9 Replies Latest reply on Apr 9, 2012 11:36 PM by abhi0123

    How to do a JNDI lookup from a standalone client for no remote view EJB?

    abhi0123

      The article here nicely explains how to do the JNDI look up for an EJB with a remote view. What about when there isn't one? I tried and...

       

       

      {code}

      context.lookup("ejb:/ejb3-security-1.0/SecureBean!edu.certification.abhijitsarkar.ocewsd.ejb3.SecureBean");

       

      Failed to create proxy [Root exception is java.lang.IllegalArgumentException: edu.certification.abhijitsarkar.ocewsd.ejb3.SecureBean is not an interface

      {code}

       

      How about then an EJB method invocation that is secured using @RolesAllowed?

       

      I have started to get the feeling that whenever you tread of the beaten path with JBoss AS, you would find it very hard to find any supporting documentation. May be it's because JBoss releases are always on the extreme end of the spec and it's hard to keep the documentation updated. That's hardly any consolation for developers though.

        • 1. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
          jaikiran

          abhi0123 wrote:

           

          The article here nicely explains how to do the JNDI look up for an EJB with a remote view. What about when there isn't one?

          You cannot use EJBs from a remote client if it doesn't expose remote views. That's the whole purpose of having remote views.

          • 2. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
            abhi0123

            jaikiran pai wrote:

             

            abhi0123 wrote:

             

            The article here nicely explains how to do the JNDI look up for an EJB with a remote view. What about when there isn't one?

            You cannot use EJBs from a remote client if it doesn't expose remote views.

            I thought, and I could be wrong here, that even if you don't create a Remote Interface, the container does it for you. It just has the same name as the Bean class.

             

            In the same context, would you also shed some light on how to invoke an EJB method secured using @RolesAllowed from standalone client? I tried by putting the username and password in the JNDI properties used for getting the InitialContext and it did not work. I am still getting the routine exception for a non-authorized client.

            • 3. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
              swd847

              What you are after should be covered here: https://docs.jboss.org/author/display/AS71/EJB+invocations+from+a+remote+client+using+JNDI

               

              In the "Setting up EJB client context properties" section.

              • 4. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
                abhi0123

                Stuart Douglas wrote:

                 

                What you are after should be covered here: https://docs.jboss.org/author/display/AS71/EJB+invocations+from+a+remote+client+using+JNDI

                 

                In the "Setting up EJB client context properties" section.

                I read that article several times, in fact I start my discussion saying "The article here nicely explains how to do the JNDI look up for an EJB with a remote view". Unfortunately, it does not seem like the credential is passed to the server as you'd think. It is returning Principal name as $local. If it matters,following is the code:

                 

                SecureBeanRemote.java

                {code}

                @Remote

                public interface SecureBeanRemote {

                          public String secureMethod();

                 

                          public String unsecureMethod();

                }

                {code}

                 

                SecureBean.java

                {code}

                @Stateless

                @LocalBean

                @DeclareRoles({ "user", "guest" })

                public class SecureBean implements SecureBeanRemote {

                  @Resource

                          SessionContext context;

                 

                  @RolesAllowed("user")

                          public String secureMethod() {

                                    return "Hello user:" + context.getCallerPrincipal().getName();

                          }

                 

                  @PermitAll

                          public String unsecureMethod() {

                                    return "Hello: " + context.getCallerPrincipal().getName();

                          }

                }

                {code}

                 

                ejb-jar.xml

                {code:xml}

                <ejb-jar xmlns="http://java.sun.com/xml/ns/javaee" version="3.1"

                  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

                  xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/ejb-jar_3_1.xsd">

                  <enterprise-beans>

                  <session>

                  <ejb-name>SecureBean</ejb-name>

                                              <ejb-class>edu.certification.abhijitsarkar.ocewsd.ejb3.SecureBean</ejb-class>

                  <security-role-ref>

                  <role-name>user</role-name>

                  <role-link>AppUser</role-link>

                  </security-role-ref>

                  <security-role-ref>

                  <role-name>guest</role-name>

                  <role-link>AppGuest</role-link>

                  </security-role-ref>

                  </session>

                  </enterprise-beans>

                  <assembly-descriptor>

                  <security-role>

                  <role-name>AppUser</role-name>

                  </security-role>

                  <security-role>

                  <role-name>AppGuest</role-name>

                  </security-role>

                  </assembly-descriptor>

                </ejb-jar>

                {code}

                 

                jboss-ejb3.xml

                {code:xml}

                <?xml version="1.1" encoding="UTF-8"?>

                <jboss:ejb-jar xmlns:jboss="http://www.jboss.com/xml/ns/javaee"

