Remoting in domain.xml
dmlloyd Jul 7, 2010 8:05 PMThese are the primary tasks for Remoting 3 container configuration in domain.xml.
- Connector configuration. This includes an SSL section - the SSL config should be merged with the web container. It should probably be a separate domain concept altogether which can be referenced from the container config(s). Maybe combined with socket config, maybe not.
- Server authentication configuration. This will probably amount to some integration into our authentication subsystem. I talked to Anil about this about 6 months ago. I have absolutely no memory of what we decided. So for now I'll represent a simple authentication provider only until I discover what API is available for us to leverage.
These are the primary tasks for R3 deployment descriptors:
- Deploying services. This means, adding services in to the R3 endpoint registry. This can happen implicitly (i.e. because of an EJB deployment with remote interfaces) or explicitly (i.e. a custom application service).
Here's what the domain container fragment could look like:
<remoting xmlns="urn:jboss:remoting:3.1"> <!-- xs:all, I guess? --> <connector name="SomeSSLConnectorName"> <!-- xs:all --> <!-- Ports and SSL are configured via central management point --> <sasl> <!-- optional xs:all --> <include-mechanisms value="EXTERNAL DIGEST-MD5 PLAIN"/> <!-- optional --> <qop value="auth"/> <!-- optional; other possible values are "auth-int", "auth-conf" --> <strength value="high"/> <!-- optional; other possible values are "low", "medium" --> <reuse-session value="false"/> <!-- optional boolean --> <server-auth value="false"/> <!-- optional boolean --> <policy> <!-- optional xs:all --> <forward-secrecy value="true"/> <!-- optional boolean --> <no-active value="true"/> <!-- optional boolean --> <no-anonymous value="true"/> <!-- optional boolean --> <no-dictionary value="true"/> <!-- optional boolean --> <no-plain-text value="true"/> <!-- optional boolean --> <pass-credentials value="true"/> <!-- optional boolean --> </policy> <properties/> <!-- optional properties list --> </sasl> <simple-authentication-provider keystore="SomeKeyStore"> <!-- optional xs:all --> <properties/> <!-- optional properties list --> </simple-authentication-provider> <properties/> <!-- optional properties list --> </connector> </remoting>
The deployment-time thing might be something we can implement via Weld perhaps: an annotation which marks a class as a Remoting service. The other Remoting pieces (i.e. the Endpoint) would certainly be injectable using MSC or Weld injection.