The problem is constant, whether the JavaWrapper is in user or not.
The Java Version the client is running on is 1.6.0_03.
Main Topics
Browse All Topics
Loading Advertisement...
Question
Java RMI over SSL connection terminating with "no cipher suites in common" message
We have a system where a Java servlet on is connecting to an RMI service with no problem. We need to upgrade the security of the RMI calls to use SSL. Currently when the servlet attempts to contact the RMI service the handshaking fails with a "no cipher suites in common". The problem is there is a common suite, SSL_RSA_WITH_NULL_SHA, so I am thinking this is a permission or security settings problem. I don't know which file to edit and what value to set to get the handshaking to complete successfully.
The following is a listing from the RMI service side of the process.
STATUS | wrapper | 2009/02/09 16:05:22 | --> Wrapper Started as Service
STATUS | wrapper | 2009/02/09 16:05:22 | Launching a JVM...
INFO | jvm 1 | 2009/02/09 16:05:24 | WrapperManager class initialized by thread: main Using classloader: sun.misc.Launcher$AppClass
INFO | jvm 1 | 2009/02/09 16:05:24 | Wrapper (Version 3.2.3) http://wrapper.tanukisoftw
INFO | jvm 1 | 2009/02/09 16:05:24 | Copyright 1999-2006 Tanuki Software, Inc. All Rights Reserved.
INFO | jvm 1 | 2009/02/09 16:05:24 |
INFO | jvm 1 | 2009/02/09 16:05:24 | Wrapper Manager: JVM #1
INFO | jvm 1 | 2009/02/09 16:05:24 | Running a 32-bit JVM.
INFO | jvm 1 | 2009/02/09 16:05:24 | Wrapper Manager: Registering shutdown hook
INFO | jvm 1 | 2009/02/09 16:05:24 | Wrapper Manager: Using wrapper
INFO | jvm 1 | 2009/02/09 16:05:24 | Load native library. One or more attempts may fail if platform specific libraries do not exist.
INFO | jvm 1 | 2009/02/09 16:05:24 | Loading native library failed: wrapper-windows-x86-32.dll
INFO | jvm 1 | 2009/02/09 16:05:24 | Loaded native library: wrapper.dll
INFO | jvm 1 | 2009/02/09 16:05:24 | Calling native initialization method.
INFO | jvm 1 | 2009/02/09 16:05:24 | Initializing WrapperManager native library.
INFO | jvm 1 | 2009/02/09 16:05:24 | Java Executable: D:\Program Files\Java\jre1.6.0_05\bin
INFO | jvm 1 | 2009/02/09 16:05:24 | Windows version: 5.2.3790
INFO | jvm 1 | 2009/02/09 16:05:24 | Java Version : 1.6.0_05-b13 Java HotSpot(TM) Client VM
INFO | jvm 1 | 2009/02/09 16:05:24 | Java VM Vendor : Sun Microsystems Inc.
INFO | jvm 1 | 2009/02/09 16:05:24 |
INFO | jvm 1 | 2009/02/09 16:05:24 | Control event monitor thread started.
INFO | jvm 1 | 2009/02/09 16:05:24 | Startup runner thread started.
INFO | jvm 1 | 2009/02/09 16:05:24 | WrapperManager.start(org.t
INFO | jvm 1 | 2009/02/09 16:05:24 | Communications runner thread started.
INFO | jvm 1 | 2009/02/09 16:05:24 | Open socket to wrapper...Wrapper-Connecti
INFO | jvm 1 | 2009/02/09 16:05:24 | Failed attempt to bind using local port 31000
INFO | jvm 1 | 2009/02/09 16:05:24 | Opened Socket from 31001 to 32000
INFO | jvm 1 | 2009/02/09 16:05:24 | Send a packet KEY : YP65aPGNpcPP_Vve
INFO | jvm 1 | 2009/02/09 16:05:24 | handleSocket(Socket[addr=/
INFO | jvm 1 | 2009/02/09 16:05:24 | Received a packet LOW_LOG_LEVEL : 1
INFO | jvm 1 | 2009/02/09 16:05:24 | Wrapper Manager: LowLogLevel from Wrapper is 1
INFO | jvm 1 | 2009/02/09 16:05:24 | Received a packet PING_TIMEOUT : 30
INFO | jvm 1 | 2009/02/09 16:05:24 | PingTimeout from Wrapper is 30000
INFO | jvm 1 | 2009/02/09 16:05:24 | Received a packet PROPERTIES : (Property Values)
INFO | jvm 1 | 2009/02/09 16:05:24 | Received a packet START : start
INFO | jvm 1 | 2009/02/09 16:05:24 | calling WrapperListener.start()
INFO | jvm 1 | 2009/02/09 16:05:24 | Waiting for WrapperListener.start runner thread to complete.
