Java Reference
In-Depth Information
Connecting to an SSL-aware security realm
erties are specified in the
jboss-ejb-client.properties
file, which needs to be
tweaked a bit to enable SSL connections:
remote.connections=node1
remote.connection.node1.host=localhost
remote.connection.node1.port = 4447
remote.connection.node1.username=adminUser
remote.connection.node1.password=admin123
remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=true
remote.connection.node1.connect.options.org.xnio.Options.SSL_STARTTLS=true
remote.connection.node1.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=true
The
SSL_ENABLED
option, when set to
true
, enables the
remoting
connector's SSL
communication.
The
STARTTLS
option specifies whether to use the
Tunneled Transport Layer Security
(
TTLS
) mode at startup or when needed.
The
SASL_POLICY_NOANONYMOUS
option specifies whether
Simple Authentication
and Security Layer
(
SASL
) mechanisms, which accept anonymous logins, are permitted.
Finally, since our security realm also includes an authentication security domain, we can
choose to restrict access to some methods by specifying a
@RolesAllowed
annotation,
which requires the role
ejbRole
:
@RolesAllowed("ejbRole")
public String bookSeat(int seatId) throws
SeatBookedException {
. . . .
}
In order to activate the security domain on your EJBs, we need to mention it in the as-
sembly descriptor of your
jboss-ejb3.xml
file:
<jboss:ejb-jar>
<assembly-descriptor>