Table of Contents
This chapter describes interoperability and RMI-IIOP protocol used by EJB.
JEUS supports RMI-IIOP protocol used to invoke EJB from a different WAS or system. RMI-IIOP is based on CORBA (Common Object Request Broker Architecture) that is defined by OMG (http://omg.org), and EJB specification standard for interoperability. Consider using the RMI-IIOP interoperability function to support remote calls within JEUS or from a different WAS. The RMI-IIOP remote call method is one of the methods that support calls from a different WAS or system. There are other methods that call EJB on JEUS from a different WAS and integrates the transaction (or vice versa), but this chapter only covers the RMI-IIOP method.
Interoperability can mean calling EJB on JEUS from another system and calling EJB on WAS from JEUS, which means JEUS can be both a RMI-IIOP server and client. There needs to be runtime support for ORB (Object Request Broker), and support for transaction and security interoperability.
JEUS contains ORB runtime which automatically creates dynamic stub in memory without using COS Naming Server or stub classes that support the CORBA Naming Service. It implements the OTS (Object Transaction Service) specification for transaction interoperability and the CSIv2 (Common Secure Interoperability version 2) specification for security interoperability.
For more information on CORBA and RMI-IIOP, use the following links.
Transaction interoperability is implemented based on OTS (Object Transaction Service) specification. The object mentioned here is the CORBA Object, which is affected by the transaction.
When using OTS, an interceptor (a listener type) which can process transactions is added to CORBA. This additional interceptor handles the transaction related part of the IIOP protocol header. Through this, JEUS, which plays a role of a client or server, supports transaction propagation between different remote systems (WAS or JEUS).
OTS specification 1.2 is the currently supported version
CSIv2 specification guarantees security interoperability. If this CSI is used, like the OTS, an interceptor that can process security is added to ORB, and this interceptor handles the header and other security related parts.
Security interoperability starts by attaching security information for CSI to IOR (Interoperable Object Reference) of EJB reference. If IOR is registered to a naming service, the client side ORB that is trying to used it and the JEUS MS handles negotiation on the security level of the IIOP protocol. JEUS MS acts as a client when it needs CSI Services to call another EJB bean.
For more information on security interoperability, refer to CSIv2 specification of CORBA.
Since, by default, interoperability is not configured, it must be configured for use.
In order to expose JEUS EJB to RMI-IIOP, activate the Enable Interop option of COS Naming Service and MS. EJB should be deployed with IIOP export related settings configured. If JEUS is only used as a RMI-IIOP client, only the Enable Interop option of the relevant MS needs to be activated.
The interoperability settings are configured using the WebAdmin.
Besides the basic JNDI Naming Service provided by MS, the COS Naming Service for CORBA objects can also be added. An EJB reference (stub) exposed to RMI-IIOP is saved in the COS Naming Service, and an EJB client looks up the reference and uses it.
The COS Naming Service operates in the JEUS Manager JVM and uses BASEPORT + 4 (e.g. 9,740) as the service port.
'BASEPORT' is the 'Listen Port' in WebAdmin. To check for a Listener Port, click [Servers] on the left pane to go to the Servers page. Select a server from the list, and then click [Resource] > [Listener]. Select [base] from the list of listeners to display the Listen Port.
In order to use interoperability needed for RMI-IIOP clients and servers, interoperability property must be activated. This must be done to initialize the ORB.
In order to activate the property, click [Servers] and then select a server from the search list. In Advanced Options of the Server page, enable the 'Enable Interop' option.
For more information about CSlvs, refer to "5.2.3. CSIv2 Security Interoperability Configuration".
In order to perform CSIv2 protocol, use the information from two additional security environment files and JEUS Security Manager. The two additional security environment files are keystore and truststore.
The paths and necessary information of these two files can be configured through the WebAdmin or system property.
CSIv2 related settings are specified in the Interop Ssl Config of the Enable Interop.
Besides WebAdmin, the setting can also be configured through the system property of the execution script. However, WebAdmin configurations have higher priority.
The following are options for this setting. Set this value by using -D option.
[Table 5.1] JVM –D Parameters Related to Keystore and Truststore
Parameter | Description |
---|---|
jeus.ssl.keystore | Absolute path to the keystore file. (Default value: DOMAIN_HOME/config/keystore) |
jeus.ssl.keypass | Password for the keystore file.(Default value: jeuskeypass) |
jeus.ssl.truststore | Absolute path to the truststore file. (Default value: DOMAIN_HOME/config/truststore) |
jeus.ssl.trustpass | Password for the truststore file.(Default value: jeustrustpass) |
Authentication and authorization may not be needed between trusted nodes.
By setting the IP address to jeus.ejb.csi.trusthosts, you can prevent any unnecessary security checks between trusted nodes. JEUS Security Manager uses the guest user, which represents an anonymous principal for anonymous user access.
In order to expose EJB to RMI-IIOP, configure the <export-iiop> option for each EJB in jeus-ejb-dd.xml. If the <export-iiop> option is set, EJB Home Reference is registered to a COS Naming Service using the given <export-name>. This way, EJB Reference can be fetched and used through the COS Naming Service. The following is an example of the jeus-ejb-dd.xml file in which EJB RMI-IIOP is configured.
[Example 5.1] Configuring EJB RMI-IIOP : <<jeus-ejb-dd.xml>>
...
