I'm attempting to monitor a Websphere 7 ennvironment using MBeans, but running into numerous problems. First, I receive the following exception when using the code posted below:
com.ibm.websphere.management.exception.ConnectorException: Could not
create RMI Connector to connect to host localhost at port 2809
Here is the code generating the exception:
import java.util.Properties;
import com.ibm.websphere.management.AdminClient;
import com.ibm.websphere.management.AdminClientFactory;
public class JustAdminClient {
private AdminClient adminClient;
private void initialize() throws Exception {
try {
// Initialize the AdminClient.
Properties adminProps = new Properties();
adminProps.setProperty("type", AdminClient.CONNECTOR_TYPE_RMI);
adminProps.setProperty(AdminClient.CONNECTOR_SECURITY_ENABLED, "false");
adminProps.setProperty(AdminClient.CONNECTOR_HOST, "localhost");
adminProps.setProperty(AdminClient.CONNECTOR_PORT, "2809");
adminClient = AdminClientFactory.createAdminClient(adminProps);
} catch (Exception ex) {
ex.printStackTrace(System.out);
throw ex;
}
} // end method
/**
* #param args
*/
public static void main(String[] args) {
JustAdminClient adClient = new JustAdminClient();
try {
adClient.initialize();
} catch (Exception e) {
e.printStackTrace();
}
} // end main
} // end class
Second, I'm running WAS standalone with security disabled. Do I need to configure any self-signed certs?
My security.xml shows:
<security:Security xmi:version="2.0" xmlns:xmi="http://www.omg.org/XMI"
xmlns:orb.securityprotocol="http://www.ibm.com/websphere/appserver/schemas/5.0/orb.securityprotocol.xmi"
xmlns:security="http://www.ibm.com/websphere/appserver/schemas/5.0/security.xmi" xmi:id="Security_1"
useLocalSecurityServer="true" useDomainQualifiedUserNames="false"
issuePermissionWarning="true" activeProtocol="BOTH"
enforceJava2Security="false" enforceFineGrainedJCASecurity="false"
appEnabled="true" dynamicallyUpdateSSLConfig="true"
allowBasicAuth="true" activeAuthMechanism="LTPA_1"
activeUserRegistry="LocalOSUserRegistry" enabled="false" cacheTimeout="600"
defaultSSLSettings="SSLConfig_RXCW510MONNode01_1" adminPreferredAuthMech="RSAToken_1">
per the link: http://www-01.ibm.com/support/docview.wss?uid=swg21295051
Note, I can contact port 2809 two ways, via WSadamin and a Java prog containing the following:
private void connect(String host,String port) throws Exception
{
String jndiPath="/WsnAdminNameService#JMXConnector";
JMXServiceURL url = new JMXServiceURL("service:jmx:iiop://"+host+"/jndi/corbaname:iiop:"+host+":"+port+jndiPath);
System.out.println("URL = " + url);
//JMXServiceURL url = new JMXServiceURL("service:jmx:iiop://192.168.0.175:9100/jndi/JMXConnector");
Hashtable h = new Hashtable();
//Specify the user ID and password for the server if security is enabled on server.
//Establish the JMX connection.
System.out.println("Before JMXConnector");
JMXConnector jmxc = JMXConnectorFactory.connect(url, h);
//Get the MBean server connection instance.
System.out.println("Before getMBeanServerConnection");
mbsc = jmxc.getMBeanServerConnection();
System.out.println("Connected to Application Server");
} // end method
Any ideas? I'm lost and apologize for the long thread, but better to see the info upfront.
Resolved my problem using the follwoing example code snippet and notations. Note, pay particular attention to thrown exception and messages re: mssing classes; i.e. focusing on the message "could not create" message may mislead you
requires the following jar files:
%WAS_HOME%\runtimes\com.ibm.jaxws.thinclient_7.0.0.jar
%WAS_HOME%\plugins\com.ibm.ws.runtime.jar
%WAS_HOME%\plugins\deploytool\itp\com.ibm.websphere.v7_7.0.0.v20080817\wasJars\com.ibm.ws.admin.core.jar
%WAS_HOME%\runtimes\com.ibm.ws.admin.client_7.0.0.jar requires
CONNECTOR_TYPE_SOAP. CONNECTOR_TYPE_RMI fails to connect; maybe a jar issue based on the stack trace messages
public class JMXAdminClientSimple {
`private AdminClient adminClient;
private ObjectName nodeagent = null;
public void initialize() throws Exception {
try {
// Initialize the AdminClient.
