Created
December 20, 2011 17:34
-
-
Save darranl/1502428 to your computer and use it in GitHub Desktop.
Sample Remote EJB3 Security Files
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AS7 Development Branch | |
| https://github.com/darranl/jboss-as/tree/ejb_remoting_security | |
| Quickstart Branch | |
| https://github.com/darranl/quickstart/tree/ejb_remote_security | |
| EJB Client Branch | |
| https://github.com/darranl/jboss-ejb-client/tree/hard_coded_user | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # User in realm 'TheBank' with password 'ejbpassword' | |
| ejbuser=13335037cdb67469397f720422436bf5 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ejbuser=Banker |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version='1.0' encoding='UTF-8'?> | |
| <server name="localhost.localdomain" xmlns="urn:jboss:domain:1.1" xmlns:xsd="http://www.w3.org/2001/XMLSchema-instance"> | |
| <extensions> | |
| <extension module="org.jboss.as.clustering.infinispan"/> | |
| <extension module="org.jboss.as.connector"/> | |
| <extension module="org.jboss.as.deployment-scanner"/> | |
| <extension module="org.jboss.as.ee"/> | |
| <extension module="org.jboss.as.ejb3"/> | |
| <extension module="org.jboss.as.jaxr"/> | |
| <extension module="org.jboss.as.jaxrs"/> | |
| <extension module="org.jboss.as.jdr"/> | |
| <extension module="org.jboss.as.jmx"/> | |
| <extension module="org.jboss.as.jpa"/> | |
| <extension module="org.jboss.as.logging"/> | |
| <extension module="org.jboss.as.mail"/> | |
| <extension module="org.jboss.as.naming"/> | |
| <extension module="org.jboss.as.osgi"/> | |
| <extension module="org.jboss.as.pojo"/> | |
| <extension module="org.jboss.as.remoting"/> | |
| <extension module="org.jboss.as.sar"/> | |
| <extension module="org.jboss.as.security"/> | |
| <extension module="org.jboss.as.threads"/> | |
| <extension module="org.jboss.as.transactions"/> | |
| <extension module="org.jboss.as.web"/> | |
| <extension module="org.jboss.as.webservices"/> | |
| <extension module="org.jboss.as.weld"/> | |
| </extensions> | |
| <management> | |
| <security-realms> | |
| <security-realm name="ManagementRealm"> | |
| <authentication> | |
| <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/> | |
| </authentication> | |
| </security-realm> | |
| <security-realm name="TheBank"> | |
| <authentication> | |
| <properties path="bank-users.properties" relative-to="jboss.server.config.dir"/> | |
| </authentication> | |
| </security-realm> | |
| </security-realms> | |
| <management-interfaces> | |
| <native-interface security-realm="ManagementRealm"> | |
| <socket-binding native="management-native"/> | |
| </native-interface> | |
| <http-interface security-realm="ManagementRealm"> | |
| <socket-binding http="management-http"/> | |
| </http-interface> | |
| </management-interfaces> | |
| </management> | |
| <profile> | |
| <subsystem xmlns="urn:jboss:domain:logging:1.1"> | |
| <console-handler name="CONSOLE"> | |
| <level name="TRACE"/> | |
| <formatter> | |
| <pattern-formatter pattern="%d{HH:mm:ss,SSS} %-5p [%c] (%t) %s%E%n"/> | |
| </formatter> | |
| </console-handler> | |
| <periodic-rotating-file-handler name="FILE"> | |
| <formatter> | |
| <pattern-formatter pattern="%d{HH:mm:ss,SSS} %-5p [%c] (%t) %s%E%n"/> | |
| </formatter> | |
| <file relative-to="jboss.server.log.dir" path="server.log"/> | |
| <suffix value=".yyyy-MM-dd"/> | |
| <append value="true"/> | |
| </periodic-rotating-file-handler> | |
| <logger category="com.arjuna"> | |
| <level name="WARN"/> | |
| </logger> | |
| <logger category="org.jboss.security"> | |
| <level name="TRACE"/> | |
| </logger> | |
| <logger category="org.apache.tomcat.util.modeler"> | |
| <level name="WARN"/> | |
| </logger> | |
| <logger category="sun.rmi"> | |
| <level name="WARN"/> | |
| </logger> | |
| <logger category="jacorb"> | |
| <level name="WARN"/> | |
| </logger> | |
| <logger category="jacorb.config"> | |
