Uploaded image for project: 'Application Server 7'
  1. Application Server 7
  2. AS7-6339

Unable to propagate security context using IIOP between two AS7 server instances

XMLWordPrintable

    • Hide

      If you enable the SASClientInitializer manually and set security="off" in the jacorb config then you can propagate the username and password, rather than relying on trust.

      Show
      If you enable the SASClientInitializer manually and set security="off" in the jacorb config then you can propagate the username and password, rather than relying on trust.

      Because AS7 uses the SASClientIdentityInterceptor it expects that the security context will be propagated using a trust based mechanism, however this trust based mechanism has not actually been fully implemented.

      In EJBCorbaServant there is some code that comes from AS6 that just assumes username=password, with a comment that this needs to be removed once we have a mechanism to establish trust.

      For now I think that we need to do two things:

      • Allow the server to easily use the SASClientInterceptor
      • Use the SASCurrent as a credential in EjbCorbaServant, so a custom login module can be used to establish trust

              sdouglas1@redhat.com Stuart Douglas (Inactive)
              sdouglas1@redhat.com Stuart Douglas (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: