You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@geronimo.apache.org by "Zakharov, Vasily M" <va...@intel.com> on 2005/12/08 02:18:32 UTC
RE: JNDI remote authentication problem
John,
Thank you very much for your answer!
> Let me know what happens.
Well, I tried correcting j2ee-server-plan.xml and config.xml, and I also
tried to provide the proper value for allowHosts in GUI installer - it
all didn't help.
What really helped is correcting modules/assembly/maven.xml file and
specifying the IP address of the client in line 247 (specifying host
name or 255.255.255.255 mask also didn't help):
<j:set var="PlanClientAddresses"
value="<MY_CLIENT_HOST_IP_ADDRESS>"/>
and then rebuilding Geronimo.
However, it didn't helped much.
I made additional investigation for the problem location and here's what
I've found:
The problem occurs in file org/openejb/client/Client.java:
http://cvs.codehaus.org/viewrep/openejb/openejb/modules/core/src/java/or
g/openejb/client/Client.java?r=1.5
Previously the problem occured at line 171 (see code, the exceptions are
wrapped badly there):
javax.naming.AuthenticationException: Cannot deternmine server protocol
version: Received null/0.0; nested exception is:
java.io.IOException: Unable to read protocol version. Reached
the end of the stream.
at
org.openejb.client.JNDIContext.authenticate(JNDIContext.java:196)
at
org.openejb.client.JNDIContext.getInitialContext(JNDIContext.java:181)
at javax.naming.spi.NamingManager.getInitialContext(Unknown
Source)
at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
at javax.naming.InitialContext.init(Unknown Source)
at javax.naming.InitialContext.<init>(Unknown Source)
And after the fix to maven.xml and rebuilding Geronimo another error
occurs a bit later, at line 192:
javax.naming.AuthenticationException: Cannot read the response from the
server (OEJP/2.0) : null; nested exception is:
java.io.EOFException
at
org.openejb.client.JNDIContext.authenticate(JNDIContext.java:196)
at
org.openejb.client.JNDIContext.getInitialContext(JNDIContext.java:181)
at javax.naming.spi.NamingManager.getInitialContext(Unknown
Source)
at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
at javax.naming.InitialContext.init(Unknown Source)
at javax.naming.InitialContext.<init>(Unknown Source)
Previous problem was clearly a configuration issue, that was at last
resolved, but I have completely no idea on what to do with this new
problem. :(
Can it be that Geronimo/OpenEJB does not accept remote JNDI connections
at all??
With best regards,
Vasily Zakharov, Intel Managed Runtime Division
-----Original Message-----
From: John Sisson [mailto:jrsisson@gmail.com]
Sent: Wednesday, November 23, 2005 3:23 PM
To: user@geronimo.apache.org
Subject: Re: JNDI remote authentication problem
Hi Vasily,
In the j2ee-server-plan.xml file it configures the IP addresses that the
(OpenEJB) EJB daemon will accept connections from in the "allowHosts"
attribute. For example:
<!-- EJB Protocol -->
<gbean gbeanName="geronimo:type=NetworkService,name=EJB"
class="org.activeio.xnet.StandardServiceStackGBean">
<attribute name="name">EJB</attribute>
<attribute name="port">${PlanOpenEJBPort}</attribute>
<attribute name="host">${PlanServerHostname}</attribute>
<attribute name="allowHosts">${PlanClientAddresses}</attribute>
<attribute
name="logOnSuccess">HOST,NAME,THREADID,USERID</attribute>
<attribute name="logOnFailure">HOST,NAME</attribute>
<reference
name="Executor"><name>DefaultThreadPool</name></reference>
<reference
name="Server"><gbean-name>openejb:type=Server,name=EJB</gbean-name></ref
erence>
</gbean>
The In the geronimo\var\config.xml file (where you can specify attribute
values that can override the values in the deployed plan) you should see
the following section:
<configuration name="org/apache/geronimo/Server">
<gbean name="openejb:type=NetworkService,name=EJB">
<attribute name="host">0.0.0.0</attribute>
<attribute name="port">4201</attribute>
</gbean>
</configuration>
In theory, you should be able to edit the config.xml file and specify
the allowable remote host by doing something like:
<configuration name="org/apache/geronimo/Server">
<gbean name="openejb:type=NetworkService,name=EJB">
<attribute name="host">0.0.0.0</attribute>
<attribute name="port">4201</attribute>
<attribute name="allowHosts">myhostname</attribute>
</gbean>
</configuration>
*** But I have a bug currently open where the port number in the
config.xml file as shown in the example above is not actually used and I
have a feeling the same problem will happen for allowHosts (see
http://issues.apache.org/jira/browse/GERONIMO-1151 ). I haven't had a
chance to debug this yet. Let me know what happens.
I think most of the testing so far has been done on the localhost with
the default port.
Regards,
John
Zakharov, Vasily M wrote:
> Hello, all.
>
>
>
> I'm trying to run an application that should access the beans
> (deployed in a Geronimo server running on other machine) with a JNDI
> request.
>
>
>
> However, I get the following exception immediately at "new
> InitialContext()" statement:
>
>
>
> javax.naming.AuthenticationException: Cannot deternmine server
> protocol version: Received null/0.0; nested exception
> is:
>
> java.io.IOException: Unable to read protocol version. Reached
> the end of the stream.
>
>
>
> The Geronimo console states the following at that moment:
>
>
>
> 15:31:20,132 ERROR [EJB] Host <app-host> is not authorized to access
> this service.
>
> java.lang.SecurityException: Host <app-host> is not authorized to
> access this service.
>
> at
>
org.activeio.xnet.hba.ServiceAccessController.checkHostsAuthorization(Se
rviceAccessController.java:78)
>
> at
>
org.activeio.xnet.hba.ServiceAccessController.service(ServiceAccessContr
oller.java:51)
>
> at
org.activeio.xnet.ServiceLogger.service(ServiceLogger.java:74)
>
> at
>
org.activeio.xnet.ServiceDaemon$SocketListener.run(ServiceDaemon.java:15
1)
>
> at java.lang.Thread.run(Unknown Source)
>
>
>
> (here <app-host> replaces the IP address of the machine where I run my
> application)
>
>
>
> I'm using a default installation of Geronimo 1.0 M5, and Windows XP
> SP2 and Sun's JRE 1.4.2_08 on both machines.
