FtpWebRequest ServerCertificateValidationCallback never invoked - vb.net

Win 7, VS2013, .NET 4.5, winforms app
I'm trying to connect to FTP server over SSL/TLS using vb.net. I'm having issues with validating server certificate as ServerCertificateValidationCallback method I'm using seems to be ignored and hence connection to the server never happens, getting a time out error at GetResponse line. I've checked the connection on FileZilla and it works, after adding the server certificate as trusted.
Below's my FtpWebRequest:
ServicePointManager.ServerCertificateValidationCallback = Function(obj as [object], _
cert as X509Certificate, chain as X509Chain, error as SslPolicyErrors) _
(cert.Issuer.Equals("xxxxxx"))
Dim req As System.Net.FtpWebRequest = DirectCast(WebRequest.Create(New Uri("ftp://xxx.xxx.xxx:990")), _
System.Net.FtpWebRequest)
req.EnableSsl = True
req.Credentials = New Net.Credential("user","passw")
req.UsePassive = True
req.UseBinary = True
req.Proxy = Nothing
req.Method = WebRequestMethods.Ftp.ListDirectoryDetails
Dim res As System.Net.FtpWebResponse = DirectCast(req.GetResponse(),System.Net.FtpWebResponse)
I've seen similar topics considering HttpWebRequests, however nothing seems to be usable here. I also enabled tracing to see what's going on in detail:
System.Net Information: 0 : [17056] Current OS installation type is 'Client'.
System.Net Verbose: 0 : [17056] WebRequest::Create(ftp://xxx.xxx.xxx:990/)
System.Net Information: 0 : [17056]
FtpWebRequest#::.ctor(ftp://xxx.xxx.xxx:990/)
System.Net Verbose: 0 : [17056] Exiting WebRequest::Create() ->
FtpWebRequest#
System.Net Verbose: 0 : [17056]
ServicePoint#::ServicePoint(xxx.xxx.xxx:990)
System.Net Verbose: 0 : [17056] FtpWebRequest#::GetResponse()
System.Net Information: 0 : [17056]
FtpWebRequest#::GetResponse(Method=LIST.)
System.Net.Sockets Verbose: 0 : [17056]
Socket#::Socket(AddressFamily#2)
System.Net.Sockets Verbose: 0 : [17056] Exiting Socket#::Socket()
System.Net.Sockets Verbose: 0 : [17056]
Socket#::Socket(AddressFamily#23)
System.Net.Sockets Verbose: 0 : [17056] Exiting Socket#6::Socket()
System.Net.Sockets Verbose: 0 : [17056] DNS::TryInternalResolve(xxx.xxx.xxx)
System.Net.Sockets Verbose: 0 : [17056]
Socket#::Connect(xxx.xxx.xxx:990#-1234)
System.Net.Sockets Information: 0 : [17056] Socket# - Created
connection from xxx to xxx.xxx.xxx:990.
System.Net.Sockets Verbose: 0 : [17056] Exiting Socket#::Connect()
System.Net.Sockets Verbose: 0 : [17056] Socket#::Close()
System.Net.Sockets Verbose: 0 : [17056] Socket#::Dispose()
System.Net.Sockets Verbose: 0 : [17056] Exiting Socket#::Close()
System.Net Information: 0 : [17056] FtpControlStream# - Created
connection from xxx to xxx.xxx.xxx:990.
System.Net Information: 0 : [17056] Associating FtpWebRequest# with
FtpControlStream#
System.Net.Sockets Verbose: 0 : [17056] Socket#::Receive()
The thread 0x4ff0 has exited with code 0 (0x0).
System.Net Information: 0 : [0920] ServicePoint# - Closed as idle.
System.Net.Sockets Error: 0 : [17056]
Socket#::UpdateStatusAfterSocketError() - TimedOut
System.Net.Sockets Error: 0 : [17056] Exception in Socket#::Receive
- A connection attempt failed because the connected party did not properly
respond after a period of time, or established connection failed because
connected host has failed to respond.
System.Net.Sockets Verbose: 0 : [17056] Exiting Socket#::Receive()
-> Int32#0
System.Net.Sockets Verbose: 0 : [17056] Socket#::Dispose()
System.Net Information: 0 : [17056] FtpWebRequest#::(Releasing FTP
connection#)
System.Net Error: 0 : [17056] Exception in
FtpWebRequest#::GetResponse - The operation has timed out..
at System.Net.FtpWebRequest.GetResponse()
A first chance exception of type 'System.Net.WebException' occurred in
System.dll
System.Net Verbose: 0 : [17056] Exiting
FtpWebRequest#::GetResponse()
I see that there's an association lacking between FtpWebRequest and service point. Does anyone know how to fix it? I'd appreciate some directions or code samples.

Related

Error establishing SSL/TLS connection despite having registry keys DontEnableSchUseStrongCrypto and DontEnableSystemDefaultTlsVersions set

I developed an outlook plugin which makes a call to an url to retrieve a token.
As always, "works on my machine" (OutlookVersion "16.0.0.15726", Microsoft Windows 10 Pro
Version 10.0.19044 Build 19044).
We have a test server where i tried to install the Addin for testing (OutlookVersion "16.0.0.4266", Microsoft Windows Server 2016 Standard
Version 10.0.14393 Build 14393).
