Hi,
Is there any way to secure JNDI? I have been doing research on google, but couldn't find a way to secure JNDI. Basically, anyone can connect to JNDI via port 1099 and access to DataSource, JMS Queue, etc...
I am porting the application from Weblogic to JBoss. Weblogic can use "java.naming.security.principal" and "java.naming.security.credentials" to do a simple authentication to access JNDI, but I couldn't find a way to do in JBoss to make the authentication mandatory. Btw, there are clients from outside need to connect to JNDI to access EJB, so I cannot block port 1099 also.
Any suggestion on this matter? Thanks!
Cheers,
Deep Blue