I have a client on the same machine as the server. If I don't set:
jndiProperties.put("jboss.naming.client.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS", "JBOSS-LOCAL-USER");
at the client, then I can access the server without specifying a principal or credentials (or even an unauthenticatedIdentity at the server). But when I set the above option and additionally set:
jndiProperties.put("jboss.naming.client.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS", "false");
then i get "javax.security.sasl.SaslException: Cannot get userid/password". It's true that I didn't provide a username or password but shouldn't this be OK if i set:
<module-option name="unauthenticatedIdentity" value="guest"/>
in the security-domain login-module in standalone-full.xml? I also tried using:
@org.jboss.aspects.security.Unchecked
on the method I want to call from the client but it didn't help.