<jeus-bean>
<ejb-name>CalcEJB</ejb-bean>
<export-name>ejb/Calc</export-name>
<export-iiop>
<only-iiop>true</only-iiop>
</export-iiop>
</jeus-bean>
...
The following table explains the configuration tag.
Only EJB Home and EJB Object Reference can be currently exposed through RMI-IIOP. EJB 3.0 business views cannot be exposed through RMI-IIOP.
RMI-IIOP clients can be standalone clients, or WAS from another JEUS or another vendor. This section describes the methods for using EJB.
The following is the method for calling RMI-IIOP EJB on JEUS or another vendor's WAS from applications running on JEUS MS.
First, COS Naming Server looks up EJB Home Reference (Stub). The Naming Server can get it directly by using the JNDI APIs corbaname URL as follows:
[Example 5.2] Using Corbaname Lookup
InitialContext ctx = new InitialContext(); Object obj = ctx.lookup("corbaname:iiop:1.2@192.168.11.22:9740#ejb/Calc"); CalcHome home = (CalcHome)PortableRemoteObject.narrow(obj, CalcHome.class); Calc calcRef = home.create();
URL has the form of "corbaname:iiop:1.2@<host>:<port>#<name>", and <host> and <port> are the address of the COS Naming Server. Also, by directly specifying the COS Naming Server as the PROVIDER URL, you can get and use the InitialContext.
Since there are multiple methods to specify the PROVIDER URL, you should specify one to use as in the following example.
[Example 5.3] Using PROVIDER URL
Hashtable env = new Hashtable(); env.put(Context.PROVIDER_URL, "iiop://192.168.11.22:9740"); // env.put(Context.PROVIDER_URL, "iiopname://192.168.11.22:9740"); // env.put(Context.PROVIDER_URL, "corbaname:iiop:1.2@192.168.11.22:9740"); // env.put(Context.PROVIDER_URL, "corbaloc:iiop:1.2@192.168.11.22:9740"); InitialContext ctx = new InitialContext(env); Object obj = ctx.lookup("ejb/Calc"); CalcHome home = (CalcHome)PortableRemoteObject.narrow(obj, CalcHome.class); Calc calcRef = home.create();
For clients using dependency injection or a logical JNDI name in the form of "java:comp/env/", the <export-name> option should be mapped to the previous corbaname URL in the JEUS application DD file, such as the jeus-web-dd.xml file.
[Example 5.5] RMI-IIOP EJB Mapping : <<jeus-web-dd.xml>>
<ejb-ref> <jndi-info> <ref-name>ejb/Calc</ref-name> <export-name>corbaname:iiop:1.2@192.168.11.22:9740#ejb/Calc</export-name> </jndi-info> </ejb-ref>
The method to call RMI-IIOP EJB of JEUS from applications running on another vendor's WAS is similar to the method described in "5.3.1. JEUS Managed Server" .
In this case, check whether ORB configuration is needed like in JEUS, and configure it if necessary. For more information, refer to the relevant product documentation.
Since ORB runtime and related settings are not configured for standalone clients, you need to add the jclient.jar client library, as well as the omgapi.jar and peorb.jar files to the class path. You must also add the jeus.client.interop=true system property.
The method to obtain the EJB Home Reference (Stub) is similar to that in "5.3.1. JEUS Managed Server" . However, you should also configure the JNDI provider from JEUS.
[Example 5.6] Using Standalone Client
Hashtable env = new Hashtable(); env.put(Context.INITIAL_CONTEXT_FACTORY, "jeus.jndi.JNSContextFactory"); env.put(Context.PROVIDER_URL, "iiop://192.168.11.22:9740"); InitialContext ctx = new InitialContext(env); Object obj = ctx.lookup("ejb/Calc"); CalcHome home = (CalcHome)PortableRemoteObject.narrow(obj, CalcHome.class); Calc calcRef = home.create();
Known issues are as follows:
Continued retries to access a server for one minute when server access fails
ORB embedded in JEUS performs retries to access a server for 60 seconds when it cannot access the server. A separate sleep time is not used in this case. Therefore, too many log messages may occur or CPU may experience extreme overload. To prevent this, the following option should be set as a system property of a client (unit: ms, the default value: 60,000).
com.sun.corba.ee.transport.ORBCommunicationsRetryTimeout=1
NullPointerException occurs after PortableRemoteObject.narrow() is invoked
When a client executes the following, home object is returned as null and the NullPointerException may occur.
[Example 5.7] NullPointerException Occurrence
CalcHome home = (CalcHome)PortableRemoteObject.narrow(obj, CalcHome.class); // null is returned Calc calcRef = home.create(); // NullPointerException
This exception is thrown when CORBA stub class can not be found. This occurs when the Enable Interop setting is incorrectly configured in JEUS MS. If it is correctly configured, a correct ORB is initialized and Stub is automatically created in memory. For external clients, this error may occur if there is no function to create dynamic stub in memory.
For standalone clients, check whether the following is configured in the system property.
jeus.client.interop=true
Unable to find EJB with a name that includes a period (.) in WebLogic
If <export-name> is specified with a value that includes a period (.) like in "com.acme.CalcHome", lookup fails in WebLogic. Because WebLogic handles a period (.) like a slash (/), it forwards the request as "com/acme/CalcHome". In this case, you must not use a name that includes a period (.).