Letting EJB A (Glassfish A) communicate over IIOP to EJB B (Glassfish B) results in SecurityException

462 views Asked by At

I want to let Alice (EJB A; Glassfish A) communicate with Bob (EJB B; Glassfish B). Both EJBs are deployed on distinct Glassfish (Glassfish A and Glassfish B) servers. The communication shall be over IIOP. However, my experiments result in a java.lang.SecurityException. The question is: why is that, and how to solve it?

Alice and Bob both implement remote interfaces.

AliceRemote.java:

package com.fu.ba.alice.ejb;

import javax.ejb.Remote;

@Remote
public interface AliceRemote {

    void callBob();
}

BobRemote.java:

package com.fu.ba.bob.ejb;

import javax.ejb.Remote;

@Remote
public interface BobRemote {

    void sayHello();
}

The implementation of Alice and Bob are also straight-forward.

Alice.java:

package com.fu.ba.alice.ejb;

import javax.ejb.EJB;
import javax.ejb.Stateless;

import com.fu.ba.bob.ejb.BobRemote;
/**
 * Session Bean implementation class Alice
 */
@Stateless(mappedName = "AliceMap")
public class Alice implements AliceRemote {

    @EJB(name = "BobRemote")
    private BobRemote bob;
    /**
     * Default constructor. 
     */
    public Alice() {
    }

    @Override
    public void callBob() {
        System.out.println("Hello this is Alice");
        bob.sayHello();

    }

}

Bob.java:

package com.fu.ba.bob.ejb;

import javax.ejb.Stateless;

/**
 * Session Bean implementation class Bob
 */
@Stateless(mappedName = "BobMap")
public class Bob implements BobRemote {

    /**
     * Default constructor. 
     */
    public Bob() {
        // TODO Auto-generated constructor stub
    }

    @Override
    public void sayHello() {
        System.out.println("Hello this is Bob");

    }



}

In addition, Alice's EJB includes an ejb-jar.xml and a glassfish-ejb-jar.xml specifying the IIOP communication.

ejb-jar.xml:

<?xml version="1.0" encoding="UTF-8"?>
<ejb-jar xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:ejb="http://java.sun.com/xml/ns/javaee/ejb-jar_3_0.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/ejb-jar_3_1.xsd" version="3.1">
  <display-name>com.fu.ba.alice.ejb </display-name>
  <ejb-client-jar>com.fu.ba.alice.ejbClient.jar</ejb-client-jar>
</ejb-jar>

glassfish-ejb-jar.xml:

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE glassfish-ejb-jar PUBLIC "-//GlassFish.org//DTD GlassFish Application Server 3.1 EJB 3.1//EN" "http://glassfish.org/dtds/glassfish-ejb-jar_3_1-1.dtd">
<glassfish-ejb-jar>
    <enterprise-beans>
        <ejb>
        <ejb-name>Alice</ejb-name>
        <ejb-ref>
            <ejb-ref-name>BobRemote</ejb-ref-name>
            <jndi-name>corbaname:iiop:123.123.123.123:3700#java:global/com.fu.ba.bob/com.fu.ba.bob.ejb/Bob!com.fu.ba.bob.ejb.BobRemote</jndi-name>
       </ejb-ref>
        </ejb>
     </enterprise-beans>
</glassfish-ejb-jar>

Deploying the EJBs to different Glassfish servers results in exceptions on Bob's and Alice's side.

Bob's side:

