9 Replies Latest reply: Apr 9, 2012 11:36 PM by abhi0123 RSS

How to do a JNDI lookup from a standalone client for no remote view EJB?

abhi0123 Newbie

The article here nicely explains how to do the JNDI look up for an EJB with a remote view. What about when there isn't one? I tried and...

 

 

context.lookup("ejb:/ejb3-security-1.0/SecureBean!edu.certification.abhijitsarkar.ocewsd.ejb3.SecureBean");

Failed to create proxy [Root exception is java.lang.IllegalArgumentException: edu.certification.abhijitsarkar.ocewsd.ejb3.SecureBean is not an interface

 

 

How about then an EJB method invocation that is secured using @RolesAllowed?

 

I have started to get the feeling that whenever you tread of the beaten path with JBoss AS, you would find it very hard to find any supporting documentation. May be it's because JBoss releases are always on the extreme end of the spec and it's hard to keep the documentation updated. That's hardly any consolation for developers though.

  • 1. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
    jaikiran pai Master

    abhi0123 wrote:

     

    The article here nicely explains how to do the JNDI look up for an EJB with a remote view. What about when there isn't one?

    You cannot use EJBs from a remote client if it doesn't expose remote views. That's the whole purpose of having remote views.

  • 2. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
    abhi0123 Newbie

    jaikiran pai wrote:

     

    abhi0123 wrote:

     

    The article here nicely explains how to do the JNDI look up for an EJB with a remote view. What about when there isn't one?

    You cannot use EJBs from a remote client if it doesn't expose remote views.

    I thought, and I could be wrong here, that even if you don't create a Remote Interface, the container does it for you. It just has the same name as the Bean class.

     

    In the same context, would you also shed some light on how to invoke an EJB method secured using @RolesAllowed from standalone client? I tried by putting the username and password in the JNDI properties used for getting the InitialContext and it did not work. I am still getting the routine exception for a non-authorized client.

  • 3. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
    Stuart Douglas Master

    What you are after should be covered here: https://docs.jboss.org/author/display/AS71/EJB+invocations+from+a+remote+client+using+JNDI

     

    In the "Setting up EJB client context properties" section.

  • 4. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
    abhi0123 Newbie

    Stuart Douglas wrote:

     

    What you are after should be covered here: https://docs.jboss.org/author/display/AS71/EJB+invocations+from+a+remote+client+using+JNDI

     

    In the "Setting up EJB client context properties" section.

    I read that article several times, in fact I start my discussion saying "The article here nicely explains how to do the JNDI look up for an EJB with a remote view". Unfortunately, it does not seem like the credential is passed to the server as you'd think. It is returning Principal name as $local. If it matters,following is the code:

     

    SecureBeanRemote.java

    @Remote
    public interface SecureBeanRemote {
              public String secureMethod();
    
              public String unsecureMethod();
    }
    

     

     

    SecureBean.java

    @Stateless
    @LocalBean
    @DeclareRoles({ "user", "guest" })
    public class SecureBean implements SecureBeanRemote {
      @Resource
              SessionContext context;
    
      @RolesAllowed("user")
              public String secureMethod() {
                        return "Hello user:" + context.getCallerPrincipal().getName();
              }
    
      @PermitAll
              public String unsecureMethod() {
                        return "Hello: " + context.getCallerPrincipal().getName();
              }
    }
    

     

     

    ejb-jar.xml

    <ejb-jar xmlns="http://java.sun.com/xml/ns/javaee" version="3.1"
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/ejb-jar_3_1.xsd">
      <enterprise-beans>
      <session>
      <ejb-name>SecureBean</ejb-name>
                                  <ejb-class>edu.certification.abhijitsarkar.ocewsd.ejb3.SecureBean</ejb-class>
      <security-role-ref>
      <role-name>user</role-name>
      <role-link>AppUser</role-link>
      </security-role-ref>
      <security-role-ref>
      <role-name>guest</role-name>
      <role-link>AppGuest</role-link>
      </security-role-ref>
      </session>
      </enterprise-beans>
      <assembly-descriptor>
      <security-role>
      <role-name>AppUser</role-name>
      </security-role>
      <security-role>
      <role-name>AppGuest</role-name>
      </security-role>
      </assembly-descriptor>
    </ejb-jar>
    

     

