Bug 987704 - add secured JNDI over HTTP example
add secured JNDI over HTTP example
Status: CLOSED WONTFIX
Product: JBoss Enterprise Application Platform 5
Classification: JBoss
Component: doc-Admin_and_Config_Guide (Show other bugs)
5.2.0
Unspecified Unspecified
low Severity unspecified
: ---
: ---
Assigned To: Scott Mumford
Russell Dickenson
: Documentation, FutureFeature, Triaged
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-07-23 19:21 EDT by dereed
Modified: 2015-04-23 20:55 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-04-23 20:55:15 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description dereed 2013-07-23 19:21:31 EDT
Document URL: 
https://access.redhat.com/site/documentation/en-US/JBoss_Enterprise_Application_Platform/5/html-single/Administration_And_Configuration_Guide/index.html#Naming_on_JBoss-JNDI_over_HTTP

Section Number and Name: 
9.4. JNDI over HTTP

Describe the issue: 
There is a whole lot of detail about JNDI over HTTP, but no example on how to actually use it when it's secured.
(there's an example of accessing it unsecured, but it's secured by default so that's not as useful)

Suggestions for improvement: 
Add an example for using JNDI over HTTP with security enabled.
(be sure it works -- there is JAAS configuration required for it to work correctly)

Additional information:
Comment 1 gautric 2013-07-23 19:37:40 EDT
************************************************************ HTTPMain.java
A Full sample

/**
GPL Source

authors :
gautric@redhat.com
dereed@redhat.com
*/

package fr.redhat;

import java.util.Properties;

import javax.management.MBeanServerConnection;
import javax.management.ObjectName;
import javax.naming.Context;
import javax.naming.InitialContext;

public class HTTPMain {
	public static void main(String[] args) throws Exception {

		Properties props = new Properties();
		props.put(Context.INITIAL_CONTEXT_FACTORY,
				"org.jboss.naming.HttpNamingContextFactory");
		props.put(Context.PROVIDER_URL,
				"http://localhost:8080/invoker/JNDIFactory");
		props.put(Context.URL_PKG_PREFIXES,
				"org.jboss.naming:org.jnp.interfaces");

		props.put(Context.SECURITY_PRINCIPAL, "admin");
		props.put(Context.SECURITY_CREDENTIALS, "admin");
		props.put(Context.SECURITY_PROTOCOL, "jndiclientmodule");

		Context ctx = new InitialContext(props);

		MBeanServerConnection server = (MBeanServerConnection) ctx
				.lookup("jmx/invoker/RMIAdaptor");

		System.out.println(server);

		System.out.println("Version = "
				+ (String) server.getAttribute(new ObjectName(
						"jboss.system:type=Server"), new String("Version")));

	}
}

***************************************************** jaas.properties
jndiclientmodule {
	org.jboss.security.ClientLoginModule required
};
********************************************************* jvm options
-Djava.security.auth.login.config=jaas.properties
Comment 2 gautric 2013-07-23 19:43:03 EDT
for a full HTTP protocol utilization we need to change into jmx-invoker-service.xml

inside :

 <!-- The JRMP invoker proxy configuration for the InvokerAdaptorService -->
   <mbean code="org.jboss.invocation.jrmp.server.JRMPProxyFactory"
      name="jboss.jmx:type=adaptor,name=Invoker,protocol=jrmp,service=proxyFactory">
      <!-- Use the standard JRMPInvoker from conf/jboss-service.xxml -->
      <depends optional-attribute-name="InvokerName">jboss:service=invoker,type=jrmp</depends>
      <!-- The target MBean is the InvokerAdaptorService configured below -->
      <depends optional-attribute-name="TargetName">jboss.jmx:type=adaptor,name=Invoker</depends>
      <!-- Where to bind the RMIAdaptor proxy -->
      <attribute name="JndiName">jmx/invoker/RMIAdaptor</attribute>
      <!-- The RMI compabitle MBeanServer interface -->
      <attribute name="ExportedInterfaces">org.jboss.jmx.adaptor.rmi.RMIAdaptor,
         org.jboss.jmx.adaptor.rmi.RMIAdaptorExt
      </attribute>
      <attribute name="ClientInterceptors">
          <interceptors>
             <interceptor>org.jboss.proxy.ClientMethodInterceptor</interceptor>
             <interceptor>org.jboss.proxy.SecurityInterceptor</interceptor>
             <interceptor>org.jboss.jmx.connector.invoker.client.InvokerAdaptorClientInterceptor</interceptor>
             <interceptor>org.jboss.invocation.InvokerInterceptor</interceptor>
          </interceptors>
      </attribute>
      <depends>jboss:service=Naming</depends>
   </mbean>

from :

<depends optional-attribute-name="InvokerName">jboss:service=invoker,type=jrmp</depends>

to :

<depends optional-attribute-name="InvokerName">jboss:service=invoker,type=http</depends>

Note You need to log in before you can comment on or make changes to this bug.