>
>
>
> The client application's system properties include:
>
>
java.naming.factory.initial=org.openejb.client.RemoteInitialContextFacto
ry
>
> java.naming.provider.url=<geronimo-host>:4201
>
> java.naming.security.principal=system
>
> java.naming.security.credentials=manager
>
>
>
> (here <geronimo-host> replaces the name of the machine where Geronimo
> is running and principal/credentials are the same I use to login to
> Geronimo console)
>
>
>
> Also, I've put a local copy of openejb-core-2.0-G1M5.jar to the
> application's classpath for context factory to be found.
>
>
>
> Could somebody please point me at what I'm doing wrong and how can I
> tune Geronimo to accept JNDI connections from the remote machine?
>
>
>
> Thanks in advance,
>
>
>
> Vasily Zakharov, Intel Managed Runtime Division
>
Re: JNDI remote authentication problem
Posted by Jeremy Whitlock <jc...@gmail.com>.
That should work. Dain found the issue while I was working on
GERONIMO-1151:
http://issues.apache.org/jira/browse/GERONIMO-1151
Now that we know that OpenEJB is retaining the proper values from the
config.xml, I would retry.
Take care,
Jeremy
On 12/9/05, David Jencks <da...@yahoo.com> wrote:
>
> We did a little experiment and think that this works:
>
> <configuration name="geronimo/j2ee-server/1.0/car">
> <gbean name="geronimo:name=EJB,type=NetworkService">
> <attribute name="host">0.0.0.0</attribute>
> <attribute name="port">4201</attribute>
> <attribute name="allowHosts">0.0.0.0</attribute>
> </gbean>
> </configuration>
>
> However we are not the experts, maybe dblevins will have more to say.
>
> many thanks
> david jencks
>
> On Dec 7, 2005, at 5:18 PM, Zakharov, Vasily M wrote:
>
> > John,
> >
> > Thank you very much for your answer!
> >
> >> Let me know what happens.
> >
> > Well, I tried correcting j2ee-server-plan.xml and config.xml, and I
> > also
> > tried to provide the proper value for allowHosts in GUI installer - it
> > all didn't help.
> >
> > What really helped is correcting modules/assembly/maven.xml file and
> > specifying the IP address of the client in line 247 (specifying host
> > name or 255.255.255.255 mask also didn't help):
> >
> > <j:set var="PlanClientAddresses"
> > value="<MY_CLIENT_HOST_IP_ADDRESS>"/>
> >
> > and then rebuilding Geronimo.
> >
> > However, it didn't helped much.
> > I made additional investigation for the problem location and here's
> > what
> > I've found:
> >
> > The problem occurs in file org/openejb/client/Client.java:
> > http://cvs.codehaus.org/viewrep/openejb/openejb/modules/core/src/java/
> > or
> > g/openejb/client/Client.java?r=1.5
> >
> > Previously the problem occured at line 171 (see code, the exceptions
> > are
> > wrapped badly there):
> >
> > javax.naming.AuthenticationException: Cannot deternmine server protocol
> > version: Received null/0.0; nested exception is:
> > java.io.IOException: Unable to read protocol version. Reached
> > the end of the stream.
> > at
> > org.openejb.client.JNDIContext.authenticate(JNDIContext.java:196)
> > at
> > org.openejb.client.JNDIContext.getInitialContext(JNDIContext.java:181)
> > at javax.naming.spi.NamingManager.getInitialContext(Unknown
> > Source)
> > at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
> > at javax.naming.InitialContext.init(Unknown Source)
> > at javax.naming.InitialContext.<init>(Unknown Source)
> >
> > And after the fix to maven.xml and rebuilding Geronimo another error
> > occurs a bit later, at line 192:
> >
> > javax.naming.AuthenticationException: Cannot read the response from the
> > server (OEJP/2.0) : null; nested exception is:
> > java.io.EOFException
> > at
> > org.openejb.client.JNDIContext.authenticate(JNDIContext.java:196)
> > at
> > org.openejb.client.JNDIContext.getInitialContext(JNDIContext.java:181)
> > at javax.naming.spi.NamingManager.getInitialContext(Unknown
> > Source)
> > at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
> > at javax.naming.InitialContext.init(Unknown Source)
> > at javax.naming.InitialContext.<init>(Unknown Source)
> >
> > Previous problem was clearly a configuration issue, that was at last
> > resolved, but I have completely no idea on what to do with this new
> > problem. :(
> >
> > Can it be that Geronimo/OpenEJB does not accept remote JNDI connections
> > at all??
> >
> > With best regards,
> > Vasily Zakharov, Intel Managed Runtime Division
> >
> >
> >
> > -----Original Message-----
> > From: John Sisson [mailto:jrsisson@gmail.com]
> > Sent: Wednesday, November 23, 2005 3:23 PM
> > To: user@geronimo.apache.org
> > Subject: Re: JNDI remote authentication problem
> >
> > Hi Vasily,
> >
> > In the j2ee-server-plan.xml file it configures the IP addresses that
> > the
> >
> > (OpenEJB) EJB daemon will accept connections from in the "allowHosts"
> > attribute. For example:
> >
> > <!-- EJB Protocol -->
> > <gbean gbeanName="geronimo:type=NetworkService,name=EJB"
> > class="org.activeio.xnet.StandardServiceStackGBean">
> > <attribute name="name">EJB</attribute>
> > <attribute name="port">${PlanOpenEJBPort}</attribute>
> > <attribute name="host">${PlanServerHostname}</attribute>
> > <attribute name="allowHosts">${PlanClientAddresses}</attribute>
> > <attribute
> > name="logOnSuccess">HOST,NAME,THREADID,USERID</attribute>
> > <attribute name="logOnFailure">HOST,NAME</attribute>
> > <reference
> > name="Executor"><name>DefaultThreadPool</name></reference>
> > <reference
> > name="Server"><gbean-name>openejb:type=Server,name=EJB</gbean-name></
> > ref
> > erence>
> > </gbean>
> >
> > The In the geronimo\var\config.xml file (where you can specify
> > attribute
> >
> > values that can override the values in the deployed plan) you should
> > see
> >
> > the following section:
> >
> > <configuration name="org/apache/geronimo/Server">
> > <gbean name="openejb:type=NetworkService,name=EJB">
> > <attribute name="host">0.0.0.0</attribute>
> > <attribute name="port">4201</attribute>
> > </gbean>
> > </configuration>
> >
> > In theory, you should be able to edit the config.xml file and specify
> > the allowable remote host by doing something like:
> >
> > <configuration name="org/apache/geronimo/Server">
> > <gbean name="openejb:type=NetworkService,name=EJB">
> > <attribute name="host">0.0.0.0</attribute>
> > <attribute name="port">4201</attribute>
> > <attribute name="allowHosts">myhostname</attribute>
> > </gbean>
> > </configuration>
> >
> > *** But I have a bug currently open where the port number in the
> > config.xml file as shown in the example above is not actually used and
> > I
> >
> > have a feeling the same problem will happen for allowHosts (see
> > http://issues.apache.org/jira/browse/GERONIMO-1151 ). I haven't had a
> > chance to debug this yet. Let me know what happens.
