[jboss-dev-forums] [JBoss AS 7 Development] - Remote EJB Client Security (Jboss7.1)

rathm1 do-not-reply at jboss.com
Tue Feb 28 12:25:55 EST 2012 

rathm1 [https://community.jboss.org/people/rathm1] created the discussion

"Remote EJB Client Security (Jboss7.1)"

To view the discussion, visit: https://community.jboss.org/message/720288#720288

--------------------------------------------------------------
Hello there,

I am having an issue that when I specify a username/password programatically using the InitialContext the authentication is not working but when I hardcode the username/password into the jboss-ejb-client.properties the authentication is successful.
I am using a custom security domain connecting to an ldap but that seems to be configured correctly since I can successfully authenticate to it with having the username/password in jboss-ejb-client.properties.

The working configuration is:
jboss-ejb-client.properties

remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false
remote.connections=default
remote.connection.default.host=localhost
remote.connection.default.port=4447
remote.connection.default.username=myUsername
remote.connection.default.password=myPassword
remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false
remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER

local.jboss.jndi.properties

java.naming.factory.url.pkgs=org.jboss.ejb.client.naming

Client Application Code:

jndiProperties.put("jboss.naming.client.ejb.context", true);     
jndiProperties.put(Context.SECURITY_PRINCIPAL, username);
jndiProperties.put(Context.SECURITY_CREDENTIALS, password);
jndiProperties.put("jboss.naming.client.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", false);

Context context = new InitialContext(jndiProperties);

String lookUp = "ejb:" + appName + "/" + moduleName + "/" + beanName + "!" + interfaceClassName;

TestEJB facade = (TestEJB)context.lookup(lookUp);

boolean connectionSuccessful = facade.canConnect();

It does not matter what I set in the jndiProperties for the username and password, it will always use the username and password that were set in the jboss-ejb-client.properties.
If I remove the username and password from jboss-ejb-client.properties and leave everything else the same, the lookup is successful but when the service is called an exception thrown on the client side is:
java.lang.IllegalStateException: No EJB receiver available for handling [appName:MyAppEar, moduleName:MyAppJar,distinctname:] combination.

I have looked through many other discussion items and it seems that everyone that has gotten security working, has the username and password in the jboss-ejb-client.properties.

If anyone has any suggestions that would be great.
Thanks.
--------------------------------------------------------------

Reply to this message by going to Community
[https://community.jboss.org/message/720288#720288]

Start a new discussion in JBoss AS 7 Development at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2225]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20120228/47aa00f4/attachment.html

More information about the jboss-dev-forums mailing list