On ant install, javax.naming.NameNotFoundException: AdminGroupSessionRemote not bound

Help
2013-02-25
2013-02-26
  • Jason Callaway
    Jason Callaway
    2013-02-25

    I'm having a problem getting past the ant install.

    • Ubuntu 12.04 on Amazon EC2 with
    • openjdk-6-jdk
    • ant
    • libmysql-java
    • mysql-server
    • libbcprov-java
    • JBoss 5.1.0.GA
    • EJBCA 4.0.14.

    ant deploy seems to works properly. However, when I ant install, I get the following error:

     [java] Initalizing Temporary Authorization Module with caid=-996733751 and superadmin CN 'TempSuperAdmin'.
     [java] 
     [java] javax.naming.NameNotFoundException: AdminGroupSessionRemote not bound
     [java]     at org.jnp.server.NamingServer.getBinding(NamingServer.java:771)
     [java]     at org.jnp.server.NamingServer.getBinding(NamingServer.java:779)
     [java]     at org.jnp.server.NamingServer.getObject(NamingServer.java:785)
     [java]     at org.jnp.server.NamingServer.lookup(NamingServer.java:443)
     [java]     at org.jnp.server.NamingServer.lookup(NamingServer.java:399)
     [java]     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     [java]     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
     [java]     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
     [java]     at java.lang.reflect.Method.invoke(Method.java:616)
     [java]     at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:322)
     [java]     at sun.rmi.transport.Transport$1.run(Transport.java:177)
     [java]     at java.security.AccessController.doPrivileged(Native Method)
     [java]     at sun.rmi.transport.Transport.serviceCall(Transport.java:173)
     [java]     at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:553)
     [java]     at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:808)
     [java]     at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:667)
     [java]     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146)
     [java]     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
     [java]     at java.lang.Thread.run(Thread.java:679)
     [java]     at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:273)
     [java]     at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:251)
     [java]     at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:160)
     [java]     at org.jnp.server.NamingServer_Stub.lookup(Unknown Source)
     [java]     at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:726)
     [java]     at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:686)
     [java]     at javax.naming.InitialContext.lookup(InitialContext.java:409)
     [java]     at org.ejbca.core.ejb.JndiHelper.getRemoteSession(JndiHelper.java:57)
     [java]     at org.ejbca.core.model.util.EjbRemoteHelper.getAdminGroupSession(EjbRemoteHelper.java:94)
     [java]     at org.ejbca.ui.cli.ca.BaseCaAdminCommand.initAuthorizationModule(BaseCaAdminCommand.java:161)
     [java]     at org.ejbca.ui.cli.ca.CaInitCommand.execute(CaInitCommand.java:207)
     [java]     at org.ejbca.ui.cli.EjbcaEjbCli.executeCommand(EjbcaEjbCli.java:118)
     [java]     at org.ejbca.ui.cli.EjbcaEjbCli.main(EjbcaEjbCli.java:80)
     [java] Could not run execute method for class class org.ejbca.ui.cli.ca.CaInitCommand
     [java] org.ejbca.ui.cli.ErrorAdminCommandException: java.lang.NullPointerException
     [java]     at org.ejbca.ui.cli.ca.CaInitCommand.execute(CaInitCommand.java:312)
     [java]     at org.ejbca.ui.cli.EjbcaEjbCli.executeCommand(EjbcaEjbCli.java:118)
     [java]     at org.ejbca.ui.cli.EjbcaEjbCli.main(EjbcaEjbCli.java:80)
     [java] Caused by: java.lang.NullPointerException
     [java]     at org.ejbca.ui.cli.ca.BaseCaAdminCommand.initAuthorizationModule(BaseCaAdminCommand.java:161)
     [java]     at org.ejbca.ui.cli.ca.CaInitCommand.execute(CaInitCommand.java:207)
     [java]     ... 2 more
    

    Is my configuration incorrect? Could this be related to Amazon's NATing of the Elastic IP Addresses?

    Thanks very much,
    ~Jason

     
  • Mike Kushner
    Mike Kushner
    2013-02-25

    Hi Jason!

    You're getting a null pointer exception when the CLI attempts to retrieve a bean from the EJB context. I'm not familiar with running servers on Amazon's cloud, but if the CLI and your JBoss are not on the same server, then this could be related.
    If they are, then it looks like EJBCA hasn't been deployed properly. I'd check the server/default/deploy directory to verify that ejbca.ear has been deployed there, and double check that JBoss is actually running (by checking the logs, or going to hostname:8080 if you have the JBoss console installed).

    Also, you should have performed ant bootstrap before your deploy. The correct installation order for EJBCA 4.0.x is:

    ant bootstrap
    start JBoss
    ant install
    stop JBoss
    ant deploy
    start JBoss

    Cheers,
    Mike Kushner
    Developer, Primekey Solutions


    PrimeKey Solutions offers commercial EJBCA and SignServer support
    subscriptions and training courses. Please see www.primekey.se or
    contact info@primekey.se for more information.
    http://www.primekey.se/Services/Support/
    http://www.primekey.se/Services/Training/


     
    • Jason Callaway
      Jason Callaway
      2013-02-26

      Mike,

      Thanks very much for the reply! That helped. I was using a script to install and configure EJBCA, and I had reversed the first two steps. Nothing to do with Amazon, just oversight on my part.

      I had one problem after that -- port 3873 needed to be added to my EC2 Security Group. I already had opened 22, 3306, 8080, 8443, 8083, 1090, 1098, 1099.

      Is there a list posted of required ports so I know I'm not missing any, or openining unnecessary ones?

      Thanks again,
      ~Jason

       
  • Mike Kushner
    Mike Kushner
    2013-02-26

    Hi Jason!

    No, no general list. The ports EJBCA normally requires are:

    8443 - secure connections
    8442,8080 - less secure connections (public web)
    22 - SSH (for your own sake)

    That's really all you should need. If you're running mysql on an external server you'd need 3306 on that server, if you're running any publishing jobs to VA you'd need port 80 on those servers and you'd have to open ports for LDAP depending on configuration.

    Cheers,
    Mike Kushner
    Developer, Primekey Solutions
    PrimeKey Solutions offers commercial EJBCA and SignServer support
    subscriptions and training courses. Please see www.primekey.se or
    contact info@primekey.se for more information.
    http://www.primekey.se/Services/Support/
    http://www.primekey.se/Services/Training/

     
  • Mike Kushner
    Mike Kushner
    2013-02-26

    Hi Jason!

    No, no general list. The ports EJBCA normally requires are:

    8443 - secure connections
    8442,8080 - less secure connections (public web)
    22 - SSH (for your own sake)

    That's really all you should need. If you're running mysql on an external server you'd need 3306 on that server, if you're running any publishing jobs to VA you'd need port 80 on those servers and you'd have to open ports for LDAP depending on configuration.

    Cheers,
    Mike Kushner
    Developer, Primekey Solutions
    PrimeKey Solutions offers commercial EJBCA and SignServer support
    subscriptions and training courses. Please see www.primekey.se or
    contact info@primekey.se for more information.
    http://www.primekey.se/Services/Support/
    http://www.primekey.se/Services/Training/