Create a SecurityRealm for remoting JMS in domain mode - JBoss EAP 6.2.3
marco.simoes Jul 15, 2014 10:53 AMHi Guys,
I have a question about create new security Realm for my remoting JMS in domain mode.
I have a Domain Controller with JBoss EAP 6.2.3 without any servers, and in another machine i have a Host Controller with JBoss EAP 6.2.3 with one server in full profile.
I configured a queeu in Domain Controller with name "testQueue".
When i created a JMS client Connection to send messages for queue on Host Controller target machine, i got this error::
Error |
---|
ERROR: JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed Exception in thread "main" javax.naming.NamingException: Failed to connect to any server. Servers tried: [remote://192.168.56.81:4447] at org.jboss.naming.remote.client.HaRemoteNamingStore.failOverSequence(HaRemoteNamingStore.java:213) at org.jboss.naming.remote.client.HaRemoteNamingStore.namingStore(HaRemoteNamingStore.java:144) at org.jboss.naming.remote.client.HaRemoteNamingStore.namingOperation(HaRemoteNamingStore.java:125) at org.jboss.naming.remote.client.HaRemoteNamingStore.lookup(HaRemoteNamingStore.java:241) at org.jboss.naming.remote.client.RemoteContext.lookup(RemoteContext.java:79) at org.jboss.naming.remote.client.RemoteContext.lookup(RemoteContext.java:83) at javax.naming.InitialContext.lookup(InitialContext.java:411) at com.teste.jms.QueueSend.init(QueueSend.java:35) at com.teste.jms.QueueSend.main(QueueSend.java:65) |
In my Domain Controller i added user to ApplicationRealm correct. In my Host Controller i don't added a user, but when i add the problem is fixed.
My questions is, how can i will create a security Realm to use only users of Domain Controller and not necessary create users on Host Controller ?
I'm tryed to implements this solutions, but not works:
Domain.xml |
---|
<subsystem xmlns="urn:jboss:domain:remoting:1.1"> <connector name="remoting-connector" socket-binding="remoting" security-realm="JMSRealm"/> </subsystem>
<subsystem xmlns="urn:jboss:domain:security:1.2"> <security-domains> <security-domain name="jms-security-domain" cache-type="default"> <authentication> <login-module code="Remoting" flag="optional"> <module-option name="password-stacking" value="useFirstPass"/> </login-module> <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required"> <module-option name="defaultUsersProperties" value="${jboss.server.config.dir}/application-users.properties"/> <module-option name="defaultRolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/> <module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/> <module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/> <module-option name="password-stacking" value="useFirstPass"/> </login-module> </authentication> </security-domain> ..... |
host.xml |
---|
<security-realm name="JMSRealm"> </security-realm> |
Thanks.