[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Fwd: RE : [xmlblaster] Xmlblaster via SSH channel]

--- Begin Message ---
>louafi wrote:
>>I want to use XmlBlaster via SSH channel but i 've some problems :(
>>My configuration is the folowing one :
>>1) I create SSH channels
>>On the client :
>>ssh -L 6040:server:3412 server
>>ssh -L 6043:server:6043 server #for the CallBack server connection
>>On the server :
>>ssh -L 6044:client:6044 client #for the CallBack client connection
>>2) I launch XmlBlaster server :
>>java -DOAIAddr=localhost -DOAPort=6043 -port 3412
>>3) I launch XmlBlaster client :
>>/java -DOAIAddr=localhost -DOAPort=6044 javaclients.ClientSub
>> -port 6040
>Hi Sebastien,
>thanks for sharing your smart configuration with us.
>I can see that the localhost fails on local nets.
>I can imaginge those scenarios:
>1. Use ssh on local net as well
>2. If you have control on the internet clients:
>    Change 'localhost' to a specific IP (e.g.,
>    and add this  IP to the internet clients ethernet setup
>    e.g. on Linux
>       ifconfig  eth0:1

Hi Marcel,

My final configuration is the following one :

serverIP is a private IP address.
clientIP is a public IP address

I made an alias on the loopback on the client.
Ifconfig lo0:0 serverIP

So, when the server says my callback address is serverIP on port 6043,
the client uses the channel on port 6043 created with tcp_forward and
then use the SSH channel (3) on port 6042 to access server on port 6043.

The SSH channel (1) allows client callback on port 6044.
The SSH channel (2) allows client to access XmlBlaster on port 3412.

On the client :
tcp_forward -f 6043 -t

I use tcp_forward because SSH -R can't be use with -g option. -g option
has no effect, the process stills listen on otherwise I need
it listens on to have an access it with the clientIP address. I
can't create SSH tunnel from client because serverIP is private and I
don't want to translate the SSH port.

On the server :
1) SSH -L 6044:clientIP:6044 clientIP
2) SSH -R 6040: clientIP
3) SSH -R 6042:clientIP:6043 clientIP

I launch server :
java -DOAIAddr= -DOAPort=6043 -port 3412

I launch client :
java -DOAIAddr=localhost -DOAPort=6044 javaclients.ClientSub -hostname -port 6040

I downloaded tcp_forward from :

This configuration works fine.



>3. Use the SOCKET protocol over internet
>    With this setup (-client.protocol SOCKET on java)
>    the same socket is used for callbacks.
>    This way you don't need to specify any local callback host/port.
>    On client:
>    ssh -L 7607:server:7607 server
> On server:
>    <nothing>
>  Activate SOCKET in xmlBlaster.properties and start xmlBlaster
>    java org.xmlBlaster.Main
>  Start the client
>    java HelloWorld3 -client.protocol SOCKET -socket.hostname localhost

>-socket.port 7607
>  Now the CORBA driver is not touched and reachable in the local net
>  and the client HelloWorld3 is tunneled secure with SSH
>  The possible SOCKET parameters are:
>SocketDriver options:
>   -socket.port        The SOCKET server port [7607].
>   -socket.hostname    Specify a hostname where the SOCKET server runs.
>                       Default is the localhost.
>   -socket.SoTimeout   How long may a socket invocation block [60000]
>   -socket.responseTimeout Max wait for the method return 
>value/exception [60000] msec.
>   -socket.backlog     Queue size for incoming connection request [50].
>   -socket.threadPrio  The priority 1=min - 10=max of the listener 
>thread [5].
>   -socket.debug       1 or 2 switches on detailed SOCKET debugging
>4. If you need CORBA on both sides, you could add another
>    protocol plugin for CORBA.
>    Currently this is not possible just by configuration
>    (you would need to take a copy of the corba driver
>     and change the protocol type 'IOR' to something else
>     like 'IOR2' under which you configure the plugin).
>Is it OK if we add your configuration to our FAQ?

Of course there is no problem.

>PS: One final note: The SOCKET driver is not released for production
>yet. We need doing a final code review,
>to tune the performance and for multi threading issues.
>It works fine but i can't connect using the default method (without SSH
>channels...) because the callback adresses are localhost.
>I don't know how to do :(. I want to use XmlBlaster via SSH channels
>from internet connections and without ssh channels from LAN
>Any idea ?
>Thanks and have a good day.

--- End Message ---