-
1. Re: Authentication in swing app using EJB
wdfink Jun 24, 2011 9:16 AM (in response to raylite3)1 of 1 people found this helpfulNormally you should set the credentials to your InitialContext.
With this context you can lookup the references to your SLSB's, you can cache it if you want (this will be a good idea because the lookup is slow)
A SLSB proxy is not connected with a special SLSB at server side.
So the reference will be valid as long as it exists.
But one restriction, it depends to the configuration whether it is valid after a complete cluster (or single node) restart.
It might happen that the reference and the InitialContext become invalid.
In this case I drop all references and re-create it.
-
2. Re: Authentication in swing app using EJB
raylite3 Jun 24, 2011 12:40 PM (in response to wdfink)Thank you. Would greatly appreciate any pointers to the configuration you mentioned as well for behavior after a restart.
-
3. Re: Authentication in swing app using EJB
raylite3 Jul 6, 2011 1:01 PM (in response to raylite3)Hello,
Upon further experimentation, I think for a case like the Swing app, maintaining and sending the credentials for each lookup seems inefficient and unsafe. It will be better to use a scheme where a token is generated upon the first lookup and used for all later lookups.
Is this possible? Is SRP or Kerberos the approach to use in this case?
Thanks,