AS7.1 Unauthenticated remote JNDI?

ned233 Feb 21, 2012 8:31 AM

Distribution: AS 7.1.0.Final

We are attempting to integrate JBoss 7.1 with a third-party COTS system, and would like for the COTS system to connect remotely to JBoss queues. Unfortunately, the COTS system does not have a way to specify remote JNDI credentials (Context.SECURITY_PRINCIPAL and Context.SECURITY_CREDENTIALS). Is there a way to tell JBoss to open up remote JNDI and to not require credentials? I realize this is not ideal, but we are hampered by a system that is outside our control.

1. Re: AS7.1 Unauthenticated remote JNDI?

ned233 Feb 21, 2012 8:52 AM (in response to ned233)

I just figured this out. You have to modify the remoting-connector here:

<subsystem xmlns="urn:jboss:domain:remoting:1.1">
<connector name="remoting-connector" socket-binding="remoting" security-realm="ApplicationRealm"/>
</subsystem>

... and remove the security-realm, like so:

<subsystem xmlns="urn:jboss:domain:remoting:1.1">
<connector name="remoting-connector" socket-binding="remoting" />
</subsystem>

Problem solved...
Actions
2. Re: AS7.1 Unauthenticated remote JNDI?

dlofthouse Feb 21, 2012 9:15 AM (in response to ned233)

What else are you going to be deploying to the server / accessing remotely? Removing that attribute disables authentication for all services acessible over that connector.
Actions
3. Re: AS7.1 Unauthenticated remote JNDI?

ned233 Feb 21, 2012 9:26 AM (in response to dlofthouse)

We are not accessing anything else remotely. I realize that this leaves somewhat of a hole, but like I said we have no other choice because of the way this third-party system is implemented. It would be nice if JBoss had some way to disable remote JNDI security without disabling *all* remoting security. If anyone knows a way around this, please let me know.
Actions

Go to original post