1 Reply Latest reply on Jun 29, 2006 12:11 PM by Ostap Cherkashin

    secure jndi lookup

    - - Newbie

      im using jboss-4.0.3SP1.

      How to configure a secure jndi lookup?
      this is not explained in SecureJBoss trail.

      that is how to specify a username - password in InitialContetxt properties
      and JBoss returns the lookup jndi resource[eg. ejb] with the given security credentials.
      If we dont do this, anyone can just hack jndi lookup? Or is there a different alternative to secure jndi lookup?

      Properties p = new Properties();
      ...
      ...
      properties.put(Context.SECURITY_PRINCIPAL, username);
      properties.put(Context.SECURITY_PRINCIPAL, password);

      InitialContext ctx = new InitialContext(properties);

      ctx.lookup(something);