSL-tp15862349p15881556.html
Sent from the OpenEJB User mailing list archive at Nabble.com.