David, Thanks for the fast response. Unfortunately a Geronimo upgrade requires a significant time investment on our part and so tinkering around with a 2.2 snapshot is most likely out of the question. If there is no way of securing remote ejb communication in 2.1.4 then we will need to wait for the official release of Geronimo 2.2. For our planning purposes, can you provide any insight as to when Geronimo 2.2 will be released? It would be extremely helpful if we had an estimate that is more precise than the "Q3 2009" listed on Geronimo's site. Thanks again, Joe
> Hi, > > Is it possible to perform secure EJB communication over SSL using > openejb-3.0.1? Our application communicates from client to server > using > remote EJB method calls and Geronimo-2.1.4, which in turn uses > Openejb-3.0.1. We need to achieve SSL encrypted communication for our > EJBs for our client to server communication. I've been searching for > some time for an example of how to achieve this. In my searches I came > across OPENEJB-785 (http://issues.apache.org/jira/browse/OPENEJB-785) > which appears to be a blocking bug that was resolved in Openejb-3.1 > and > thus did not make it into our version of Geronimo. This would lead > me to > believe that secure EJB communication is not possible for us with our > version of Openejb and Geronimo. Right. The good news is that Geronimo 2.2 has been branched and is frozen and should be released as soon as we can get final binaries from our dependent projects (activemq, xbean, openejb, etc.). This will contain OpenEJB 3.1.2 which does have the SSL feature. It also has a reworked client/server protocol that is *way* faster in remote communication. > How are people addressing the problem of encrypted EJB communication > in > Openejb-3.0.1? Any chance you'd be willing to try a snapshot of 2.2? Would be happy to build you one. -David
