-
1. Re: non-ssl user authentication?
ron_sigal Jun 1, 2007 8:15 PM (in response to cupdike)Hi Clark,
I'm not quite sure what you want to achieve, but it's not likely that Remoting does what you want.
It's true that you can pass username and password when creating a JNDI InitialContext. For example, the following lines taken from the Sun JNDI tutorial at
http://java.sun.com/products/jndi/tutorial/:env.put(Context.PROVIDER_URL, "ldap://ldap.wiz.com:389"); env.put(Context.SECURITY_PRINCIPAL, "joeuser"); env.put(Context.SECURITY_CREDENTIALS, "joepassword"); Context ctx = new InitialContext(env);
It's also true that RMI server object proxies can be stored in and retrieved from a repository that is accessible through JNDI. But that connection between RMI and JNDI doesn't currently exist in Remoting, which stores proxies in a plain old RMI Repository.
Of course, you're welcome to create a Remoting JIRA feature request issue at http://jira.jboss.com/jira/browse/JBREM, explaining the need for the functionality you're looking for. Note, however, that all of the Remoting transports (socket, rmi, http, etc.) have an SSL counterpart which supports authentication, etc. -
2. Re: non-ssl user authentication?
cupdike Jun 2, 2007 9:25 AM (in response to cupdike)Thanks for the reply Ron.
Just to be clear (before I submit any JIRA issues)...
I've used JNDI lookups to access EJB session beans in the past where the context is used to authenticate the client to the server, and the user principal is then accessible in the EJB context. I'd like to do the same thing with Remoting (be able to access the authenticated user principal).
If that's clear and not currently possible, I'll file a JIRA issue.
Correct me if I'm wrong, but SSL authentication requires client side certs which is something I'd prefer to avoid.
Thanks, Clark -
3. Re: non-ssl user authentication?
cupdike Jun 25, 2007 11:06 AM (in response to cupdike)I opened an issue for this:
http://jira.jboss.com/jira/browse/JBREM-759
I'm kind of amazed that I'm the first one to request non-ssl client username/password authentication like this.
-Clark