Hello.
I'm trying to develop a swing desktop application which uses EJBs deployed on
jboss.
The connection should take place on secure channel using kerberos.
>From all the posts I found on this forum, I understood that I have to
>implement some steps:
1. Need to get jboss tgt from kerberos. No problems here, I declare a new
application-policy in login-config.xml and use Krb5LoginModule. JBoss
successfully authenticates to kerberos and receives tgt.
2. As I understood, on second step I have to create my own LoginModule (I
looked at sources of security-negotiation-2.0.3.GA). Here is my problem. To
accept security context I need to access rmi socket factory, and jndi socket
factory (jndi lookups must be secure too).
3. Third step would be just declaring a new application-policty in
login-config.xml using my new LoginModule, and specify this policy for my ejb.
Am I wright?
This is server side. The same problems on client side.
1. No problems, if I want to receive tgt. But I need to receive a service
ticket, I need to establish security context. Should I use custom
RmiSocketFactory implementation?
If someone had such problem, tell me please what I need to do.
Thanks.
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4214822#4214822
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4214822
_______________________________________________
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user
