Is it possible to use different authentication methods for remote JNDI lookups and EJB calls? I want to publish a kind of service directory in JNDI with a simple authentication against something like application-users.properties. The service itself should use another authentication (e.g. database).

The client is a "classic" standalone swing application and uses the ClientLoginModule to propagate its credentials to the server. The server code is a bunch of EJBs bundled in an EAR.

I can call EJBs but the JNDI lookup always seems to fail. If I disable security for remoting ( <http-connector name="http-remoting-connector" connector-ref="default" /> ) I don't get any useful credentials at all.

My security setup (standalone.xml):

(1) created a security realm "JndiRealm" with properties based authentication/authorization

(2) linked this to the remoting connector:

    <http-connector name="http-remoting-connector" connector-ref="default" security-realm="JndiRealm" />

(3) configured ApplicationRealm like so:

        <security-realm name="ApplicationRealm">

                <authentication>

                    <jaas name="my-service-domain"/>

                </authentication>

            </security-realm>

(4) created security-domain "my-service-domain" with Database login module etc.

Server is WildFly 10 CR5.

My questions are:

Is such a scenario even supported and if so, what is missing in my configuration?

If it is not supported: how can I use unsecured JNDI lookups and secured EJB calls?

Maybe I am just doing something horribly wrong.

Thanks for your help.