WARNING: JTS5071: Unexpected error occurred in registerSynchronization
org.omg.CORBA.COMM_FAILURE: FINE: 00410001: Connection failure: socketType: IIOP_CLEAR_TEXT; hostname: 169.254.32.79; port: 3700  vmcid: OMG  minor code: 1  completed: No
 at com.sun.proxy.$Proxy142.connectFailure(Unknown Source)
 at com.sun.corba.ee.impl.transport.ConnectionImpl.<init>(ConnectionImpl.java:253)
 at com.sun.corba.ee.impl.transport.ConnectionImpl.<init>(ConnectionImpl.java:276)
 at com.sun.corba.ee.impl.transport.ContactInfoImpl.createConnection(ContactInfoImpl.java:129)
 at com.sun.corba.ee.impl.protocol.ClientRequestDispatcherImpl.beginRequest(ClientRequestDispatcherImpl.java:243)
 at com.sun.corba.ee.impl.protocol.ClientDelegateImpl.request(ClientDelegateImpl.java:227)
 at org.omg.CORBA.portable.ObjectImpl._request(ObjectImpl.java:449)
 at org.omg.CosTransactions._CoordinatorStub.register_synchronization(_CoordinatorStub.java:235)
 at com.sun.jts.CosTransactions.TopCoordinator.register_synchronization(TopCoordinator.java:2430)
 at com.sun.jts.jta.TransactionState.registerSynchronization(TransactionState.java:494)
 at com.sun.jts.jta.TransactionImpl.registerSynchronization(TransactionImpl.java:313)
 at com.sun.enterprise.transaction.JavaEETransactionManagerSimplified.createImportedTransaction(JavaEETransactionManagerSimplified.java:1568)
 at com.sun.enterprise.transaction.jts.JavaEETransactionManagerJTSDelegate.getTransaction(JavaEETransactionManagerJTSDelegate.java:279)
 at com.sun.enterprise.transaction.JavaEETransactionManagerSimplified.getTransaction(JavaEETransactionManagerSimplified.java:915)
 at com.sun.ejb.containers.EJBContainerTransactionManager.preInvokeTx(EJBContainerTransactionManager.java:250)
 at com.sun.ejb.containers.BaseContainer.preInvokeTx(BaseContainer.java:4433)
 at com.sun.ejb.containers.BaseContainer.preInvoke(BaseContainer.java:1921)
 at com.sun.ejb.containers.EJBObjectInvocationHandler.invoke(EJBObjectInvocationHandler.java:204)
 at com.sun.ejb.containers.EJBObjectInvocationHandlerDelegate.invoke(EJBObjectInvocationHandlerDelegate.java:79)
 at com.sun.proxy.$Proxy180.sayHello(Unknown Source)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
 at java.lang.reflect.Method.invoke(Method.java:601)
 at com.sun.corba.ee.impl.presentation.rmi.ReflectiveTie.dispatchToMethod(ReflectiveTie.java:143)
 at com.sun.corba.ee.impl.presentation.rmi.ReflectiveTie._invoke(ReflectiveTie.java:173)
 at com.sun.corba.ee.impl.protocol.ServerRequestDispatcherImpl.dispatchToServant(ServerRequestDispatcherImpl.java:528)
 at com.sun.corba.ee.impl.protocol.ServerRequestDispatcherImpl.dispatch(ServerRequestDispatcherImpl.java:199)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.handleRequestRequest(MessageMediatorImpl.java:1549)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.handleRequest(MessageMediatorImpl.java:1425)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.handleInput(MessageMediatorImpl.java:930)
 at com.sun.corba.ee.impl.protocol.giopmsgheaders.RequestMessage_1_2.callback(RequestMessage_1_2.java:213)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.handleRequest(MessageMediatorImpl.java:694)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.dispatch(MessageMediatorImpl.java:496)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.doWork(MessageMediatorImpl.java:2222)
 at com.sun.corba.ee.impl.threadpool.ThreadPoolImpl$WorkerThread.performWork(ThreadPoolImpl.java:497)
 at com.sun.corba.ee.impl.threadpool.ThreadPoolImpl$WorkerThread.run(ThreadPoolImpl.java:540)
Caused by: java.lang.RuntimeException: java.net.ConnectException: Connection timed out: connect
 at org.glassfish.enterprise.iiop.impl.IIOPSSLSocketFactory.createSocket(IIOPSSLSocketFactory.java:344)
 at com.sun.corba.ee.impl.transport.ConnectionImpl.<init>(ConnectionImpl.java:250)
 ... 35 more
Caused by: java.net.ConnectException: Connection timed out: connect
 at sun.nio.ch.Net.connect0(Native Method)
 at sun.nio.ch.Net.connect(Net.java:364)
 at sun.nio.ch.Net.connect(Net.java:356)
 at sun.nio.ch.SocketChannelImpl.connect(SocketChannelImpl.java:623)
 at com.sun.corba.ee.impl.misc.ORBUtility.openSocketChannel(ORBUtility.java:110)
 at org.glassfish.enterprise.iiop.impl.IIOPSSLSocketFactory.createSocket(IIOPSSLSocketFactory.java:329)
 ... 36 more