Properties props = new Properties();
props.setProperty(AdminClient.CONNECTOR_HOST, "localhost");
props.setProperty(AdminClient.CONNECTOR_PORT, "8880");
props.setProperty(AdminClient.CONNECTOR_TYPE, AdminClient.CONNECTOR_TYPE_SOAP);
props.setProperty(AdminClient.CONNECTOR_SECURITY_ENABLED, "false");
props.setProperty(AdminClient.USERNAME, "");
props.setProperty(AdminClient.PASSWORD, "");
adminClient = AdminClientFactory.createAdminClient(props);
} catch (Exception ex) {
ex.printStackTrace(System.out);
throw ex;
}
}`
To use the AdminClient API with security disabled on a Sun/Oracle JRE, you need the following JARs in the classpath:
runtimes/com.ibm.ws.admin.client_7.0.0.jar
runtimes/com.ibm.ws.ejb.thinclient_7.0.0.jar
runtimes/com.ibm.ws.orb_7.0.0.jar
With these JARs, RMI should also work.
Related
This might sound silly but I am encountering this behavior. I am using JNDI for LDAP authentication. I have a demo program setup, where the authentication fails upon providing incorrect credentials, but the same seems to go through in a Spring controller method(I'm making a post call from a react app).
Plain Java implementation
import java.util.Properties;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
public class Demo {
public static void main(String[] args) {
Properties environment = new Properties();
String userDomain = "#region.company.net";
environment.setProperty(DirContext.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
environment.setProperty(DirContext.PROVIDER_URL, "ldap://region.company.net:3268");
environment.setProperty(DirContext.SECURITY_AUTHENTICATION, "simple");
environment.setProperty(DirContext.SECURITY_PRINCIPAL, "userId"+userDomain);
environment.setProperty(DirContext.SECURITY_CREDENTIALS, "wrongPassword");
try {
DirContext context = new InitialDirContext(environment);
System.out.println("Authentication Successful !!!\n\n");
} catch (NamingException e) {
System.out.println("Authentication Failed !!!\n\n");
e.printStackTrace();
}
}
}
Controller implementation
#PostMapping("/authenticateUser")
public String authenticateUser(#RequestBody HashMap<String, String> user) {
Properties environment = new Properties();
String userDomain = "#region.company.net";
environment.setProperty(DirContext.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
environment.setProperty(DirContext.PROVIDER_URL, "ldap://region.company.net:3268");
environment.setProperty(DirContext.SECURITY_AUTHENTICATION, "simple");
// environment.setProperty(DirContext.SECURITY_PRINCIPAL, "userId"+userDomain);
environment.setProperty(DirContext.SECURITY_CREDENTIALS, "wrongPassword");
try {
DirContext context = new InitialDirContext(environment);
System.out.println("Authentication Successful !!!\n\n");
} catch (NamingException e) {
System.out.println("Authentication Failed !!!\n\n");
e.printStackTrace();
}
return "Method executed successfully";
}
After providing incorrect password, if I execute this code then it prints Authentication Failed !!! which is expected, but when I insert this same code in a controller's method, it prints Authentication Successful !!!.
Shouldn't both behave in the same way? I find this behavior pretty weird. Perhaps, I am overlooking something?
EDIT 1 : START
It appears the line that sets the SECURITY_PRINCIPAL was commented out in case of the Spring Controller. I have commented out that part of code.
This now gives rise to another question as to why it never threw any exception ?
Not sure if I should ask this in a separate post.
Is it a proper way to authenticate by passing Username(like abc#xyz.com) as SECURRITY_PRINCIPAL or one should pass the entry path ?
EDIT 1 : END
There are three different tables (OPTIONS, FIELDS and DATA) in import parameter "QUERY_TABLE" = "LTAP".
I created a java program to display column FIELDNAME from the table FIELDS with helping function RFC_READ_TABLE.
