remote EJB caller principal name always "anonymous"
pmm Mar 15, 2013 9:47 AMWhen doing EJBContext.getCallerPrincipal().getName()
in an EJB that is called over EJB demoting we always seem to get "anonymous"
. This is done with EAP 6.1.0.Alpha1.
This is the EJB:
@Singleton @ConcurrencyManagement(ConcurrencyManagementType.BEAN) public class WhoBean implements WhoAmI { @Resource private EJBContext context; @Override public String whoAmI() { return context.getCallerPrincipal().getName(); } }
Thie is the client:
public class Client { static { Security.addProvider(new JBossSaslProvider()); } public void run() { this.configureClientWithPassword(); WhoAmI secured = this.doLookup(WhoAmI.class); System.out.println(secured.whoAmI()); } <T> T doLookup(Class<T> intefaceClass) { try { Properties jndiProps = new Properties(); jndiProps.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming"); Context context = new InitialContext(jndiProps); String lookupName = "ejb:" + "acme-ear" + "/" + "acme-ejb" + "//" + "WhoBean" + "!" + intefaceClass.getName(); Object object = context.lookup(lookupName); return intefaceClass.cast(object); } catch (NamingException e) { throw new RuntimeException(e); } } private void configureClientWithPassword() { Properties invokeProperties = new Properties(); invokeProperties.put("endpoint.name", "client-endpoint"); invokeProperties.put("remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "false"); invokeProperties.put("remote.connections", "default"); invokeProperties.put("remote.connection.default.host", "localhost"); invokeProperties.put("remote.connection.default.port", "4447"); invokeProperties.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS", "true"); invokeProperties.put("remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS", "JBOSS-LOCAL-USER"); invokeProperties.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", "false"); invokeProperties.put("remote.connection.default.username", "test"); invokeProperties.put("remote.connection.default.password", "test"); EJBClientConfiguration ejbcc = new PropertiesBasedEJBClientConfiguration(invokeProperties); ContextSelector<EJBClientContext> ejbCtxSel = new ConfigBasedEJBClientContextSelector(ejbcc); EJBClientContext.setSelector(ejbCtxSel); } public static void main(String[] args) { new Client().run(); } }
And this is the configuration we add to standalone.xml
<security-realm name="acmeRealm"> <authentication> <jaas name="acme"/> </authentication> </security-realm> <security-domain name="acme" cache-type="default"> <authentication> <login-module code="Remoting" flag="optional"> <module-option name="password-stacking" value="useFirstPass"/> </login-module> <login-module code="Simple" flag="required"> <module-option name="password-stacking" value="useFirstPass"/> <module-option name="unauthenticatedIdentity" value="guest"/> </login-module> </authentication> </security-domain> <subsystem xmlns="urn:jboss:domain:remoting:1.1"> <connector name="remoting-connector" socket-binding="remoting" security-realm="acmeRealm"/> </subsystem>
Attached you'll find a project to reproduce the issue.
-
acme.zip 27.8 KB