> >
> > I think most of the testing so far has been done on the localhost with
> > the default port.
> >
> > Regards,
> >
> > John
> >
> > Zakharov, Vasily M wrote:
> >
> >> Hello, all.
> >>
> >>
> >>
> >> I'm trying to run an application that should access the beans
> >> (deployed in a Geronimo server running on other machine) with a JNDI
> >> request.
> >>
> >>
> >>
> >> However, I get the following exception immediately at "new
> >> InitialContext()" statement:
> >>
> >>
> >>
> >> javax.naming.AuthenticationException: Cannot deternmine server
> >> protocol version: Received null/0.0; nested exception
> >> is:
> >>
> >> java.io.IOException: Unable to read protocol version. Reached
> >
> >> the end of the stream.
> >>
> >>
> >>
> >> The Geronimo console states the following at that moment:
> >>
> >>
> >>
> >> 15:31:20,132 ERROR [EJB] Host <app-host> is not authorized to access
> >> this service.
> >>
> >> java.lang.SecurityException: Host <app-host> is not authorized to
> >> access this service.
> >>
> >> at
> >>
> > org.activeio.xnet.hba.ServiceAccessController.checkHostsAuthorization(S
> > e
> > rviceAccessController.java:78)
> >>
> >> at
> >>
> > org.activeio.xnet.hba.ServiceAccessController.service(ServiceAccessCont
> > r
> > oller.java:51)
> >>
> >> at
> > org.activeio.xnet.ServiceLogger.service(ServiceLogger.java:74)
> >>
> >> at
> >>
> > org.activeio.xnet.ServiceDaemon$SocketListener.run(ServiceDaemon.java:
> > 15
> > 1)
> >>
> >> at java.lang.Thread.run(Unknown Source)
> >>
> >>
> >>
> >> (here <app-host> replaces the IP address of the machine where I run my
> >
> >> application)
> >>
> >>
> >>
> >> I'm using a default installation of Geronimo 1.0 M5, and Windows XP
> >> SP2 and Sun's JRE 1.4.2_08 on both machines.
> >>
> >>
> >>
> >> The client application's system properties include:
> >>
> >>
> > java.naming.factory.initial=org.openejb.client.RemoteInitialContextFact
> > o
> > ry
> >>
> >> java.naming.provider.url=<geronimo-host>:4201
> >>
> >> java.naming.security.principal=system
> >>
> >> java.naming.security.credentials=manager
> >>
> >>
> >>
> >> (here <geronimo-host> replaces the name of the machine where Geronimo
> >> is running and principal/credentials are the same I use to login to
> >> Geronimo console)
> >>
> >>
> >>
> >> Also, I've put a local copy of openejb-core-2.0-G1M5.jar to the
> >> application's classpath for context factory to be found.
> >>
> >>
> >>
> >> Could somebody please point me at what I'm doing wrong and how can I
> >> tune Geronimo to accept JNDI connections from the remote machine?
> >>
> >>
> >>
> >> Thanks in advance,
> >>
> >>
> >>
> >> Vasily Zakharov, Intel Managed Runtime Division
> >>
> >
>
>
Re: JNDI remote authentication problem
Posted by David Jencks <da...@yahoo.com>.
We did a little experiment and think that this works:
<configuration name="geronimo/j2ee-server/1.0/car">
<gbean name="geronimo:name=EJB,type=NetworkService">
<attribute name="host">0.0.0.0</attribute>
<attribute name="port">4201</attribute>
<attribute name="allowHosts">0.0.0.0</attribute>
</gbean>
</configuration>
However we are not the experts, maybe dblevins will have more to say.
many thanks
david jencks
On Dec 7, 2005, at 5:18 PM, Zakharov, Vasily M wrote:
> John,
>
> Thank you very much for your answer!
>
>> Let me know what happens.
>
> Well, I tried correcting j2ee-server-plan.xml and config.xml, and I
> also
> tried to provide the proper value for allowHosts in GUI installer - it
> all didn't help.
>
> What really helped is correcting modules/assembly/maven.xml file and
> specifying the IP address of the client in line 247 (specifying host
> name or 255.255.255.255 mask also didn't help):
>
> <j:set var="PlanClientAddresses"
> value="<MY_CLIENT_HOST_IP_ADDRESS>"/>
>
> and then rebuilding Geronimo.
>
> However, it didn't helped much.
> I made additional investigation for the problem location and here's
> what
> I've found:
>
> The problem occurs in file org/openejb/client/Client.java:
> http://cvs.codehaus.org/viewrep/openejb/openejb/modules/core/src/java/
> or
> g/openejb/client/Client.java?r=1.5
>
> Previously the problem occured at line 171 (see code, the exceptions
> are
> wrapped badly there):
>
> javax.naming.AuthenticationException: Cannot deternmine server protocol
> version: Received null/0.0; nested exception is:
> java.io.IOException: Unable to read protocol version. Reached
> the end of the stream.