When making the call with HttpClient, i get the "couldn't establish SSL/TLS connection error". Code is as follows:
protected async Task<string> ExecuteAuthRequestAsync(string authUrl, CancellationToken cancelToken, HttpClient httpClient)
{
cancelToken.LogAndThrowIfCanceled(logger);
var request = new HttpRequestMessage(HttpMethod.Get, authUrl);
request.Headers.Add("Accept", VndPaosMimetype);
var response = await httpClient.SendAsync(request, HttpCompletionOption.ResponseContentRead, cancelToken);
response.EnsureSuccessStatusCode();
var authResponse = await response.Content.ReadAsStringAsync();
return authResponse;
}
The registry keys for SchUseStrongCrypto and SystemDefaultTlsVersions are set to 1 under HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft.NETFramework\v4.0.30319 and
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v4.0.30319
(see https://learn.microsoft.com/en-us/dotnet/framework/network-programming/tls)
I also set the configuration in the .config.
I even added the diagnostics configration to the .config to trace the TLS error
{
Accept: application/vnd.paos+xml
Host: <url>
Connection: Keep-Alive
} werden gesendet.
DateTime=2022-11-24T08:53:41.6113986Z
System.Net Information: 0 : [19444] SecureChannel#31352595::.ctor(hostname=<url>, #clientCertificates=0, encryptionPolicy=RequireEncryption)
DateTime=2022-11-24T08:53:41.6164042Z
System.Net Information: 0 : [19444] Sicherheitspakete werden enumeriert:
DateTime=2022-11-24T08:53:41.6194210Z
System.Net Information: 0 : [19444] Negotiate
DateTime=2022-11-24T08:53:41.6204064Z
System.Net Information: 0 : [19444] NegoExtender
DateTime=2022-11-24T08:53:41.6204064Z
System.Net Information: 0 : [19444] Kerberos
DateTime=2022-11-24T08:53:41.6204064Z
System.Net Information: 0 : [19444] NTLM
DateTime=2022-11-24T08:53:41.6204064Z
System.Net Information: 0 : [19444] TSSSP
DateTime=2022-11-24T08:53:41.6204064Z
System.Net Information: 0 : [19444] pku2u
DateTime=2022-11-24T08:53:41.6204064Z
System.Net Information: 0 : [19444] CloudAP
DateTime=2022-11-24T08:53:41.6204064Z
System.Net Information: 0 : [19444] WDigest
DateTime=2022-11-24T08:53:41.6204064Z
System.Net Information: 0 : [19444] Schannel
DateTime=2022-11-24T08:53:41.6204064Z
System.Net Information: 0 : [19444] Microsoft Unified Security Protocol Provider
DateTime=2022-11-24T08:53:41.6204064Z
System.Net Information: 0 : [19444] CREDSSP
DateTime=2022-11-24T08:53:41.6204064Z
System.Net Information: 0 : [19444] PWDSSP
DateTime=2022-11-24T08:53:41.6204064Z
System.Net Information: 0 : [19444] SecureChannel#31352595 - Noch 0 Clientzertifikate zum Auswählen verfügbar.
DateTime=2022-11-24T08:53:41.6294061Z
System.Net Information: 0 : [19444] SecureChannel#31352595::.AcquireClientCredentials, new SecureCredential() (flags=(ValidateManual, NoDefaultCred, SendAuxRecord, UseStrongCrypto), m_ProtocolFlags=(Zero), m_EncryptionPolicy=RequireEncryption)
DateTime=2022-11-24T08:53:41.6304013Z
System.Net Information: 0 : [19444] AcquireCredentialsHandle(package = Microsoft Unified Security Protocol Provider, intent = Outbound, scc = System.Net.SecureCredential)
DateTime=2022-11-24T08:53:41.6324058Z
System.Net Information: 0 : [19444] InitializeSecurityContext(credential = System.Net.SafeFreeCredential_SECURITY, context = (null), targetName = <url>, inFlags = ReplayDetect, SequenceDetect, Confidentiality, AllocateMemory, InitManualCredValidation)
DateTime=2022-11-24T08:53:41.6354063Z
System.Net Information: 0 : [19444] InitializeSecurityContext(Länge von In-Buffer = 0, Länge von Out-Buffer = 153, zurückgegebener Code = ContinueNeeded).
DateTime=2022-11-24T08:53:41.6414064Z
System.Net.Sockets Verbose: 0 : [19444] Entering Socket#51781231::BeginSend()
DateTime=2022-11-24T08:53:41.6464074Z
System.Net.Sockets Verbose: 0 : [19444] Exiting Socket#51781231::BeginSend() -> OverlappedAsyncResult#28002689
DateTime=2022-11-24T08:53:41.6474075Z
System.Net.Sockets Verbose: 0 : [5000] Data from Socket#51781231::PostCompletion
DateTime=2022-11-24T08:53:41.6514042Z
[...]
System.Net.Sockets Verbose: 0 : [5000] Entering Socket#51781231::EndSend(OverlappedAsyncResult#28002689)
DateTime=2022-11-24T08:53:41.6574040Z
System.Net.Sockets Verbose: 0 : [5000] Exiting Socket#51781231::EndSend() -> Int32#153
DateTime=2022-11-24T08:53:41.6584040Z
System.Net.Sockets Verbose: 0 : [5000] Entering Socket#51781231::BeginReceive()
DateTime=2022-11-24T08:53:41.6604081Z
System.Net.Sockets Verbose: 0 : [5000] Exiting Socket#51781231::BeginReceive() -> OverlappedAsyncResult#25961440
DateTime=2022-11-24T08:53:41.6624050Z
System.Net.Sockets Verbose: 0 : [5000] Data from Socket#51781231::PostCompletion
DateTime=2022-11-24T08:53:41.6624050Z
System.Net.Sockets Verbose: 0 : [5000] 00000000 : 15 03 03 00 02 : .....