INFO | jvm 1 | 2009/02/09 16:05:24 | WrapperListener.start runner thread started.
INFO | jvm 1 | 2009/02/09 16:05:24 | WrapperSimpleApp: start(args) Will wait up to 2 seconds for the main method to complete.
INFO | jvm 1 | 2009/02/09 16:05:24 | WrapperSimpleApp: invoking main method
INFO | jvm 1 | 2009/02/09 16:05:24 | Read INI: D:\fsbdev\ini\start.ini
INFO | jvm 1 | 2009/02/09 16:05:25 | Send a packet START_PENDING : 5000
INFO | jvm 1 | 2009/02/09 16:05:26 | Read: D:\fsbdev\ini\action.ini
INFO | jvm 1 | 2009/02/09 16:05:26 | Read: D:\fsbdev\ini\communicator
INFO | jvm 1 | 2009/02/09 16:05:26 | Read: D:\fsbdev\ini\database.ini
INFO | jvm 1 | 2009/02/09 16:05:26 | Send a packet START_PENDING : 5000
INFO | jvm 1 | 2009/02/09 16:05:26 | WrapperSimpleApp: start(args) end. Main Completed=false, exitCode=null
INFO | jvm 1 | 2009/02/09 16:05:26 | WrapperListener.start runner thread stopped.
INFO | jvm 1 | 2009/02/09 16:05:26 | returned from WrapperListener.start()
INFO | jvm 1 | 2009/02/09 16:05:26 | Send a packet STARTED :
INFO | jvm 1 | 2009/02/09 16:05:26 | Startup runner thread stopped.
INFO | jvm 1 | 2009/02/09 16:05:26 | Read: D:\fsbdev\ini\mail.ini
INFO | jvm 1 | 2009/02/09 16:05:26 | Read: D:\fsbdev\ini\messages.ini
INFO | jvm 1 | 2009/02/09 16:05:26 | Store: D:\Program Files\Java\jre1.6.0_05\lib
INFO | jvm 1 | 2009/02/09 16:05:26 | Get Request Object with SSL
INFO | jvm 1 | 2009/02/09 16:05:26 | keyStore is : D:\Program Files\Java\jre1.6.0_05\lib
INFO | jvm 1 | 2009/02/09 16:05:26 | keyStore type is : jks
INFO | jvm 1 | 2009/02/09 16:05:26 | keyStore provider is :
INFO | jvm 1 | 2009/02/09 16:05:26 | init keystore
INFO | jvm 1 | 2009/02/09 16:05:27 | Received a packet PING : ping
INFO | jvm 1 | 2009/02/09 16:05:27 | Send a packet PING : ok
INFO | jvm 1 | 2009/02/09 16:05:27 | init keymanager of type SunX509
INFO | jvm 1 | 2009/02/09 16:05:27 | trustStore is: D:\Program Files\Java\jre1.6.0_05\lib
INFO | jvm 1 | 2009/02/09 16:05:27 | trustStore type is : jks
INFO | jvm 1 | 2009/02/09 16:05:27 | trustStore provider is :
INFO | jvm 1 | 2009/02/09 16:05:27 | init truststore
<long list of trusted certs being added>
INFO | jvm 1 | 2009/02/09 16:05:27 | trigger seeding of SecureRandom
INFO | jvm 1 | 2009/02/09 16:05:27 | done seeding SecureRandom
INFO | jvm 1 | 2009/02/09 16:05:27 | Feb 9, 2009 4:05:27 PM sun.rmi.transport.tcp.TCPE
INFO | jvm 1 | 2009/02/09 16:05:27 | FINE: WrapperSimpleAppMain: localHostKnown = true, localHost = 172.20.110.137
INFO | jvm 1 | 2009/02/09 16:05:27 | Feb 9, 2009 4:05:27 PM sun.rmi.transport.tcp.TCPT
INFO | jvm 1 | 2009/02/09 16:05:27 | FINE: WrapperSimpleAppMain: Version = 2, ep = [172.20.110.137:1152,javax
INFO | jvm 1 | 2009/02/09 16:05:27 | Feb 9, 2009 4:05:27 PM sun.rmi.transport.tcp.TCPE
INFO | jvm 1 | 2009/02/09 16:05:27 | FINE: WrapperSimpleAppMain: created local endpoint for socket factory javax.rmi.ssl.SslRMIServer
INFO | jvm 1 | 2009/02/09 16:05:27 | Feb 9, 2009 4:05:27 PM sun.rmi.transport.tcp.TCPT
INFO | jvm 1 | 2009/02/09 16:05:27 | FINE: WrapperSimpleAppMain: (port 1152) create server socket
