Laird Nelson wrote:
>
> Avi Kivity wrote:
> > > InitialContext context = new InitialContext();
> > That's the generic and simple way. Recommended.
>
> On a related note: I've observed with Weblogic and other ejb containers
> that if you include SECURITY_PRINCIPAL and SECURITY_CREDENTIALS in this
> new InitialContext() call that this applicable-to-JNDI-only information
> is used to seed the *ejb container's* calling principal! This is also
> (oddly enough) encouraged in some example code that I've seen. Surely
> this is wrong?! The SECURITY_PRINCIPAL etc. used at the JNDI layer is
> NOT the same as the calling principal at the EJB layer, correct?
Not necessarily, but on the other hand if the JNDI provider is hosted within
the EJB server, they may be one and the same.
> But then there doesn't seem to be a container-independent way to set the
> calling principal on the EJB side, does there?
Correct. J2EE 1.3's RMI/IIOP interoperability requirements (for security) will
hopefully allow this to be addressed in a standard manner at least for IIOP.
> Cheers,
> Laird
>
> ===========================================================================
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
> of the message "signoff EJB-INTEREST". For general help, send email to
> [EMAIL PROTECTED] and include in the body of the message "help".
--
________________________________________________________________________________
Evan Ireland Sybase EAServer Engineering [EMAIL PROTECTED]
Wellington, New Zealand +64 4 934-5856
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
