Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-9713

Remote outbound connection with authentication-context cannot be used for remote EJB calls

    XMLWordPrintable

Details

    Description

      I have an remote-outbound-connection with a simple authentication configuration which I want to use for server-to-server EJB calls. Relevant configuration snippets:

      <outbound-socket-binding name="remote-ejb">
   <remote-destination host="${remote.ejb.host}" port="8080"/>
</outbound-socket-binding>
(...)
<remote-outbound-connection name="remote-ejb-connection" outbound-socket-binding-ref="remote-ejb" authentication-context="admin-ctx"/>
(...)
<authentication-client>
    <authentication-configuration name="admin-cfg" authentication-name="admin" realm="ApplicationRealm" allow-sasl-mechanisms="DIGEST-MD5">
        <credential-reference clear-text="admin123+"/>
    </authentication-configuration>
    <authentication-context name="admin-ctx">
       <match-rule authentication-configuration="admin-cfg"/>
    </authentication-context>
</authentication-client>

      However, when an application tries to call remote EJBs over this connection (be it by injection via @EJB or by building an InitialContext), the authentication context doesn't seem to be applied - always only the JBOSS-LOCAL-USER mechanism is attempted and if that fails, no other mechanism is attempted.

      Attachments

        Issue Links

          is blocked by

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-10159 Sticky authentication is not working correctly

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Verified
          is related to

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-10610 Deployments referencing outbound connection with authentication context always use Elytron default-authentication-context

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Verified

          Activity

            People

              dlloyd@redhat.com David Lloyd
              jmartisk@redhat.com Jan Martiska
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: