Oracle8i CORBA Developer's Guide and Reference
Release 3 (8.1.7)

Part Number A83722-01


Solution Area



Go to previous page Go to beginning of chapter Go to next page

Client-Side Authentication



This is a very simple CORBA example using client side ssl for login. 
The helloWorld server object merely returns a greeting plus the Java 
VM version number to the client.

The purpose of the example is to show how to use ssl client side 
authentication for logins. 

Setup required

You need to open the encrypted wallet(ewallet.der) provided in this directory 
using the wallet manager tool provided by Oracle. The password is welcome12. 
Copy the cleartext into TNS_ADMIN directory and restart the database and 

The encrypted wallet(ewallet.der) is only valid for Solaris platforms. For 
other platforms, you should generate the wallet using Oracle's owm tool.

This test also requires B64 encoded wallet(cert.txt) which is already present 
in this directory.  You can also generate your own using Oracle's owmgui tool
and using export option in the tool.

The parameter SSL_CLIENT_AUTHENTICATION in $TNSADMIN/sqlnet.ora should be set 
to TRUE before restarting the database and listeners

The setup also requires creation of global user guest. The script to create 
global user is in this directory(  This script prompts for username
and password of a privileged user as input to this script.

The Makefile has loadjava that loads all the classes into scott's schema
whereas the client program is executed as the user guest. Hence loadjava
has a "-grant guest" to grant the privileges to guest.

Source files


The CORBA IDL for the example.  Defines a single interface Hello with a single
method helloWorld(). The interface is defined in the Module named 'hello',
which determines the name of the directory in which the idl2java compiler
places the generated files.

The helloWorld() method returns a CORBA wstring, which maps to a Java String

module hello
  interface Hello
    wstring helloWorld()

You invoke the client program from a command prompt, and pass it three
arguments, the

   - service URL (service ID, hostname, port, and SID if port is a listener)
   - name of the published bean to lookup and instantiate
   - credentials file - the B64 encoded wallet for the user. This is a 
     generated wallet at Oracle site. 

The password for the wallet is hardcoded as "welcome12" 

For example:
% java -classpath LIBs Client sess_iiop://localhost:2222 /test/myHello cert.txt

where LIBs is the classpath that must include

#If using Java 2, use instead of

(Note: for NT users, the environment variables would be %ORACLE_HOME% and

The client code performs the following steps:

   - gets the arguments passed on the command line
   - puts the authentication type and values into env context
   - creates a new JNDI Context (InitialContext())
   - looks up the published CORBA server object to find and activate it
   - invokes the helloWorld() method on the hello object and prints the results

The printed output is:

Hello client, your javavm version is 8.1.5.


Implements the IDL-specified Hello interface. The interface has one
method, helloWorld(), that returns a String to the caller.

helloWorld() invokes System.getProperty("oracle.server.version") to get the
version number of the Java VM.

This object performs no database access.

Compiling and Running the Example


Enter the command 'make all' or simply 'make' in the shell to compile,
load, and deploy the objects, and run the client program.  Other
targets are 'run' and 'clean'.

Make sure that a shell environment variable ORACLE_HOME is set to
point to the home location of the Oracle installation. This is
operating system dependent, so see the Installation documentation that
came with your system for the location. Also, review the README file
for the Oracle database, and the README file for the CORBA/EJB server
(the Oracle8i ORB), for additional up-to-date information.

Windows NT

On Windows NT, run the batch file makeit.bat from a DOS command prompt
to compile, load, and deploy the objects. Run the batch file runit.bat
to run the client program, and see the results.

Make sure that the environment variables %ORACLE_HOME%, %CLASSPATH%,
and %SERVICE% are set appropriately for the DOS command window. You
can set these as either user or system environment variables from the
Control Panel. Double click on System in the Control Panel then on
the Environment tab to set these variables. Start a new DOS window
after setting environment variable values.

See the Installation documentation that came with your Oracle8i system
for the values of these variables. Also, review the README file for
the Oracle database, and the README file for the CORBA/EJB server (the
Oracle8i ORB), for additional up-to-date information.

You can also set an environment variable %JAVA_HOME% to point to the
root of your Java JDK. For example, SET JAVA_HOME=C:\JDK1.1.6.


module hello {
  interface Hello {
    wstring helloWorld ();

import hello.Hello;
import oracle.aurora.jndi.sess_iiop.ServiceCtx;
import javax.naming.Context;
import javax.naming.InitialContext;
import java.util.Hashtable;

public class Client

  public static void main (String[] args) throws Exception {
    if (args.length != 3) {
      System.out.println("usage: Client serviceURL objectName credsFile");
    String serviceURL = args [0];
    String objectName = args [1];
    String credsFile = args [2];

    Hashtable env = new Hashtable();
    env.put(Context.URL_PKG_PREFIXES, "oracle.aurora.jndi");
    env.put(Context.SECURITY_CREDENTIALS, "welcome12");

    // Simply specify  a file that contains all the credential info. This is 
    // the file generated by the wallet manager tool.
    env.put(Context.SECURITY_PRINCIPAL, credsFile);

    // As an alternative, you may also set the credentials individually, as
    // shown bellow.
    env.put(ServiceCtx.SECURITY_USER_CERT, testCert_base64);
    env.put(ServiceCtx.SECURITY_CA_CERT, caCert_base64);
    env.put(ServiceCtx.SECURITY_ENCRYPTED_PKEY, encryptedPrivateKey_base64);
    //System.getProperties().put("AURORA_CLIENT_SSL_DEBUG", "true");

    Context ic = new InitialContext(env);

    Hello hello = (Hello) ic.lookup(serviceURL + objectName);


package helloServer;

import hello.*;

public class HelloImpl extends _HelloImplBase {
  public String helloWorld() {
    String v = System.getProperty("oracle.server.version");
    return "Hello client, your javavm version is " + v + ".";

Go to previous page
Go to beginning of chapter
Go to next page
Copyright © 1996-2000, Oracle Corporation.

All Rights Reserved.


Solution Area