> On Dec 5, 2016, at 4:21 AM, Romain Manni-Bucau <rmannibu...@gmail.com> wrote: > > Concretely the proposal can be: > > p.setProperty(Context.INITIAL_CONTEXT_FACTORY, RemoteInitialContextFactory. > class.getName()); > p.setProperty(Context.PROVIDER_URL, ejbUrl + "?authype=basic"); > p.setProperty(Context.PRINCIPAL, "tomee"); > p.setProperty(Context.CREDENTIAL, "password”);
This would work. > That said it doesnt help for multicast since you will loose the credentials > where current solution works. From my perspective this is desired. For those that may not understand the reference. Effectively the multicast/multipoint code collects all the server URIs, aggregates them together and broadcasts them to all the clients. Putting the login credentials in the URL the server broadcasts effectively broadcasts client information to all the clients, which would mean: - client identity and credentials would be configured on the server - all clients would share the same identity and credentials - credentials would be freely given to anyone who connects to multicast/multipoint The above `authype=basic` compromise does allow the credentials to be part of the client configuration, which is great. It allows the same credentials the client sends over the ejbd protocol to also be sent over the HTTP layer. The client would simply be logging in twice, once at the http level and once at the ejbd level. -David
