andrei povodyrev [
https://community.jboss.org/people/apovodyrev] created the discussion
"Re: Remote client access with database login module: user name and password are
UUIDs"
To view the discussion, visit:
https://community.jboss.org/message/724140#724140
--------------------------------------------------------------
Seems like all remote calls have to be authenticated by remoting-connector.
This is the key <connector name="remoting-connector"
socket-binding="remoting" security-realm="TutorialRealm"/> where
whole jboss ejb remote access is tied to a single app realm. Seems like a mess. If you
have multiple apps on the same server with own security, maintaining acces to them with
remote client is going to be nightmare.
Application login module must have <module-option name="password-stacking"
value="useFirstPass"/> to piggy back on cached Principal/Credentials
If security realm (ApplicationRealm by default) is removed from remoting-connector, there
is no way to authenticate ejb remote call.
Tried multiple approaches
1)
jndiProperties.put(InitialContext.SECURITY_PRINCIPAL, "user");
jndiProperties.put(InitialContext.SECURITY_CREDENTIALS, "pass");
2)
org.jboss.security.client.SecurityClient
3)
org.jboss.security.auth.callback.AppCallbackHandler
User credential set by above means do not get to java ee security context and random UUID
values are used on server, or $local if
setting SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER not used
A frequently refernced link from jboss7 docs
https://docs.jboss.org/author/display/AS71/EJB+invocations+from+a+remote+...
https://docs.jboss.org/author/display/AS71/EJB+invocations+from+a+remote+...
is not sufficient to make your remote clients work because it leaves the server
configuration part out of discussion.
Frustrated after fighting this for the thrid day in the row.
--------------------------------------------------------------
Reply to this message by going to Community
[
https://community.jboss.org/message/724140#724140]
Start a new discussion in JBoss AS 7 Development at Community
[
https://community.jboss.org/choose-container!input.jspa?contentType=1&...]