     

    jboss-ejb3.xml

    <?xml version="1.1" encoding="UTF-8"?>
    <jboss:ejb-jar xmlns:jboss="http://www.jboss.com/xml/ns/javaee"
      xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xmlns:c="urn:clustering:1.0"
      xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee http://www.jboss.org/j2ee/schema/jboss-ejb3-2_0.xsd http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/ejb-jar_3_1.xsd"
      version="3.1" impl-version="2.0">
      <assembly-descriptor xmlns="http://java.sun.com/xml/ns/javaee">
      <security:security xmlns:security="urn:security">
      <security:security-domain>other</security:security-domain>
      <ejb-name>SecureBean</ejb-name>
      </security:security>
      </assembly-descriptor>
    </jboss:ejb-jar>
    

     

     

    application-users.properties

    Abhijit$ tail -5 application-users.properties 
    # is for illustration only and does not correspond to a usable password.
    #
    #admin=2a0923285184943425d1f53ddd58ec7a
    user=8544a03c79aee5b1c99458d83ee0f9e0
    guest=1bb6b7c18b5c1dab17f5141fa398905a
    

     

     

    application-roles.properties

    Abhijit$ tail -5 application-roles.properties 
    #
    #admin=PowerUser,BillingAdmin,
    #guest=guest
    user=AppUser
    guest=AppGuest
    

     

     

    JBossEjb3Client.java

    private Context getContext(final String username, final String password)
                                  throws NamingException {
                        final Hashtable<String, String> jndiProperties = new Hashtable<String, String>();
                        jndiProperties.put(Context.URL_PKG_PREFIXES,
      "org.jboss.ejb.client.naming");
                        jndiProperties.put(Context.SECURITY_PRINCIPAL, username);
                        jndiProperties.put(Context.SECURITY_CREDENTIALS, password);
                        return new InitialContext(jndiProperties);
    }
    

     

    SecureBeanRemote remote = (SecureBeanRemote) getContext(username, password).lookup("ejb:/ejb3-security-1.0/SecureBean!edu.certification.abhijitsarkar.ocewsd.ejb3.SecureBeanRemote");
    System.out.println(remote.unsecureMethod());
    

     

     

    jboss-ejb-client.properties

    remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false
    remote.connections=default
    remote.connection.default.host=localhost
    remote.connection.default.port = 4447
    remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false
    remote.connection.default.username=user
    remote.connection.default.password=***
    

     

  • 5. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
    Stuart Douglas Master

    Add the following to your file:

     

    remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER

     

    (JBOSS-LOCAL-USER is the mechanism that allows for transparent auth when running on the same machine with the same user name, it authenticates with the user name $local).

  • 6. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
    abhi0123 Newbie

    With remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER

     

     

    java.lang.IllegalStateException: No EJB receiver available for handling [appName:,modulename:ejb3-security-1.0,distinctname:] combination for invocation context org.jboss.ejb.client.EJBClientInvocationContext@ee51b2c
              at org.jboss.ejb.client.EJBClientContext.requireEJBReceiver(EJBClientContext.java:584)
              at org.jboss.ejb.client.ReceiverInterceptor.handleInvocation(ReceiverInterceptor.java:119)
              at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:181)
              at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:136)
              at org.jboss.ejb.client.EJBInvocationHandler.doInvoke(EJBInvocationHandler.java:121)
              at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:104)
              at $Proxy4.unsecureMethod(Unknown Source)
              at edu.certification.abhijitsarkar.ocewsd.ejb3.client.JBossEjb3Client.unsecureMethod(JBossEjb3Client.java:22)
    

     

     

    Seems like this guy has posted the exact same issue I am getting now and had a resolution, here but his lookup is different. He's using a class org.jboss.naming.remote.client.InitialContextFactory for initial context factory which I do not have as a dependency. I am searching to see what I need.

  • 7. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
    Stuart Douglas Master

    It sounds like your authenticatoin is failing, are you sure you have the correct username and password? (also there should be something in the logs to that effect)

  • 8. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
    abhi0123 Newbie

    It finally worked, I had removed the default username and password from the jboss-ejb-client.properties which was causing the issue. My true purpose is to expose the EJB as a JAX-WS WebService. Since with WebServices, there's no initial context and no look up involved, how can I achieve the same result? Or can I?.

    On a separate note, I'd suggest updating the article you referred to. That'd save a lot of people's time when they face a similar issue, not to mention your time if you choose to help them.