It always appears Error com.sap.conn.jco.AbapException: (126) TABLE_NOT_AVAILABLE: TABLE_NOT_AVAILABLE Message 300 of class DA type E, when I call the method step2WorkWithTable().
Can anybody explain the error? And how to fix it?
My codes:
import java.util.Properties;
import com.sap.conn.jco.AbapException;
import com.sap.conn.jco.JCoDestination;
import com.sap.conn.jco.JCoDestinationManager;
import com.sap.conn.jco.JCoException;
import com.sap.conn.jco.JCoFunction;
import com.sap.conn.jco.ext.DestinationDataProvider;
import com.sap.conn.jco.JCoStructure;
import com.sap.conn.jco.JCoTable;
public class RFC_Read_Table {
public static void main(String[] args) throws JCoException
{
System.out.println("Step1: connect SAP without Pool");
step1Connect();
System.out.println("");
System.out.println("Step2: call RFC_Read_Table ");
step2WorkWithTable();
System.out.println("--------------------------------");
System.out.println("finished");
}
static {
String DESTINATION_NAME1 = "mySAPSystem";
Properties connectProperties = new Properties();
connectProperties.setProperty(DestinationDataProvider.JCO_ASHOST, "ABC");
connectProperties.setProperty(DestinationDataProvider.JCO_SYSNR, "33");
connectProperties.setProperty(DestinationDataProvider.JCO_SAPROUTER, "/A/123/");
connectProperties.setProperty(DestinationDataProvider.JCO_CLIENT, "100");
connectProperties.setProperty(DestinationDataProvider.JCO_USER, "UserID");
connectProperties.setProperty(DestinationDataProvider.JCO_PASSWD, "Passwort");
connectProperties.setProperty(DestinationDataProvider.JCO_LANG, "de");
createDestinationDataFile(DESTINATION_NAME1, connectProperties);
}
private static void createDestinationDataFile(String destinationName, Properties connectProperties) {
File destCfg = new File(destinationName+".jcoDestination");
try
{
FileOutputStream fos = new FileOutputStream(destCfg, false);
connectProperties.store(fos, "for tests only !");
fos.close();
}
catch (Exception e)
{
throw new RuntimeException("Unable to create the destination files", e);
}
}
public static void step1Connect() throws JCoException
{
try {
JCoDestination destination = JCoDestinationManager.getDestination("mySAPSystem");
System.out.println("connected");
destination.ping();
} catch (JCoException e) {
e.printStackTrace();
System.out.println("not connected");
}
}
public static void step2WorkWithTable() throws JCoException
{
JCoDestination destination = JCoDestinationManager.getDestination("mySAPSystem");
JCoFunction function = destination.getRepository().getFunction("RFC_READ_TABLE");
if (function == null)
throw new RuntimeException("RFC_Read_Table not found in SAP.");
try
{
function.execute(destination);
}
catch(AbapException e)
{
System.out.println(e.toString());
return;
}
function.getImportParameterList().setValue("QUERY_TABLE","LTAP");
JCoTable codes = function.getTableParameterList().getTable("FIELDS");
codes.appendRow();
for (int i = 0; i < codes.getNumRows(); i++)
{
codes.setRow(i);
System.out.println(codes.getString("FIELDNAME"));
}
codes.firstRow();
for (int i = 0; i < codes.getNumRows(); i++, codes.nextRow())
{
function = destination.getRepository().getFunction("RFC_READ_TABLE");
if (function == null)
throw new RuntimeException("RFC_READ_TABLE not found in SAP.");
function.getImportParameterList().setValue("FIELDNAMEID", codes.getString("FIELDNAME"));
try
{
function.execute(destination);
}
catch (AbapException e)
{
System.out.println(e.toString());
return;
}
JCoStructure detail = function.getExportParameterList().getStructure("FIELDS");
System.out.println(detail.getString("FIELDNAME"));
}
}
}
There is nothing wrong with your JCo code. The error message comes from the SAP system. So you need to check in the SAP system, what that error code means. This can be done in transaction SE91. You enter message class = "DA" and message number = "300" and click display.
I did this for you, and the result is:
"No active nametab exists for &"
where '&' needs to be replaced by the input, which is "LTAP" in this case. So we have "No active nametab exists for LTAP".
