How do I setup JAAS using X509Certificate
hlkandrew Aug 7, 2012 5:57 PMCurrently I am using JBoss 7.1.1.Final server and a Jboss's EJBclient to call remoting. I have setup the server JAAS's with the use of RealmUserRoles and the EJB client manage to make a remote call with the principal recognised by the server.
The following setting shows the EJBClient settings;
endpoint.name=client-endpoint
remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false
remote.connections=command
remote.connection.command.host=localhost
remote.connection.command.port = 4447
remote.connection.command.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false
remote.connection.command.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS=JBOSS-LOCAL-USER
remote.connection.command.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT=false
remote.connection.command.username=appuser
remote.connection.command.password=apppassword
The following is the server
<security-realm name="MyRealm">
<authentication>
<jaas name="my-security-domain"/>
</authentication>
</security-realm>
<subsystem xmlns="urn:jboss:domain:remoting:1.1">
<connector name="remoting-connector" socket-binding="remoting" security-realm="MyRealm"/>
</subsystem>
<security-domain name="my-security-domain" cache-type="default">
<authentication>
<login-module code="RealmUsersRoles" flag="required">
<module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/>
<module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/>
<module-option name="realm" value="ApplicationRealm"/>
</login-module>
</authentication>
</security-domain>
What are the changes I need to make on the EJBClient and the server to use JAAS X509Certificate and the Security subsystem; "CertfiicateRoles" or "CertificateUsers"? Do I need to setup SSL to utilise the Security subsystem?
Thanks