> at
> org.openejb.client.JNDIContext.authenticate(JNDIContext.java:196)
> at
> org.openejb.client.JNDIContext.getInitialContext(JNDIContext.java:181)
> at javax.naming.spi.NamingManager.getInitialContext(Unknown
> Source)
> at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
> at javax.naming.InitialContext.init(Unknown Source)
> at javax.naming.InitialContext.<init>(Unknown Source)
>
> And after the fix to maven.xml and rebuilding Geronimo another error
> occurs a bit later, at line 192:
>
> javax.naming.AuthenticationException: Cannot read the response from the
> server (OEJP/2.0) : null; nested exception is:
> java.io.EOFException
> at
> org.openejb.client.JNDIContext.authenticate(JNDIContext.java:196)
> at
> org.openejb.client.JNDIContext.getInitialContext(JNDIContext.java:181)
> at javax.naming.spi.NamingManager.getInitialContext(Unknown
> Source)
> at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
> at javax.naming.InitialContext.init(Unknown Source)
> at javax.naming.InitialContext.<init>(Unknown Source)
>
> Previous problem was clearly a configuration issue, that was at last
> resolved, but I have completely no idea on what to do with this new
> problem. :(
>
> Can it be that Geronimo/OpenEJB does not accept remote JNDI connections
> at all??
>
> With best regards,
> Vasily Zakharov, Intel Managed Runtime Division
>
>
>
> -----Original Message-----
> From: John Sisson [mailto:jrsisson@gmail.com]
> Sent: Wednesday, November 23, 2005 3:23 PM
> To: user@geronimo.apache.org
> Subject: Re: JNDI remote authentication problem
>
> Hi Vasily,
>
> In the j2ee-server-plan.xml file it configures the IP addresses that
> the
>
> (OpenEJB) EJB daemon will accept connections from in the "allowHosts"
> attribute. For example:
>
> <!-- EJB Protocol -->
> <gbean gbeanName="geronimo:type=NetworkService,name=EJB"
> class="org.activeio.xnet.StandardServiceStackGBean">
> <attribute name="name">EJB</attribute>
> <attribute name="port">${PlanOpenEJBPort}</attribute>
> <attribute name="host">${PlanServerHostname}</attribute>
> <attribute name="allowHosts">${PlanClientAddresses}</attribute>
> <attribute
> name="logOnSuccess">HOST,NAME,THREADID,USERID</attribute>
> <attribute name="logOnFailure">HOST,NAME</attribute>
> <reference
> name="Executor"><name>DefaultThreadPool</name></reference>
> <reference
> name="Server"><gbean-name>openejb:type=Server,name=EJB</gbean-name></
> ref
> erence>
> </gbean>
>
> The In the geronimo\var\config.xml file (where you can specify
> attribute
>
> values that can override the values in the deployed plan) you should
> see
>
> the following section:
>
> <configuration name="org/apache/geronimo/Server">
> <gbean name="openejb:type=NetworkService,name=EJB">
> <attribute name="host">0.0.0.0</attribute>
> <attribute name="port">4201</attribute>
> </gbean>
> </configuration>
>
> In theory, you should be able to edit the config.xml file and specify
> the allowable remote host by doing something like:
>
> <configuration name="org/apache/geronimo/Server">
> <gbean name="openejb:type=NetworkService,name=EJB">
> <attribute name="host">0.0.0.0</attribute>
> <attribute name="port">4201</attribute>
> <attribute name="allowHosts">myhostname</attribute>
> </gbean>
> </configuration>
>
> *** But I have a bug currently open where the port number in the
> config.xml file as shown in the example above is not actually used and
> I
>
> have a feeling the same problem will happen for allowHosts (see
> http://issues.apache.org/jira/browse/GERONIMO-1151 ). I haven't had a
> chance to debug this yet. Let me know what happens.
>
> I think most of the testing so far has been done on the localhost with
> the default port.
>
> Regards,
>
> John
>
> Zakharov, Vasily M wrote:
>
>> Hello, all.
>>
>>
>>
>> I'm trying to run an application that should access the beans
>> (deployed in a Geronimo server running on other machine) with a JNDI
>> request.
>>
>>
>>
>> However, I get the following exception immediately at "new
>> InitialContext()" statement:
>>
>>
>>
>> javax.naming.AuthenticationException: Cannot deternmine server
>> protocol version: Received null/0.0; nested exception
>> is:
>>
>> java.io.IOException: Unable to read protocol version. Reached
>
>> the end of the stream.
>>
>>
>>
>> The Geronimo console states the following at that moment:
>>
>>
>>
>> 15:31:20,132 ERROR [EJB] Host <app-host> is not authorized to access
>> this service.
>>
>> java.lang.SecurityException: Host <app-host> is not authorized to
>> access this service.
>>
>> at
>>
> org.activeio.xnet.hba.ServiceAccessController.checkHostsAuthorization(S
> e
> rviceAccessController.java:78)
>>
>> at
>>
> org.activeio.xnet.hba.ServiceAccessController.service(ServiceAccessCont
> r
> oller.java:51)
>>
>> at
> org.activeio.xnet.ServiceLogger.service(ServiceLogger.java:74)
>>
>> at
>>
> org.activeio.xnet.ServiceDaemon$SocketListener.run(ServiceDaemon.java:
> 15
> 1)
>>
>> at java.lang.Thread.run(Unknown Source)
>>
>>
>>
>> (here <app-host> replaces the IP address of the machine where I run my
>
>> application)
>>
>>
>>
>> I'm using a default installation of Geronimo 1.0 M5, and Windows XP
>> SP2 and Sun's JRE 1.4.2_08 on both machines.
>>
>>
>>
>> The client application's system properties include:
>>
>>
> java.naming.factory.initial=org.openejb.client.RemoteInitialContextFact
> o
> ry
>>
>> java.naming.provider.url=<geronimo-host>:4201
>>
>> java.naming.security.principal=system
>>
>> java.naming.security.credentials=manager
>>
>>
>>
>> (here <geronimo-host> replaces the name of the machine where Geronimo
>> is running and principal/credentials are the same I use to login to
>> Geronimo console)
>>
>>
>>
>> Also, I've put a local copy of openejb-core-2.0-G1M5.jar to the
>> application's classpath for context factory to be found.
