Remoting WildFly Subsystem Configuration: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 79: Line 79:


Remove "security-realm" configuration attribute from the connector configuration element.
Remove "security-realm" configuration attribute from the connector configuration element.
=Configuring Remoting Subsystem to Support Deployed EJB Client Contexts=
<pre>
            <subsystem xmlns="urn:jboss:domain:remoting:3.0">
                <endpoint/>
                <http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm"/>
                <outbound-connections>
                    <remote-outbound-connection name="remote-ejb-connection-1" outbound-socket-binding-ref="remote-socket-ejb-1" username="ejb" security-realm="ejb-security-realm" protocol="http-remoting">
                        <properties>
                            <property name="SASL_POLICY_NOANONYMOUS" value="false"/>
                            <property name="SSL_ENABLED" value="false"/>
                        </properties>
                    </remote-outbound-connection>
                    <remote-outbound-connection name="remote-ejb-connection-2" outbound-socket-binding-ref="remote-socket-ejb-2" username="ejb" security-realm="ejb-security-realm" protocol="http-remoting">
                        <properties>
                            <property name="SASL_POLICY_NOANONYMOUS" value="false"/>
                            <property name="SSL_ENABLED" value="false"/>
                        </properties>
                    </remote-outbound-connection>
                    <remote-outbound-connection name="remote-ejb-connection-3" outbound-socket-binding-ref="remote-socket-ejb-3" username="ejb" security-realm="ejb-security-realm" protocol="http-remoting">
                        <properties>
                            <property name="SASL_POLICY_NOANONYMOUS" value="false"/>
                            <property name="SSL_ENABLED" value="false"/>
                        </properties>
                    </remote-outbound-connection>
                    <remote-outbound-connection name="remote-ejb-connection-4" outbound-socket-binding-ref="remote-socket-ejb-4" username="ejb" security-realm="ejb-security-realm" protocol="http-remoting">
                        <properties>
                            <property name="SASL_POLICY_NOANONYMOUS" value="false"/>
                            <property name="SSL_ENABLED" value="false"/>
                        </properties>
                    </remote-outbound-connection>
                    <remote-outbound-connection name="remote-ejb-connection-5" outbound-socket-binding-ref="remote-socket-ejb-5" username="ejb" security-realm="ejb-security-realm" protocol="http-remoting">
                        <properties>
                            <property name="SASL_POLICY_NOANONYMOUS" value="false"/>
                            <property name="SSL_ENABLED" value="false"/>
                        </properties>
                    </remote-outbound-connection>
                    <remote-outbound-connection name="remote-ejb-connection-6" outbound-socket-binding-ref="remote-socket-ejb-6" username="ejb" security-realm="ejb-security-realm" protocol="http-remoting">
                        <properties>
                            <property name="SASL_POLICY_NOANONYMOUS" value="false"/>
                            <property name="SSL_ENABLED" value="false"/>
                        </properties>
                    </remote-outbound-connection>
                </outbound-connections>
            </subsystem>
...
<>
</pre>
For more details about EJB client contexts, see [[]]: For more details about jboss-ejb-client.xml, the deployment descriptor that configures the EJB client context, and which requires the above configuration changes, see [[Jboss-ejb-client.xml|jboss-ejb-client.xml]].

Revision as of 17:51, 23 March 2017

External

Internal

Overview

The default port the remoting connector listens on is 4447.

EAP7, WildFly 9

<subsystem xmlns="urn:jboss:domain:remoting:3.0">
    <endpoint worker="default"/>
    <http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm"/>
</subsystem>

EAP 6.4

<subsystem xmlns="urn:jboss:domain:remoting:1.2">
    <connector name="remoting-connector" socket-binding="remoting" security-realm="ApplicationRealm"/>
</subsystem>

<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
    ...
    <socket-binding name="remoting" port="4447"/>
    ...
</socket-binding-group>

Schema


https://github.com/wildfly/?

TODO: Link to .xsd.

