Jon Tirsen wrote:
> > > Yes, but there is no standard way for the
> > application-client-container to
> > > propagate the sec. attr. to the ejb-container. More on that later.
> >
> > IIOP, Kerberos, IPSEC, HTTP, security context over RMI, etc.
>
> Yes, there are standards, but no Java-standard. It's the last one "security
> context over RMI" that is not standardized.
> Or...is it? I haven't read about such a thing. I thought that each vendor
> implemented their own proprietary (implicit, that is) propagation technique.
>
I'm not interested in using any kind of standard for propagating context, but
I'm interested in using IIOP. What matter here is that RMI-IIOP will become the
mandatory communication protocole for J2EE and I hope we will rely on IIOP
paterns for transmitting security and transaction context. SUN now has to
specify a fix place for putting those context information into the IIOP stack,
in other to enable true ORB interoperability. Let's learn from "Other's
mistakes" (CORBA interoperability).
--
Francis Pouatcha
MATHEMA Software GmbH
http://www.mathema.de
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