DateTime=2022-11-24T08:53:41.6624050Z
System.Net.Sockets Verbose: 0 : [5000] Entering Socket#51781231::EndReceive(OverlappedAsyncResult#25961440)
DateTime=2022-11-24T08:53:41.6644056Z
System.Net.Sockets Verbose: 0 : [5000] Exiting Socket#51781231::EndReceive() -> Int32#5
DateTime=2022-11-24T08:53:41.6644056Z
System.Net.Sockets Verbose: 0 : [5000] Entering Socket#51781231::BeginReceive()
DateTime=2022-11-24T08:53:41.6664055Z
System.Net.Sockets Verbose: 0 : [19444] Data from Socket#51781231::PostCompletion
DateTime=2022-11-24T08:53:41.6664055Z
System.Net.Sockets Verbose: 0 : [19444] 00000000 : 02 28 : .(
DateTime=2022-11-24T08:53:41.6664055Z
System.Net.Sockets Verbose: 0 : [19444] Entering Socket#51781231::EndReceive(OverlappedAsyncResult#14684281)
DateTime=2022-11-24T08:53:41.6664055Z
System.Net.Sockets Verbose: 0 : [19444] Exiting Socket#51781231::EndReceive() -> Int32#2
DateTime=2022-11-24T08:53:41.6664055Z
System.Net.Sockets Verbose: 0 : [5000] Exiting Socket#51781231::BeginReceive() -> OverlappedAsyncResult#14684281
DateTime=2022-11-24T08:53:41.6664055Z
System.Net Information: 0 : [5000] InitializeSecurityContext(credential = System.Net.SafeFreeCredential_SECURITY, context = 14d12d72220:1f8df7d55a0, targetName = <url>, inFlags = ReplayDetect, SequenceDetect, Confidentiality, AllocateMemory, InitManualCredValidation)
DateTime=2022-11-24T08:53:41.6684073Z
System.Net Information: 0 : [5000] InitializeSecurityContext(Anzahl von In-Buffers = 2, Länge von Out-Buffer = 0, zurückgegebener Code = IllegalMessage).
DateTime=2022-11-24T08:53:41.6684073Z
System.Net.Sockets Verbose: 0 : [5000] Entering Socket#51781231::Dispose()
DateTime=2022-11-24T08:53:41.6864476Z
System.Net Error: 0 : [5000] Ausnahme in HttpWebRequest#54443429:: - Die Anfrage wurde abgebrochen: Es konnte kein geschützter SSL/TLS-Kanal erstellt werden...
DateTime=2022-11-24T08:53:41.6914164Z
System.Net Verbose: 0 : [5000] Entering HttpWebRequest#54443429::EndGetResponse()
DateTime=2022-11-24T08:53:41.6934164Z
System.Net Error: 0 : [5000] Ausnahme in HttpWebRequest#54443429::EndGetResponse - Die Anfrage wurde abgebrochen: Es konnte kein geschützter SSL/TLS-Kanal erstellt werden...
DateTime=2022-11-24T08:53:41.6934164Z
System.Net Information: 0 : [8740] ServicePoint#58366981::CloseConnectionGroupInternal(62809978)
DateTime=2022-11-24T08:53:41.7084210Z
System.Net Information: 0 : [8740] ServicePoint#58366981::CloseConnectionGroupHelper(connectionGroupName=62809978, closeInternal=True)
DateTime=2022-11-24T08:53:41.7094117Z
System.Net Information: 0 : [8740] ServicePoint#58366981::ReleaseConnectionGroup(62809978S>I>)
DateTime=2022-11-24T08:53:41.7104119Z
System.Net Information: 0 : [8740] ServicePoint#58366981::ReleaseConnectionGroup, returning(true)
DateTime=2022-11-24T08:53:41.7114113Z
System.Net Information: 0 : [8740] ServicePoint#58366981::CloseConnectionGroupHelper, returning(True)
DateTime=2022-11-24T08:53:41.7114113Z
According to this page (https://learn.microsoft.com/en-us/dotnet/framework/migration-guide/how-to-determine-which-versions-are-installed) and the powershell query, the .Net framework installed is 4.8+:
> (Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full").Release
528049
According to https://www.ssllabs.com/ssltest/ the requested page uses TLS 1.2
What do i have to do to get a working connection.

Ektron: synchronization between two servers stopped

We have problem with Ektron synchronization between two servers.
It stopped couple days ago. We tried the “Pause/Resume” button, but that didn’t work.
Do you know where to look for errors and how to troubleshoot this problem?
Please advise.
Updates :
version Ektron 8.6.1
synchronization schedule : daily at 11PM
Restarted services on both machines.
Found error in C:\Program Files (x86)\Ektron\EktronWindowsService40\log\errors
Type : System.InvalidOperationException, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
Message : The security identifier is not allowed to be the owner of this object.