INFO | jvm 1 | 2009/02/09 16:05:27 | Feb 9, 2009 4:05:27 PM sun.rmi.transport.tcp.TCPE
INFO | jvm 1 | 2009/02/09 16:05:27 | FINER: WrapperSimpleAppMain: creating server socket on [172.20.110.137:1152,javax
INFO | jvm 1 | 2009/02/09 16:05:27 | Feb 9, 2009 4:05:27 PM sun.rmi.transport.tcp.TCPT
INFO | jvm 1 | 2009/02/09 16:05:27 | FINE: RMI TCP Accept-1152: listening on port 1152
INFO | jvm 1 | 2009/02/09 16:05:27 | Feb 9, 2009 4:05:27 PM sun.rmi.transport.tcp.TCPT
INFO | jvm 1 | 2009/02/09 16:05:27 | FINE: WrapperSimpleAppMain: Version = 2, ep = [172.20.110.137:0]
INFO | jvm 1 | 2009/02/09 16:05:27 | Feb 9, 2009 4:05:27 PM sun.rmi.transport.tcp.TCPE
INFO | jvm 1 | 2009/02/09 16:05:27 | FINE: WrapperSimpleAppMain: created local endpoint for socket factory null on port 0
INFO | jvm 1 | 2009/02/09 16:05:27 | Finalizer, called close()
INFO | jvm 1 | 2009/02/09 16:05:27 | Finalizer, called closeInternal(true)
INFO | jvm 1 | 2009/02/09 16:05:27 | *** 1 Suite: SSL_RSA_WITH_NULL_SHA
INFO | jvm 1 | 2009/02/09 16:05:27 | *** 1 Proto: SSLv3
INFO | jvm 1 | 2009/02/09 16:05:27 | *** Locate Registry ***
INFO | jvm 1 | 2009/02/09 16:05:27 | *** Rebind: RegistryImpl_Stub[UnicastR
INFO | jvm 1 | 2009/02/09 16:05:27 | Feb 9, 2009 4:05:27 PM sun.rmi.transport.tcp.TCPC
INFO | jvm 1 | 2009/02/09 16:05:27 | FINE: WrapperSimpleAppMain: create connection
INFO | jvm 1 | 2009/02/09 16:05:27 | Feb 9, 2009 4:05:27 PM sun.rmi.transport.tcp.TCPE
INFO | jvm 1 | 2009/02/09 16:05:27 | FINER: WrapperSimpleAppMain: opening socket to [172.20.110.137:1099]
INFO | jvm 1 | 2009/02/09 16:05:27 | Feb 9, 2009 4:05:27 PM sun.rmi.transport.proxy.RM
INFO | jvm 1 | 2009/02/09 16:05:27 | FINE: WrapperSimpleAppMain: host: 172.20.110.137, port: 1099
INFO | jvm 1 | 2009/02/09 16:05:28 | *** Connection refused to host: 172.20.110.137; nested exception is:
INFO | jvm 1 | 2009/02/09 16:05:28 | java.net.ConnectException:
INFO | jvm 1 | 2009/02/09 16:05:28 | *** Create ***
INFO | jvm 1 | 2009/02/09 16:05:28 | Feb 9, 2009 4:05:28 PM sun.rmi.transport.tcp.TCPT
INFO | jvm 1 | 2009/02/09 16:05:28 | FINE: WrapperSimpleAppMain: Version = 2, ep = [172.20.110.137:1099,javax
INFO | jvm 1 | 2009/02/09 16:05:28 | Feb 9, 2009 4:05:28 PM sun.rmi.transport.tcp.TCPE
INFO | jvm 1 | 2009/02/09 16:05:28 | FINE: WrapperSimpleAppMain: created local endpoint for socket factory javax.rmi.ssl.SslRMIServer
INFO | jvm 1 | 2009/02/09 16:05:28 | Feb 9, 2009 4:05:28 PM sun.rmi.transport.tcp.TCPT
INFO | jvm 1 | 2009/02/09 16:05:28 | FINE: WrapperSimpleAppMain: (port 1099) create server socket
INFO | jvm 1 | 2009/02/09 16:05:28 | Feb 9, 2009 4:05:28 PM sun.rmi.transport.tcp.TCPE
INFO | jvm 1 | 2009/02/09 16:05:28 | FINER: WrapperSimpleAppMain: creating server socket on [172.20.110.137:1099,javax
INFO | jvm 1 | 2009/02/09 16:05:28 | Feb 9, 2009 4:05:28 PM sun.rmi.transport.tcp.TCPT
INFO | jvm 1 | 2009/02/09 16:05:28 | FINE: RMI TCP Accept-1099: listening on port 1099
INFO | jvm 1 | 2009/02/09 16:05:28 | *** Bind ***
INFO | jvm 1 | 2009/02/09 16:05:28 | *** 2 Suite: SSL_RSA_WITH_NULL_SHA
