A solution is to create separate EJBHomeFactories for clients that require different JNDI authentication.
But remember, the main reason for implementing a Factory in the first place is for performance. 99% of the time, this is used in a single-point-of-entry servlet that serves "anonymous" requests. This type of application is very different from, say, a standalone java application where you log in, request a Context, and want to know what resources you have access to. In this latter example, you're better served creating a new InitialContext each time, since throughput performance is not an issue.
Gene
Rajeev Dave <[EMAIL PROTECTED]> wrote:
ok I'll try to explain more on this. Typically the client accessing and
using this factory will look like
public class Client{
Client() {
try{
EJBHomeFactory fact = EJBHomeFactory.getFactory();
HelloWorldHome home =
(HelloWorldHome)fact.getHomeInterface(HelloWorldHome.class,
"rahul.HelloWorldBean");
HelloWorldEJBObject hello = home.create();
System.out.println("Client says:"+hello.printMessage());
}catch(Exception e){
e.printStackTrace();
}
}
public static void main(String a[]){
new Client();
}
}
Here how/where will the client get a chance to specify what is his
username/password. He is just getting it from the factory and the factory
has already got a EJBHome object sitting in a hashtable which is what is
returned. Note here that the factory will have specified a UID/Pass while
getting home object for the first time.
Am I missing something here. Please excuse me if it is something very
trivial but let me know what it is...
- Rajeev
-----Original Message-----
From: Rickard [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 15, 2002 2:46 PM
To: [EMAIL PROTECTED]
Subject: Re: EJBHome Factory - Home Object Caching
Rajeev Dave wrote:
> I assume that security is not taken into account in this discussion.
> What if there is a security constraint on Home interface which declares
> that only principal with Role 'X' can access the methods of the interface.
Then those checks will be performed when those methods are invoked.
The problem you outline does not exist.
/Rickard
--
Rickard �berg
Author of "Mastering RMI"
Chief Architect, TheServerSide.com
The Middleware Company - We Build Experts!
===========================================================================
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
==========================================================================To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff EJB-INTEREST". For general help, send email to
[EMAIL PROTECTED] and include in the body of the message "help".
Do You Yahoo!?
Got something to say? Say it better with Yahoo! Video Mail