Source : mscorlib
Help link :
Data : System.Collections.ListDictionaryInternal
TargetSite : Void Persist(System.String, System.Runtime.InteropServices.SafeHandle, System.Security.AccessControl.AccessControlSections, System.Object)
HResult : -2146233079
Stack Trace : at System.Security.AccessControl.NativeObjectSecurity.Persist(String name, SafeHandle handle, AccessControlSections includeSections, Object exceptionContext)
at System.Security.AccessControl.FileSystemSecurity.Persist(String fullPath)
at Ektron.FileSync.Common.FileSyncUtils.ChangePermissions(String filePath, String dirPath)
Stack Trace : at System.Security.AccessControl.NativeObjectSecurity.Persist(String name, SafeHandle handle, AccessControlSections includeSections, Object exceptionContext)
at System.Security.AccessControl.FileSystemSecurity.Persist(String fullPath)
at Ektron.FileSync.Common.FileSyncUtils.ChangePermissions(String filePath, String dirPath)
Severity: Error
Title:EktronWindowsServices Exception
Application Domain: Ektron.ASM.EktronServices40.exe
Process Id: 1568
Process Name: E:\Program Files (x86)\Ektron\EktronWindowsService40\Ektron.ASM.EktronServices40.exe

Sitefinity Backend not working - 404 Page not found

I am using Sitefinity CMS for my project. I am developing project on localhost. Uptill now all were going well. but, before 2 days when I try to open Sitefinity backend by entering http://localhost:60879/sitefinity, I am getting 404 Page not found error and redirect me to http://localhost:60879/404?aspxerrorpath=/Sitefinity/Authenticate/SWT
moreover, when I host this website on IIS with same physical path, it starts working. What I have tried so far
clear browsing history and restart
restart visual studio and run the code
check App_Data/Error.log
Error.log
Timestamp: 1/18/2017 7:04:00 AM
Message: HandlingInstanceID: 350f050d-ae62-4d9e-b491-d43e0cfa2c5f
An exception of type 'System.InvalidOperationException' occurred and was caught.
01/18/2017 12:34:00
Type : System.InvalidOperationException, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
Message : Stack empty.
Source : System
Help link :
Data : System.Collections.ListDictionaryInternal
TargetSite : Void ThrowInvalidOperationException(System.ExceptionResource)
HResult : -2146233079
Stack Trace : at System.ThrowHelper.ThrowInvalidOperationException(ExceptionResource resource)
at System.Collections.Generic.Stack`1.Pop()
at Microsoft.VisualStudio.Web.PageInspector.Runtime.WebForms.SelectionMappingRenderTraceListener.EndRendering(TextWriter writer, Object renderedObject)
at System.Web.UI.RenderTraceListener.RenderTraceListenerList.EndRendering(TextWriter writer, Object renderedObject)
at System.Web.UI.Control.RenderControlInternal(HtmlTextWriter writer, ControlAdapter adapter)
at System.Web.UI.Control.RenderControl(HtmlTextWriter writer, ControlAdapter adapter)
at System.Web.UI.Control.RenderControl(HtmlTextWriter writer)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
Additional Info:
MachineName : BRVM120
TimeStamp : 1/18/2017 7:04:00 AM
FullName : Telerik.Sitefinity.Utilities, Version=8.2.5900.0, Culture=neutral, PublicKeyToken=b28c218413bdf563
AppDomainName : /LM/W3SVC/17/ROOT-1-131291960014867668
ThreadIdentity :
WindowsIdentity : BRSOBO\hardik.gondalia
Requested URL : http://localhost:60879/Sitefinity/Authenticate/SWT?realm=http://localhost:60879/&redirect_uri=/sitefinity&deflate=true
Category: ErrorLog
Priority: 0
EventId: 90000
Severity: Error
Title:Enterprise Library Exception Handling
Machine: BRVM120
App Domain: /LM/W3SVC/17/ROOT-1-131291960014867668
ProcessId: 10520
Process Name: C:\Program Files (x86)\IIS Express\iisexpress.exe
Thread Name:
Win32 ThreadId:12936
Extended Properties:
I don't know how to make it work as it is the sitefinity in-box functionality.
Have a look at this blog post: http://www.sitefinitytipsandtricks.net/2016/08/18/fix-for-sitefinity-backend-issue-iis-detailed-error-404-0-not-found/
It suggests to follow all steps from the Sitefinity Documentation portal for configuring IIS to host your site:
http://docs.sitefinity.com/configure-the-iis-to-host-sitefinity-projects#windows-server-2012-r2-and-windows-8-1-with-iis-8-5
and if that does not help to check this article as well:
http://therobgregory.com/sitefinity-backend-issue-iis-detailed-error-404-0-not-found/

SimpleMessageListenerContainer Error Handling

I'm using a SimpleMessageListenerContainer as a basis for remoting over AMQP. Everything goes smooth provided that the RabbitMQ broker can be reached at process startup. However, if by any reason it can't be reached (network down, permissions problem, etc...) the container just keeps retrying to connect forever. How can I set up a retry behaviour in this case (for example, try at most 5 times with an exponential backoff and then abort, killing the process)? I've had a look at this, but it doesn't seem to work for me on container startup. Can anyone please shed some light?
At the very least, I'd like to be able to catch the exception and provide a log message, instead of printing the exception itself as is the default behaviour.
How can I set up a retry behaviour in this case
There is no sophisticated connection retry, just a simple recoveryInterval. The assumption is that the broker unavailability is temporary. Fatal errors (such as bad credentials) stop the container.
You could use some external process to try connectionFactory.createConnection() and stop() the SimpleMessageListenerContainer when you deem it's time to give up.
You could also subclass CachingConnectionFactory, override createBareConnection catch the exception and increment the recoveryInterval, then call stop() when you want.
EDIT
Since 1.5, you can now configure a backOff. Here's an example using Spring Boot...
