As far as I understand, authetnication through the JNDI context is not supported by JBoss.
So, if you want to do it anyway, you will need to develop your own JBoss specific code to support it (or wait that JBoss supports it).
The other "standard" authentication mechanism is to use JAAS. I do believe that, at least, WebLogic, WebSphere and JBoss support this mechanism.
But the JAAS API is the only part that is standardized. Configuring JAAS for the application server is app server specific. According to which "directory" you want to authenticate with, the configuration can be only a few lines in a config file or a complete JAAS login module with extra "glue" to plug it in the app server.
Read about org.jboss.security.jndi.LoginInitialContextFactory:
Passing the login credentials through the JNDI InitialContext is not a standard. There is no j2ee spec that even suggests this is how a client might provide its authentication info.
Thanks tcherel and Scott.
Scott I ve read about the LoginInitialContextFactory.
If I get it right I need to do followings:
1. write a new application-policy (login-config.xml) based on a login-module or use the pre-defined client-login.
2. in the DD use the <security-domain>java:/jaas/client-login</security-domain>
3. update the env with:
env.put( Context.SECURITY_PROTOCOL, "java:/jaas/client-login" )
4. obtain a Context as:
org.jboss.security.jndi.LoginInitialContextFactory.getInitialContext( env );
Am I doing it right? I guess stage 2 is not needed if its a java-client (no web component.).
You don't do 4. This is done by JNDI when you use the org.jboss.security.jndi.LoginInitialContextFactory class as the Context.INITIAL_CONTEXT_FACTORY value in the env passed to InitialContextFactory.