"Rickard �berg" wrote:
> You're contradicting yourself. First you say that I'm wrong when I say
> that context propagation is not fully defined, and then you say I'm
> right because security context propagation is not yet defined. What's it
> gonna be? From your description my statement is still true. I'm not an
> IIOP expert though, so I might be missing something here.
*How* GIOP Contexts are propegated is completely defined in the CORBA
specification. *What* a particular type of context (for example a
transaction context) looks like isn't the CORBA specification's
responsibility. New types of contexts can be invented and registered
with the OMG atany time. For OTS, this was defined in the OTS
Specification. For EJB, it only remains to be done for security
contexts.
On a side note, if you are not an IIOP expert why do you feel qualified
to try discredit a protocol which an open consortium of 800+ of the
largest software and vertical industry companies in the world defined
and are happy with?
>
> > This is not a complex issue: it basically involves reserving a
> > GIOP context identifier (a 32-bit number) and then specifying the
> > GIOP format of the data (which might simply be a string, which
> > would allow security to be interoperable with C++ and other
> > languages supporting IIOP). Let's move forward and define the
> > identifier and the Security Principal format, and be done with it!
> > There is nothing broken in IIOP: security context propagation has
> > simply not been standardized yet.
>
> The difference between my suggestion and yours is that with mine there
> is nothing to agree upon. I propagate it my way, and everyone else uses
> their own way. I really don't care how others do it.
Can you clarify how others could interpret your contexts if you use your
way of putting them onto the wire and everyone else uses theirs? i.e.
how would another server know how to examine your contexts?
cheers,
j.
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
