I have followed the Blog Securing Jakarta Enterprise Beans with mutual TLS authentication on https://wildfly-security.github.io/wildfly-elytron/blog/ejb-over-tls/#configuring-the-remote-connector to the letter. Everything has executed successfully! I am able to connect to https (via browser) with the certificate from keytool (from the blog) and https works perfectly. Using postman I am able to ping my web app’s Rest api. I have the following code:

private static final String DEFAULT_CONNECTION_FACTORY = "jms/RemoteConnectionFactory";
 private static final String DEFAULT_DESTINATION = "jms/Queue2";

                                                       
private static final String INITIAL_CONTEXT_FACTORY = "org.wildfly.naming.client.WildFlyInitialContextFactory";
private static final String PROVIDER_URL = "https-remoting://127.0.0.1:8443";

@GET
public Response ping(){
    
    
    final Properties env = new Properties();
    env.put(Context.INITIAL_CONTEXT_FACTORY, INITIAL_CONTEXT_FACTORY);
    env.put(Context.PROVIDER_URL, System.getProperty(Context.PROVIDER_URL, PROVIDER_URL));
    env.put(Context.SECURITY_PRINCIPAL, DEFAULT_USERNAME);
    env.put(Context.SECURITY_CREDENTIALS, DEFAULT_PASSWORD);
    
    try {
        
        
        
        
        Context namingContext = new InitialContext(env);
        String connectionFactoryString = System.getProperty("connection.factory", DEFAULT_CONNECTION_FACTORY);
        ConnectionFactory cf = (ConnectionFactory) namingContext.lookup(connectionFactoryString);
        JMSContext jmsContext = cf.createContext();
        Destination d = (Destination) namingContext.lookup(DEFAULT_DESTINATION);
        jmsContext.createProducer().send(d, "Hello MDB");
        
        
        
        
    } catch (NamingException ex) {
        Logger.getLogger(JakartaEE11Resource.class.getName()).log(Level.SEVERE, null, ex);
    }
    
    
    return Response
            .ok("ping Jakarta EE")
            .build();
}

from the wildfly quickstart JMS (modified a little). I am receiving a javax.security.sasl.SaslException: SCRAM-SHA-512-PLUS: Server rejected authentication

from wildfly when trying to send my message to my JMS message queue. When creating the user from the blog, I assigned the “role” as “guest”.

The standalone.xml has

<jms-queue name="Queue2" entries="java:/jms/Queue2"/>

The MDB has the following:

@MessageDriven(
    activationConfig = {
        @ActivationConfigProperty(propertyName = "destination", propertyValue = "java:/jms/Queue2"),
        @ActivationConfigProperty(propertyName = "destinationType",
                propertyValue = "jakarta.jms.Queue")})

public class MDB implements MessageListener {

@Override
public void onMessage(Message msg) {
    System.out.println("HELLO#########################");
}

}

I have checked the user and passwords, and they are correct. I was wondering if my problem is that the user that I am using is not an “application domain” user. I am unable to find out how to create the “application domain user” if that is the case.

Thanks