| <level name="ERROR"/> | |
| </logger> | |
| <root-logger> | |
| <level name="INFO"/> | |
| <handlers> | |
| <handler name="CONSOLE"/> | |
| <handler name="FILE"/> | |
| </handlers> | |
| </root-logger> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:datasources:1.0"> | |
| <datasources> | |
| <datasource jndi-name="java:jboss/datasources/ExampleDS" pool-name="ExampleDS" enabled="true" use-java-context="true"> | |
| <connection-url> | |
| jdbc:h2:mem:test;DB_CLOSE_DELAY=-1 | |
| </connection-url> | |
| <driver> | |
| h2 | |
| </driver> | |
| <security> | |
| <user-name> | |
| sa | |
| </user-name> | |
| <password> | |
| sa | |
| </password> | |
| </security> | |
| </datasource> | |
| <drivers> | |
| <driver name="h2" module="com.h2database.h2"> | |
| <xa-datasource-class> | |
| org.h2.jdbcx.JdbcDataSource | |
| </xa-datasource-class> | |
| </driver> | |
| </drivers> | |
| </datasources> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:deployment-scanner:1.0"> | |
| <deployment-scanner name="default" path="deployments" scan-enabled="true" scan-interval="5000" relative-to="jboss.server.base.dir" deployment-timeout="60"/> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:ee:1.0"/> | |
| <subsystem xmlns="urn:jboss:domain:ejb3:1.2"> | |
| <session-bean> | |
| <stateless> | |
| <bean-instance-pool-ref pool-name="slsb-strict-max-pool"/> | |
| </stateless> | |
| <stateful default-access-timeout="5000" cache-ref="simple"/> | |
| <singleton default-access-timeout="5000"/> | |
| </session-bean> | |
| <mdb> | |
| <resource-adapter-ref resource-adapter-name="hornetq-ra"/> | |
| <bean-instance-pool-ref pool-name="mdb-strict-max-pool"/> | |
| </mdb> | |
| <pools> | |
| <bean-instance-pools> | |
| <strict-max-pool name="slsb-strict-max-pool" max-pool-size="20" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/> | |
| <strict-max-pool name="mdb-strict-max-pool" max-pool-size="20" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/> | |
| </bean-instance-pools> | |
| </pools> | |
| <caches> | |
| <cache name="simple" aliases="NoPassivationCache"/> | |
| <cache name="passivating" passivation-store-ref="file" aliases="SimpleStatefulCache"/> | |
| </caches> | |
| <passivation-stores> | |
| <file-passivation-store name="file"/> | |
| </passivation-stores> | |
| <async thread-pool-name="default"/> | |
| <timer-service thread-pool-name="default"> | |
| <data-store path="timer-service-data" relative-to="jboss.server.data.dir"/> | |
| </timer-service> | |
| <remote connector-ref="remoting-connector" thread-pool-name="default"/> | |
| <thread-pools> | |
| <thread-pool name="default" max-threads="10" keepalive-time="100"/> | |
| </thread-pools> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:infinispan:1.1" default-cache-container="hibernate"> | |
| <cache-container name="hibernate" default-cache="local-query"> | |
| <local-cache name="entity"> | |
| <eviction strategy="LRU" max-entries="10000"/> | |
| <expiration max-idle="100000"/> | |
| </local-cache> | |
| <local-cache name="local-query"> | |
| <eviction strategy="LRU" max-entries="10000"/> | |
| <expiration max-idle="100000"/> | |
| </local-cache> | |
| <local-cache name="timestamps"> | |
| <eviction strategy="NONE"/> | |
| </local-cache> | |
| </cache-container> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:jaxr:1.0"> | |
| <connection-factory jndi-name="java:jboss/jaxr/ConnectionFactory"/> | |
| <juddi-server publish-url="http://localhost:8080/juddi/publish" query-url="http://localhost:8080/juddi/query"/> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:jaxrs:1.0"/> | |
| <subsystem xmlns="urn:jboss:domain:jca:1.1"> | |
| <archive-validation enabled="false"/> | |
| <bean-validation enabled="false"/> | |
| <default-workmanager> | |
| <short-running-threads blocking="true"> | |
| <core-threads count="10" per-cpu="20"/> | |
| <queue-length count="10" per-cpu="20"/> | |