INFO | jvm 1 | 2009/02/09 16:05:28 | *** 2 Proto: SSLv3
INFO | jvm 1 | 2009/02/09 16:05:28 | Bound DevRequestProcessor on 172.20.110.137 to 1099
INFO | jvm 1 | 2009/02/09 16:05:28 | WrapperSimpleApp: main method completed
<servlet makes RMI over SSL Call>
INFO | jvm 1 | 2009/02/09 16:06:46 | RMI TCP Connection(1)-172.20.195.5
INFO | jvm 1 | 2009/02/09 16:06:46 | RMI TCP Connection(1)-172.20.195.5
INFO | jvm 1 | 2009/02/09 16:06:46 | *** ClientHello, SSLv3
INFO | jvm 1 | 2009/02/09 16:06:46 | RandomCookie: GMT: 1217370608 bytes = { 228, 170, 154, 51, 122, 60, 106, 28, 153, 102, 67, 220, 50, 137, 209, 143, 7, 242, 36, 110, 142, 7, 94, 142, 167, 123, 23, 206 }
INFO | jvm 1 | 2009/02/09 16:06:46 | Session ID: {}
INFO | jvm 1 | 2009/02/09 16:06:46 | Cipher Suites: [SSL_RSA_WITH_NULL_SHA]
INFO | jvm 1 | 2009/02/09 16:06:46 | Compression Methods: { 0 }
INFO | jvm 1 | 2009/02/09 16:06:46 | ***
INFO | jvm 1 | 2009/02/09 16:06:46 | RMI TCP Connection(1)-172.20.195.5
INFO | jvm 1 | 2009/02/09 16:06:46 | RMI TCP Connection(1)-172.20.195.5
INFO | jvm 1 | 2009/02/09 16:06:46 | RMI TCP Connection(1)-172.20.195.5
INFO | jvm 1 | 2009/02/09 16:06:46 | RMI TCP Connection(1)-172.20.195.5
INFO | jvm 1 | 2009/02/09 16:06:46 | Feb 9, 2009 4:06:46 PM sun.rmi.transport.tcp.TCPT
INFO | jvm 1 | 2009/02/09 16:06:46 | FINE: RMI TCP Connection(1)-172.20.195.5
INFO | jvm 1 | 2009/02/09 16:06:46 | javax.net.ssl.SSLHandshake
INFO | jvm 1 | 2009/02/09 16:06:46 | at com.sun.net.ssl.internal.s
INFO | jvm 1 | 2009/02/09 16:06:46 | at com.sun.net.ssl.internal.s
INFO | jvm 1 | 2009/02/09 16:06:46 | at com.sun.net.ssl.internal.s
INFO | jvm 1 | 2009/02/09 16:06:46 | at com.sun.net.ssl.internal.s
INFO | jvm 1 | 2009/02/09 16:06:46 | at com.sun.net.ssl.internal.s
INFO | jvm 1 | 2009/02/09 16:06:46 | at com.sun.net.ssl.internal.s
INFO | jvm 1 | 2009/02/09 16:06:46 | at com.sun.net.ssl.internal.s
INFO | jvm 1 | 2009/02/09 16:06:46 | at com.sun.net.ssl.internal.s
INFO | jvm 1 | 2009/02/09 16:06:46 | at com.sun.net.ssl.internal.s
INFO | jvm 1 | 2009/02/09 16:06:46 | at com.sun.net.ssl.internal.s
INFO | jvm 1 | 2009/02/09 16:06:46 | at com.sun.net.ssl.internal.s
INFO | jvm 1 | 2009/02/09 16:06:46 | at com.sun.net.ssl.internal.s
INFO | jvm 1 | 2009/02/09 16:06:46 | at com.sun.net.ssl.internal.s
INFO | jvm 1 | 2009/02/09 16:06:46 | at java.io.BufferedInputStrea
INFO | jvm 1 | 2009/02/09 16:06:46 | at java.io.BufferedInputStrea
INFO | jvm 1 | 2009/02/09 16:06:46 | at java.io.DataInputStream.re
INFO | jvm 1 | 2009/02/09 16:06:46 | at sun.rmi.transport.tcp.TCPT
INFO | jvm 1 | 2009/02/09 16:06:46 | at sun.rmi.transport.tcp.TCPT
INFO | jvm 1 | 2009/02/09 16:06:46 | at java.util.concurrent.Threa
INFO | jvm 1 | 2009/02/09 16:06:46 | at java.util.concurrent.Threa
INFO | jvm 1 | 2009/02/09 16:06:46 | at java.lang.Thread.run(Unkno
INFO | jvm 1 | 2009/02/09 16:06:46 | RMI TCP Connection(1)-172.20.195.5
INFO | jvm 1 | 2009/02/09 16:06:46 | RMI TCP Connection(1)-172.20.195.5
Note also, we are using Tanukisoft's Javawrapper to run the rmi service as a windows service.
