Help coderanch get a
new server
by contributing to the fundraiser

Eskil Lind

Greenhorn
+ Follow
since Apr 05, 2003
Merit badge: grant badges
For More
Cows and Likes
Cows
Total received
In last 30 days
0
Forums and Threads

Recent posts by Eskil Lind

Is it possible somehow to run launchClient.bat on a client where WebSphere is not installed ?
I guess this should be possible if the necceseary JAR-files and websphere-files is copied over to the client.
==> does someone know what websphere-files to copy to the client ?
20 years ago
My environment is WebSphere Application Server (WAS) 5.0.
In my test environment I am not using SSL and there I can use launchClient.bat successfully to connect to websphere (rmi).
In my production-environment we have SSL and Global security enabled in WAS.
We use a certificate from Thawte successfully with HTTP-server and WAS, but when I try to use the same certificate (jks-file) with launchClient.bat I got the following error:
CAUGHT_EXCEPTION_WHILE_CONFIGURING_SSL_CLIENT_SOCKET: JSSL0080E: javax.net.ssl.SSLHandshakeException - The client and server could not negotiate the desired level of security. reason: unknown certificate minor code: 49421070
a)
I have added one parameter in launchClient.bat: -Dcom.ibm.CORBA.ConfigURL="file:/e:/WebSphere/AppServer/properties/sas.client.props"
b)
in this sas.client.props file I have the following directives:
com.ibm.ssl.protocol=SSLv3
com.ibm.ssl.keyStoreType=JKS
com.ibm.ssl.keyStore=E\:/WebSphere/AppServer/WASV5ServerKeyFile.jks
com.ibm.ssl.keyStorePassword={xor}...........
com.ibm.ssl.trustStoreType=JKS
com.ibm.ssl.trustStore=E\:/WebSphere/AppServer/WASV5ServerTrustFile.jks
ssl/WASV5ClientTrustFile.jks
com.ibm.ssl.trustStorePassword={xor}...........
com.ibm.CORBA.standardPerformQOPModels=high

I point to the same jks-files as I use in my SSL-settings in WAS.
I use SSLv3 and a 128 bit certificate.
Anybody that has done this successfully ?
I welcome any suggestions.
20 years ago
Hello.
My environment is WAS 5.0.
In my test environment I am not using SSL and there I can use launchClient.bat successfully to connect to websphere (rmi).
In my production-environment we have SSL and Global security enabled in WAS.
We use a certificate from Thawte successfully with HTTP-server and WAS, but when I try to use the same certificate (jks-file) with launchClient.bat I got the following error:
CAUGHT_EXCEPTION_WHILE_CONFIGURING_SSL_CLIENT_SOCKET: JSSL0080E: javax.net.ssl.SSLHandshakeException - The client and server could not negotiate the desired level of security. reason: unknown certificate minor code: 49421070
a)
I have added one parameter in launchClient.bat: -Dcom.ibm.CORBA.ConfigURL="file:/e:/WebSphere/AppServer/properties/sas.client.props"
b)
in this sas.client.props file I have the following directives:
com.ibm.ssl.protocol=SSLv3
com.ibm.ssl.keyStoreType=JKS
com.ibm.ssl.keyStore=E\:/WebSphere/AppServer/WASV5ServerKeyFile.jks
com.ibm.ssl.keyStorePassword={xor}...........
com.ibm.ssl.trustStoreType=JKS
com.ibm.ssl.trustStore=E\:/WebSphere/AppServer/WASV5ServerTrustFile.jks
ssl/WASV5ClientTrustFile.jks
com.ibm.ssl.trustStorePassword={xor}...........
com.ibm.CORBA.standardPerformQOPModels=high