| <max-threads count="10" per-cpu="20"/> | |
| <keepalive-time time="10" unit="seconds"/> | |
| </short-running-threads> | |
| <long-running-threads blocking="true"> | |
| <core-threads count="10" per-cpu="20"/> | |
| <queue-length count="10" per-cpu="20"/> | |
| <max-threads count="10" per-cpu="20"/> | |
| <keepalive-time time="10" unit="seconds"/> | |
| </long-running-threads> | |
| </default-workmanager> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:jdr:1.0"/> | |
| <subsystem xmlns="urn:jboss:domain:jmx:1.1"> | |
| <show-model value="true"/> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:jpa:1.0"> | |
| <jpa default-datasource=""/> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:mail:1.0"> | |
| <mail-session jndi-name="java:jboss/mail/Default" debug="false"> | |
| <smtp-server outbound-socket-binding-ref="mail-smtp"/> | |
| </mail-session> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:naming:1.1"/> | |
| <subsystem xmlns="urn:jboss:domain:osgi:1.1" activation="lazy"> | |
| <configuration pid="org.apache.felix.webconsole.internal.servlet.OsgiManager"> | |
| <property name="manager.root" value="jboss-osgi"/> | |
| </configuration> | |
| <properties> | |
| <property name="org.osgi.framework.startlevel.beginning"> | |
| 1 | |
| </property> | |
| </properties> | |
| <capabilities> | |
| <capability name="javax.api"/> | |
| <capability name="javax.servlet.api"/> | |
| <capability name="javax.transaction.api"/> | |
| <capability name="org.apache.aries.util"/> | |
| <capability name="org.jboss.osgi.webconsole"/> | |
| <capability name="org.osgi.compendium"/> | |
| <capability name="org.apache.felix.log" startlevel="1"/> | |
| <capability name="org.jboss.osgi.logging" startlevel="1"/> | |
| <capability name="org.apache.felix.configadmin" startlevel="1"/> | |
| <capability name="org.jboss.as.osgi.configadmin" startlevel="1"/> | |
| <capability name="org.apache.aries.jmx" startlevel="2"/> | |
| <capability name="org.apache.felix.eventadmin" startlevel="2"/> | |
| <capability name="org.apache.felix.metatype" startlevel="2"/> | |
| <capability name="org.apache.felix.scr" startlevel="2"/> | |
| <capability name="org.apache.felix.webconsole" startlevel="2"/> | |
| <capability name="org.jboss.netty" startlevel="2"/> | |
| <capability name="org.jboss.osgi.jmx" startlevel="2"/> | |
| <capability name="org.jboss.osgi.http" startlevel="2"/> | |
| <capability name="org.projectodd.stilts" startlevel="2"/> | |
| <capability name="org.jboss.osgi.blueprint" startlevel="3"/> | |
| <capability name="org.jboss.osgi.webapp" startlevel="3"/> | |
| <capability name="org.jboss.osgi.xerces" startlevel="3"/> | |
| </capabilities> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:pojo:1.0"/> | |
| <subsystem xmlns="urn:jboss:domain:remoting:1.1"> | |
| <connector name="remoting-connector" socket-binding="remoting" security-realm="TheBank" /> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:resource-adapters:1.0"/> | |
| <subsystem xmlns="urn:jboss:domain:sar:1.0"/> | |
| <subsystem xmlns="urn:jboss:domain:security:1.1"> | |
| <security-domains> | |
| <security-domain name="Calculator" cache-type="default"> | |
| <authentication> | |
| <login-module code="Remoting" flag="optional"> | |
| <module-option name="password-stacking" value="useFirstPass" /> | |
| </login-module> | |
| <login-module code="UsersRoles" flag="required"> | |
| <module-option name="password-stacking" value="useFirstPass" /> | |
| <module-option name="usersProperties" value="file:///home/darranl/tmp/users.properties" /> | |
| <module-option name="rolesProperties" value="file:///home/darranl/tmp/roles.properties" /> | |
| </login-module> | |
| </authentication> | |
| </security-domain> | |
| <security-domain name="other" cache-type="default"> | |
| <authentication> | |
| <login-module code="UsersRoles" flag="required"/> | |
| </authentication> | |
| </security-domain> | |
