[jboss-user] [Security & JAAS/JBoss] - Re: Kerberos, ejb, rmi
Hi, alexanders. It's a good idea to use HTTP for rmi invocations to enable kerberized authentication. If you have problems with HTTPInvoker, so here is my config: | path: JBOSS_HOME/server/default/deploy/http-invoker.sar/META-INF/jboss-service.xml | | | http:// | :8080/invoker/EJBInvokerServlet/ | true | | And you'll find in docs how to customize invoker for ejb. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4221206#4221206 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4221206 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [EJB 3.0] - EJB & SSL. Accept sertificate.
When I browse on secured page with unsigned sertificate browser asks me, if I would accept. Is it possible for ejb clients? For example. When I run client, I have to provide path and password for truststore. java -Djavax.net.ssl.trustStore=${resources}/test/ssl/localhost.truststore -Djavax.net.ssl.trustStorePassword=opensource com.acme.RunClient | I'd like that my client could download that trustore and accept it. Is it possible? And if yes, how it can be done? Thanks. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4217369#4217369 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4217369 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Jboss and kerberos
If you've downloaded JBoss Negotiation, you'll find a good guide on in the same archive. This will be enough for fast intro. If you want to learn more about security in jvm, there are good tutorials from jdk. They will give you a good understanding of the subject. http://java.sun.com/javase/6/docs/technotes/guides/security/jgss/tutorials/index.html You would probably need to read about JBoss security framework. http://www.jboss.org/community/docs/DOC-10760 View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4216269#4216269 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4216269 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Re: Jboss and kerberos
avihaimar Checkout this page http://www.jboss.org/index.html?module=bb&op=viewtopic&t=149589 Page contains link for JBoss Negotiation 2.0.3.GA, which provides kerberos integration for web applications. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4216176#4216176 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4216176 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Security & JAAS/JBoss] - Kerberos, ejb, rmi
Hello. I'm trying to develop a swing desktop application which uses EJBs deployed on jboss. The connection should take place on secure channel using kerberos. >From all the posts I found on this forum, I understood that I have to >implement some steps: 1. Need to get jboss tgt from kerberos. No problems here, I declare a new application-policy in login-config.xml and use Krb5LoginModule. JBoss successfully authenticates to kerberos and receives tgt. 2. As I understood, on second step I have to create my own LoginModule (I looked at sources of security-negotiation-2.0.3.GA). Here is my problem. To accept security context I need to access rmi socket factory, and jndi socket factory (jndi lookups must be secure too). 3. Third step would be just declaring a new application-policty in login-config.xml using my new LoginModule, and specify this policy for my ejb. Am I wright? This is server side. The same problems on client side. 1. No problems, if I want to receive tgt. But I need to receive a service ticket, I need to establish security context. Should I use custom RmiSocketFactory implementation? If someone had such problem, tell me please what I need to do. Thanks. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4214822#4214822 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4214822 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
[jboss-user] [Clustering/JBoss] - Detect ip of cluster
Hi. Is there any way to detect IP of cluster node from bean? Here is simple example: | InitialContext ctx = new InitialContext(); | Chunky chunky = (Chunky) ctx.lookup("ChunkyBean/remote"); | I'm using Round-Robin method for load-balance. Each call to chunky stub calls new node from cluster. I need to detect IP of that cluster each time stub is called. Maybe I can do that from bean? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4145155#4145155 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4145155 ___ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user