Quick question on remote JNDI access.
Does the java: provider below one provide remote access -- ie j2ee client app?
For security reasons, we want to be able to bind some/all resources for a given app into a jndi tree (by any reasonable means: subtree / provider / naming convention) that cannot be accessed outside of the cluster. This will stop users who can authenticate to the container, being able to write a client app, to pull (for example) a database connection out of jndi and bypass business rules to hit the db directly.
Thanks for any help,
Ken.
On 13 Sep 2004, at 22:27, Jeremy Boynes wrote:
Bruce Snyder wrote:
My apologies, I didn't ask this correctly. Where did we get the JNDI implementation?
There are actually a couple that we use based on different characteristics.
The one for java: is located in o.a.g.naming and is designed for fast, read-only access - what happens with ENC lookups. A group of us wrote it.
The one for geronimo: is in the same package and supports in-vm access and is used for EJB and resource bindings. IIRC David Jencks did most of that based on the java: code.
For EJB remoting we are using the one from OpenEJB; this may change at some point to use other global naming services such as Eve.
-- Jeremy
