I've been reading JBoss (4.2.2) config guide and obviously we can use either JNDI params to send the authentication or we can use ClientLoginModule.
Is there a way of defining a "Global" security "domain" which would manages the propagation of the subject across JBoss Server ?
That would be nice in our case because JBoss clients keep remote stateless proxies to avoid lookup delay everytime they call remote EJB.
Hope someone could give me some infos.
If there are 2 seperate jboss instances, i believe that you use jndi params to send authentication. But for a Global Security domain, I am not sure. I believe, you should have a federated Naming Context which spreads across clustered installations. I don't know if jboss supports distributed naming contexts
Thank you very much.
The goal was not to re-login when we access those remote service.
But, I don't think there is an easy solution for that.
For info, since the remote layer is completely private and not accessible outside our private network, I don't see any problem by not using security restriction.
Of course, for public services, (Web, WS, and so on) we are going to use a strong security model.