[jboss-user] [Security & JAAS/JBoss] - remote standalone ejb client authentication and authorizatio

[mengyi]

Hi, 

I am developing a typical client-server application where my server will be basically just an ejb module (without web module). My client will be a pure java RCP application that connects to the server ejb module through http tunneling.

I would like that i generate a self signed cert and deploy together with my client app so that the client is automatically authenticated and subsequently properly  authorized.

So far i have been reading BaseCertLoginModule, but the wiki page seems focus on the setup of a web module and further more, it does not mention how a java application, instead of the browser, can supply the cert for authentication.

By the way, i have an apache httpd server in front of jboss and use proxy_ajp. So how could i setup http tunneling? I suppose i just have to enable ssl and install certificate on apache instead of jboss if i wanna to use https tunnelling... Please guide me through...

thanks a lot.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4079402#4079402

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4079402