I have a security-realm at the level of the http-connector (ApplicationRealm) and I have another security-realm for my remote-outbound-connection wich is MyRealm. When I set up the jboss-ejb-client properties, I set those two following properties:
that helps me authenticate the ApplicationRealm with the remoting server. The issue I am having is that when I am on the remote server there is no way to go through the security-realm: MyRealm because the principal is not shared between servers and I don't have or know a way to send the needed information to authenticate the user on the other server since the username and password I am getting from the JBossCallbackHandler are actually the credential used for the ApplicationRealm and not the one I need to validate my second realm.
I have tried to remove security-realm="ApplicationRealm" but it fails since the it requires an authentication mecanism.
Is there a way to send information to the remote server other then the username/password, for example the principal to validate MyRealm? Is there a way to deactivate the ApplicationRealm, replaced it or juste remove it?
<http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm"/>
<remote-outbound-connection name="remote-ejb-connection" outbound-socket-binding-ref="remote-ejb" username="ejb" security-realm="MyRealm" protocol="http-remoting">
<property name="SASL_POLICY_NOANONYMOUS" value="true"/>
<property name="SSL_ENABLED" value="false"/>
<property name="SASL_POLICY_NOPLAINTEXT" value="false"/>