Scott Wallace [https://community.jboss.org/people/sdwallace] created the discussion "Remote context / security" To view the discussion, visit: https://community.jboss.org/message/788795#788795 -------------------------------------------------------------- Hello. I would like to understand if it is possible to have a web tier be the remote EJB client and not have any jboss-ejb-client.properites that expose security.  I have this code:     private static Calculator lookupRemoteEJB() throws NamingException {               Properties jndiProps = new Properties();               jndiProps.put(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.naming.remote.client.InitialContextFactory");               jndiProps.put(Context.PROVIDER_URL,"remote://localhost:4447");               jndiProps.put(Context.SECURITY_PRINCIPAL, "webTier");               jndiProps.put(Context.SECURITY_CREDENTIALS, "secretpassword");               //create a context passing these properties               Context context = new InitialContext(jndiProps);         final String appName = "";         final String moduleName = "EJBSandbox";         final String distinctName = "";         final String beanName = CalculatorBean.class.getSimpleName();         final String viewClassName = Calculator.class.getName();         System.out.println("Looking EJB via JNDI ");         System.out.println(moduleName + "/" + distinctName + "/" + beanName + "!" + viewClassName);         return (Calculator) context.lookup(moduleName  + "/" + beanName + "!" + viewClassName);   } It works provided I have this jboss-ejb-client.properties in my classpath: remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false remote.connections=default remote.connection.default.host=127.0.0.1 remote.connection.default.port = 4447 remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false remote.connection.default.username=webTier remote.connection.default.password=secretpassword remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false However, if I remove the user name and password from the properties file, I get this exception: ERROR: JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed No EJB receiver available for handling [appName:,modulename:EJBSandbox,distinctname:] combination for invocation context org.jboss.ejb.client.EJBClientInvocationContext@1a3a9bba java.lang.IllegalStateException: No EJB receiver available for handling [appName:,modulename:EJBSandbox,distinctname:] combination for invocation context org.jboss.ejb.client.EJBClientInvocationContext@1a3a9bba Is there a way to remove security information from the property file (or encrypt it minimally) so that this is not in clear text on a web server in the DMZ?  Any concrete examples? -------------------------------------------------------------- Reply to this message by going to Community [https://community.jboss.org/message/788795#788795] Start a new discussion in EJB3 at Community [https://community.jboss.org/choose-container!input.jspa?contentType=1&...]