#SpringBootApplication
public class RabbitBackOffApplication {
public static void main(String[] args) {
SpringApplication.run(RabbitBackOffApplication.class, args);
}
#Bean(name = "rabbitListenerContainerFactory")
public SimpleRabbitListenerContainerFactory simpleRabbitListenerContainerFactory(
SimpleRabbitListenerContainerFactoryConfigurer configurer,
ConnectionFactory connectionFactory) {
SimpleRabbitListenerContainerFactory factory = new SimpleRabbitListenerContainerFactory();
configurer.configure(factory, connectionFactory);
BackOff recoveryBackOff = new FixedBackOff(5000, 3);
factory.setRecoveryBackOff(recoveryBackOff);
return factory;
}
#RabbitListener(queues = "foo")
public void listen(String in) {
}
}
and
2018-04-16 12:08:35.730 INFO 84850 --- [ main] com.example.RabbitBackOffApplication : Started RabbitBackOffApplication in 0.844 seconds (JVM running for 1.297)
2018-04-16 12:08:40.788 WARN 84850 --- [cTaskExecutor-1] o.s.a.r.l.SimpleMessageListenerContainer : Consumer raised exception, processing can restart if the connection factory supports it. Exception summary: org.springframework.amqp.AmqpConnectException: java.net.ConnectException: Connection refused (Connection refused)
2018-04-16 12:08:40.788 INFO 84850 --- [cTaskExecutor-1] o.s.a.r.l.SimpleMessageListenerContainer : Restarting Consumer#57abad67: tags=[{}], channel=null, acknowledgeMode=AUTO local queue size=0
2018-04-16 12:08:40.789 INFO 84850 --- [cTaskExecutor-2] o.s.a.r.c.CachingConnectionFactory : Attempting to connect to: [localhost:1234]
2018-04-16 12:08:45.851 WARN 84850 --- [cTaskExecutor-2] o.s.a.r.l.SimpleMessageListenerContainer : Consumer raised exception, processing can restart if the connection factory supports it. Exception summary: org.springframework.amqp.AmqpConnectException: java.net.ConnectException: Connection refused (Connection refused)
2018-04-16 12:08:45.852 INFO 84850 --- [cTaskExecutor-2] o.s.a.r.l.SimpleMessageListenerContainer : Restarting Consumer#3479ea: tags=[{}], channel=null, acknowledgeMode=AUTO local queue size=0
2018-04-16 12:08:45.852 INFO 84850 --- [cTaskExecutor-3] o.s.a.r.c.CachingConnectionFactory : Attempting to connect to: [localhost:1234]
2018-04-16 12:08:50.935 WARN 84850 --- [cTaskExecutor-3] o.s.a.r.l.SimpleMessageListenerContainer : Consumer raised exception, processing can restart if the connection factory supports it. Exception summary: org.springframework.amqp.AmqpConnectException: java.net.ConnectException: Connection refused (Connection refused)
2018-04-16 12:08:50.935 INFO 84850 --- [cTaskExecutor-3] o.s.a.r.l.SimpleMessageListenerContainer : Restarting Consumer#2be60f67: tags=[{}], channel=null, acknowledgeMode=AUTO local queue size=0
2018-04-16 12:08:50.936 INFO 84850 --- [cTaskExecutor-4] o.s.a.r.c.CachingConnectionFactory : Attempting to connect to: [localhost:1234]
2018-04-16 12:08:50.938 WARN 84850 --- [cTaskExecutor-4] o.s.a.r.l.SimpleMessageListenerContainer : stopping container - restart recovery attempts exhausted

Unable to do a remote ejb access from a different host

We are using a servlet to access a remote ejb deployed on a different host and getting the
exception mentioned in the stacktrace below.
The remote access works if the servlet client and the remote ejb war are deployed in different domains and on the same host.
Works if they are deployed on the same host and same domain
does not work when deployed on two diffrent hosts.
Looking at the exception"CORBA.NO_PERMISSION: vmcid: 0x0 minor code: 0 completed: No", we thought it could be security issue.
But the test ejb application didnt have any security configurations. Tried adding the "" details to the sun-ejb-jar.xml
and used ProgrammaticLogin api. We got the same exception. Not sure if the security config was correct though.
The glassfish-corba log level was set to finest in the server where the ejb application was deployed. We then got this exception, "
org.omg.CORBA.BAD_INV_ORDER: FINE: IOP01600015: Service context add failed in portable interceptor because a service context with id 15 already exists vmcid: SUN minor code: 15 completed: No".
The full stacktrace is mentioned below in the server log.
tried using the front-end back-end test cases from Glassfish bug: http://java.net/jira/browse/GLASSFISH-15523. We are
getting the same exception.
Glassfish version: 3.1 build 43
Not sure where we are going wrong. Please help. Thanks.
