The EJB 3.1: IIOP/SSL
The Glassfish Application Server Configuration
I would like to give you an overview about my Glassfish Application Server setting for the EJB as the IIOP port is 3700, the IIOP port with SSL is 3820 and the IIOP port with mutual authentication is 3920. Please note it is a default configuration which is created when the Glassfish was installed. They can be changed via the web administration console. The default URL is http://localhost:4848
Create The EJB Application
It is just simple by implementing the HelloWorld EJB stateless session been by following the formal JavaEE Tutorial document. In our case, there are 3 HelloWorld EJB with the same coding, but different configured as following: -
1. The HelloWorld
2. The HelloWorldSSL
3. The HelloWorldSSLMutual
They are for the non-SSL, SSL and SSL with mutual authentication respectively.
To configure the SSL, the vendor specific ejb-jar.xml is required, in our case the sun-ejb-jar.xml is required since it is a Glassfish Application Server.
Configure The EJB for SSL
SSL with Mutual Authentication
Create The Standalone Client, POJO Project
Next we will create a standalone client, POJO project for looking up the EJB stateless session bean remotely by using the Context. Firstly this project should be set all minimum required jar files as following.
The Required jar files
If the Glassfish version 2.x is preferred
3. The EJB module jar file
If the Glassfish version 3.x is preferred
Please note, this jar file is like a proxy jar file which mentions other required jar file via the MANIFEST.MF. If you would like to run this project out of the Netbeans, you should put all mentioned required jar file into your class path. Trust me, please should run inside the Netbeans environment.
2. The EJB module jar file
The reason for putting the EJB module jar file is for ensuring the looked up EJB can be cast to the standalone client environment. If not you may face the ClassNotFoundException or ClassCastException or. For overview the looked up object will be serialized and transferred from remote to the client via the RMI/IIOP and then it will be deserialized to the original object/interface.
The Example coding for looking up
Properties prop = new Properties();
Context ctx = new InitialContext(prop);
Object obj = ctx.lookup([EJB_JNDI_NAME]);
System.out.println(“The looked up is: ” + obj.getClass().getName());
The Variable Explanation and Description
The SSL configuration
1. keyStoreFileName: The JKS keystore file name
2. keyStorePassword: The keystore password
3. trustStoreFileName: The JKS truststore file name
4. trustStorePassword: The truststore password
These will be required when the EJB has been configured to use the SSL or SSL with mutual authentication.
The IIOP Configuration
1. IIOP_Port: The IIOP port, by default is 3700.
2. Host_Name: The remote host name or IP address, by default is localhost
The Looking Up JNDI
1. EJB_JNDI_NAME: The deployed and looked up EJB JNDI Name
Please take a very very big note, the IIOP_PORT is only the default IIOP port without any SSL. The system will automatically redirect the client application to the suitable port, SSL or SSL with mutual authentication.