View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3821638#3821638
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3821638 I would still recommend using only local interfaces for entity beans and only letting EJBs access them to ensure several things: - They cannot be accessed by remote machines (security). - You'll have the ability to use CMR with CMP beans. - You create proper design where the Web tier is oblivious to data sources and operations. The EJB tier, likewise, should focus on data and business functionality, oblivious to client presentation. This design encourages modularity and reuse, among other things. Keep in mind that remote interfaces are accessable anywhere on the network that is reachable. Local interfaces are not accessible outside the container. I personally never access local interfaces from outside an EJB module to ensure that the remote session interfaces correctly spec the requirements of the web modules, no more, no less, so web modules can be safely distributed in any container while EJB modules truly encapsulate the "how" of the business process. An example is an EJB module that authenticates users. The client can call it oblivious to how users are authenticated. They do not need to know that LDAP even exists, let alone if it is being used. At the same time, the remote interface methods are limited enough to ensure that it is impossible to obtain a valid session token without proper credentials. I wish that local interfaces weren't accessible outside the EJB module because it is unnecesarily challenging to secure an EJB module from rogue or compromised processes in the same container. If classes can have private and protected members, then why can't local interfaces have some sort of intrinsic protection? ------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