Client Side log:
Caused by: javax.naming.NamingException: Exception resolving Ejb for 'Remote ejb-ref name=TestService,Remote 3.x interface =com.medallion.test.service.TestService,ejb-link=null,lookup=,mappedName=,jndi-name=corbaname:iiop:50.57.150.62:3700#TestService,refType=Session' . Actual (possibly internal) Remote JNDI name used for lookup is 'corbaname:iiop:50.57.150.62:3700#TestService__3_x_Internal_RemoteBusinessHome__' [Root exception is org.omg.CORBA.BAD_PARAM: FINE: IOP00100009: string_to_object conversion failed due to bad schema specific part in name TestService__3_x_Internal_RemoteBusinessHome__ vmcid: SUN minor code: 9 completed: No]
at com.sun.ejb.EjbNamingReferenceManagerImpl.resolveEjbReference(EjbNamingReferenceManagerImpl.java:178)
at com.sun.enterprise.container.common.impl.ComponentEnvManagerImpl$EjbReferenceProxy.create(ComponentEnvManagerImpl.java:1106)
at com.sun.enterprise.naming.impl.GlassfishNamingManagerImpl.lookup(GlassfishNamingManagerImpl.java:776)
at com.sun.enterprise.naming.impl.GlassfishNamingManagerImpl.lookup(GlassfishNamingManagerImpl.java:744)
at com.sun.enterprise.naming.impl.JavaURLContext.lookup(JavaURLContext.java:172)
at com.sun.enterprise.naming.impl.SerialContext.lookup(SerialContext.java:498)
... 38 more
Caused by: org.omg.CORBA.BAD_PARAM: FINE: IOP00100009: string_to_object conversion failed due to bad schema specific part in name TestService__3_x_Internal_RemoteBusinessHome__ vmcid: SUN minor code: 9 completed: No
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at com.sun.corba.ee.spi.orbutil.logex.corba.CorbaExtension.makeException(CorbaExtension.java:248)
at com.sun.corba.ee.spi.orbutil.logex.corba.CorbaExtension.makeException(CorbaExtension.java:95)
at com.sun.corba.ee.spi.orbutil.logex.WrapperGenerator.handleFullLogging(WrapperGenerator.java:387)
at com.sun.corba.ee.spi.orbutil.logex.WrapperGenerator.access$400(WrapperGenerator.java:107)
at com.sun.corba.ee.spi.orbutil.logex.WrapperGenerator$2.invoke(WrapperGenerator.java:511)
at com.sun.corba.ee.spi.orbutil.proxy.CompositeInvocationHandlerImpl.invoke(CompositeInvocationHandlerImpl.java:99)
at $Proxy142.soBadSchemaSpecific(Unknown Source)
at com.sun.corba.ee.impl.resolver.INSURLOperationImpl.resolveCorbaname(INSURLOperationImpl.java:227)
at com.sun.corba.ee.impl.resolver.INSURLOperationImpl.resolveINSURL(INSURLOperationImpl.java:154)
at com.sun.corba.ee.impl.resolver.INSURLOperationImpl.operate(INSURLOperationImpl.java:145)
at com.sun.corba.ee.impl.orb.ORBImpl.string_to_object(ORBImpl.java:976)
at com.sun.ejb.EjbNamingReferenceManagerImpl.resolveEjbReference(EjbNamingReferenceManagerImpl.java:171)
... 43 more
Caused by: org.omg.CORBA.NO_PERMISSION: ----------BEGIN server-side stack trace----------
org.omg.CORBA.NO_PERMISSION: vmcid: 0x0 minor code: 0 completed: No
at com.sun.enterprise.iiop.security.SecServerRequestInterceptor.handle_null_service_context(SecServerRequestInterceptor.java:421)
at com.sun.enterprise.iiop.security.SecServerRequestInterceptor.receive_request(SecServerRequestInterceptor.java:443)
at com.sun.corba.ee.impl.interceptors.InterceptorInvoker.invokeServerInterceptorIntermediatePoint(InterceptorInvoker.java:612)
at com.sun.corba.ee.impl.interceptors.PIHandlerImpl.invokeServerPIIntermediatePoint(PIHandlerImpl.java:612)
at com.sun.corba.ee.impl.protocol.CorbaServerRequestDispatcherImpl.getServantWithPI(CorbaServerRequestDispatcherImpl.java:333)
at com.sun.corba.ee.impl.protocol.CorbaServerRequestDispatcherImpl.dispatch(CorbaServerRequestDispatcherImpl.java:196)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleRequestRequest(CorbaMessageMediatorImpl.java:1624)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleRequest(CorbaMessageMediatorImpl.java:1486)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleInput(CorbaMessageMediatorImpl.java:990)
at com.sun.corba.ee.impl.protocol.giopmsgheaders.RequestMessage_1_2.callback(RequestMessage_1_2.java:214)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleRequest(CorbaMessageMediatorImpl.java:742)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.dispatch(CorbaMessageMediatorImpl.java:539)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.doWork(CorbaMessageMediatorImpl.java:2324)
at com.sun.corba.ee.impl.orbutil.threadpool.ThreadPoolImpl$WorkerThread.performWork(ThreadPoolImpl.java:497)
at com.sun.corba.ee.impl.orbutil.threadpool.ThreadPoolImpl$WorkerThread.run(ThreadPoolImpl.java:540)
----------END server-side stack trace---------- vmcid: 0x0 minor code: 0 completed: No
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at com.sun.corba.ee.impl.protocol.giopmsgheaders.MessageBase.getSystemException(MessageBase.java:900)
at com.sun.corba.ee.impl.protocol.giopmsgheaders.ReplyMessage_1_2.getSystemException(ReplyMessage_1_2.java:131)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.getSystemExceptionReply(CorbaMessageMediatorImpl.java:637)
