John, Thank you very much for your answer!
> Let me know what happens. Well, I tried correcting j2ee-server-plan.xml and config.xml, and I also tried to provide the proper value for allowHosts in GUI installer - it all didn't help. What really helped is correcting modules/assembly/maven.xml file and specifying the IP address of the client in line 247 (specifying host name or 255.255.255.255 mask also didn't help): <j:set var="PlanClientAddresses" value="<MY_CLIENT_HOST_IP_ADDRESS>"/> and then rebuilding Geronimo. However, it didn't helped much. I made additional investigation for the problem location and here's what I've found: The problem occurs in file org/openejb/client/Client.java: http://cvs.codehaus.org/viewrep/openejb/openejb/modules/core/src/java/or g/openejb/client/Client.java?r=1.5 Previously the problem occured at line 171 (see code, the exceptions are wrapped badly there): javax.naming.AuthenticationException: Cannot deternmine server protocol version: Received null/0.0; nested exception is: java.io.IOException: Unable to read protocol version. Reached the end of the stream. at org.openejb.client.JNDIContext.authenticate(JNDIContext.java:196) at org.openejb.client.JNDIContext.getInitialContext(JNDIContext.java:181) at javax.naming.spi.NamingManager.getInitialContext(Unknown Source) at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source) at javax.naming.InitialContext.init(Unknown Source) at javax.naming.InitialContext.<init>(Unknown Source) And after the fix to maven.xml and rebuilding Geronimo another error occurs a bit later, at line 192: javax.naming.AuthenticationException: Cannot read the response from the server (OEJP/2.0) : null; nested exception is: java.io.EOFException at org.openejb.client.JNDIContext.authenticate(JNDIContext.java:196) at org.openejb.client.JNDIContext.getInitialContext(JNDIContext.java:181) at javax.naming.spi.NamingManager.getInitialContext(Unknown Source) at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source) at javax.naming.InitialContext.init(Unknown Source) at javax.naming.InitialContext.<init>(Unknown Source) Previous problem was clearly a configuration issue, that was at last resolved, but I have completely no idea on what to do with this new problem. :( Can it be that Geronimo/OpenEJB does not accept remote JNDI connections at all?? With best regards, Vasily Zakharov, Intel Managed Runtime Division -----Original Message----- From: John Sisson [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 23, 2005 3:23 PM To: [email protected] Subject: Re: JNDI remote authentication problem Hi Vasily, In the j2ee-server-plan.xml file it configures the IP addresses that the (OpenEJB) EJB daemon will accept connections from in the "allowHosts" attribute. For example: <!-- EJB Protocol --> <gbean gbeanName="geronimo:type=NetworkService,name=EJB" class="org.activeio.xnet.StandardServiceStackGBean"> <attribute name="name">EJB</attribute> <attribute name="port">${PlanOpenEJBPort}</attribute> <attribute name="host">${PlanServerHostname}</attribute> <attribute name="allowHosts">${PlanClientAddresses}</attribute> <attribute name="logOnSuccess">HOST,NAME,THREADID,USERID</attribute> <attribute name="logOnFailure">HOST,NAME</attribute> <reference name="Executor"><name>DefaultThreadPool</name></reference> <reference name="Server"><gbean-name>openejb:type=Server,name=EJB</gbean-name></ref erence> </gbean> The In the geronimo\var\config.xml file (where you can specify attribute values that can override the values in the deployed plan) you should see the following section: <configuration name="org/apache/geronimo/Server"> <gbean name="openejb:type=NetworkService,name=EJB"> <attribute name="host">0.0.0.0</attribute> <attribute name="port">4201</attribute> </gbean> </configuration> In theory, you should be able to edit the config.xml file and specify the allowable remote host by doing something like: <configuration name="org/apache/geronimo/Server"> <gbean name="openejb:type=NetworkService,name=EJB"> <attribute name="host">0.0.0.0</attribute> <attribute name="port">4201</attribute> <attribute name="allowHosts">myhostname</attribute> </gbean> </configuration> *** But I have a bug currently open where the port number in the config.xml file as shown in the example above is not actually used and I have a feeling the same problem will happen for allowHosts (see http://issues.apache.org/jira/browse/GERONIMO-1151 ). I haven't had a chance to debug this yet. Let me know what happens. I think most of the testing so far has been done on the localhost with the default port. Regards, John Zakharov, Vasily M wrote: > Hello, all. > > > > I'm trying to run an application that should access the beans > (deployed in a Geronimo server running on other machine) with a JNDI > request. > > > > However, I get the following exception immediately at "new > InitialContext()" statement: > > > > javax.naming.AuthenticationException: Cannot deternmine server > protocol version: Received null/0.0; nested exception > is: > > java.io.IOException: Unable to read protocol version. Reached > the end of the stream. > > > > The Geronimo console states the following at that moment: > > > > 15:31:20,132 ERROR [EJB] Host <app-host> is not authorized to access > this service. > > java.lang.SecurityException: Host <app-host> is not authorized to > access this service. > > at > org.activeio.xnet.hba.ServiceAccessController.checkHostsAuthorization(Se rviceAccessController.java:78) > > at > org.activeio.xnet.hba.ServiceAccessController.service(ServiceAccessContr oller.java:51) > > at org.activeio.xnet.ServiceLogger.service(ServiceLogger.java:74) > > at > org.activeio.xnet.ServiceDaemon$SocketListener.run(ServiceDaemon.java:15 1) > > at java.lang.Thread.run(Unknown Source) > > > > (here <app-host> replaces the IP address of the machine where I run my > application) > > > > I'm using a default installation of Geronimo 1.0 M5, and Windows XP > SP2 and Sun's JRE 1.4.2_08 on both machines. > > > > The client application's system properties include: > > java.naming.factory.initial=org.openejb.client.RemoteInitialContextFacto ry > > java.naming.provider.url=<geronimo-host>:4201 > > java.naming.security.principal=system > > java.naming.security.credentials=manager > > > > (here <geronimo-host> replaces the name of the machine where Geronimo > is running and principal/credentials are the same I use to login to > Geronimo console) > > > > Also, I've put a local copy of openejb-core-2.0-G1M5.jar to the > application's classpath for context factory to be found. > > > > Could somebody please point me at what I'm doing wrong and how can I > tune Geronimo to accept JNDI connections from the remote machine? > > > > Thanks in advance, > > > > Vasily Zakharov, Intel Managed Runtime Division >