>>
>>
>>
>> Could somebody please point me at what I'm doing wrong and how can I
>> tune Geronimo to accept JNDI connections from the remote machine?
>>
>>
>>
>> Thanks in advance,
>>
>>
>>
>> Vasily Zakharov, Intel Managed Runtime Division
>>
>
Re: JNDI remote authentication problem
Posted by Jeremy Whitlock <jc...@gmail.com>.
All,
It appears that the issue with OpenEJB not retaining the port number
was due to a naming issue and not a problem withing OpenEJB so I do not
think this issue is related to GERONIMO-1151. Sorry about that.
Take care,
Jeremy
On 12/7/05, Jeremy Whitlock <jc...@gmail.com> wrote:
>
> Vasily,
> I am currently looking into how well OpenEJB is obeying the
> config.xml for setting its properties. I think your issue could be a
> side-effect of GERONIMO-1151 located here:
>
> http://issues.apache.org/jira/browse/GERONIMO-1151
>
> As soon as I have this fixed, which has to be tonight, I'll be able to
> tell you for sure if this is the case.
>
> Take care,
>
> Jeremy
>
> On 12/7/05, Zakharov, Vasily M <va...@intel.com> wrote:
> >
> > John,
> >
> > Thank you very much for your answer!
> >
> > > Let me know what happens.
> >
> > Well, I tried correcting j2ee-server-plan.xml and config.xml, and I also
> > tried to provide the proper value for allowHosts in GUI installer - it
> > all didn't help.
> >
> > What really helped is correcting modules/assembly/maven.xml file and
> > specifying the IP address of the client in line 247 (specifying host
> > name or 255.255.255.255 mask also didn't help):
> >
> > <j:set var="PlanClientAddresses"
> > value="<MY_CLIENT_HOST_IP_ADDRESS>"/>
> >
> > and then rebuilding Geronimo.
> >
> > However, it didn't helped much.
> > I made additional investigation for the problem location and here's what
> > I've found:
> >
> > The problem occurs in file org/openejb/client/Client.java:
> > http://cvs.codehaus.org/viewrep/openejb/openejb/modules/core/src/java/or
> > g/openejb/client/Client.java?r=1.5
> >
> > Previously the problem occured at line 171 (see code, the exceptions are
> > wrapped badly there):
> >
> > javax.naming.AuthenticationException: Cannot deternmine server protocol
> > version: Received null/0.0; nested exception is:
> > java.io.IOException: Unable to read protocol version. Reached
> > the end of the stream.
> > at
> > org.openejb.client.JNDIContext.authenticate(JNDIContext.java:196)
> > at
> > org.openejb.client.JNDIContext.getInitialContext(JNDIContext.java:181)
> > at javax.naming.spi.NamingManager.getInitialContext (Unknown
> > Source)
> > at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
> > at javax.naming.InitialContext.init(Unknown Source)
> > at javax.naming.InitialContext.<init>(Unknown Source)
> >
> > And after the fix to maven.xml and rebuilding Geronimo another error
> > occurs a bit later, at line 192:
> >
> > javax.naming.AuthenticationException: Cannot read the response from the
> > server (OEJP/2.0) : null; nested exception is:
> > java.io.EOFException
> > at
> > org.openejb.client.JNDIContext.authenticate(JNDIContext.java:196)
> > at
> > org.openejb.client.JNDIContext.getInitialContext(JNDIContext.java:181)
> > at javax.naming.spi.NamingManager.getInitialContext (Unknown
> > Source)
> > at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
> > at javax.naming.InitialContext.init(Unknown Source)
> > at javax.naming.InitialContext.<init>(Unknown Source)
> >
> > Previous problem was clearly a configuration issue, that was at last
> > resolved, but I have completely no idea on what to do with this new
> > problem. :(
> >
> > Can it be that Geronimo/OpenEJB does not accept remote JNDI connections
> > at all??
> >
> > With best regards,
> > Vasily Zakharov, Intel Managed Runtime Division
> >
> >
> >
> > -----Original Message-----
> > From: John Sisson [mailto:jrsisson@gmail.com ]
> > Sent: Wednesday, November 23, 2005 3:23 PM
> > To: user@geronimo.apache.org
> > Subject: Re: JNDI remote authentication problem
> >
> > Hi Vasily,
> >
> > In the j2ee-server-plan.xml file it configures the IP addresses that the
> >
> > (OpenEJB) EJB daemon will accept connections from in the "allowHosts"
> > attribute. For example:
> >
> > <!-- EJB Protocol -->
> > <gbean gbeanName="geronimo:type=NetworkService,name=EJB"
> > class="org.activeio.xnet.StandardServiceStackGBean">
> > <attribute name="name">EJB</attribute>
> > <attribute name="port">${PlanOpenEJBPort}</attribute>
> > <attribute name="host">${PlanServerHostname}</attribute>
> > <attribute name="allowHosts">${PlanClientAddresses}</attribute>
> > <attribute
> > name="logOnSuccess">HOST,NAME,THREADID,USERID</attribute>
> > <attribute name="logOnFailure">HOST,NAME</attribute>
> > <reference
> > name="Executor"><name>DefaultThreadPool</name></reference>
> > <reference
> > name="Server"><gbean-name>openejb:type=Server,name=EJB</gbean-name></ref
> > erence>
> > </gbean>
> >
> > The In the geronimo\var\config.xml file (where you can specify attribute
> >
> > values that can override the values in the deployed plan) you should see
> >
> > the following section:
> >
> > <configuration name="org/apache/geronimo/Server">
> > <gbean name="openejb:type=NetworkService,name=EJB">
> > <attribute name="host">0.0.0.0</attribute>
> > <attribute name="port">4201</attribute>
> > </gbean>
> > </configuration>
> >
> > In theory, you should be able to edit the config.xml file and specify
> > the allowable remote host by doing something like:
> >
> > <configuration name="org/apache/geronimo/Server">
> > <gbean name="openejb:type=NetworkService,name=EJB">
> > <attribute name="host">0.0.0.0</attribute>
> > <attribute name="port">4201</attribute>
> > <attribute name="allowHosts">myhostname</attribute>
> > </gbean>
> > </configuration>
> >
> > *** But I have a bug currently open where the port number in the
> > config.xml file as shown in the example above is not actually used and I
> >
> > have a feeling the same problem will happen for allowHosts (see
> > http://issues.apache.org/jira/browse/GERONIMO-1151 ). I haven't had a
> > chance to debug this yet. Let me know what happens.