Configuration Elements

<worker-thread-pool>

<subsystem xmlns="urn:jboss:domain:remoting:1.1">
    <worker-thread-pool read-threads="1" task-keepalive="60" task-max-threads="16" task-core-thread="4" task-limit="16384" write-threads="1" />
    ...
</subsystem>

For more details on the remoting worker thread pool see Remoting Threading Model.

<endpoint>

The Remoting endpoint uses the XNIO Worker declared and configured by the io subsystem. The XNIO worker's configuration is described here: io subsystem worker configuration.

<connector>

name

socket-binding

security-realm

The presence of the 'security-realm' attribute in the remoting connector configuration triggers enabling of authentication within the remoting service. For more details about remoting security see Remoting Subsystem Concepts - Security.

<http-connector>

The connector-ref is the name of the Undertow http-listener, so if the name of that connector changes, the Remoting reference should also change.

Disabling Remoting Authentication

EAP 6.4

Remove "security-realm" configuration attribute from the connector configuration element.

Configuring Remoting Subsystem to Support Deployed EJB Client Contexts

            <subsystem xmlns="urn:jboss:domain:remoting:3.0">
                <endpoint/>
                <http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm"/>
                <outbound-connections>
                    <remote-outbound-connection name="remote-ejb-connection-1" outbound-socket-binding-ref="remote-socket-ejb-1" username="ejb" security-realm="ejb-security-realm" protocol="http-remoting">
                        <properties>
                            <property name="SASL_POLICY_NOANONYMOUS" value="false"/>
                            <property name="SSL_ENABLED" value="false"/>
                        </properties>
                    </remote-outbound-connection>
                    <remote-outbound-connection name="remote-ejb-connection-2" outbound-socket-binding-ref="remote-socket-ejb-2" username="ejb" security-realm="ejb-security-realm" protocol="http-remoting">
                        <properties>
                            <property name="SASL_POLICY_NOANONYMOUS" value="false"/>
                            <property name="SSL_ENABLED" value="false"/>
                        </properties>
                    </remote-outbound-connection>
                    <remote-outbound-connection name="remote-ejb-connection-3" outbound-socket-binding-ref="remote-socket-ejb-3" username="ejb" security-realm="ejb-security-realm" protocol="http-remoting">
                        <properties>
                            <property name="SASL_POLICY_NOANONYMOUS" value="false"/>
                            <property name="SSL_ENABLED" value="false"/>
                        </properties>
                    </remote-outbound-connection>
                    <remote-outbound-connection name="remote-ejb-connection-4" outbound-socket-binding-ref="remote-socket-ejb-4" username="ejb" security-realm="ejb-security-realm" protocol="http-remoting">
                        <properties>
                            <property name="SASL_POLICY_NOANONYMOUS" value="false"/>
                            <property name="SSL_ENABLED" value="false"/>
                        </properties>
                    </remote-outbound-connection>
                    <remote-outbound-connection name="remote-ejb-connection-5" outbound-socket-binding-ref="remote-socket-ejb-5" username="ejb" security-realm="ejb-security-realm" protocol="http-remoting">
                        <properties>
                            <property name="SASL_POLICY_NOANONYMOUS" value="false"/>
                            <property name="SSL_ENABLED" value="false"/>
                        </properties>
                    </remote-outbound-connection>
                    <remote-outbound-connection name="remote-ejb-connection-6" outbound-socket-binding-ref="remote-socket-ejb-6" username="ejb" security-realm="ejb-security-realm" protocol="http-remoting">
                        <properties>
                            <property name="SASL_POLICY_NOANONYMOUS" value="false"/>
                            <property name="SSL_ENABLED" value="false"/>
                        </properties>
                    </remote-outbound-connection>
                </outbound-connections>
            </subsystem>
...
<>

For more details about EJB client contexts, see [[]]: For more details about jboss-ejb-client.xml, the deployment descriptor that configures the EJB client context, and which requires the above configuration changes, see jboss-ejb-client.xml.