WARNING: EJB5184:A system exception occurred during an invocation on EJB Bob, method: public void com.fu.ba.bob.ejb.Bob.sayHello()
WARNING: javax.ejb.EJBException: java.lang.SecurityException
 at com.sun.ejb.containers.BaseContainer.postInvoke(BaseContainer.java:2016)
 at com.sun.ejb.containers.BaseContainer.postInvoke(BaseContainer.java:1979)
 at com.sun.ejb.containers.EJBObjectInvocationHandler.invoke(EJBObjectInvocationHandler.java:212)
 at com.sun.ejb.containers.EJBObjectInvocationHandlerDelegate.invoke(EJBObjectInvocationHandlerDelegate.java:79)
 at com.sun.proxy.$Proxy180.sayHello(Unknown Source)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
 at java.lang.reflect.Method.invoke(Method.java:601)
 at com.sun.corba.ee.impl.presentation.rmi.ReflectiveTie.dispatchToMethod(ReflectiveTie.java:143)
 at com.sun.corba.ee.impl.presentation.rmi.ReflectiveTie._invoke(ReflectiveTie.java:173)
 at com.sun.corba.ee.impl.protocol.ServerRequestDispatcherImpl.dispatchToServant(ServerRequestDispatcherImpl.java:528)
 at com.sun.corba.ee.impl.protocol.ServerRequestDispatcherImpl.dispatch(ServerRequestDispatcherImpl.java:199)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.handleRequestRequest(MessageMediatorImpl.java:1549)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.handleRequest(MessageMediatorImpl.java:1425)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.handleInput(MessageMediatorImpl.java:930)
 at com.sun.corba.ee.impl.protocol.giopmsgheaders.RequestMessage_1_2.callback(RequestMessage_1_2.java:213)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.handleRequest(MessageMediatorImpl.java:694)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.dispatch(MessageMediatorImpl.java:496)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.doWork(MessageMediatorImpl.java:2222)
 at com.sun.corba.ee.impl.threadpool.ThreadPoolImpl$WorkerThread.performWork(ThreadPoolImpl.java:497)
 at com.sun.corba.ee.impl.threadpool.ThreadPoolImpl$WorkerThread.run(ThreadPoolImpl.java:540)
Caused by: java.lang.SecurityException
 at com.sun.jts.jta.TransactionManagerImpl.rollback(TransactionManagerImpl.java:376)
 at com.sun.enterprise.transaction.jts.JavaEETransactionManagerJTSDelegate.rollbackDistributedTransaction(JavaEETransactionManagerJTSDelegate.java:218)
 at com.sun.enterprise.transaction.JavaEETransactionManagerSimplified.rollback(JavaEETransactionManagerSimplified.java:892)
 at com.sun.ejb.containers.EJBContainerTransactionManager.destroyBeanAndRollback(EJBContainerTransactionManager.java:574)
 at com.sun.ejb.containers.EJBContainerTransactionManager.completeNewTx(EJBContainerTransactionManager.java:697)
 at com.sun.ejb.containers.EJBContainerTransactionManager.postInvokeTx(EJBContainerTransactionManager.java:503)
 at com.sun.ejb.containers.BaseContainer.postInvokeTx(BaseContainer.java:4475)
 at com.sun.ejb.containers.BaseContainer.postInvoke(BaseContainer.java:2009)
 ... 21 more

Alice's side:

Warning: Context path from ServletContext: /com.fu.ba.servlet differs from path from bundle: com.fu.ba.servlet
Information: Hello this is Alice
Warning: Context path from ServletContext:  differs from path from bundle: /
Warning: EJB5184:A system exception occurred during an invocation on EJB Alice, method: public void com.fu.ba.alice.ejb.Alice.callBob()
Warning: javax.ejb.EJBException: java.lang.SecurityException
 at com.sun.ejb.containers.BaseContainer.postInvoke(BaseContainer.java:2016)
 at com.sun.ejb.containers.BaseContainer.postInvoke(BaseContainer.java:1979)
 at com.sun.ejb.containers.EJBObjectInvocationHandler.invoke(EJBObjectInvocationHandler.java:212)
 at com.sun.ejb.containers.EJBObjectInvocationHandlerDelegate.invoke(EJBObjectInvocationHandlerDelegate.java:79)
 at com.sun.proxy.$Proxy180.sayHello(Unknown Source)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
 at java.lang.reflect.Method.invoke(Method.java:601)
 at com.sun.corba.ee.impl.presentation.rmi.ReflectiveTie.dispatchToMethod(ReflectiveTie.java:143)
 at com.sun.corba.ee.impl.presentation.rmi.ReflectiveTie._invoke(ReflectiveTie.java:173)
 at com.sun.corba.ee.impl.protocol.ServerRequestDispatcherImpl.dispatchToServant(ServerRequestDispatcherImpl.java:528)
 at com.sun.corba.ee.impl.protocol.ServerRequestDispatcherImpl.dispatch(ServerRequestDispatcherImpl.java:199)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.handleRequestRequest(MessageMediatorImpl.java:1549)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.handleRequest(MessageMediatorImpl.java:1425)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.handleInput(MessageMediatorImpl.java:930)
 at com.sun.corba.ee.impl.protocol.giopmsgheaders.RequestMessage_1_2.callback(RequestMessage_1_2.java:213)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.handleRequest(MessageMediatorImpl.java:694)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.dispatch(MessageMediatorImpl.java:496)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.doWork(MessageMediatorImpl.java:2222)
 at com.sun.corba.ee.impl.threadpool.ThreadPoolImpl$WorkerThread.performWork(ThreadPoolImpl.java:497)
 at com.sun.corba.ee.impl.threadpool.ThreadPoolImpl$WorkerThread.run(ThreadPoolImpl.java:540)
Caused by: java.lang.SecurityException
 at com.sun.jts.jta.TransactionManagerImpl.rollback(TransactionManagerImpl.java:376)
 at com.sun.enterprise.transaction.jts.JavaEETransactionManagerJTSDelegate.rollbackDistributedTransaction(JavaEETransactionManagerJTSDelegate.java:218)
 at com.sun.enterprise.transaction.JavaEETransactionManagerSimplified.rollback(JavaEETransactionManagerSimplified.java:892)
 at com.sun.ejb.containers.EJBContainerTransactionManager.destroyBeanAndRollback(EJBContainerTransactionManager.java:574)
 at com.sun.ejb.containers.EJBContainerTransactionManager.completeNewTx(EJBContainerTransactionManager.java:697)
 at com.sun.ejb.containers.EJBContainerTransactionManager.postInvokeTx(EJBContainerTransactionManager.java:503)
 at com.sun.ejb.containers.BaseContainer.postInvokeTx(BaseContainer.java:4475)
 at com.sun.ejb.containers.BaseContainer.postInvoke(BaseContainer.java:2009)
 ... 21 more