> >
> > I think most of the testing so far has been done on the localhost with
> > the default port.
> >
> > Regards,
> >
> > John
> >
> > Zakharov, Vasily M wrote:
> >
> > > Hello, all.
> > >
> > >
> > >
> > > I'm trying to run an application that should access the beans
> > > (deployed in a Geronimo server running on other machine) with a JNDI
> > > request.
> > >
> > >
> > >
> > > However, I get the following exception immediately at "new
> > > InitialContext()" statement:
> > >
> > >
> > >
> > > javax.naming.AuthenticationException : Cannot deternmine server
> > > protocol version: Received null/0.0; nested exception
> > > is:
> > >
> > > java.io.IOException: Unable to read protocol version. Reached
> >
> > > the end of the stream.
> > >
> > >
> > >
> > > The Geronimo console states the following at that moment:
> > >
> > >
> > >
> > > 15:31:20,132 ERROR [EJB] Host <app-host> is not authorized to access
> > > this service.
> > >
> > > java.lang.SecurityException: Host <app-host> is not authorized to
> > > access this service.
> > >
> > > at
> > >
> > org.activeio.xnet.hba.ServiceAccessController.checkHostsAuthorization(Se
> > rviceAccessController.java:78)
> > >
> > > at
> > >
> > org.activeio.xnet.hba.ServiceAccessController.service(ServiceAccessContr
> > oller.java:51)
> > >
> > > at
> > org.activeio.xnet.ServiceLogger.service (ServiceLogger.java:74)
> > >
> > > at
> > >
> > org.activeio.xnet.ServiceDaemon$SocketListener.run(ServiceDaemon.java:15
> > 1)
> > >
> > > at java.lang.Thread.run(Unknown Source)
> > >
> > >
> > >
> > > (here <app-host> replaces the IP address of the machine where I run my
> >
> > > application)
> > >
> > >
> > >
> > > I'm using a default installation of Geronimo 1.0 M5, and Windows XP
> > > SP2 and Sun's JRE 1.4.2_08 on both machines.
> > >
> > >
> > >
> > > The client application's system properties include:
> > >
> > >
> > java.naming.factory.initial=org.openejb.client.RemoteInitialContextFacto
> > ry
> > >
> > > java.naming.provider.url=<geronimo-host>:4201
> > >
> > > java.naming.security.principal=system
> > >
> > > java.naming.security.credentials=manager
> > >
> > >
> > >
> > > (here <geronimo-host> replaces the name of the machine where Geronimo
> > > is running and principal/credentials are the same I use to login to
> > > Geronimo console)
> > >
> > >
> > >
> > > Also, I've put a local copy of openejb-core-2.0-G1M5.jar to the
> > > application's classpath for context factory to be found.
> > >
> > >
> > >
> > > Could somebody please point me at what I'm doing wrong and how can I
> > > tune Geronimo to accept JNDI connections from the remote machine?
> > >
> > >
> > >
> > > Thanks in advance,
> > >
> > >
> > >
> > > Vasily Zakharov, Intel Managed Runtime Division
> > >
> >
> >
>
Re: JNDI remote authentication problem
Posted by Jeremy Whitlock <jc...@gmail.com>.
Vasily,
I am currently looking into how well OpenEJB is obeying the
config.xmlfor setting its properties. I think your issue could be a
side-effect of
GERONIMO-1151 located here:
http://issues.apache.org/jira/browse/GERONIMO-1151
As soon as I have this fixed, which has to be tonight, I'll be able to tell
you for sure if this is the case.
Take care,
Jeremy
On 12/7/05, Zakharov, Vasily M <va...@intel.com> wrote:
>
> John,
>
> Thank you very much for your answer!
>
> > Let me know what happens.
>
> Well, I tried correcting j2ee-server-plan.xml and config.xml, and I also
> tried to provide the proper value for allowHosts in GUI installer - it
> all didn't help.
>
> What really helped is correcting modules/assembly/maven.xml file and
> specifying the IP address of the client in line 247 (specifying host
> name or 255.255.255.255 mask also didn't help):
>
> <j:set var="PlanClientAddresses"
> value="<MY_CLIENT_HOST_IP_ADDRESS>"/>
>
> and then rebuilding Geronimo.
>
> However, it didn't helped much.
> I made additional investigation for the problem location and here's what
> I've found:
>
> The problem occurs in file org/openejb/client/Client.java:
> http://cvs.codehaus.org/viewrep/openejb/openejb/modules/core/src/java/or
> g/openejb/client/Client.java?r=1.5
>
> Previously the problem occured at line 171 (see code, the exceptions are
> wrapped badly there):
>
> javax.naming.AuthenticationException: Cannot deternmine server protocol
> version: Received null/0.0; nested exception is:
> java.io.IOException: Unable to read protocol version. Reached
> the end of the stream.
