[jboss-dev-forums] [JBoss AS 7 Development] - Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)
jw
do-not-reply at jboss.com
Wed Feb 22 07:20:55 EST 2012
jw [https://community.jboss.org/people/jw] created the discussion
"Re: remote ejb client username is encrypted at the server(JBOSS7.1 CR1)"
To view the discussion, visit: https://community.jboss.org/message/718667#718667
--------------------------------------------------------------
Pretty much the same as https://community.jboss.org/people/apparaonali apparaonali's:
jboss-ejb-client.properties
remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false
remote.connections=default
remote.connection.default.host=localhost
remote.connection.default.port=4447
remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false
remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER
remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false
jndi.properties
java.naming.factory.url.pkgs=org.jboss.ejb.client.naming
java.naming.factory.initial=org.jboss.naming.remote.client.InitialContextFactory
Remote client code:
ctx = loadFromJndiPropertiesFile();
ctx.put("jboss.naming.client.ejb.context", true); // can not be in jndi.properties. Requieres boolean, does not accept String
ctx.put( Context.PROVIDER_URL, "remote://myhost:4447");
ctx.put(InitialContext.SECURITY_PRINCIPAL, username);
ctx.put(InitialContext.SECURITY_CREDENTIALS, password);
ctx.lookup(.....);
Server config:
<subsystem xmlns="urn:jboss:domain:remoting:1.1">
<connector name="remoting-connector" socket-binding="remoting"/>
</subsystem>
<subsystem xmlns="urn:jboss:domain:security:1.1">
<security-domains>
<security-domain name="my-security-domain" cache-type="default">
<authentication>
<login-module code="Database" flag="required">
<module-option name="dsJndiName" value="java:/MyDS"/>
<module-option name="principalsQuery" value="......."/>
<module-option name="rolesQuery" value="......."/>
<module-option name="hashAlgorithm" value="SHA"/>
<module-option name="hashEncoding" value="BASE64"/>
</login-module>
</authentication>
</security-domain>
</security-domains>
</subsystem>
In addition I wanted to link the ApplicationRealm to my-security-domain:
<management>
<security-realms>
<security-realm name="ApplicationRealm">
<authentication>
<jaas name="my-security-domain"/>
</authentication>
</security-realm>
</security-realms>
</management>
but that hasn't worked, so I had to remove the security realm of remoting
jboss-app.xml (in META-INF of my ear):
<jboss-app>
<security-domain>my-security-domain</security-domain>
</jboss-app>
--------------------------------------------------------------
Reply to this message by going to Community
[https://community.jboss.org/message/718667#718667]
Start a new discussion in JBoss AS 7 Development at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2225]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20120222/543b7e4c/attachment.html
More information about the jboss-dev-forums
mailing list