Warning: StandardWrapperValve[com.fu.ba.servlet.CallBobServlet]: Servlet.service() for servlet com.fu.ba.servlet.CallBobServlet threw exception
javax.ejb.EJBException: java.lang.SecurityException
 at com.sun.ejb.containers.BaseContainer.postInvoke(BaseContainer.java:2016)
 at com.sun.ejb.containers.BaseContainer.postInvoke(BaseContainer.java:1979)
 at com.sun.ejb.containers.EJBObjectInvocationHandler.invoke(EJBObjectInvocationHandler.java:212)
 at com.sun.ejb.containers.EJBObjectInvocationHandlerDelegate.invoke(EJBObjectInvocationHandlerDelegate.java:79)
 at com.sun.proxy.$Proxy180.sayHello(Unknown Source)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
 at java.lang.reflect.Method.invoke(Method.java:601)
 at com.sun.corba.ee.impl.presentation.rmi.ReflectiveTie.dispatchToMethod(ReflectiveTie.java:143)
 at com.sun.corba.ee.impl.presentation.rmi.ReflectiveTie._invoke(ReflectiveTie.java:173)
 at com.sun.corba.ee.impl.protocol.ServerRequestDispatcherImpl.dispatchToServant(ServerRequestDispatcherImpl.java:528)
 at com.sun.corba.ee.impl.protocol.ServerRequestDispatcherImpl.dispatch(ServerRequestDispatcherImpl.java:199)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.handleRequestRequest(MessageMediatorImpl.java:1549)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.handleRequest(MessageMediatorImpl.java:1425)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.handleInput(MessageMediatorImpl.java:930)
 at com.sun.corba.ee.impl.protocol.giopmsgheaders.RequestMessage_1_2.callback(RequestMessage_1_2.java:213)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.handleRequest(MessageMediatorImpl.java:694)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.dispatch(MessageMediatorImpl.java:496)
 at com.sun.corba.ee.impl.protocol.MessageMediatorImpl.doWork(MessageMediatorImpl.java:2222)
 at com.sun.corba.ee.impl.threadpool.ThreadPoolImpl$WorkerThread.performWork(ThreadPoolImpl.java:497)
 at com.sun.corba.ee.impl.threadpool.ThreadPoolImpl$WorkerThread.run(ThreadPoolImpl.java:540)
Caused by: java.lang.SecurityException
 at com.sun.jts.jta.TransactionManagerImpl.rollback(TransactionManagerImpl.java:376)
 at com.sun.enterprise.transaction.jts.JavaEETransactionManagerJTSDelegate.rollbackDistributedTransaction(JavaEETransactionManagerJTSDelegate.java:218)
 at com.sun.enterprise.transaction.JavaEETransactionManagerSimplified.rollback(JavaEETransactionManagerSimplified.java:892)
 at com.sun.ejb.containers.EJBContainerTransactionManager.destroyBeanAndRollback(EJBContainerTransactionManager.java:574)
 at com.sun.ejb.containers.EJBContainerTransactionManager.completeNewTx(EJBContainerTransactionManager.java:697)
 at com.sun.ejb.containers.EJBContainerTransactionManager.postInvokeTx(EJBContainerTransactionManager.java:503)
 at com.sun.ejb.containers.BaseContainer.postInvokeTx(BaseContainer.java:4475)
 at com.sun.ejb.containers.BaseContainer.postInvoke(BaseContainer.java:2009)
 ... 21 more
0

There are 0 answers