This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.
Subscribe now for full access to Experts Exchange and get
Instant Access to this Solution
- Plus...
- 30 Day FREE access, no risk, no obligation
- Collaborate with the world's top tech experts
- Unlimited access to our exclusive solution database
- Never be left without tech help again
Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.
- "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
- "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
- "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.
See what Experts Exchange can do for you.
Got a question?
We've got the answer.
Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.
Need individual assistance?
Our experts are ready to help.
If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.
Want to learn from the best?
Read articles from industry experts.
Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.
Working on a long term project?
Store your work and research.
Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.
Access the answers to your technology questions today.
30-day free trial. Register in 60 seconds.
What Makes Experts Exchange Unique?
Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.
Trusted by the world's most respected brands.
Faithfully serving IT professionals since 1996.
Try it out and discover for yourself.
30-day free trial. Register in 60 seconds.
Free Tech Articles
-
WARNING: 5 Reasons why you should NEVER fix a computer for free.
It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
-
SCCM OSD Basic troubleshooting
SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
-
Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
-
Create a Win7 Gadget
This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
-
Outlook continually prompting for username and password
There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
-
Backup Exchange 2010 Information Store using Windows Backup
There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...
Cloud Class Webinars
- Avoiding Bugs in Microsoft Access
Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
- Top 10 Best New Features in Visio 2010
Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
- IT Consultant Business Secrets Revealed
Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
- Disaster Recovery and Business Continuity
Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
- Organize Your Visio Diagrams with Containers and Lists
Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
- How to Us Objects, Properties, Events and Methods in Microsoft Access
Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...
Join the Community
Give a Little. Get a Lot.
Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.
Answers
The following code is the Request Server that sets up the RMI service over an SSL socket connection. The Second part are the functions that set up and make the call to the rmi service from within our servlet running on JRun4.
package fsb.lib.process;
import javax.rmi.ssl.*;
import java.security.*;
import java.util.*;
import java.rmi.registry.*;
import java.rmi.server.*;
import java.rmi.*;
import java.io.IOException;
import java.io.File;
import org.apache.log4j.PropertyC
import org.apache.log4j.Logger;
import fsb.lib.*;
public class RequestServer extends Object implements FsbConstants {
private static final String[] SSL_PROTOCOLS = {"SSLv3"};
private static final String[] SSL_SUITES = {"SSL_RSA_WITH_NULL_SHA"};
private static final String DFLT_LOGJ = <filtered>;
private static final String DFLT_C3P0 = <filtered>;
private static final String DFLT_INIF =<filtered>;
private static final String FLAG_HOST = <filtered>;
private static final String FLAG_RECV = <filtered>;
private static final String FLAG_SEND = <filtered>;
private static final String FLAG_NAME = <filtered>;
private static final String FLAG_INIF = <filtered>;
private static final String FLAG_C3P0 = <filtered>;
private static final String FLAG_LOGJ = <filtered>;
private static final String FLAG_TIME = <filtered>;
private static final String DFLT_NAME = <filtered>;
private static final String DFLT_HOST = <filtered>;
private static final int DFLT_RECV = <filtered>;
private static final int DFLT_SEND = <filtered>;
private static final int NO_INDEX = <filtered>;
