Hi
IMHO Firewalls are the work of the devil. Completely false feeling of security,
particularly with HTTP CONNECT.
Joel Crisp (speaking for myself, not SUN).
Steve Demuth wrote:
>
> Some vendors have this capability in their CORBA orbs. Visigenic's orb,
> e.g. can (pretty much tranparently) wrap IIOP in HTTP or HTTPS to tunnel
> through client firewalls.
>
> My concern about this approach, whether it's SOAP or HTTP tunneling of IIOP
> is that it's a cobbled together solution for what should be a non-problem.
> We need to do a lot of evangalism in the corporate security community to
> convincingly demonstrate that properly configured, IIOP channels in their
> firewalls (and around their proxy servers!) are no more (and probably
> less), dangerous than the ubiquitous HTTP on port 80. The only reason
> we're even tempted to migrate to doing RMI/RPC via HTTP is because it's the
> lowest common denominator for security.
>
> As far as SOAP as a way to tie together CORBA, RMI and DCOM is concerned: I
> doubt that's Microsofts goal. Even if it is, XML is a small part of the
> solution. Any of us could write code to re-marshal and un-marshal IIOP or
> DCOM into XML very easily. But these three protocols are not semantically
> equivalent, and you can bridge them only with significant effort, or by
> applying (again) a least common denominator approach that throws away as
> much as it salvages.
>
> At 10:24 AM 10/21/99 +0200, you wrote:
>
> >Using DCOM for this is virtually impossible, but the same is more or less the
> >case with RMI/IIOP because of firewall problems, although in a controlled
> >extranet configuration one could configure the firewall to let through IIOP
> >packets. SOAP is a way to package a DCOM call as an XML message and thus
> >overcoming the firewall problem, while COM components running on an intranet
> >would still use DCOM to communicate.
> >
> >A similar approach would IMHO be very useful also for the EJB/CORBA world.
> >
>
> Steve Demuth
>
> Director of Technology Research
> Artemis Alliance, Inc. An Inprise Premier Partner
> 2750 Lannon Hill Road
> Decorah, Iowa 52101
> 651-227-7172 (Typically Mon-Tue) or 319-382-0593 (Wed-Fri)
>
> ===========================================================================
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
> of the message "signoff EJB-INTEREST". For general help, send email to
> [EMAIL PROTECTED] and include in the body of the message "help".
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
