[jboss-user] [JBoss Messaging] - Using JAAS Authentication with SSL

[btsibr]

(Second time posting.. the first one seems to have been lost)

I'm using JBAS 4.2.1 and JBM 1.4.0.GA.

I've configure the sslbisocket transport.  My clients all have SSL certificates and I would like to use their certificate to authenticate them via my custom loginmodule (which has been tested and works with EJBs, Tomcat, etc).

I want JBM to use the principal created by the SSL connection for the getConnection() so that I do not need to pass a username and password.

Looking at how the other invokers are configured, it appears that I'll need a SecurityInterceptor for the sslbisocket invoker to create a Subject from the SSL connection and then configure JBM to use a CallerIdentityLoginModule to use the already-established subject.

However, I'm not sure how to put the interceptor around the 
jboss.remoting:service=invoker,transport=sslbisocket... as I'm not sure where that is configured.

Other services seem to be configured in standardjboss.xml and jboss.xml so I'm wondering where I could do this - or if I need to modify some code to be pointed in the right direction.

Also, I'd like Message Driven Beans to be able to be configured without a username and password.  To accomplish this I think I'll need to configure the JmsXA resource adapter with ConfiguredIdentityLoginModule.  Some confirmation of this would be appreciated.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4094579#4094579

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4094579