This error basically means: the database table "LTAP" exists on the database, but has not yet been activated in the ABAP DDIC. (Perhaps because it still contains a syntax error, or a required data element/domain is missing, etc.)
Solution: go to transaction SE11 and try to activate the table. This will probably give you an error message about what is wrong with this table. Fix all the syntax errors, activate it, and then you can use it.
Note: if LTAP is a standard table delivered by SAP, this error probably means that something went wrong when installing a transport/hotpackage from SAP that contained modifications to this table. In this case you should better contact SAP support to get the table back into a "consistent" state again.
I see you are connecting to an ABAP system using JCoDestinationManager. It means your are using the properties from mySAPSystem destination. Please check if the mySAPSystem connects to a proper ABAP system.
What are these lines are needed for
Properties connectProperties = new Properties();
connectProperties.setProperty(DestinationDataProvider.JCO_ASHOST, "ABC");
connectProperties.setProperty(DestinationDataProvider.JCO_SYSNR, "33");
connectProperties.setProperty(DestinationDataProvider.JCO_CLIENT, "100");
connectProperties.setProperty(DestinationDataProvider.JCO_USER, "UserID");
connectProperties.setProperty(DestinationDataProvider.JCO_PASSWD, "Passwort");
connectProperties.setProperty(DestinationDataProvider.JCO_LANG, "de");
I don't see them to be used anywhere in your program. It seems their are not applied to your connection...
I'm trying to use JSch in Java to connect to one of my EC2 instances, but keep getting an "UnknownHostKey" exception message. Here's is (part of) my code:
import com.jcraft.jsch.*;
import java.io.*;
public class JSchTest {
private String serverIp;
public void testSshConnection() {
try {
JSch jsch = new JSch();
jsch.addIdentity("C:\\Users\\Administrator\\.ssh\\id_rsa");
Session session = jsch.getSession("ec2-user", serverIp, 22);
session.connect(30000); // <-- this is where the exception is thrown
ChannelExec channel = (ChannelExec)session.openChannel("shell");
// more code here...
channel.disconnect();
session.disconnect();
} catch (JSchException|IOException ex) {
ex.printStackTrace();
}
}
public void setServerIp(String serverIp) {
this.serverIp = serverIp;
}
}
I've already added my public key to the authorized_keys file on the EC2 instance that I'm connecting to, and I know it works because I can connect to it using PuTTY. However as soon as I hit the line with the session.connect() in it, I get an exception like this:
com.jcraft.jsch.JSchException: UnknownHostKey: 10.114.2.115. RSA key fingerprint is 63:04:cf:60:4a:1d:47:35:12:0e:56:4f:5b:0a:c9:d4
What am I missing? How can I get this to connect?
Try this:
java.util.Properties config = new java.util.Properties();
config.put("StrictHostKeyChecking", "no");
session.setConfig(config);
As per this link.
This is my code:
public class TestConnection {
public static void main(String[] args) {
String password = "s3cret";
Map<String, String> env = new HashMap<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://localhost:389/dc=userdev,dc=local");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
//env.put(Context.SECURITY_PRINCIPAL, "uid="+ username +"cn=users"); // replace with user DN
env.put(Context.SECURITY_PRINCIPAL, "cn=dcmanager,cn=users,dc=userdev,dc=local"); // replace with user DN
env.put(Context.SECURITY_CREDENTIALS, password);
DirContext ctx = null;
try {
ctx = new InitialDirContext();
} catch (NamingException e) {
// handle
}
try {
SearchControls controls = new SearchControls();
controls.setSearchScope( SearchControls.SUBTREE_SCOPE);
ctx.search( "", "(objectclass=person)", controls);
// no need to process the results
} catch (NameNotFoundException e) {
e.printStackTrace();
System.out.println("catch 1");
// The base context was not found.
// Just clean up and exit.
} catch (NamingException e) {
System.out.println("catch 2");
e.printStackTrace();
// exception handling
} finally {
// close ctx or do Java 7 try-with-resources http://docs.oracle.com/javase/tutorial/essential/exceptions/tryResourceClose.html
}
}
}
I got this error (catch 2) :
javax.naming.NoInitialContextException: Need to specify class name in environment or system property, or as an applet parameter, or in an application resource file: java.naming.factory.initial
I have looked for a lot of solutions, but I don't get the error.
