IMPORTANT NOTICE:  As of 21 February, anything posted in this community WILL NOT BE MIGRATED to our new community site.   We have pulled all user information and data from this site and are now in an approximately week long process of importing users, roles, and data to our new site.  We are leaving this site open and active so you can post and hopefully get a response until the migration is complete.   Once complete, the URL  that currently takes you to this site will take you to our new site so your bookmarks will work as always.  Please read the information on a New Login Process

Issue using TLS on JAVA-Client: NoSuchFieldError

Hello everybody!

I'm trying to test the TLS encryption between a Java test client (a driver) and an Orbix server.
The Java test client runs from Linux using JDK 1.8 and the iiop_tls Orbix library from Orbix 6.3.9.
I've used a minimal configuration file. Here is the iiop_tls config:


(...)
plugins:iiop_tls:ClassName = "com.iona.corba.iiop.tls.IIOPTLSPlugIn";
plugins:iiop_tls:shlib_name = "it_iiop_tls";
policies:iiop_tls:mechanism_policy:protocol_version = "TLS_V1_2";
policies:iiop_tls:mechanism_policy:ciphersuites = [...];
policies:iiop_tls:certificate_constraints_policy = [...];
policies:iiop_tls:client_secure_invocation_policy:requires = ["Confidentiality", "EstablishTrustInTarget"];
policies:iiop_tls:client_secure_invocation_policy:supports = ["Confidentiality", "EstablishTrustInTarget", "DetectMisordering", "DetectReplay", "Integrity"];
policies:iiop_tls:max_chain_length_policy = "3";

binding:server_binding_list =  ["GIOP+IIOP_TLS"];
binding:client_binding_list =  ["GIOP+IIOP_TLS"];
orb_plugins = ["iiop_tls", ...];
(...)

I'm also using atli2_tls, tls, x509 and corba_security plugins, as it was required.
I'm getting the following exception during an lookup operation:

Exception in thread "main" java.lang.NoSuchFieldError: TLS_V1_1
        at com.iona.corba.atli2.tls.JSSEMethodsImpl.<clinit>(Unknown Source)
        at java.lang.Class.forName0(Native Method)
        at java.lang.Class.forName(Class.java:264)
        at com.iona.corba.atli2.tls.TLSPoolImpl.<init>(Unknown Source)
        at com.iona.corba.atli2.tls.TLSTransportImpl.create_pool(Unknown Source)
        at com.iona.corba.iiop.tls.IIOPTLSPerORBState.create_pool_adapter(Unknown Source)
        at com.iona.corba.atli_protocol.ip.PerORBState.retrieve_pool_adapter(Unknown Source)
        at com.iona.corba.iiop.tls.IIOPTLSClientInterceptorFactoryImpl.validate_policies(Unknown Source)
        at com.iona.corba.art.binding.ClientBindery.validate(Unknown Source)
        at com.iona.corba.art.binding.ClientBindery.try_ior(Unknown Source)
        at com.iona.corba.art.binding.ProxyBinding.get_binding(Unknown Source)
        at com.iona.corba.art.binding.ClientInvocationImpl.boot(Unknown Source)
        at com.iona.corba.art.binding.BindingManagerImpl.start_client_invocation(Unknown Source)
        at com.iona.corba.art.binding.IORProxy.request(Unknown Source)
        at org.omg.CORBA.portable.ObjectImpl._request(ObjectImpl.java:449)
        at org.omg.CosNaming._NamingContextStub.resolve(_NamingContextStub.java:242)
(...)

The Logger also informs me that "Limited strength policy files are installed in this JVM (...)".

I suppose it might be a compatibility issue between libraries or a bug, as I've specified clearly in the config that the
TLS V1.2 should be used, and the JSSEMethodsImpl
try to access the not existing / private field TLS_V1_1,
which is not available / should not be available.


Did someone have a similar problem?

Thank you very much!

Kind regards,

Cristian Dragnea

  • Hi Cristian,

    It appears that you need all of the Orbix 6.3.9 jars below for a client to run successfully. You can confirm the list of jars needed by running the secure_bank demo with "verbose:class" java option to get the list of dependency jars.

    lib/platform/java_secure_transports/1.3/tls.jar
    lib/art/art/1.3/art.jar
    lib/common/concurrency/1.3/concurrency.jar
    lib/common/ifc/1.3/ifc.jar
    lib/common/management/1.3/management.jar
    lib/art/omg/1.3/omg.jar
    lib/platform/java_transports/1.3/iiop.jar
    lib/platform/java_transports/1.3/codeset.jar
    lib/art/atli2/1.3/atli2.jar
    lib/art/atli2_ip_cio/1.3/atli2_ip_cio.jar
    lib/art/atli2_ip/1.3/atli2_ip.jar
    lib/art/atli2_ip_nio/1.3/atli2_ip_nio.jar
    lib/art/atli2_tls/1.3/atli2_tls.jar

    Hope this helps.

    Regards,
    Karthi.