0 Replies Latest reply on Dec 19, 2008 11:03 AM by Orange Frog

    Secure EJBs and unsecure Servlets

    Orange Frog Newbie

      Hello again.

      Having read through my last post, I realised it wasn't really very clear what I was doing/having a problem with. Hopefully now it isn't so early in the day I can be a bit clearer!

      So, I have an EJB that I have secured. I can connect to this through my remote client. The remote client has a jndi.properties file that defines the various values for the principal, credentials, factory.initial, etc. This is working fine.

      Then I've got a servlet that I'm using as a webservice. This takes a couple of parameters for the principal and credentials. This then calls

      Hashtable env = new Hashtable();
      env.put("java.naming.security.principal", principal);
      env.put("java.naming.security.credentials", credentials);
      nameCtxt = new InitialContext(env);

      The nameCtxt returned is then used to perform a lookup of the secure EJB and that's when the problems start due to security.

      I've dumped out the values of the context and they are
      java.naming.factory.initial = org.jnp.interfaces.NamingContextFactory
      java.naming.factory.url.pkg = org.jboss.naming:org.jnp.interfaces:org.jboss.naming:org.jnp.interfaces:org.jboss.naming:org.jnp.interfaces (I'm not sure why these are repeated 3 times)
      java.naming.security.principal = MyPrincipal
      java.naming.security.credentials = MyCredentials
      java.naming.security.protocol = mySecurity

      The value for protocol is coming from my jndi.properties file that I've included in the ear file that this is all bundled up into as I thought that might have been the problem.

      This is really starting to drive me crazy! I'm sure I must just be missing something simple, but I don't know what.