JBoss 7.1.3, custom login module and JMS
alxt Mar 13, 2013 1:18 AMI use jboss 7.1.3, custom login module, remote ejb client, remote jms client.
*In standalone-full-ha.xml:*
{code:xml}
<security-domain name="RolesLoginModule" cache-type="default">
<authentication>
<login-module code="ru.start2com.common.auth.server_module.RolesLoginModule" flag="required" module="ru.start2com.Common.auth.module"/>
</authentication>
</security-domain>
{code}
{code:xml}
<security-realm name="RolesLoginModuleRealm">
<authentication> <jaas name="RolesLoginModule"/> </authentication>
</security-realm>
{code}
{code:xml}
<subsystem xmlns="urn:jboss:domain:remoting:1.1">
<connector name="remoting-connector" socket-binding="remoting" security-realm="RolesLoginModuleRealm"/>
</subsystem> (1) It is a problem code!!!
{code}
In my EAR add jboss-app.xml
{code:xml}
<jboss-app>
<security-domain>RolesLoginModule</security-domain>
</jboss-app>
{code}
*In remote ejb client connect:*
{code}
Properties clientProp = new Properties();
clientProp.put("remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "false");
clientProp.put("remote.connections", "default");
clientProp.put("remote.connection.default.host", serverHost);
clientProp.put("remote.connection.default.port", serverPort);
clientProp.put("remote.connection.default.username", login);
clientProp.put("remote.connection.default.password", pwd);
clientProp.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS", "false");
clientProp.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", "false");
EJBClientConfiguration cc = new PropertiesBasedEJBClientConfiguration(clientProp);
ContextSelector<EJBClientContext> selector = new ConfigBasedEJBClientContextSelector(cc);
EJBClientContext.setSelector(selector);
params = new Hashtable<String, Object>();
params.put(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.naming.remote.client.InitialContextFactory");
params.put(Context.PROVIDER_URL, serverUrl);
params.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");
context = new InitialContext(params);
{code}
It work ONLY if (1) used. Else- principal in login module correct, by credentials - random UUID (used LocalCallbackHandlerService wich not setted "org.jboss.as.domain.management.subject_callback_supported")
*In remote jms client connect:*
{code}
params = new Hashtable<String, Object>();
params.put(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.naming.remote.client.InitialContextFactory");
params.put(Context.PROVIDER_URL, serverUrl);
params.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");
params.put(Context.SECURITY_PRINCIPAL, login);
params.put(Context.SECURITY_CREDENTIALS, pwd);
context = new InitialContext(params);
{code}
It work ONLY if (1) NOT used (used default value). Else - error
"Remoting "config-based-naming-client-endpoint" read-1:ERROR:org.jboss.remoting.remote.connection::JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed"
In PlainSaslServer.SaslState.evaluateMessage in byte[] message not contained password...
How to make configuration for use remote ejb and jms client in one server?