Hi,
I am trying to retrict the enabled cipher suites to just
TLS_RSA_WITH_AES_128_CBC_SHA on the JBOSS server side, i.e. any clients connect
using my stateless beans MUST use this suite. I was using JBOSS 4.0.2, but it
appears there was no way to restrict the suites,
so I switched to 4.0.3SP1 (http://jira.jboss.com/jira/browse/JBAS-1983)
which is supposed to solve this problem. However when I use the xml
configuration described in the bug fix:-
<mbean code="org.jboss.invocation.jrmp.server.JRMPInvoker"
|
name="jboss:service=invoker,type=jrmp,socketType=SSLSocketFactory,wantsClientAuth=true">
| <attribute name="RMIObjectPort">0</attribute>
| <attribute
name="RMIClientSocketFactory">org.jboss.security.ssl.RMISSLClientSocketFactory
| </attribute>
| <attribute name="RMIServerSocketFactoryBean"
| attributeClass="org.jboss.security.ssl.RMISSLServerSocketFactory"
| serialDataType="javaBean">
| <property name="bindAddress">${jboss.bind.address}</property>
| <property name="securityDomain">java:/jaas/rmi-ssl</property>
| <property name="wantsClientAuth">true</property>
| <property name="needsClientAuth">true</property>
| <property
name="CiperSuites">TLS_RSA_WITH_AES_128_CBC_SHA</property>
| <property name="Protocols">SSLv2Hello,SSLv3,TLSv1</property>
| </attribute>
| </mbean>
I get the following error at startup:-
java.lang.NullPointerException
at org.jboss.security.ssl.Context.forDomain(Context.java:51)
at
org.jboss.security.ssl.DomainServerSocketFactory.initSSLContext(DomainServerSocketFactory.java:220)
at
org.jboss.security.ssl.DomainServerSocketFactory.createServerSocket(DomainServerSocketFactory.java:143)
at
org.jboss.security.ssl.DomainServerSocketFactory.createServerSocket(DomainServerSocketFactory.java:121)
at
org.jboss.security.ssl.RMISSLServerSocketFactory.createServerSocket(RMISSLServerSocketFactory.java:105)
at
sun.rmi.transport.tcp.TCPEndpoint.newServerSocket(TCPEndpoint.java:615)
at sun.rmi.transport.tcp.TCPTransport.listen(TCPTransport.java:231)
at
sun.rmi.transport.tcp.TCPTransport.exportObject(TCPTransport.java:178)
at sun.rmi.transport.tcp.TCPEndpoint.exportObject(TCPEndpoint.java:382)
at sun.rmi.transport.LiveRef.exportObject(LiveRef.java:116)
at
sun.rmi.server.UnicastServerRef.exportObject(UnicastServerRef.java:145)
at
sun.rmi.server.UnicastServerRef.exportObject(UnicastServerRef.java:129)
at
java.rmi.server.UnicastRemoteObject.exportObject(UnicastRemoteObject.java:275)
at
java.rmi.server.UnicastRemoteObject.exportObject(UnicastRemoteObject.java:206)
at
org.jboss.invocation.jrmp.server.JRMPInvoker.exportCI(JRMPInvoker.java:437)
at
org.jboss.invocation.jrmp.server.JRMPInvoker.startService(JRMPInvoker.java:359)
at
org.jboss.invocation.jrmp.server.JRMPInvoker$1.startService(JRMPInvoker.java:136)
at
org.jboss.system.ServiceMBeanSupport.jbossInternalStart(ServiceMBeanSupport.java:274)
at
org.jboss.system.ServiceMBeanSupport.jbossInternalLifecycle(ServiceMBeanSupport.java:230)
at
org.jboss.invocation.jrmp.server.JRMPInvoker.jbossInternalLifecycle(JRMPInvoker.java:631)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at
org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:141)
at org.jboss.mx.server.Invocation.dispatch(Invocation.java:80)
at org.jboss.mx.server.Invocation.invoke(Invocation.java:72)
at
org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:245)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:644)
at
org.jboss.system.ServiceController$ServiceProxy.invoke(ServiceController.java:943)
at $Proxy0.start(Unknown Source)
at org.jboss.system.ServiceController.start(ServiceController.java:428)
at org.jboss.system.ServiceController.start(ServiceController.java:446)
at org.jboss.system.ServiceController.start(ServiceController.java:446)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at
org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:141)
at org.jboss.mx.server.Invocation.dispatch(Invocation.java:80)
at org.jboss.mx.server.Invocation.invoke(Invocation.java:72)
at
org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:245)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:644)
at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:176)
at $Proxy4.start(Unknown Source)
at org.jboss.deployment.SARDeployer.start(SARDeployer.java:285)
at org.jboss.deployment.MainDeployer.start(MainDeployer.java:989)
at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:790)
at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:753)
at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:737)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at
org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:141)
at org.jboss.mx.server.Invocation.dispatch(Invocation.java:80)
at
org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:118)
at org.jboss.mx.server.Invocation.invoke(Invocation.java:74)
at
org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:127)
at org.jboss.mx.server.Invocation.invoke(Invocation.java:74)
at
org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:245)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:644)
at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:176)
at $Proxy5.deploy(Unknown Source)
at org.jboss.system.server.ServerImpl.doStart(ServerImpl.java:453)
at org.jboss.system.server.ServerImpl.start(ServerImpl.java:330)
at org.jboss.Main.boot(Main.java:187)
at org.jboss.Main$1.run(Main.java:438)
at java.lang.Thread.run(Thread.java:534)
Anyone got any ideas?
Note: I have SSL working when I use the configuration as descibed in the admin
guide(chapter 8), however this section has not been updated to include these
new property values to restrict the suites and it differs in format also ...
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3925804#3925804
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3925804
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user