I point to the same jks-files as I use in my SSL-settings in WAS.
I use SSLv3 and a 128 bit certificate.
Anybody that has done this successfully ?
I welcome any suggestions.
20 years ago
Hello.
I am using WAS 5.0.
After I have installed or updated my application in WAS I have to change the "WAR Classloader Policy" from "Module" to "Application" in order to get my application to work properly.
The problem is that I actually have to boot the machine (windows)to make this change take place. I seems not be enough even to take down and up the was admin server.
==> Should this be neccesseary ?
==> If this is a "bug", is it solved in 5.1 ?
==> Is there a way in the admin console of WAS to just take down the server in which my application is running ?
20 years ago
Thanks for answer.
I have not done what you wrote in your answer.
This is my first time writing client code that are supposed to access a session bean (stateless) in websphere.
Could you please write me some lines about this bind process and where to have more information on this ?
(I am using websphere V5.0)
20 years ago
Hello.
I am using WAS 5.0.
I try to call an EJB in WAS from a batch-program (with Main) using
an ordinary jndi-lookup (iiop://hostname).
I get the error "connection refused to host" and "java.net.ConnectException: Connection refused".
I have tried both with the batchprogram residing on the same host as WAS and a host different from where the WAS is installed.
I have not enabled security or SSL on WAS. I have not changed any of the securitysettings in WAS since installation.
I wonder if the sas.client.props - file could be the problem ?
(in this file I made this change: com.ibm.CORBA.securityEnabled=false,
and I put in userid/pw for the variables: com.ibm.CORBA.loginPassword and com.ibm.CORBA.loginUserid)
In my .bat fil e for the batchprogram I refer to the sas.client.props with the statement: -Dcom.ibm.CORBA.ConfigURL="file:/C:/mydir/sas.client.props"
Is there anybody that could give me a hint on what I could check or do ?
20 years ago
Seems like I can solve this by editing the "Virtual host"-setting in WebSphere Application Server. I tried to set the only valid Virtual host to be "*:443". 443 is the SSL-port.
==> This worked fine. All "HTTP:\\xxx" was rejected.
Another challenge is that my application will call some static HTML-sites on the internet (new pop-up windows) with an ordinary "HTTP:\\xxxx"-kommand.
==> this was still possible
I have now accomplished to only allow HTTPS (SSL) to enter my application, and still my application can reach the outside world with "HTTP".
20 years ago
Seems like I can solve this by editing the "Virtual host"-setting in WebSphere Application Server. I tried to set the only valid Virtual host to be "*:443". 443 is the SSL-port.
==> This worked fine. All "HTTP:\\xxx" was rejected.
Another challenge is that my application will call some static HTML-sites on the internet (new pop-up windows) with an ordinary "HTTP:\\xxxx"-kommand.
==> this was still possible
I have now accomplished to only allow HTTPS (SSL) to enter my application, and still my application can reach the outside world with "HTTP".
20 years ago
Hello.
We have implemented SSL on IBM Http-server and Websphere applicaton server.
When we use "HTTPS:\\xxxxx" everything looks fine and we can se that the
certificate is used, the lock-icon on the browser and so on.
The problem is that we can still link to the application with "HTTP:\\xxxx" (unsecured).
How can we prevent this access ?
actions on the web-server ?
actions on the application server ?
actions on the deployment description ?)
[ September 30, 2003: Message edited by: Eskil Lind ]
20 years ago
We want to set the switch: "Limit to SSL connections only" in WAS V5).
I understand that this switch demands that all URLs must start with "HTTPS:\\xxxxxxx".
a)
==> Is this correct ?
b)
The problem is that we also have a couple of hardcoded URLs in our application to link to some official sites at the police and hospitals.
In other words what we really want is:
Force all URLs to use "HTTPSxxxxxx" except from some hardcoded URLs in the application-code that is allowed to use "HTTPxxxxx".
==> is this possible in any ways ?
c)
If b) above is not possible, is there another way to solve this ?
I would be happy for any respons !
[ September 29, 2003: Message edited by: Eskil Lind ]
[ September 29, 2003: Message edited by: Eskil Lind ]
20 years ago
I am new to this product. I am using Apache Tomcat 4.0.6. I get problems when I come to the installation-verification procedure:
"Deploy one of the sample Web Services to test the system." I wrote the following command:
java -cp C:\jdk1.3.1\jre\lib\rt.jar;C:\jdk1.3.1\src.jar;C:\xml-axis-10\webapps\axis\WEB-INF\lib\axis.jar;C:\xml-axis-10\webapps\axis\WEB-INF\lib\axis-ant.jar;C:\xml-axis-10\webapps\axis\WEB-INF\lib\commons-discovery.jar;C:\xml-axis-10\webapps\axis\WEB-INF\lib\commons-logging.jar;C:\xml-axis-10\webapps\axis\WEB-INF\lib\jaxrpc.jar;C:\xml-axis-10\webapps\axis\WEB-INF\lib\log4j-1.2.4.jar;C:\xml-axis-10\webapps\axis\WEB-INF\lib\xalan.jar;C:\xml-axis-10\webapps\axis\WEB-INF\lib\saaj.jar;C:\xml-axis-10\webapps\ axis\WEB-INF\lib\wsdl4j.jar;C:\xml-axis-10\webapps\axis\WEB-INF\lib\xmlsec.jar;C:\webservices\tomcat\jakarta-tomcat-4.0.6\common\lib\servlet.jar;C:\webservices\tomcat\jakarta-tomcat-4.0.6\common\lib\xerces.jar;C:\javamail\klasser\jaf-1.0.2\activation.jar;C:\javamail\klasser\javamail-1.3\mail.jar org.apache.axis.client.AdminClient -lhttp://localhost:8080/axis/services/AdminService samples/stock/deploy.wsdd
I used the "-cp" options to specify classpath because I otherwise got other problems.
The problem I get is:
"java.lang.NoSuchMethodError: java.net.URL method getUserInfo() java/lang/string; not found"

It looks to me that the java.net.URL.getUserInfo() is located in the src-jar file in my JDK1.3.1 library. I have this in my -cp option, so I have no idea of what could be wrong.
I realize that something is wrong with my classpath-settings (or other environment variables) since I have to use the -cp option.
I can mention that my url: http://localhost:8080/axis/happyaxis.jsp is working ok in my browser.
My xerces.jar file is at 1.4.4-level.
Can anyone help me with this problem ?
21 years ago