Hi,
I'm having trouble configuring MICO (2.3.12) to register with a
Websphere 5.x server's Naming service.
Without SSL or CSIv2 enabled I can register with a weblogic Naming
service OK, and get a registration failure on the websphere, with a lack
of credentials message on the WebSphere side, as expected.
Turning on CSIv2 (building with OpenSLL 0.9.8g ) I can't configure the
ORB to register with the naming service - it looks like it's not getting
to the point of actually talking to websphere, but I can't see what's
wrong. I've been trying different parameters, but to no avail. It looks
to me like an SSL IIOP profile
needs to be set up in MICO, but I don't know how to trigger this. Sorry,
I'm not very SSL knowledgeable...
These are the current options I am passing with the trace below:
-ORBCSIv2 -ORBInitRef NameService=corbaname::10.26.1.112:2820
-ORBGSSClientUser mike,Test1
Any help or pointers appreciated!
Keith.
------------------------------------------------------------------------
--------------------------------------------
Using 0 as a concurrency model of whole orb.
Using thread-pool concurrency model.
Using client concurrency model: threaded
MICO::InputHandler::InputHandler()
ActiveMsgQueue::ActiveMsgQueue(): (00DE77E8)
MICO::MTDispatcher::MTDispatcher()
ActiveMsgQueue::ActiveMsgQueue(): (00DE7B58)
CSIv2: added client user name: `mike' passwd: `Test1'
encoded realm name:
04 01 00 08 06 06 67 81 02 01 01 01 00 00 00 0e ......g. ........
40 64 65 66 61 75 6c 74 5f 72 65 61 6c 6d @default _realm
CSIv2::ComponentDecoder::ComponentDecoder()
SecurityManager uses GIOP version 1.2
IIOP: server listening on inet:K1-PC.cdl.co.uk:1746 IIOP version 1.2
binding to inet:K1-PC.cdl.co.uk:1746
void_array::__fast_insert (00DEC778): return 0
IOR: establish_components
00 00 00 00 01 00 00 00 40 00 00 00 22 00 00 00 ........ @..."...
00 00 00 00 00 00 40 00 08 00 00 00 06 06 67 81 [EMAIL PROTECTED]
......g.
02 01 01 01 1e 00 00 00 04 01 00 08 06 06 67 81 ........ ......g.
02 01 01 01 00 00 00 0e 40 64 65 66 61 75 6c 74 ........ @default
5f 72 65 61 6c 6d 00 00 00 00 00 00 00 00 00 00 _realm.. ........
01 00 00 00 08 00 00 00 06 06 67 81 02 01 01 01 ........ ..g.....
02 00 00 00 ....
CSIv2::ComponentDecoder::decode(...): length(100)
comp: 00DCE7C0
added component into profile(0):
CSIv2:
ComponentId: TAG_CSI_SEC_MECH_LIST
Stateful: false
Length: 1
[0]: target_requires: 64
transport_mech: tag: TAG_NULL_TAG
as_context_mech.target_supports = 0
sas_context_mech.target_supports = 0
IOR: can't find SSL IIOP profile
CSIv2::Component::clone() const
CSIv2::Component::Component(const Component& c)
client: send_request with SAS service context
CSS_impl::send_request
component(id:33) is not in active profile.
catch CORBA::BAD_PARAM
CSIv2::CSS_impl::write_sas_context
Using 0 as a concurrency model of whole orb.
Using thread-pool concurrency model.
Using client concurrency model: threaded
MICO::InputHandler::InputHandler()
ActiveMsgQueue::ActiveMsgQueue(): (00DE7720)
MICO::MTDispatcher::MTDispatcher()
ActiveMsgQueue::ActiveMsgQueue(): (00DE7A90)
CSIv2: added client user name: `mike' passwd: `Test1'
encoded realm name:
04 01 00 08 06 06 67 81 02 01 01 01 00 00 00 0e ......g. ........
40 64 65 66 61 75 6c 74 5f 72 65 61 6c 6d @default _realm
CSIv2::ComponentDecoder::ComponentDecoder()
SecurityManager uses GIOP version 1.2
IIOP: server listening on inet:K1-PC.cdl.co.uk:1751 IIOP version 1.2
binding to inet:K1-PC.cdl.co.uk:1751
void_array::__fast_insert (00DEC5B0): return 0
IOR: establish_components
00 00 00 00 01 00 00 00 40 00 00 00 22 00 00 00 ........ @..."...
00 00 00 00 40 00 40 00 08 00 00 00 06 06 67 81 [EMAIL PROTECTED]@.
......g.
02 01 01 01 1e 00 00 00 04 01 00 08 06 06 67 81 ........ ......g.
02 01 01 01 00 00 00 0e 40 64 65 66 61 75 6c 74 ........ @default
5f 72 65 61 6c 6d 00 04 00 00 00 00 00 00 00 00 _realm.. ........
01 00 00 00 08 00 00 00 06 06 67 81 02 01 01 01 ........ ..g.....
02 00 00 00 ....
CSIv2::ComponentDecoder::decode(...): length(100)
comp: 00DCE7E8
added component into profile(0):
CSIv2:
ComponentId: TAG_CSI_SEC_MECH_LIST
Stateful: false
Length: 1
[0]: target_requires: 64
transport_mech: tag: TAG_NULL_TAG
as_context_mech.target_supports: 64
as_context_mech.target_requires: 64
as_context_mech.client_authentication_mech:
oid:2.23.130.1.1.1 (GSSUP::GSSUPMechOID)
as_context_mech.target_name:
[EMAIL PROTECTED]'
sas_context_mech.target_supports: 1024
sas_context_mech.target_requires: 0
sas_context_mech.supported_naming_mechanisms[0]: oid:2.23.130.1.1.1
(GSSUP::GSSUPMechOID)
sas_context_mech.supported_identity_types: 2
IOR: can't find SSL IIOP profile
CSIv2::Component::clone() const
CSIv2::Component::Component(const Component& c)
CSIv2::Component::clone() const
CSIv2::Component::Component(const Component& c)
client: send_request with SAS service context
CSS_impl::send_request
component(id:33) is not in active profile.
catch CORBA::BAD_PARAM
CSIv2::CSS_impl::write_sas_context
********************************************************************************
This email is intended only for the person(s) named above and may contain
private and confidential information. If it has come to you in error, please
destroy and permanently delete any copy in your possession and contact us on
+44 (0) 161 480 4420. The information in this email is copyright © CDL Group
Holdings Limited. We cannot accept any liability for any loss or damage
sustained as a result of software viruses. It is your responsibility to carry
out such virus checking as is necessary before opening any attachment.
Cheshire Datasystems Limited uses software which automatically screens incoming
emails for inappropriate content and attachments. If the software identifies
such content or attachment, the email will be forwarded to our Technology
Department for checking. You should be aware that any email which you send to
Cheshire Datasystems Limited is subject to this procedure.
Cheshire Datasystems Limited, Strata House, Kings Reach Road, Stockport SK4 2HD
Registered in England and Wales with Company Number 3991057
VAT registration : 727 1188 33
******************************************************************************
_______________________________________________
Mico-devel mailing list
Mico-devel@mico.org
http://www.mico.org/mailman/listinfo/mico-devel
