2 Replies Latest reply on Mar 21, 2012 11:24 AM by urho

    How I provide user credentials on remote EJB invocation from remote server instance?

    urho

      Hello,

       

      How I can provide user credentials in a case of remote EJB invocation from remote server instance?

       

      In a case of remote standalone client I can do it via username and password properties on jboss-ejb-client-properties, but where should I put these in remote client running inside server? The documentation does not provide any hint on this. Should it go to jboss-ejb-client.xml? Can it be provided somehow at runtime?

        • 1. Re: How I provide user credentials on remote EJB invocation from remote server instance?
          urho

          Has anyone used authentication on EJB call from remote server instance?

          • 2. Re: How I provide user credentials on remote EJB invocation from remote server instance?
            urho

            After trial and error I got it working somehow. I don't know if this is the way it should be done but now I can authenticate the caller from remote server instance.

             

            Configuration snippets from standalone.xml which made this happen are:

             

            <security-realm name="MyPasswordRealm">

                 <server-identities>

                      <secret value="cGFzc3dvcmQ="/>

                 </server-identities>

            </security-realm>

            .

            .

            <outbound-connections>

                 <remote-outbound-connection name="remote-ejb-connection" outbound-socket-binding-ref="remote-ejb" username="user1" security-realm="MyPasswordRealm">

                      <properties>

                           <property name="SASL_POLICY_NOANONYMOUS" value="false"/>

                           <property name="SSL_ENABLED" value="false"/>

                           <property name="SASL_DISALLOWED_MECHANISMS" value="JBOSS-LOCAL-USER"/>

                      </properties>

                 </remote-outbound-connection>

            </outbound-connections>

             

            The secret value inside server-identities is the password value encoded with base64. So the Username and password used on authenticating ejb caller are configured on <remote-outbound-connection> using attributes username and security-realm.