2 Replies Latest reply: Mar 21, 2012 11:24 AM by urho RSS

How I provide user credentials on remote EJB invocation from remote server instance?

urho Newbie

Hello,

 

How I can provide user credentials in a case of remote EJB invocation from remote server instance?

 

In a case of remote standalone client I can do it via username and password properties on jboss-ejb-client-properties, but where should I put these in remote client running inside server? The documentation does not provide any hint on this. Should it go to jboss-ejb-client.xml? Can it be provided somehow at runtime?

  • 1. Re: How I provide user credentials on remote EJB invocation from remote server instance?
    urho Newbie

    Has anyone used authentication on EJB call from remote server instance?

  • 2. Re: How I provide user credentials on remote EJB invocation from remote server instance?
    urho Newbie

    After trial and error I got it working somehow. I don't know if this is the way it should be done but now I can authenticate the caller from remote server instance.

     

    Configuration snippets from standalone.xml which made this happen are:

     

    <security-realm name="MyPasswordRealm">

         <server-identities>

              <secret value="cGFzc3dvcmQ="/>

         </server-identities>

    </security-realm>

    .

    .

    <outbound-connections>

         <remote-outbound-connection name="remote-ejb-connection" outbound-socket-binding-ref="remote-ejb" username="user1" security-realm="MyPasswordRealm">

              <properties>

                   <property name="SASL_POLICY_NOANONYMOUS" value="false"/>

                   <property name="SSL_ENABLED" value="false"/>

                   <property name="SASL_DISALLOWED_MECHANISMS" value="JBOSS-LOCAL-USER"/>

              </properties>

         </remote-outbound-connection>

    </outbound-connections>

     

    The secret value inside server-identities is the password value encoded with base64. So the Username and password used on authenticating ejb caller are configured on <remote-outbound-connection> using attributes username and security-realm.