-
1. Re: Jboss ejb remote call with login-module: Identity
jaikiran Jul 13, 2015 8:28 AM (in response to b1102)Please post the client side code and configs you use to invoke on the bean.
Secondly, I think there was a bug in AS 7.x which would cause JAAS backed realms to fail when used against remote invocations. I'll have to find that JIRA.
Any reason why you aren't using the latest released WildFly 9.0.0.Final Downloads · WildFly (JBoss AS has been renamed to WildFly) ?
-
2. Re: Jboss ejb remote call with login-module: Identity
b1102 Jul 13, 2015 8:49 AM (in response to jaikiran)The client ejb code:
static { Properties properties = getContextProperties(); try { context = (Context) new InitialContext(properties).lookup("ejb:"); } catch (NamingException e) { throw new IllegalArgumentException("Couldn't instantiate initial context", e); } } private static Properties getContextProperties() { Properties properties = new Properties(); properties.setProperty(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming"); properties.setProperty("endpoint.name", "client-endpoint"); properties.setProperty("remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "false"); properties.setProperty("remote.connections", "default"); properties.setProperty("remote.connection.default.port", System.getProperty("remote.connection.default.port")); properties.setProperty("remote.connection.default.host", System.getProperty("remote.connection.default.host")); properties.setProperty("remote.connection.default.username", Authenticator.getPrincipalName()); properties.setProperty("remote.connection.default.password", Authenticator.getPrincipalSecret()); properties.setProperty("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS", "false"); properties.setProperty("connect.options.org.jboss.remoting3.RemotingOptions.HEARTBEAT_INTERVAL", HEARTBEAT_INTERVAL_VALUE); properties.setProperty("org.jboss.ejb.client.scoped.context", "true"); return properties; } public Object lookUpBean(String serviceName, Class serviceClass) { LOG.debug("getEJBHome(" + serviceName + ")"); Object docomueBean; LOG.debug("Look up the remote bean for the service: " + serviceName); StringBuilder beanLookUpPath = new StringBuilder(); beanLookUpPath.append(APPLICATION_NAME); beanLookUpPath.append("/"); beanLookUpPath.append(SERVICES_JAR_NAME); beanLookUpPath.append("/"); beanLookUpPath.append(serviceName); beanLookUpPath.append(BEAN_POSTFIX); beanLookUpPath.append(serviceClass.getName()); if (STATEFUL_SERVICES_NAMES.contains(serviceName)) { beanLookUpPath.append("?stateful"); } try { docomueBean = context.lookup(beanLookUpPath.toString()); } catch (Exception ex) { String errmsg = "Failed to return the EJBHome for " + serviceName + " object: "; errmsg += ex; LOG.error(errmsg); throw new BusinessException(BusinessException.CREATE_SESSIONBEAN_FEHLGESCHLAGEN, errmsg, ex); } return docomueBean; }
We actually using EAP 6.3, so I am sligthly missed, because inside is the 7.4.0 Final. We using it, because it is the last version of EAP supported by our internal production provider.
-
3. Re: Jboss ejb remote call with login-module: Identity
jaikiran Jul 13, 2015 8:56 AM (in response to b1102)Add the following to the properties that you are passing to the context:
properties.setProperty("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", "false");
-
4. Re: Jboss ejb remote call with JAAS login module
b1102 Jul 13, 2015 9:25 AM (in response to jaikiran)Thank you, actually this was mentioned in the JBoss AS 7 : Remote EJB Authentication Howto
Unfoturnatelly I read it only now(
Now, everything works!!!
If you have time and it is possible to explain in short words why this property is so important here? Only explanation of it I wound. This property "specifies that no clear text communication will take place in the client-server communication"
Looks like for JAAS module it is important, but for the ApplicationRealm not.
-
5. Re: Jboss ejb remote call with JAAS login module
jaikiran Jul 13, 2015 9:37 AM (in response to b1102)Kobiako Sergei wrote:
If you have time and it is possible to explain in short words why this property is so important here? Only explanation of it I wound. This property "specifies that no clear text communication will take place in the client-server communication"
Looks like for JAAS module it is important, but for the ApplicationRealm not.
JAAS login modules require the plain text password to carry out the authentication. So this property needs to be set only if JAAS is involved in your authentication flow for remote invocations.
-
6. Re: Jboss ejb remote call with JAAS login module
b1102 Jul 13, 2015 10:05 AM (in response to jaikiran)Thank you very much, once again!