at com.sun.corba.ee.impl.protocol.CorbaClientRequestDispatcherImpl.processResponse(CorbaClientRequestDispatcherImpl.java:499)
at com.sun.corba.ee.impl.protocol.CorbaClientRequestDispatcherImpl.marshalingComplete(CorbaClientRequestDispatcherImpl.java:373)
at com.sun.corba.ee.impl.protocol.CorbaClientDelegateImpl.invoke(CorbaClientDelegateImpl.java:273)
at com.sun.corba.ee.impl.protocol.CorbaClientDelegateImpl.is_a(CorbaClientDelegateImpl.java:395)
at org.omg.CORBA.portable.ObjectImpl._is_a(ObjectImpl.java:112)
at org.omg.CosNaming.NamingContextExtHelper.narrow(NamingContextExtHelper.java:73)
at com.sun.corba.ee.impl.resolver.INSURLOperationImpl.resolveCorbaname(INSURLOperationImpl.java:212)
... 47 more
Server Side log( after setting the corba log level to finest):
[#|2011-12-02T11:37:16.111-0600|FINE|glassfish3.1.1|javax.enterprise.resource.corba.org.glassfish.enterprise.iiop.impl|_ThreadID=161;_ThreadName=Thread-2;ClassName=org.glassfish.enterprise.iiop.impl.IIOPSSLSocketFactory;MethodName=setAcceptedSocketOptions;|setAcceptedSocketOptions: SocketOrChannelAcceptorImpl[3700 IIOP_CLEAR_TEXT true true] ServerSocket[addr=/0:0:0:0:0:0:0:0,localport=3700] Socket[addr=/173.13.42.205,port=54829,localport=3700]|#]
[#|2011-12-02T11:37:16.113-0600|FINE|glassfish3.1.1|javax.enterprise.resource.corba|_ThreadID=15;_ThreadName=Thread-2;ClassName=com.sun.logging.LogDomains$1;MethodName=getResourceBundle;|Can not find resource bundle for this logger. class name that failed: org.glassfish.enterprise.iiop.impl.GlassFishORBManager|#]
[#|2011-12-02T11:37:16.180-0600|FINE|glassfish3.1.1|javax.enterprise.resource.corba|_ThreadID=161;_ThreadName=Thread-2;ClassName=com.sun.logging.LogDomains$1;MethodName=getResourceBundle;|Can not find resource bundle for this logger. class name that failed: org.glassfish.enterprise.iiop.impl.GlassFishORBManager|#]
[#|2011-12-02T11:37:16.179-0600|FINE|glassfish3.1.1|javax.enterprise.resource.corba.org.glassfish.enterprise.iiop.impl|_ThreadID=161;_ThreadName=Thread-2;ClassName=org.glassfish.enterprise.iiop.impl.POAProtocolMgr;MethodName=getEjbDescriptor;|POAProtocolMgr.getEjbDescriptor->: [B#77dc7838|#]
[#|2011-12-02T11:37:16.181-0600|FINE|glassfish3.1.1|javax.enterprise.resource.corba|_ThreadID=161;_ThreadName=Thread-2;ClassName=com.sun.logging.LogDomains$1;MethodName=getResourceBundle;|Can not find resource bundle for this logger. class name that failed: org.glassfish.enterprise.iiop.impl.GlassFishORBManager|#]
[#|2011-12-02T11:37:16.181-0600|FINE|glassfish3.1.1|javax.enterprise.resource.corba.org.glassfish.enterprise.iiop.impl|_ThreadID=161;_ThreadName=Thread-2;ClassName=org.glassfish.enterprise.iiop.impl.POAProtocolMgr;MethodName=getEjbDescriptor;|POAProtocolMgr.getEjbDescriptor: [B#77dc7838: ejbId: 4,294,967,297|#]
[#|2011-12-02T11:37:16.181-0600|FINE|glassfish3.1.1|javax.enterprise.resource.corba|_ThreadID=161;_ThreadName=Thread-2;ClassName=com.sun.logging.LogDomains$1;MethodName=getResourceBundle;|Can not find resource bundle for this logger. class name that failed: org.glassfish.enterprise.iiop.impl.GlassFishORBManager|#]
[#|2011-12-02T11:37:16.181-0600|FINE|glassfish3.1.1|javax.enterprise.resource.corba.org.glassfish.enterprise.iiop.impl|_ThreadID=161;_ThreadName=Thread-2;ClassName=org.glassfish.enterprise.iiop.impl.POAProtocolMgr;MethodName=getEjbDescriptor;|POAProtocolMgr.getEjbDescriptor<-: [B#77dc7838: null|#]
[#|2011-12-02T11:37:16.183-0600|FINE|glassfish3.1.1|javax.enterprise.resource.corba.OMG|_ThreadID=161;_ThreadName=Thread-2;ClassName=com.sun.corba.ee.spi.orbutil.logex.WrapperGenerator;MethodName=handleFullLogging;|IOP01600015: Service context add failed in portable interceptor because a service context with id 15 already exists
org.omg.CORBA.BAD_INV_ORDER: FINE: IOP01600015: Service context add failed in portable interceptor because a service context with id 15 already exists vmcid: SUN minor code: 15 completed: No
at sun.reflect.GeneratedConstructorAccessor729.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at com.sun.corba.ee.spi.orbutil.logex.corba.CorbaExtension.makeException(CorbaExtension.java:248)
at com.sun.corba.ee.spi.orbutil.logex.corba.CorbaExtension.makeException(CorbaExtension.java:95)
at com.sun.corba.ee.spi.orbutil.logex.WrapperGenerator.handleFullLogging(WrapperGenerator.java:387)
at com.sun.corba.ee.spi.orbutil.logex.WrapperGenerator.access$400(WrapperGenerator.java:107)
at com.sun.corba.ee.spi.orbutil.logex.WrapperGenerator$2.invoke(WrapperGenerator.java:511)
at com.sun.corba.ee.spi.orbutil.proxy.CompositeInvocationHandlerImpl.invoke(CompositeInvocationHandlerImpl.java:99)
at $Proxy210.serviceContextAddFailed(Unknown Source)
at com.sun.corba.ee.impl.interceptors.ServerRequestInfoImpl.enqueue(ServerRequestInfoImpl.java:702)