private static final int LOG_TIMES = <filtered>;
private static final int OTHR_SIZE = <filtered>;
/*************************
private static Logger logger;
private SslRMIServerSocketFactory ssf = null;
private SslRMIClientSocketFactory csf = null;
/*************************
/**
* Checks to see if the index is within the proper range for the
* command line argument
*
* @param ndx the index to be checked
* @param args the command line arguments
*
* @return true if the index is withing the range, false otherwise
*/
protected static boolean inRange(int ndx, String[] args) {
//an argument index is in the valid range if its greater then 0 and less then the length of the argument list
return ((FIRST < ndx) && (ndx < args.length));
}
/**
* Locates and returns a the index of the item following the flag value
*
* @param flag the value to be located in the array of String
* @param args the command line arguments
*
* @return the index of the value following the flag
*/
protected static int getIndex(String flag, String[] args) {
//locate the flag in the arry, return the index of the next element in the array
for(int x=FIRST; x<args.length; x++) if (args[x].equals(flag)) return (x + NEXT_INDEX);
//if the flag is not found return a nonexistant index
return NO_INDEX;
}
/**
* Locate and return the RMI Registry Port in the command line
* argumnts, if it is not there return the default RMI Registry
* Port
*
* @param arguments the command line arguments
*
* @return the port for the RMI Registry to listen on
*/
protected static String getHostName(String[] arguments) {
int index = getIndex(FLAG_HOST, arguments);
if (inRange(index, arguments)) return arguments[index];
return DFLT_HOST;
}
/**
* Locate and return the RMI Registry Port in the command line
* argumnts, if it is not there return the default RMI Registry
* Port
*
* @param arguments the command line arguments
*
* @return the port for the RMI Registry to listen on
*/
protected static int getReceivePort(String[] arguments) {
int index = getIndex(FLAG_RECV, arguments);
if (inRange(index, arguments)) return Lib.getIntFor(arguments[in
return DFLT_RECV;
}
/**
* Locate and return the Request Handler Port in the command line
* argumnts, if it is not there return the default Request Handler
* Port
*
* @param arguments the command line arguments
*
* @return the port for the Request Handler to listen on
*/
protected static int getSendPort(String[] arguments) {
int index = getIndex(FLAG_SEND, arguments);
if (inRange(index, arguments)) return Lib.getIntFor(arguments[in
return DFLT_SEND;
}
/**
* Locate and return type of service that is to be run on the RMI Registry
*
* @param arguments the command line arguments
*
* @return the type string for the rmi service
*/
protected static String getServiceName(String[] arguments) {
int index = getIndex(FLAG_NAME, arguments);
if (inRange(index, arguments)) return arguments[index];
return DFLT_NAME;
}
/**
* Locate and return the INI file in the command line argumnts, if
* it is not there return the default INI file
*
* @param arguments the command line arguments
*
* @return the absolute path for the INI File
*/
protected static String getIniFilePath(String[] arguments) {
int index = getIndex(FLAG_INIF, arguments);
if (inRange(index, arguments)) return arguments[index];
return DFLT_INIF;
}
/**
* Locate and return the Log4J properties file in the command line
* argumnts, if it is not there return the default file
*
* @param arguments the command line arguments
*
* @return the absolute path for the Log File
*/
protected static String getLogFile(String[] arguments) {
int index = getIndex(FLAG_LOGJ, arguments);
if (inRange(index, arguments)) return arguments[index];
return DFLT_LOGJ;
}
/**
* Locate and return the C3P0 properties file from the command
* line argumnts, if it is not there return the default file
*
* @param arguments the command line arguments
*
* @return the absolute path for the C3P0 File
*/
protected static String getC3P0File(String[] arguments) {
int index = getIndex(FLAG_C3P0, arguments);
if (inRange(index, arguments)) return arguments[index];
return DFLT_C3P0;
}
/**
* prepare the current System object to create an SSL Connection
*/
protected static void initSSLConnection(String keyStore, String keyPassword) {
//Assert what needs to be bebuggedd
System.setProperty("javax.
