A lightweight swing client that looks up a session bean to make calls to it and also connects to a jms queue, is to be deployed to run over the internet.
At the moment this would require a lot of firewall ports opened to our JBoss server to allow access to all the services needed to invoke a session bean over the internet. Naming service, RmiPort, MRIOBjectPort etc.
Is there a more secure pattern for accessing JMS from an internet client than doing it directly like this?
I'll answer my own question. I'd say a business delegate is required on the server to separate the webapp presentation from the session facade lookup.