Rickard,
<snip>
> And that's the whole story, or as close to it that I know.... *phew* R U
> with me? :-)
I think I am. Thanks for the detailed explanation. BTW, note that it
doesn't explain the rules for the current generation of EJB servers that
are based on EJB 1.0 and frequently use JDK 1.1.x, not 1.2. Luckily, it
looks like vendors just don't enforce the restrictions for now, but this
is a possible future small nightmare when moving to J2EE.
> Conclusion:
> Wanna use I/O or other restricted operations?
> * Put those calls in a separate "library" class
> * Wrap "dangerous" sections in doPrivileged calls
> * Package the classes separately
> * Put the library on the classpath somewhere, so that the server can
> access the classes
> * Grant the desired permissions (AllPermission works well :-) to the
> library
> * Call the library from your EJB's
I'm afraid creating separate libraries would be impractical in some
cases. Actually, I wish we could deploy components with bothering about
classloader issues altogether.
But the worst thing is that your explanation is for now only your
(educated) guess. While it sounds credible, I believe the spec authors
should speak up at this point. Since nobody seems to know for sure, and
implementations of J2EE are already well under way, we might end up with
your option 2:
> * Turn off security checks in the EJB-server if possible... not
> recommended...
> Disclaimer:
> As always, I'm a theoretical kind of guy so all of the above are only
> logical deductions from the tons of documentation that I've read: I have
> not tested any of it in practice, so it might be completely off track.
Oh well, I'm sure our Sun friends will eradicate our doubts any time now
and you'll get rid of that disclaimer.
> ps. Is it time for a EJB-INTEREST FAQ soon? >:-)
Yes. How kind of you to volunteer. What's the URL ?
Alain.
--
Alain Rogister
Ubiquity s.a.
http://www.ubiquity.be
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
