Remoting WildFly Subsystem Concepts: Difference between revisions
Line 61: | Line 61: | ||
<span id='Authenticated_Remoting_Call'></span>When JBoss Remoting is used to by a JMX connection, authentication is programmed as described below: "[[Remoting_WildFly_Subsystem_Concepts#Authentication_for_Remoting_JMX_Access|Authentication for Remoting JMX Access]]". | <span id='Authenticated_Remoting_Call'></span>When JBoss Remoting is used to by a JMX connection, authentication is programmed as described below: "[[Remoting_WildFly_Subsystem_Concepts#Authentication_for_Remoting_JMX_Access|Authentication for Remoting JMX Access]]". | ||
=Threading Model= | =Threading Model= |
Revision as of 04:43, 8 July 2017
Internal
EAP 7 Note
In EAP 7, the default remoting connector has changed from "remote" to "http-remoting" and the default remote connection port has changed from 4447 to 8080.
The JNDI provider URL for the default configuration has changed from remote://localhost:4447 to http-remoting://localhost:8080.
JNDI and Remoting
See
Remoting and the Management Interfaces
EAP 6
TODO: clarify the relationship between the remoting subsystem and the instance's management interfaces. When booting an EAP 6 instance, we get:
org.jboss.as.remoting] (MSC service thread 1-5) JBAS017100: Listening on 127.0.0.1:9999
which indicates that the management interface (9999) and remoting are related.
EAP 7
Security
Remoting connection attempts are authenticated against a configurable set of authentication mechanisms.
The presence of the 'security-realm' attribute in the remoting connector configuration triggers authentication enforcement within the remoting service, by initializing the list of authentication mechanisms to those contributed by the security realm.
For EAP 6:
<subsystem xmlns="urn:jboss:domain:remoting:1.1"> <connector name="remoting-connector" socket-binding="remoting" security-realm="ApplicationRealm"/> </subsystem>
For EAP 7:
TODO
The "ApplicationRealm" security realm employs "DIGEST" and "LOCAL" security mechanisms.
For more details on the local authentication mechanism see the local file-based authentication mechanism.
Removing 'security-realm="ApplicationRealm"' from the remoting connector configuration ends up in the installation of the "ANONYMOUS" authentication mechanism, which enforces no authentication.
For more details on configuring security-realm see security-realm.
For more on JBoss 7 security, see WildFly Security Realms.
JBoss Remoting Client-Side Programmatic Login
When JBoss Remoting is used to by a JMX connection, authentication is programmed as described below: "Authentication for Remoting JMX Access".
Threading Model
All invocations arriving on the subsystem's connectors are handled by the subsystem's threads, which are all grouped under the worker thread pool. Various worker thread pool attributes are configured on the worker-thread-pool element. For more details on configuring the thread pool, see:
Also see: