0 Replies Latest reply on Dec 17, 2010 11:46 AM by Timo Wiedenmann

    Authenticate one JBoss to another

    Timo Wiedenmann Newbie

      Hello,

       

      i have a tricky situation and no more ideas how to solve it.

       

      We have a JBoss running our application and another JBoss working as proxy for client requests from the internet.

      The proxy jboss (version 4.2.2 GA) does remote EJB calls to the app jboss ...

       

      This works fine for username / password authentication, where the proxy jboss has a custom login module which authenticates the client request against the app jboss (where the user database is).

       

      We now want to provide additionally a certification based authentication for WebService clients.

      Therefore i also use a custom login module, which extracts the username from the certificate and calls the app jboss for authentication.

      This works for the first request, where i set the password for the call to the app jboss - but the in the second call, the password is no longer set for the principal. Instead i recieve

           User = user1 given pass = [Ljava.security.cert.X509Certificate;@9a398d

      at the app jboss.

      I assume this info is saved somewhere in the subject of the proxy jboss and i found no way to mainpulate it - e.g. replace it by password stored in the certificate.

       

      Does anyone have a suggestion how to solve this ?

       

      Best regards,

      Timo