at com.sun.corba.ee.impl.interceptors.ServerRequestInfoImpl.add_reply_service_context(ServerRequestInfoImpl.java:482)
at com.sun.corba.ee.impl.interceptors.ServerRequestInfoImpl.setCurrentExecutionPoint(ServerRequestInfoImpl.java:738)
at com.sun.corba.ee.impl.interceptors.PIHandlerImpl.invokeServerPIEndingPoint(PIHandlerImpl.java:632)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.runInterceptors(CorbaMessageMediatorImpl.java:2189)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.createResponseHelper(CorbaMessageMediatorImpl.java:2101)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.createResponseHelper(CorbaMessageMediatorImpl.java:2089)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.createSystemExceptionResponse(CorbaMessageMediatorImpl.java:2014)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleThrowableDuringServerDispatch(CorbaMessageMediatorImpl.java:1796)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleThrowableDuringServerDispatch(CorbaMessageMediatorImpl.java:1758)
at com.sun.corba.ee.impl.protocol.CorbaServerRequestDispatcherImpl.dispatch(CorbaServerRequestDispatcherImpl.java:255)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleRequestRequest(CorbaMessageMediatorImpl.java:1624)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleRequest(CorbaMessageMediatorImpl.java:1486)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleInput(CorbaMessageMediatorImpl.java:990)
at com.sun.corba.ee.impl.protocol.giopmsgheaders.RequestMessage_1_2.callback(RequestMessage_1_2.java:214)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.handleRequest(CorbaMessageMediatorImpl.java:742)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.dispatch(CorbaMessageMediatorImpl.java:539)
at com.sun.corba.ee.impl.protocol.CorbaMessageMediatorImpl.doWork(CorbaMessageMediatorImpl.java:2324)
at com.sun.corba.ee.impl.orbutil.threadpool.ThreadPoolImpl$WorkerThread.performWork(ThreadPoolImpl.java:497)
at com.sun.corba.ee.impl.orbutil.threadpool.ThreadPoolImpl$WorkerThread.run(ThreadPoolImpl.java:540)
|#]
Code used:
Client:
servlet:
#WebServlet("/TestServlet")
public class TestServlet extends HttpServlet {
#EJB(name = "TestService")
private TestService testService;
/**
* #see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
*/
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
PrintWriter w = response.getWriter();
try {
w.write("Test o/p: " + testService.testEJB("This is a test msg") + "\n");
} catch (Exception e) {
e.printStackTrace(w);
}
}
}
sun-web.xml:
<ejb-ref>
<ejb-ref-name>TestService</ejb-ref-name>
<!-- <jndi-name>corbaname:iiop:localhost:3700#TestService</jndi-name> -->
<jndi-name>corbaname:iiop:<ip>:3700#TestService</jndi-name>
</ejb-ref>
Remote ejb:
#Stateless(mappedName="TestService")
public class TestServiceImpl implements Serializable, TestService {
private static final long serialVersionUID = 1L;
private static final Logger logger = Logger.getLogger(TestServiceImpl.class.getName());
#Resource EJBContext ejbContext;
#Override
public String testEJB(String testStr) {
String userName = ejbContext.getCallerPrincipal().getName();
System.out.println("Username: " + userName);
return "Msg Recieved: " + testStr;
}
sun-ejb-jar.xml:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE sun-ejb-jar PUBLIC "-//Sun Microsystems, Inc.//DTD Application Server 9.0 EJB 3.0//EN" "http://www.sun.com/software/appserver/dtds/sun-ejb-jar_3_0-0.dtd">
<sun-ejb-jar>
<enterprise-beans>
<ejb>
<ejb-name>TestServiceImpl</ejb-name>
<jndi-name>TestService</jndi-name>
<!--<ior-security-config>
<as-context>
<auth-method>USERNAME_PASSWORD</auth-method>
<realm>database-realm</realm>
<required>true</required>
</as-context>
<sas-context>
<caller-propagation>supported</caller-propagation>
</sas-context>
<transport-config>
<establish-trust-in-client>supported</establish-trust-in-client>
</transport-config>
</ior-security-config>-->
</ejb>
</enterprise-beans>
<security-role-mapping>
</security-role-mapping>
</sun-ejb-jar>
Perhaps not the answer to your question but I'll mention this here:
We had a similar problem with glassfish 3.1.2 where the occurring exception mentions CORBA.NO_PERMISSION and there is no stacktrace on the server side. Somewhere in the logfile we found the Exception Invalid iiop-listener orb-listener-1. Lazy-init not supported for SSL iiop-listeners
This is a bug in glassfish see:
https://java.net/jira/browse/GLASSFISH_CORBA-13
The glassfish admin interface automatically adds an SSL entry to the configured non SSL iiop-listener, due to this, the exception occures and remoting won't work anymore. As workaround you can remove the SSL-config-entry from the domain.xml manually to get remoting work again. But a soon as you open the IOP-Listener section again in the admin interface, the entry will be created again on glassfish restart.