[jboss-user] [JNDI/Naming/Network] - Security Issue of JNDI
deepblueli
do-not-reply at jboss.com
Mon Sep 10 06:09:33 EDT 2007
Hi,
Is there any way to secure JNDI? I have been doing research on google, but couldn't find a way to secure JNDI. Basically, anyone can connect to JNDI via port 1099 and access to DataSource, JMS Queue, etc...
I am porting the application from Weblogic to JBoss. Weblogic can use "java.naming.security.principal" and "java.naming.security.credentials" to do a simple authentication to access JNDI, but I couldn't find a way to do in JBoss to make the authentication mandatory. Btw, there are clients from outside need to connect to JNDI to access EJB, so I cannot block port 1099 also.
Any suggestion on this matter? Thanks!
Cheers,
Deep Blue
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4082528#4082528
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4082528
More information about the jboss-user
mailing list