  • 9. Re: How to do a JNDI lookup from a standalone client for no remote view EJB?
    abhi0123 Newbie

    For those who came across this post desparate for a solution, you've 2 choices as follows. Maven dependencies are posted too whereas the dependency jboss-as-ejb-client-bom is only required for choice #2.

     

    1.

     

    private Context getContext(final String username, final String password) throws NamingException {                    
         final Properties jndiProperties = new Properties();
      jndiProperties.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");
      return new InitialContext(jndiProperties);

     

    SecureBeanRemote remote = (SecureBeanRemote) getContext(username, password).lookup("ejb:/ejb3-security-1.0/SecureBean!edu.certification.abhijitsarkar.ocewsd.ejb3.SecureBeanRemote");remote.secureMethod();
    

     

    remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false
    remote.connections=default
    remote.connection.default.host=localhost
    remote.connection.default.port = 4447
    remote.connection.x1.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false
    remote.connection.x1.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false
    remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER
    remote.connection.default.username=user
    remote.connection.default.password=***
    

     

     

    2.

     

    private Context getContext(final String username, final String password) throws NamingException {
      final Properties jndiProperties = new Properties();                    
      jndiProperties.put(Context.SECURITY_PRINCIPAL, username);
      jndiProperties.put(Context.SECURITY_CREDENTIALS, password);
      jndiProperties.put(Context.PROVIDER_URL, "remote://localhost:4447");
      jndiProperties.put("jboss.naming.client.ejb.context", true);
      jndiProperties.put("jboss.naming.client.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT","false");
      jndiProperties.put(Context.INITIAL_CONTEXT_FACTORY,  org.jboss.naming.remote.client.InitialContextFactory.class.getName());
      jndiProperties.put("jboss.naming.client.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT","false");
     return new InitialContext(jndiProperties);
    }
    

     

    SecureBeanRemote remote = (SecureBeanRemote) getContext(username, password).lookup("ejb3-security-1.0/SecureBean!edu.certification.abhijitsarkar.ocewsd.ejb3.SecureBeanRemote");remote.secureMethod();
    

     

    remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false
    remote.connections=default
    remote.connection.default.host=localhost
    remote.connection.default.port = 4447
    remote.connection.x1.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false
    remote.connection.x1.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false
    remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER
    

     

     

     

     

    <profile>
          <id>jboss</id>
      <activation>
      <activeByDefault>true</activeByDefault>
      </activation>
      <dependencies>
      <dependency>
          <groupId>org.jboss</groupId>
          <artifactId>jboss-ejb-client</artifactId>
          <version>1.0.5.Final</version>
          <scope>runtime</scope>
      </dependency>
      <dependency>
          <groupId>org.jboss.xnio</groupId>
          <artifactId>xnio-nio</artifactId>
          <version>3.0.0.GA</version>
          <scope>runtime</scope>
      </dependency>
      <dependency>
          <groupId>org.jboss.marshalling</groupId>
          <artifactId>jboss-marshalling-river</artifactId>
          <version>1.3.10.GA</version>
          <scope>runtime</scope>
      </dependency>
      <dependency>
          <groupId>org.jboss.sasl</groupId>
          <artifactId>jboss-sasl</artifactId>
          <version>1.0.0.Final</version>
          <scope>runtime</scope>
      </dependency>
      <dependency>
          <groupId>org.jboss.remoting3</groupId>
          <artifactId>jboss-remoting</artifactId>
          <version>3.2.3.GA</version>
          <scope>runtime</scope>
      </dependency>
      <dependency>
          <groupId>org.jboss.spec</groupId>
          <artifactId>jboss-javaee-6.0</artifactId>
          <version>3.0.0.Final</version>
          <type>pom</type>
           <scope>provided</scope>
      <exclusions>
      <exclusion>
          <groupId>xalan</groupId>
          <artifactId>xalan</artifactId>
      </exclusion>
      </exclusions>
      </dependency>
      <dependency>
          <groupId>xalan</groupId>
          <artifactId>xalan</artifactId>
          <version>2.7.1</version>
          <scope>runtime</scope>
      </dependency>
      <dependency>
          <groupId>org.jboss.as</groupId>
          <artifactId>jboss-as-ejb-client-bom</artifactId>
          <version>7.1.1.Final</version>
          <type>pom</type>
      </dependency>
      </dependencies>
    </profile>