One way of accessing the Repository remotely is by using RMI. Make sure you tell the JVM starting your client which login configuration to use by adding the following parameter:

java -Djava.security.auth.login.config=$PATH/auth.conf

The JBoss client libraries is required in classpath and are located at $JBOSS_HOME/client, which also contains an example of auth.conf.

The server authentication is performed by providing a callback handler to a javax.security.auth.login.LoginContext that JBoss uses to identify the current principal. The callback handler implements the javax.security.auth.callback.CallbackHandler interface. See se.kmr.scam.server.test.UserInfo for further details.

import se.kmr.scam.server.*;
import se.kmr.scam.server.test.UserInfo;
import javax.naming.*;
import javax.rmi.PortableRemoteObject;
import javax.security.auth.login.*;

String host = "localhost:1099";
String username = "kalle";
String password = "kallepw";
String loginConfig = "other"

Context ctx = new InitialContext();
ctx.addToEnvironment("java.naming.factory.initial", "org.jnp.interfaces.NamingContextFactory");
ctx.addToEnvironment("java.naming.factory.url.pkgs", "org.jboss.naming:org.jnp.interfaces");
ctx.addToEnvironment("java.naming.provider.url", host);

LoginContext loginCtx = new LoginContext(loginConfig, new UserInfo(username, password));
loginCtx.login();

Object ref = ctx.lookup("Manifest");
ManifestHome manifestHome = (ManifestHome) PortableRemoteObject.narrow(ref, ManifestHome.class);
Manifest manifest = manifestHome.create();

host is the server to connect to, username and password are the server credentials and loginConfig denotes an entry in auth.conf specifying the login procedure. A Manifest object is created from the EJBHome interface by looking up the JNDI name "Manifest" defined in jboss.xml. This entry is then translated to the matching EJB name defined in ejb-jar.xml. These xml-files are part of scamRepository. See the JBoss manual for further details.