0 Replies Latest reply on Jan 31, 2016 5:10 AM by thomas10

    Different authentication methods for remote JNDI lookup and EJB calls possible?

    thomas10 Newbie

      Is it possible to use different authentication methods for remote JNDI lookups and EJB calls? I want to publish a kind of service directory in JNDI with a simple authentication against something like application-users.properties. The service itself should use another authentication (e.g. database).

       

      The client is a "classic" standalone swing application and uses the ClientLoginModule to propagate its credentials to the server. The server code is a bunch of EJBs bundled in an EAR.

       

      I can call EJBs but the JNDI lookup always seems to fail. If I disable security for remoting ( <http-connector name="http-remoting-connector" connector-ref="default" /> ) I don't get any useful credentials at all.

       

      My security setup (standalone.xml):

      (1) created a security realm "JndiRealm" with properties based authentication/authorization

      (2) linked this to the remoting connector:

          <http-connector name="http-remoting-connector" connector-ref="default" security-realm="JndiRealm" />

      (3) configured ApplicationRealm like so:

              <security-realm name="ApplicationRealm">

                      <authentication>

                          <jaas name="my-service-domain"/>

                      </authentication>

                  </security-realm>

      (4) created security-domain "my-service-domain" with Database login module etc.

       

       

      Server is WildFly 10 CR5.

       

       

      My questions are:

      Is such a scenario even supported and if so, what is missing in my configuration?

      If it is not supported: how can I use unsecured JNDI lookups and secured EJB calls?

       

      Maybe I am just doing something horribly wrong.

       

       

      Thanks for your help.