WildFly Client Remoting - Use Mutual Authentication (SSL) - How to configure?
Hi,
I have a requirement to use Mutual Authentication for WildFly Client to authenticate with the WildFly server to execute Remote EJB invocations. I am using WildFly 18 and trying to enhance the quickstart "ejb-remote" to do a demonstration of the same.
I do want the application to require CLIENT-CERT authentication, only the Remoting interface should use that.
I have followed the guide at: WildFly Elytron Security and am unable to figure out how to do this enablement for Application Remoting *only* without affecting application web UI.
The error I get:
Caused by: javax.security.sasl.SaslException: Authentication failed: none of the mechanisms presented by the server (DIGEST-MD5) are supported at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:444) at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:242) at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92) at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66) at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89) at org.xnio.nio.WorkerThread.run(WorkerThread.java:591) at ...asynchronous invocation...(Unknown Source) at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:599) at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:565) at org.jboss.remoting3.ConnectionInfo$None.getConnection(ConnectionInfo.java:82) at org.jboss.remoting3.ConnectionInfo.getConnection(ConnectionInfo.java:55) at org.jboss.remoting3.EndpointImpl.doGetConnection(EndpointImpl.java:499) at org.jboss.remoting3.EndpointImpl.getConnectedIdentity(EndpointImpl.java:445) at org.jboss.remoting3.UncloseableEndpoint.getConnectedIdentity(UncloseableEndpoint.java:52) at org.jboss.remoting3.Endpoint.getConnectedIdentity(Endpoint.java:123) at org.jboss.ejb.protocol.remote.RemoteEJBReceiver.getConnection(RemoteEJBReceiver.java:191) at org.jboss.ejb.protocol.remote.RemoteEJBReceiver.processInvocation(RemoteEJBReceiver.java:129) at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:492) at org.jboss.ejb.protocol.remote.RemotingEJBClientInterceptor.handleInvocation(RemotingEJBClientInterceptor.java:52) at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:507) at org.jboss.ejb.client.TransactionPostDiscoveryInterceptor.handleInvocation(TransactionPostDiscoveryInterceptor.java:82) at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:507) at org.jboss.ejb.client.DiscoveryEJBClientInterceptor.handleInvocation(DiscoveryEJBClientInterceptor.java:98) at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:507) at org.jboss.ejb.client.NamingEJBClientInterceptor.handleInvocation(NamingEJBClientInterceptor.java:73) at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:507) at org.jboss.ejb.client.TransactionInterceptor.handleInvocation(TransactionInterceptor.java:205) at org.jboss.ejb.client.EJBClientInvocationContext.sendRequest(EJBClientInvocationContext.java:507) at org.wildfly.common.context.Contextual.runExConsumer(Contextual.java:203) at org.jboss.ejb.client.EJBClientInvocationContext.sendRequestInitial(EJBClientInvocationContext.java:334) at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:187) at org.jboss.ejb.client.EJBInvocationHandler.invoke(EJBInvocationHandler.java:125) at com.sun.proxy.$Proxy2.add(Unknown Source) at org.jboss.as.quickstarts.ejb.remote.client.RemoteEJBClient.invokeStatelessBean(RemoteEJBClient.java:59) at org.jboss.as.quickstarts.ejb.remote.client.RemoteEJBClient.main(RemoteEJBClient.java:40)
For now my configuration looks like:
wildfly-config.xml
WildFly standalone-full.xml
jdbc:h2:mem:test;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE
h2
sa
sa
org.h2.jdbcx.JdbcDataSource
false
${jboss.bind.address:127.0.0.1}
Message was edited by: KGA Official
-
standalone-full.xml.zip 6.6 KB
-
wildfly-config.xml.zip 483 bytes