                  xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

                  xmlns:c="urn:clustering:1.0"

                  xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee http://www.jboss.org/j2ee/schema/jboss-ejb3-2_0.xsd http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/ejb-jar_3_1.xsd"

                  version="3.1" impl-version="2.0">

                  <assembly-descriptor xmlns="http://java.sun.com/xml/ns/javaee">

                  <security:security xmlns:security="urn:security">

                  <security:security-domain>other</security:security-domain>

                  <ejb-name>SecureBean</ejb-name>

                  </security:security>

                  </assembly-descriptor>

                </jboss:ejb-jar>

                {code}

                 

                application-users.properties

                {code}

                Abhijit$ tail -5 application-users.properties

                # is for illustration only and does not correspond to a usable password.

                #

                #admin=2a0923285184943425d1f53ddd58ec7a

                user=8544a03c79aee5b1c99458d83ee0f9e0

                guest=1bb6b7c18b5c1dab17f5141fa398905a

                {code}

                 

                application-roles.properties

                {code}

                Abhijit$ tail -5 application-roles.properties

                #

                #admin=PowerUser,BillingAdmin,

                #guest=guest

                user=AppUser

                guest=AppGuest

                {code}

                 

                JBossEjb3Client.java

                {code}

                private Context getContext(final String username, final String password)

                                              throws NamingException {

                                    final Hashtable<String, String> jndiProperties = new Hashtable<String, String>();

                                    jndiProperties.put(Context.URL_PKG_PREFIXES,

                  "org.jboss.ejb.client.naming");

                                    jndiProperties.put(Context.SECURITY_PRINCIPAL, username);

                                    jndiProperties.put(Context.SECURITY_CREDENTIALS, password);

                                    return new InitialContext(jndiProperties);

                }

                {code}

                 

                {code}

                SecureBeanRemote remote = (SecureBeanRemote) getContext(username, password).lookup("ejb:/ejb3-security-1.0/SecureBean!edu.certification.abhijitsarkar.ocewsd.ejb3.SecureBeanRemote");

                System.out.println(remote.unsecureMethod());

                {code}

                 

                jboss-ejb-client.properties

                {code}

                remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false

                remote.connections=default

                remote.connection.default.host=localhost

                remote.connection.default.port = 4447

                remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false

                remote.connection.default.username=user

                remote.connection.default.password=***

                {code}

                • 5. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
                  swd847

                  Add the following to your file:

                   

                  remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER

                   

                  (JBOSS-LOCAL-USER is the mechanism that allows for transparent auth when running on the same machine with the same user name, it authenticates with the user name $local).

                  1 of 1 people found this helpful
                  • 6. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
                    abhi0123

                    With remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER

                     

                     

                    {code}

                    java.lang.IllegalStateException: No EJB receiver available for handling [appName:,modulename:ejb3-security-1.0,distinctname:] combination for invocation context org.jboss.ejb.client.EJBClientInvocationContext@ee51b2c

                              at org.jboss.ejb.client.EJBClientContext.requireEJBReceiver(EJBClientContext.java:584)

                              at org.jboss.ejb.client.ReceiverInterceptor.handleInvocation(ReceiverInterceptor.java:119)

                              at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:181)

                              at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:136)

                              at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:121)

                              at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:104)

                              at $Proxy4.unsecureMethod(Unknown Source)

                              at edu.certification.abhijitsarkar.ocewsd.ejb3.client.JBossEjb3Client.unsecureMethod(JBossEjb3Client.java:22)

                    {code}

                     

                    Seems like this guy has posted the exact same issue I am getting now and had a resolution, here but his lookup is different. He's using a class org.jboss.naming.remote.client.InitialContextFactory for initial context factory which I do not have as a dependency. I am searching to see what I need.

                    • 7. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
                      swd847

                      It sounds like your authenticatoin is failing, are you sure you have the correct username and password? (also there should be something in the logs to that effect)

                      • 8. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
                        abhi0123

                        It finally worked, I had removed the default username and password from the jboss-ejb-client.properties which was causing the issue. My true purpose is to expose the EJB as a JAX-WS WebService. Since with WebServices, there's no initial context and no look up involved, how can I achieve the same result? Or can I?.

                        On a separate note, I'd suggest updating the article you referred to. That'd save a lot of people's time when they face a similar issue, not to mention your time if you choose to help them.

                        • 9. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
                          abhi0123

                          For those who came across this post desparate for a solution, you've 2 choices as follows. Maven dependencies are posted too whereas the dependency jboss-as-ejb-client-bom is only required for choice #2.