| <security-domain name="jboss-web-policy" cache-type="default"> | |
| <authorization> | |
| <policy-module code="Delegating" flag="required"/> | |
| </authorization> | |
| </security-domain> | |
| <security-domain name="jboss-ejb-policy" cache-type="default"> | |
| <authorization> | |
| <policy-module code="Delegating" flag="required"/> | |
| </authorization> | |
| </security-domain> | |
| </security-domains> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:threads:1.0"/> | |
| <subsystem xmlns="urn:jboss:domain:transactions:1.1"> | |
| <core-environment> | |
| <process-id> | |
| <uuid/> | |
| </process-id> | |
| </core-environment> | |
| <recovery-environment socket-binding="txn-recovery-environment" status-socket-binding="txn-status-manager"/> | |
| <coordinator-environment default-timeout="300"/> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host"> | |
| <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/> | |
| <virtual-server name="default-host" enable-welcome-root="true"> | |
| <alias name="localhost"/> | |
| <alias name="example.com"/> | |
| </virtual-server> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:webservices:1.0" xmlns:javaee="http://java.sun.com/xml/ns/javaee" xmlns:jaxwsconfig="urn:jboss:jbossws-jaxws-config:4.0"> | |
| <modify-wsdl-address> | |
| true | |
| </modify-wsdl-address> | |
| <wsdl-host> | |
| ${jboss.bind.address:127.0.0.1} | |
| </wsdl-host> | |
| <endpoint-config> | |
| <jaxwsconfig:config-name> | |
| Standard-Endpoint-Config | |
| </jaxwsconfig:config-name> | |
| </endpoint-config> | |
| <endpoint-config> | |
| <jaxwsconfig:config-name> | |
| Recording-Endpoint-Config | |
| </jaxwsconfig:config-name> | |
| <jaxwsconfig:pre-handler-chains> | |
| <javaee:handler-chain> | |
| <javaee:protocol-bindings> | |
| ##SOAP11_HTTP ##SOAP11_HTTP_MTOM ##SOAP12_HTTP ##SOAP12_HTTP_MTOM | |
| </javaee:protocol-bindings> | |
| <javaee:handler> | |
| <javaee:handler-name> | |
| RecordingHandler | |
| </javaee:handler-name> | |
| <javaee:handler-class> | |
| org.jboss.ws.common.invocation.RecordingServerHandler | |
| </javaee:handler-class> | |
| </javaee:handler> | |
| </javaee:handler-chain> | |
| </jaxwsconfig:pre-handler-chains> | |
| </endpoint-config> | |
| </subsystem> | |
| <subsystem xmlns="urn:jboss:domain:weld:1.0"/> | |
| </profile> | |
| <interfaces> | |
| <interface name="management"> | |
| <inet-address value="${jboss.bind.address.management:127.0.0.1}"/> | |
| </interface> | |
| <interface name="public"> | |
| <inet-address value="${jboss.bind.address:127.0.0.1}"/> | |
| </interface> | |
| </interfaces> | |
| <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}"> | |
| <socket-binding name="http" port="8080"/> | |
| <socket-binding name="https" port="8443"/> | |
| <socket-binding name="jacorb" port="3528"/> | |
| <socket-binding name="jacorb-ssl" port="3529"/> | |
| <socket-binding name="jmx-connector-registry" interface="management" port="1090"/> | |
| <socket-binding name="jmx-connector-server" interface="management" port="1091"/> | |
| <socket-binding name="management-native" interface="management" port="${jboss.management.native.port:9999}"/> | |
| <socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/> | |
| <socket-binding name="messaging" port="5445"/> | |
| <socket-binding name="messaging-throughput" port="5455"/> | |
| <socket-binding name="osgi-http" interface="management" port="8090"/> | |
| <socket-binding name="remoting" port="4447"/> | |
| <socket-binding name="txn-recovery-environment" port="4712"/> | |
| <socket-binding name="txn-status-manager" port="4713"/> | |
| <outbound-socket-binding name="mail-smtp"> | |
| <remote-destination host="localhost" port="25"/> | |
| </outbound-socket-binding> | |
| </socket-binding-group> | |
| </server> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # No users for now. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment