Rick McGuire wrote:
After spending a good year+ dealing with issues involving CorbaBean,
CSSBean, and TSSBean I've come to the realization that part of the
problem with understanding how these work is the names are
misleading...particularly CSSBean and TSSBean.
TSSBean calls itself the "CORBA Target Security Service". While some
aspects of its configuration involve defining transport level
security, this bean is really a proxy that manages a POA instance for
exposing an EJB container as a CORBA object. The TSSBean name
somehow obscures the fact that there is a TSSBean instance for every
exported EJB. CorbaObjectProxy or EjbPoaProxy might be better names.
CSSBean calls itself the "CORBA Client Security Server". Similar
problem with TSSBean. Security is only one aspect of this bean....and
it's not really a "Server". CorbaClientObject might make it a little
clearer what's being configured.
CorbaBean is not too bad, but it seems to imply a global CORBA
configuration rather than configuring a single ORB instance.
CorbaServerOrb would capture the essential server-side ORB nature of
this.
Rick
For the curious, the acronyms come from the CORBA Security spec CSIv2.
This spec outlines how the client side code, CSS, sets up the security
context with the server side code, TSS; the security context includes
the transport level security, as you had mentioned as well as the shared
security context creation and what security information gets generated
inside the IOR for the objects. The sole purpose of these two beans is
to set up these security contexts as specified under CSIv2, IIRC.
With that said, I don't think that we should obfuscate their CSIv2 roots
but, I am not married to those particular names. Just my personal
preference that you must take with a grain of salt.
Regards,
Alan