//Assert the location of the Keystore for the SSL Connections
System.setProperty(KEY_STO
//Assert the Password for the SSL keystore
System.setProperty(KEY_PSW
}
/**
* Create and Return an SSL RMI Client Socket Factory
*
* @return a fully instantiated SSL RMI Client Socket
*/
protected RMIClientSocketFactory getClientSocket() {
if (csf == null) csf = new SslRMIClientSocketFactory(
return csf;
}
/**
* Create and Return an SSL RMI Server Socket Factory
*
* @return a fully instantiated SSL RMI Server Socket
*/
protected RMIServerSocketFactory getServerSocket() {
if (ssf == null) ssf = new SslRMIServerSocketFactory(
return ssf;
}
/**
* Create and Return a Request Handler
*
* @return a Request Handler
*/
protected Request getRequestHandler() throws RemoteException {
//Create the Request Handler that will be handling the RMI Service Calls
return (Request)new RequestHandler();
}
/**
* Return a link to the RMI Registry that is running on the supplied host and listening on the supplied port
*
* @param host the host the RMI service is running on
* @param recv the socket the RMI Service is listening on
*
* @return an RMI Stub as a Request Object
*/
protected Registry getRMIRegistry() throws RemoteException { return getRMIRegistry(DFLT_RECV);
protected Registry getRMIRegistry(int recv) throws RemoteException {
//Start the RMI Registry running and return a link to it
return LocateRegistry.createRegis
}
/**
* Create and Return an RMI Stub Object Using a Secure Socket Language Connection
*
* @param send the socket part the RMI Communication will pass through
*
* @return an RMI Stub as a Request Object
*/
protected Request getRequestStub() throws RemoteException { return getRequestStub(DFLT_SEND);
protected Request getRequestStub(int send) throws RemoteException {
//Export the Service
return (Request) UnicastRemoteObject.export
}
/**
* Bind the Request Handler to the local registry
*
* @param host the system that the registy is to be located on
* @param recv the socket the registry will be listening on
* @param send the socket the registry will be forwarding too
* @param srvc the name of the service the registry will bind to
*
* @return True if the registry can be successfully bound to
*
* @throws RemoteException if cannot get a handle to nor create a registry object
* @throws AccessException the registry is local and deies the system access to it
* @throws AlreadyBoundException if srvc is already bound
*
*/
protected boolean bindToRegistry(int recv, int send, String srvc) throws RemoteException, AccessException, AlreadyBoundException {
Registry registry = null;
Request request = null;
try {
//get a stub link to the request processor
request = getRequestStub(send);
//get a handle to any existing registry
registry = LocateRegistry.getRegistry
//rebind to the request service to the registry
registry.rebind(srvc, request);
}
//if the locate failed then there is no registry to bind to
catch(RemoteException re) {
//if there is no request handler throw the exception
if (request == null) throw re;
//otherwise no registry exist so have the system create & return one
registry = getRMIRegistry(recv);
//bind the request service to the new registry
registry.bind(srvc, request);
}
return true;
}
/**
* Report the successful start of the RMI Service
*
* @param mesage the message that the serviced succeeded in starting
*/
protected void reportSuccess(String message) {
//inform the system of a successful start
System.out.println(message
//Log the successful starting of the service
logger.info(message);
}
/**
* Report the unsuccessful start of the RMI Service in the logs
*
* @param message The error message for the failed survice
*/
protected void reportFailure(String message) { logger.error(message); }
/**
* Report the unsuccessful start of the RMI Service in the logs
*
* @param message The error message for the failed survice
* @param excp the exception thrown that caused the service failure
*/
protected void reportFailure(String message, Exception excp) {
//Build the complete error message
String report = message.concat(" due too ").concat(excp.getLocalize
//inform the system of the failed start
System.err.println(report)
//Log the message of the failed start
logger.error(report);
//also print the execution stack trace
excp.printStackTrace();
}
/*************************
/**
* Constructor for a Request Server object. This object sets up the
* links between the RMI Registry listening on the rcv port and the
* RequestHandler listening on the snd port
*
* @param host The address of the hosting system
* @param recv The port the RMI Registry is listening on
* @param send The port the Request Service will be listening on
* @param service The name the service will be bound too
*
*/
public RequestServer(String host, int recv, int send, String service) {
//build the base line message for the server that is to be set up
String message = service.concat(" on ").concat(host).concat(" to ").concat(Integer.toString
//Start the log4J service with the Request server
logger = Logger.getLogger(INIData.g
try {
//try to bind the service to the registry and report the results
if (bindToRegistry(recv, send, service)) reportSuccess("Bound ".concat(message));
else reportFailure("Could not bind ".concat(message));
}
catch (Exception excp) {
//Report the exception that caused the failure
excp.printStackTrace();
//report that the service failed to start
reportFailure("Could not bind ".concat(message), excp);
}
}
/**
* The overall start point for the entire RMI Service for processing the web
* page data and directing the user to the next page. There should be 4
* command line arguments supplied to the program. The -p arg is the port
* the service is listening on and the the -r arg is the rmi port that the
* requests are sent to. The -i arg is the applications cascading INI file.
* The -l arg is the logging properties file.
*
* @param argv the argument vector from the operating system's command line
*/
public static void main(String[] argv) {
//Configure the log4j logging system with its appropriate properties file
PropertyConfigurator.confi
//Load the System wide INI File data using the cascading INI file object
INIData.load(new File(getIniFilePath(argv))
//Tell the system where to find the keystore and its password
initSSLConnection(INIData.
//Start the RMI service running and listening on the given port
new RequestServer(getHostName(
}
}
/*************************
/*************************
/*************************
/*
* Set up the logging from the logging properties file
*/
private void initLogging() {
PropertyConfigurator.confi
logInfo = Logger.getLogger(getInitPa
}
/*
* Set up the SSL properties need to make RMI connection
*/
private void initSystemFlags() {
System.setProperty("javax.