> at
> org.openejb.client.JNDIContext.authenticate(JNDIContext.java:196)
> at
> org.openejb.client.JNDIContext.getInitialContext(JNDIContext.java:181)
> at javax.naming.spi.NamingManager.getInitialContext(Unknown
> Source)
> at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
> at javax.naming.InitialContext.init(Unknown Source)
> at javax.naming.InitialContext.<init>(Unknown Source)
>
> And after the fix to maven.xml and rebuilding Geronimo another error
> occurs a bit later, at line 192:
>
> javax.naming.AuthenticationException: Cannot read the response from the
> server (OEJP/2.0) : null; nested exception is:
> java.io.EOFException
> at
> org.openejb.client.JNDIContext.authenticate(JNDIContext.java:196)
> at
> org.openejb.client.JNDIContext.getInitialContext(JNDIContext.java:181)
> at javax.naming.spi.NamingManager.getInitialContext(Unknown
> Source)
> at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
> at javax.naming.InitialContext.init(Unknown Source)
> at javax.naming.InitialContext.<init>(Unknown Source)
>
> Previous problem was clearly a configuration issue, that was at last
> resolved, but I have completely no idea on what to do with this new
> problem. :(
>
> Can it be that Geronimo/OpenEJB does not accept remote JNDI connections
> at all??
>
> With best regards,
> Vasily Zakharov, Intel Managed Runtime Division
>
>
>
> -----Original Message-----
> From: John Sisson [mailto:jrsisson@gmail.com]
> Sent: Wednesday, November 23, 2005 3:23 PM
> To: user@geronimo.apache.org
> Subject: Re: JNDI remote authentication problem
>
> Hi Vasily,
>
> In the j2ee-server-plan.xml file it configures the IP addresses that the
>
> (OpenEJB) EJB daemon will accept connections from in the "allowHosts"
> attribute. For example:
>
> <!-- EJB Protocol -->
> <gbean gbeanName="geronimo:type=NetworkService,name=EJB"
> class="org.activeio.xnet.StandardServiceStackGBean">
> <attribute name="name">EJB</attribute>
> <attribute name="port">${PlanOpenEJBPort}</attribute>
> <attribute name="host">${PlanServerHostname}</attribute>
> <attribute name="allowHosts">${PlanClientAddresses}</attribute>
> <attribute
> name="logOnSuccess">HOST,NAME,THREADID,USERID</attribute>
> <attribute name="logOnFailure">HOST,NAME</attribute>
> <reference
> name="Executor"><name>DefaultThreadPool</name></reference>
> <reference
> name="Server"><gbean-name>openejb:type=Server,name=EJB</gbean-name></ref
> erence>
> </gbean>
>
> The In the geronimo\var\config.xml file (where you can specify attribute
>
> values that can override the values in the deployed plan) you should see
>
> the following section:
>
> <configuration name="org/apache/geronimo/Server">
> <gbean name="openejb:type=NetworkService,name=EJB">
> <attribute name="host">0.0.0.0</attribute>
> <attribute name="port">4201</attribute>
> </gbean>
> </configuration>
>
> In theory, you should be able to edit the config.xml file and specify
> the allowable remote host by doing something like:
>
> <configuration name="org/apache/geronimo/Server">
> <gbean name="openejb:type=NetworkService,name=EJB">
> <attribute name="host">0.0.0.0</attribute>
> <attribute name="port">4201</attribute>
> <attribute name="allowHosts">myhostname</attribute>
> </gbean>
> </configuration>
>
> *** But I have a bug currently open where the port number in the
> config.xml file as shown in the example above is not actually used and I
>
> have a feeling the same problem will happen for allowHosts (see
> http://issues.apache.org/jira/browse/GERONIMO-1151 ). I haven't had a
> chance to debug this yet. Let me know what happens.
>
> I think most of the testing so far has been done on the localhost with
> the default port.
>
> Regards,
>
> John
>
> Zakharov, Vasily M wrote:
>
> > Hello, all.
> >
> >
> >
> > I'm trying to run an application that should access the beans
> > (deployed in a Geronimo server running on other machine) with a JNDI
> > request.
> >
> >
> >
> > However, I get the following exception immediately at "new
> > InitialContext()" statement:
> >
> >
> >
> > javax.naming.AuthenticationException: Cannot deternmine server
> > protocol version: Received null/0.0; nested exception
> > is:
> >
> > java.io.IOException: Unable to read protocol version. Reached
>
> > the end of the stream.
> >
> >
> >
> > The Geronimo console states the following at that moment:
> >
> >
> >
> > 15:31:20,132 ERROR [EJB] Host <app-host> is not authorized to access
> > this service.
> >
> > java.lang.SecurityException: Host <app-host> is not authorized to
> > access this service.
> >
> > at
> >
> org.activeio.xnet.hba.ServiceAccessController.checkHostsAuthorization(Se
> rviceAccessController.java:78)
> >
> > at
> >
> org.activeio.xnet.hba.ServiceAccessController.service(ServiceAccessContr
> oller.java:51)
> >
> > at
> org.activeio.xnet.ServiceLogger.service(ServiceLogger.java:74)
> >
> > at
> >
> org.activeio.xnet.ServiceDaemon$SocketListener.run(ServiceDaemon.java:15
> 1)
> >
> > at java.lang.Thread.run(Unknown Source)
> >
> >
> >
> > (here <app-host> replaces the IP address of the machine where I run my
>
> > application)
> >
> >
> >
> > I'm using a default installation of Geronimo 1.0 M5, and Windows XP
> > SP2 and Sun's JRE 1.4.2_08 on both machines.
> >
> >
> >
> > The client application's system properties include:
> >
> >
> java.naming.factory.initial=org.openejb.client.RemoteInitialContextFacto
> ry
> >
> > java.naming.provider.url=<geronimo-host>:4201
> >
> > java.naming.security.principal=system
> >
> > java.naming.security.credentials=manager
> >
> >
> >
> > (here <geronimo-host> replaces the name of the machine where Geronimo
> > is running and principal/credentials are the same I use to login to
> > Geronimo console)
> >
> >
> >
> > Also, I've put a local copy of openejb-core-2.0-G1M5.jar to the
> > application's classpath for context factory to be found.
> >
> >
> >
> > Could somebody please point me at what I'm doing wrong and how can I
> > tune Geronimo to accept JNDI connections from the remote machine?
> >
> >
> >
> > Thanks in advance,
> >
> >
> >
> > Vasily Zakharov, Intel Managed Runtime Division
> >
>
>
RE: JNDI remote authentication problem
Posted by tb...@yahoo.com.
> What really helped is correcting
> modules/assembly/maven.xml file and
I've done two fresh checkouts in the last few hours,
and NO modules/assembly directory comes with the
checkout. Am I doing something wrong?
