0 Replies Latest reply on Aug 6, 2015 11:17 AM by Alex Ho

    Wildfly-8.2.0 Remoting Subsystem Issue with Security-realm

    Alex Ho Newbie

      Hello!

       

      I have a security-realm at the level of the http-connector (ApplicationRealm) and I have another security-realm for my remote-outbound-connection wich is MyRealm. When I set up the jboss-ejb-client properties, I set those two following properties:

      remote.connection.default.username=${username}
      remote.connection.default.password=${password}

      that helps me authenticate the ApplicationRealm with the remoting server. The issue I am having is that when I am on the remote server there is no way to go through the security-realm: MyRealm because the principal is not shared between servers and I don't have or know a way to send the needed information to authenticate the user on the other server since the username and password I am getting from the JBossCallbackHandler are actually the credential used for the ApplicationRealm and not the one I need to validate my second realm.

      I have tried to remove security-realm="ApplicationRealm" but it fails since the it requires an authentication mecanism.

      Is there a way to send information to the remote server other then the username/password, for example the principal to validate MyRealm? Is there a way to deactivate the ApplicationRealm, replaced it or juste remove it?

       

      <subsystem xmlns="urn:jboss:domain:remoting:2.0">
        
      <endpoint worker="default"/>
        
      <http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm"/>
        
      <outbound-connections>
             
      <remote-outbound-connection name="remote-ejb-connection" outbound-socket-binding-ref="remote-ejb" username="ejb" security-realm="MyRealm" protocol="http-remoting">
                  
      <properties>
                       
      <property name="SASL_POLICY_NOANONYMOUS" value="true"/>
                       
      <property name="SSL_ENABLED" value="false"/>
                       
      <property name="SASL_POLICY_NOPLAINTEXT" value="false"/>
                  
      </properties>
             
      </remote-outbound-connection>
        
      </outbound-connections>
      </subsystem>


      Thank You!