                           

                          1.

                           

                          {code}

                          private Context getContext(final String username, final String password) throws NamingException {                   

                               final Properties jndiProperties = new Properties();

                            jndiProperties.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");

                            return new InitialContext(jndiProperties);
                          {code}

                           

                          {code}

                          SecureBeanRemote remote = (SecureBeanRemote) getContext(username, password).lookup("ejb:/ejb3-security-1.0/SecureBean!edu.certification.abhijitsarkar.ocewsd.ejb3.SecureBeanRemote");
                          remote.secureMethod();

                          {code}

                           

                          {code}

                          remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false

                          remote.connections=default

                          remote.connection.default.host=localhost

                          remote.connection.default.port = 4447

                          remote.connection.x1.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false

                          remote.connection.x1.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false

                          remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER

                          remote.connection.default.username=user

                          remote.connection.default.password=***

                          {code}

                           

                          2.

                           

                          {code}

                          private Context getContext(final String username, final String password) throws NamingException {

                            final Properties jndiProperties = new Properties();                   

                          jndiProperties.put(Context.SECURITY_PRINCIPAL, username);

                            jndiProperties.put(Context.SECURITY_CREDENTIALS, password);

                            jndiProperties.put(Context.PROVIDER_URL, "remote://localhost:4447");

                            jndiProperties.put("jboss.naming.client.ejb.context", true);

                            jndiProperties.put("jboss.naming.client.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT","false");

                            jndiProperties.put(Context.INITIAL_CONTEXT_FACTORY,  org.jboss.naming.remote.client.InitialContextFactory.class.getName());

                            jndiProperties.put("jboss.naming.client.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT","false");

                          return new InitialContext(jndiProperties);

                          }

                          {code}

                           

                          {code}

                          SecureBeanRemote remote = (SecureBeanRemote) getContext(username, password).lookup("ejb3-security-1.0/SecureBean!edu.certification.abhijitsarkar.ocewsd.ejb3.SecureBeanRemote");
                          remote.secureMethod();

                          {code}

                           

                          {code}

                          remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false

                          remote.connections=default

                          remote.connection.default.host=localhost

                          remote.connection.default.port = 4447

                          remote.connection.x1.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false

                          remote.connection.x1.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false

                          remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER

                          {code}

                           

                           

                           

                          {code:xml}

                          <profile>

                                <id>jboss</id>

                            <activation>

                            <activeByDefault>true</activeByDefault>

                            </activation>

                            <dependencies>

                            <dependency>

                                <groupId>org.jboss</groupId>

                                <artifactId>jboss-ejb-client</artifactId>

                                <version>1.0.5.Final</version>

                                <scope>runtime</scope>

                            </dependency>

                            <dependency>

                                <groupId>org.jboss.xnio</groupId>

                                <artifactId>xnio-nio</artifactId>

                                <version>3.0.0.GA</version>

                                <scope>runtime</scope>

                            </dependency>

                            <dependency>

                                <groupId>org.jboss.marshalling</groupId>

                                <artifactId>jboss-marshalling-river</artifactId>

                                <version>1.3.10.GA</version>

                                <scope>runtime</scope>

                            </dependency>

                            <dependency>

                                <groupId>org.jboss.sasl</groupId>

                                <artifactId>jboss-sasl</artifactId>

                                <version>1.0.0.Final</version>

                                <scope>runtime</scope>

                            </dependency>

                            <dependency>

                                <groupId>org.jboss.remoting3</groupId>

                                <artifactId>jboss-remoting</artifactId>

                                <version>3.2.3.GA</version>

                                <scope>runtime</scope>

                            </dependency>

                            <dependency>

                                <groupId>org.jboss.spec</groupId>

                                <artifactId>jboss-javaee-6.0</artifactId>

                                <version>3.0.0.Final</version>

                                <type>pom</type>

                                 <scope>provided</scope>

                            <exclusions>

                            <exclusion>

                                <groupId>xalan</groupId>

                                <artifactId>xalan</artifactId>

                            </exclusion>

                            </exclusions>

                            </dependency>

                            <dependency>

                                <groupId>xalan</groupId>

                                <artifactId>xalan</artifactId>

                                <version>2.7.1</version>

                                <scope>runtime</scope>

                            </dependency>

                            <dependency>

                                <groupId>org.jboss.as</groupId>

                                <artifactId>jboss-as-ejb-client-bom</artifactId>

                                <version>7.1.1.Final</version>

                                <type>pom</type>

                            </dependency>

                            </dependencies>

                          </profile>

                          {code}