Hi all..
I've 2 different EJBs projects on 2 different GF instances.
I'd like the first one to call EJBs on the second one which has some required roles defined.
I've successfully configured the projects to communicate without required roles, but I have a "Client not authenticated" error when I reactivate them.
So,
- What are the minimum configuration prequisites to propagate the caller between 2 distant EJBs ?
- Is there a configuration for the target EJB to "TRUST" the first one ?
- Is as-context bloc required on target sun-ejb-jar.xml ?
Thanks for your help ...
------ Context : ----------
1- Each GF s1as key has been put in other GF truststore (Is it mandatory for role propagation ?)
2- Source EJB fragment :
public class ExtranetBean implements Extranet.ExtranetLocal
{
@EJB(mappedName = "corbaname:iiop:appli1.domain.com:3700#ejb/Equipment")
private ejb.Equipment.EquipmentRemote equipmentBean;
...
3- Target sun-ejb-jar.xml fragment :
<ejb>
<ejb-name>EquipmentBean</ejb-name>
<ior-security-config>
<transport-config>
<integrity>REQUIRED</integrity>
<confidentiality>REQUIRED</confidentiality>
<establish-trust-in-target>SUPPORTED</establish-trust-in-target>
<establish-trust-in-client>REQUIRED</establish-trust-in-client>
</transport-config>
<sas-context>
<caller-propagation>SUPPORTED</caller-propagation>
</sas-context>
</ior-security-config>
</ejb>
[Message sent by forum member 'kabhal' (kabhal)]
http://forums.java.net/jive/thread.jspa?messageID=341300