-
1. Re: problems using secured remote EJB interface to Profile S
starksm64 Jul 7, 2009 12:52 PM (in response to ips)We should be using a better api than the SecurityAssociation to start with. Anil would have to comment on whether the SecurityAssociation should still be backwards compatible, but a JAAS login is the guaranteed supported api. I did raise an issue about the ejb3 client security interceptor not creating a valid SecurityContext from the information passed in by one of the client jaas login modules.
Also, we discussed dropping the ejb3 facade and just introducing a secured remote proxy to reduce the dependencies an admin client has to have. -
2. Re: problems using secured remote EJB interface to Profile S
anil.saldhana Jul 7, 2009 1:08 PM (in response to ips)I have tried to maintain the backwards compatibility with SecurityAssociation. But there are few cases such as vmwide association of context that seems to be broken.
Irrespective, the recommended usage on the client side is the SecurityClient.
Example: http://www.jboss.org/file-access/default/members/jbossejb3/freezone/docs/tutorial/1.0.7/html/Security_and_Transactions_in_EJB3.html -
3. Re: problems using secured remote EJB interface to Profile S
ips Jul 8, 2009 11:10 AM (in response to ips)Here's links to the code from EMS I mentioned in my original post:
https://mc4j.svn.sourceforge.net/svnroot/mc4j/trunk/mc4j/modules/ems/src/ems-impl/org/mc4j/ems/impl/jmx/connection/support/providers/proxy/GenericMBeanServerProxy.java
(line 118)
https://mc4j.svn.sourceforge.net/svnroot/mc4j/trunk/mc4j/modules/ems/src/ems-impl/org/mc4j/ems/impl/jmx/connection/support/providers/JBossConnectionProvider.java
(line 240)