Does anybody know how to secure the JNDI access for remote clients on JBoss? I know how to secure remote JMX invokers but even with that in effect it is still possile to lookup, bind and unbind things in JNDI even if the client is not authenticated.
I would like that that the server refuses to give you access to the InitialContext if you are not authenticated and to make it read only for some clients. Is this possible?
I am using JBoss 5.1.0 GA with jdk6