Here's the command I use:
svn checkout
http://svn.apache.org/repos/asf/geronimo/trunk
geronimo
Tyler
--- "Zakharov, Vasily M" <va...@intel.com>
wrote:
> John,
>
> Thank you very much for your answer!
>
> > Let me know what happens.
>
> Well, I tried correcting j2ee-server-plan.xml and
> config.xml, and I also
> tried to provide the proper value for allowHosts in
> GUI installer - it
> all didn't help.
>
> What really helped is correcting
> modules/assembly/maven.xml file and
> specifying the IP address of the client in line 247
> (specifying host
> name or 255.255.255.255 mask also didn't help):
>
> <j:set var="PlanClientAddresses"
> value="<MY_CLIENT_HOST_IP_ADDRESS>"/>
>
> and then rebuilding Geronimo.
>
> However, it didn't helped much.
> I made additional investigation for the problem
> location and here's what
> I've found:
>
> The problem occurs in file
> org/openejb/client/Client.java:
>
http://cvs.codehaus.org/viewrep/openejb/openejb/modules/core/src/java/or
> g/openejb/client/Client.java?r=1.5
>
> Previously the problem occured at line 171 (see
> code, the exceptions are
> wrapped badly there):
>
> javax.naming.AuthenticationException: Cannot
> deternmine server protocol
> version: Received null/0.0; nested exception is:
> java.io.IOException: Unable to read protocol
> version. Reached
> the end of the stream.
> at
>
org.openejb.client.JNDIContext.authenticate(JNDIContext.java:196)
> at
>
org.openejb.client.JNDIContext.getInitialContext(JNDIContext.java:181)
> at
>
javax.naming.spi.NamingManager.getInitialContext(Unknown
> Source)
> at
>
javax.naming.InitialContext.getDefaultInitCtx(Unknown
> Source)
> at javax.naming.InitialContext.init(Unknown Source)
> at javax.naming.InitialContext.<init>(Unknown
> Source)
>
> And after the fix to maven.xml and rebuilding
> Geronimo another error
> occurs a bit later, at line 192:
>
> javax.naming.AuthenticationException: Cannot read
> the response from the
> server (OEJP/2.0) : null; nested exception is:
> java.io.EOFException
> at
>
org.openejb.client.JNDIContext.authenticate(JNDIContext.java:196)
> at
>
org.openejb.client.JNDIContext.getInitialContext(JNDIContext.java:181)
> at
>
javax.naming.spi.NamingManager.getInitialContext(Unknown
> Source)
> at
>
javax.naming.InitialContext.getDefaultInitCtx(Unknown
> Source)
> at javax.naming.InitialContext.init(Unknown Source)
> at javax.naming.InitialContext.<init>(Unknown
> Source)
>
> Previous problem was clearly a configuration issue,
> that was at last
> resolved, but I have completely no idea on what to
> do with this new
> problem. :(
>
> Can it be that Geronimo/OpenEJB does not accept
> remote JNDI connections
> at all??
>
> With best regards,
> Vasily Zakharov, Intel Managed Runtime Division
>
>
>
> -----Original Message-----
> From: John Sisson [mailto:jrsisson@gmail.com]
> Sent: Wednesday, November 23, 2005 3:23 PM
> To: user@geronimo.apache.org
> Subject: Re: JNDI remote authentication problem
>
> Hi Vasily,
>
> In the j2ee-server-plan.xml file it configures the
> IP addresses that the
>
> (OpenEJB) EJB daemon will accept connections from in
> the "allowHosts"
> attribute. For example:
>
> <!-- EJB Protocol -->
> <gbean
> gbeanName="geronimo:type=NetworkService,name=EJB"
> class="org.activeio.xnet.StandardServiceStackGBean">
> <attribute name="name">EJB</attribute>
> <attribute
> name="port">${PlanOpenEJBPort}</attribute>
> <attribute
> name="host">${PlanServerHostname}</attribute>
> <attribute
> name="allowHosts">${PlanClientAddresses}</attribute>
> <attribute
>
name="logOnSuccess">HOST,NAME,THREADID,USERID</attribute>
> <attribute
> name="logOnFailure">HOST,NAME</attribute>
> <reference
>
name="Executor"><name>DefaultThreadPool</name></reference>
> <reference
>
name="Server"><gbean-name>openejb:type=Server,name=EJB</gbean-name></ref
> erence>
> </gbean>
>
> The In the geronimo\var\config.xml file (where you
> can specify attribute
>
> values that can override the values in the deployed
> plan) you should see
>
> the following section:
>
> <configuration
> name="org/apache/geronimo/Server">
> <gbean
> name="openejb:type=NetworkService,name=EJB">
> <attribute
> name="host">0.0.0.0</attribute>
> <attribute name="port">4201</attribute>
> </gbean>
> </configuration>
>
> In theory, you should be able to edit the config.xml
> file and specify
> the allowable remote host by doing something like:
>
> <configuration
> name="org/apache/geronimo/Server">
> <gbean
> name="openejb:type=NetworkService,name=EJB">
> <attribute
> name="host">0.0.0.0</attribute>
> <attribute name="port">4201</attribute>
> <attribute
> name="allowHosts">myhostname</attribute>
> </gbean>
> </configuration>
>
> *** But I have a bug currently open where the port
> number in the
> config.xml file as shown in the example above is not
> actually used and I
>
> have a feeling the same problem will happen for
> allowHosts (see
> http://issues.apache.org/jira/browse/GERONIMO-1151
> ). I haven't had a
> chance to debug this yet. Let me know what happens.
>
> I think most of the testing so far has been done on
> the localhost with
> the default port.
>
> Regards,
>
> John
>
> Zakharov, Vasily M wrote:
>
> > Hello, all.
> >
> >
> >
> > I'm trying to run an application that should
> access the beans
> > (deployed in a Geronimo server running on other
> machine) with a JNDI
> > request.
> >
> >
> >
> > However, I get the following exception immediately
> at "new
> > InitialContext()" statement:
>
=== message truncated ===
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com