THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
| Excerpt |
|---|
Application client security starts with specifying the CallbackHandler that you want to use in the app application client deployment descriptor (in Geronimo) or in a similar element in the Geronimo deployment plan. |
For a CallbackHandler to work, a security realm must be configured. This must be defined on the client. You can configure this in any plugin that will be started before the client application itself (due to because of being an ancestor of the client application) or in the client plan itself. The security realm configuration is exactly the same on the client and server, by using the GenericSecurityRealm GBean.
...
One common use of application clients is as ejb clients. In this case, you will want to provide who the client is run by to the openejb so that the openejb can apply the authentication rules properly. You do this by using the OpenejbRemoteLoginModule which uses the openejb protocol to log into in to the server and provide a token used in subsequent calls to the openejb. Note that by default, ejbd communication is unsecure and this token may might be eavesdropped and used by others.
...
Note that there are two options: the server side security realm name to log into in to server-side, and the URI for the openejb listener.
...