Where is the problem?
Maybe the context, but I think that the code is perfectly correct.
You have to construct the InitialDirContext object using the env map you have populated.
i.e. use the following code to construct it;
ctx = new InitialDirContext(env);
For JBOSS AS
create initialContext
public static final String PKG_INTERFACE="org.jboss.ejb.client.naming";
public static Context initialContext;
public static Context getInitialContext() throws NamingException{
if(initialContext==null){
Properties properties=new Properties();
properties.put(Context.URL_PKG_PREFIXES, PKG_INTERFACE);
initialContext=new InitialContext(properties);
}
public static final String PKG_INTERFACE="org.jboss.ejb.client.naming";
check you are passing correct Sring i.e. "org.jboss.ejb.client.naming" in PKG_INTERFACE .
create a file jboss-ejb-client.properties put it in the root of ejbModule and add ejbModule folder to classpath.
contents for jboss-ejb-client.properties
remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false
remote.connections=default
remote.connection.default.host=localhost
remote.connection.default.port = 4447
remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false
This should be ctx = new InitialDirContext(env, null);, with env being a hashtable.
I wish to use jdbc to connect to a remote mysql database that has recently been secured via ssl. I found a simple example java program to test the connection. The connection fails and complains that the keystore file can not be found. I verify that the keystore is indeed where I say it is in the code. At least I think I do. The test application looks like this:
import java.io.File;
import java.sql.*;
public class TestMySQLSSL {
public static void main (String[] args)
{
Connection con = null;
System.getProperties().setProperty("javax.net.debug","all");
System.getProperties().setProperty("javax.net.ssl.keyStore","c:\\LiferayStuff\\bundles\\liferay-portal-6.0.6\\tomcat-6.0.29\\jrel.6.0_20\\keystore");
System.getProperties().setProperty("javax.net.ssl.keyStorePassword","####");
System.getProperties().setProperty("javax.net.ssl.trustStore","c:\\LiferayStuff\\bundles\\liferay-portal-6.0.6\\tomcat-6.0.29\\jrel.6.0_20\\truststore");
System.getProperties().setProperty("javax.net.ssl.trustStorePassword","####");
try
{
String url = "jdbc:mysql://xxx.xxx.xxx.xxx:3306/isc"+
"?verifyServerCertificate=true"+
"&useSSL=true"+
"&requireSSL=true";
String user = "*******";
String password = "******";
Class dbDriver = Class.forName("com.mysql.jdbc.Driver");
boolean filelives;
filelives = new File("c:/LiferayStuff/bundles/liferay-portal-6.0.6/tomcat-6.0.29/jre1.6.0_20/keystore").exists();
System.out.println("keystore " + filelives);
con = DriverManager.getConnection(url, user, password);
}
catch (Exception ex)
{
ex.printStackTrace();
}
finally
{
if (con != null)
{
try
{
con.close();
}
catch (Exception e){}
}
}
}
}
the first bit of the output I get looks like this:
keystore true
keyStore is : c:/LiferayStuff/bundles/liferay-portal-6.0.6/tomcat-6.0.29/jrel.6.0_20/keystore
keyStore type is : jks
keyStore provider is :
default context init failed:java.security.PrivilegedActionException:java.io.FileNotFoundException: c:\LiferayStuff\bundles\liferay-portal-6.0.6\tomcat-6.0.29\jrel.6.0_20\keystore (The system cannot find the path specified)
com.mysql.jdbc.CommunicationsException: Communications link failure due to underlyingexception:
** BEGIN NESTED EXCEPTION **
com.mysql.jdbc.CommunicationsException
MESSAGE: Communications link failure due to underlying exception:
** BEGIN NESTED EXCEPTION **
The keystore file is there but I suspect there may be something wrong with it. I am running the application on windows. Are there perhaps permission issues with the file? Any help would be appreciated.
Regards,
Dave Semeraro
It turns out the database admin had blocked all but a single ip access to the server. Once my IP was added I was able to get the code above to work. Sorry for wasting everyone's time.