At 05:14 PM 2/10/2006, Aaron Mulder wrote:
Sorry, you're crediting me with a lot more CORBA knowledge than I
deserve. :) In particular, I'm not sure what the right IIOP URL or
corbaname URL should be. Let me give you a more specific scenario:
Let's say I have a session bean running in Geronimo, so the Geronimo
side of the picture looks like this:
CORBA naming service: localhost:1050 (or
corbaloc::localhost:1050/NameService), with SSL enabled
EJB name in naming service: MySessionBean
EJB TSS listening for SSL on localhost:1055
So assuming G supports corbaname (which it should) the url for this
would look like so:
corbaname:iiop:[EMAIL PROTECTED]:1050#MySessionBean
Now I have a web app deployed in WebLogic with an ejb-ref in web.xml
pointing to the correct home and remote interface for this session
bean, but with no EJB link. So I'm assuming I need to put something
in weblogic.xml in order to resolve this ejb-ref to point to the CORBA
EJB above. What does that configuration block look like?
I'm not sure I fully understand, but there is nothing special about
CORBA internally. A weblogic.xml entry might look like this:
<reference-descriptor>
<ejb-reference-description>
<ejb-ref-name>
j2ee/interop/demo/tester
</ejb-ref-name>
<jndi-name>
ejb/j2ee/interop/demo/tester
</jndi-name>
</ejb-reference-description>
</reference-descriptor>
The JNDI name could be a corbaname URL if the EJB is remote.
Also, if security is enabled for that session bean in Geronimo, so I
want to pass my username and password that I used for the WebLogic web
app across to the Geronimo EJB using GSSUP, and Geronimo requires that
the GSSUP token contain the domain name (or target name) of
"geronimo-properties-realm" along with the username and password, how
would I set that up in weblogic.xml?
I'm not sure we allow you to control this :). Security settings can
be set per ejb in the descriptor, but I don't think the target is included.
Finally, let's say the EJB is running in WebLogic and the web app
running in Geronimo:
- What naming service corbaloc would I use on the Geronimo side to
point to WebLogic's naming service? Would it be
"corbaloc::localhost:7001/NameService"?
Yes, but better to use corbaname above.
- What is the name of the EJB inside the WebLogic naming service?
e.g. is it one of the ejb-name or the jndi-name for that EJB, or is
there some other setting for it?
Its just the jndi-name.
- Is it OK to specify that SSL should be used to contact the naming
service and/or the EJB? Does anything need to be done on the WebLogic
side to enable that? (Other than I guess any URLs would go over the
SSL listen port not the regular WebLogic listen port.)
I would recommend you start without security first :) The simplest
way to force the use of SSL is to switch off the main listen port.
You can also fiddle with the EJB security descriptors, although this
is not documented.
- If the EJB is secured on the WebLogic side and I want to pass my
Geronimo login username and password to WebLogic via GSSUP, does
WebLogic expect any particular target name or domain name to come with
the username/password in the GSSUP authentication token?
No. I think we will strip the target name or use it as the security
realm name.
andy
