I have written a simple ejb thin client to look up the bean deployed in IBM WebSphere 8.5.
When SSL was not enabled on the server I was successfully able to lookup the bean , but as soon as I enabled the SSL , I started getting the below mentioned exception.
This is how I enabled the security thru admin console :
Exception:
javax.naming.NamingException: Error getting WsnNameService properties [Root exception is org.omg.CORBA.TRANSIENT: initial and forwarded IOR inaccessible vmcid: IBM minor code: E07 completed: No]
at com.ibm.ws.naming.util.WsnInitCtxFactory.mergeWsnNSProperties(WsnInitCtxFactory.java:1552)
at com.ibm.ws.naming.util.WsnInitCtxFactory.getRootContextFromServer(WsnInitCtxFactory.java:1042)
at com.ibm.ws.naming.util.WsnInitCtxFactory.getRootJndiContext(WsnInitCtxFactory.java:962)
at com.ibm.ws.naming.util.WsnInitCtxFactory.getInitialContextInternal(WsnInitCtxFactory.java:614)
at com.ibm.ws.naming.util.WsnInitCtx.getContext(WsnInitCtx.java:128)
at com.ibm.ws.naming.util.WsnInitCtx.getContextIfNull(WsnInitCtx.java:765)
at com.ibm.ws.naming.util.WsnInitCtx.lookup(WsnInitCtx.java:164)
at com.ibm.ws.naming.util.WsnInitCtx.lookup(WsnInitCtx.java:179)
at javax.naming.InitialContext.lookup(InitialContext.java:436)
at nh.indi.test.S2SCommTest.lookupServiceEJB(S2SCommTest.java:55)
at nh.indi.test.S2SCommTest.main(S2SCommTest.java:22)
Caused by: org.omg.CORBA.TRANSIENT: initial and forwarded IOR inaccessible vmcid: IBM minor code: E07 completed: No
at com.ibm.rmi.corba.ClientDelegate.createRequest(ClientDelegate.java:1276)
at com.ibm.CORBA.iiop.ClientDelegate.createRequest(ClientDelegate.java:1342)
at com.ibm.rmi.corba.ClientDelegate.createRequest(ClientDelegate.java:1164)
at com.ibm.CORBA.iiop.ClientDelegate.createRequest(ClientDelegate.java:1308)
at com.ibm.rmi.corba.ClientDelegate.request(ClientDelegate.java:1886)
at com.ibm.CORBA.iiop.ClientDelegate.request(ClientDelegate.java:1264)
at org.omg.CORBA.portable.ObjectImpl._request(ObjectImpl.java:458)
at com.ibm.WsnBootstrap._WsnNameServiceStub.getProperties(_WsnNameServiceStub.java:38)
at com.ibm.ws.naming.util.WsnInitCtxFactory.mergeWsnNSProperties(WsnInitCtxFactory.java:1549)
... 10 more
Code :
public static void main(String args[]) throws NamingException {
Properties ejbProps = new Properties();
ejbProps.put("org.omg.CORBA.ORBClass", "com.ibm.CORBA.iiop.ORB");
ejbProps.put(Context.INITIAL_CONTEXT_FACTORY,
"com.ibm.websphere.naming.WsnInitialContextFactory");
ejbProps.put(Context.PROVIDER_URL, "corbaloc:iiop:160.XX.XX.XX:2809");
InitialContext ffmContext = new InitialContext(ejbProps);
Object remoteObject = ffmContext
.lookup("ejb/MyAppEar-CLUSTER/MyAppEJB.jar/BatchIdTrackingBean#indi.nh.business.framework.bos.di.BatchIdTrackingBeanRemote");
BatchIdTrackingBeanRemote serviceTester = (BatchIdTrackingBeanRemote) PortableRemoteObject
.narrow(remoteObject, BatchIdTrackingBeanRemote.class);
System.out.println(serviceTester);
}
While running the program I am also passing the sas.client.props file location present in my local file system as mentioned here. 1
-Dcom.ibm.CORBA.ConfigURL=file:///C:/Temp/docs/S2S_Docs/sas.client.props
1 : How to connect to a websphere Application Server 8.5 Message Queue while Administrative Security is enabled
Can anybody please help me how to test it successfully with SSL enabled on the websphere app server or what i am missing in my client side or server side configuration.
Client certificate authenticationas required. Are you really want to do that? Since in that case you have to set mutual two way SSL. Put the WAS cert to client truststore and put the client cert to WAS trust store. If you jjust want just to enable SSL, set client cert to never, and make sure you have WAS cert in your client truststore. – Gas