System.setProperty(CIPHER_
System.setProperty(CPHR_PR
System.setProperty(TRUST_S
System.setProperty(TRUST_P
}
/*
* get the registry values from the web.xml file
*/
private void initRegistry() {
try {
rmiHost = getInitParameter(RMI_HOST_
rmiName = getInitParameter(RMI_SERVI
rmiPort = Integer.parseInt(getInitPa
}
catch(NumberFormatExceptio
if (logInfo == null) System.err.println("RMI Port Failed to Load: "+nfe.getLocalizedMessage(
else logInfo.error("RMI Port Failed to Load: "+nfe.getLocalizedMessage(
nfe.printStackTrace();
rmiPort = BAD_PORT;
}
}
/*
* The servlet init function, sets up system values for the servlet
*/
public void init() {
try {
super.init();
initSystemFlags();
if (logInfo == null) initLogging();
if (rmiPort == BAD_PORT) initRegistry();
if (csf == null) csf = new SslRMIClientSocketFactory(
}
catch(ServletException se) {
if (logInfo == null) System.err.println("Servle
else logInfo.error("Servlet Single Sign On Failed to Initialize: "+se.getLocalizedMessage()
se.printStackTrace();
}
}
/*************************
/*
* The RMI Call to the Request Handler service behind the fire wall
*
* @param data the data for the request
*
* @return a request response object
*
*/
private Response getRequest(Datatable data) {
Registry registry = null;
Response response = null;
Request request = null;
try {
logInfo.debug("Call RMI: "+rmiHost+":"+rmiPort+"/"+
//locate the registy
registry = LocateRegistry.getRegistry
//find the request handler
request = (Request)registry.lookup(r
//get the response from the request handler
response = request.handle(data);
logInfo.debug("Response: "+response);
}
catch(NotBoundException nbe) {
//print out the exception stack trace
nbe.printStackTrace();
//log the error that occurred
logInfo.error("Could Not Locate RMI Service: "+nbe.getLocalizedMessage(
//Build the default response object
response = (new Response(Response.PAGE_NO_
}
catch(RemoteException re) {
//print out the exception stack trace
re.printStackTrace();
//log the error that occurred
logInfo.error("Could Not Create RMI Socket Connection: "+re.getLocalizedMessage()
//Build the default response object
response = (new Response(Response.PAGE_NO_
}
catch(Exception excp) {
//print out the exception stack trace
excp.printStackTrace();
//log the error that occurred
logInfo.error("Unforeseen Exception in RMI Call: "+excp.getLocalizedMessage
//Build the default response object
response = (new Response(Response.PAGE_NO_
}
//return the response
return response;
}
OK, I see the point of confusion. All the code below the three lines of stars is from the servlet that acts as the client for the RMI Service. Unfortunately I can't put the entire servlet up because it contains to much proprietary information. In the servlet the definitions are:
private static final String SSL_PROTOCOLS = "SSLv3";
private static final String SSL_SUITES = "SSL_RSA_WITH_NULL_SHA";
We did lots of tests today involving our cacerts file. It seems that the line:
System.setProperty(TRUST_S
effects all the instances in our cold fusion system. So this may not be usable with out other applications. We were able to to create an SSL socket using our cacerts file and some simple ssl client and server code from Sun's web site outside of cold fusion and RMI. Both the client and server processes had long lists of encryption suites available to then. They was no problem with the handshaking, the connections were established and the data transferred. When we run with the RMI service on the server and inside JRun on the client, we still get the "no cipher suite in common message."
> effects all the instances in our cold fusion system.
correct it sets system properties for the whole vm
> When we run with the RMI service on the server and inside JRun on the client, we still get the "no cipher suite in common message."
Am wondering if the rmi security manager is involved somehow (may well not be)
found this thread that may help
http://forums.sun.com/thre
After long and extensive set test, the problem does appear to have something to doe with RMI. As per your suggested thread I pulled all the assertions dealing with the suites and protocols, generated a new key. Basically starting all over, the client side then sent requests with long lists of possible suites. Did the same on the rmi server side, but still got the "No Ciper Suite In Common" error message. I've tried it with no suites asserted, a small list of asserted suites and a large list of asserted suites but to no avail, the "No Ciper Suite In Common" error message remains. Do you have any idea what needs to be changed?
3 Ways to Join
Business Accounts
- Perfect for organizations
- Multiple users
- Save over 36%
- Create a Business Account
Answer for Membership
- Earn free access
- Showcase your knowledge
- No credit card required
- Sign Up to Answer
Loading Advertisement...
by: objectsPosted on 2009-02-13 at 16:49:04ID: 23638629
do get the same problem without Javawrapper involved?
what version of java is the client running?