3 Replies Latest reply on Feb 21, 2012 9:26 AM by Ed Keen

    AS7.1 Unauthenticated remote JNDI?

    Ed Keen Newbie

      Distribution:  AS 7.1.0.Final

       

      We are attempting to integrate JBoss 7.1 with a third-party COTS system, and would like for the COTS system to connect remotely to JBoss queues.  Unfortunately, the COTS system does not have a way to specify remote JNDI credentials (Context.SECURITY_PRINCIPAL and Context.SECURITY_CREDENTIALS).  Is there a way to tell JBoss to open up remote JNDI and to not require credentials?  I realize this is not ideal, but we are hampered by a system that is outside our control.

        • 1. Re: AS7.1 Unauthenticated remote JNDI?
          Ed Keen Newbie

          I just figured this out.  You have to modify the remoting-connector here:

           

          <subsystem xmlns="urn:jboss:domain:remoting:1.1">

              <connector name="remoting-connector" socket-binding="remoting" security-realm="ApplicationRealm"/>

          </subsystem>

           

          ... and remove the security-realm, like so:

           

          <subsystem xmlns="urn:jboss:domain:remoting:1.1">

             <connector name="remoting-connector" socket-binding="remoting" />

          </subsystem>

           

          Problem solved...

          • 2. Re: AS7.1 Unauthenticated remote JNDI?
            Darran Lofthouse Master

            What else are you going to be deploying to the server / accessing remotely?  Removing that attribute disables authentication for all services acessible over that connector.

            • 3. Re: AS7.1 Unauthenticated remote JNDI?
              Ed Keen Newbie

              We are not accessing anything else remotely.  I realize that this leaves somewhat of a hole, but like I said we have no other choice because of the way this third-party system is implemented.  It would be nice if JBoss had some way to disable remote JNDI security without disabling *all* remoting security.  If anyone knows a way around this, please let me know.