3 Replies Latest reply on Jul 6, 2011 1:01 PM by raylite3

    Authentication in swing app using EJB

    raylite3 Apprentice

      Hello,

       

      I need to build a Swing application that uses EJBs. When I first launch the Swing application, it prompts the user for credentials and then looks up SLSB and holds references to them for the lifetime of the application.

       

      What is recommended approach for such an application? Upon launch, do I lookup the EJB and use that as the authentication mechanism? Is there a provision to timeout these EJB due to inactivity, etc., and if so how will it re-authenticate?

       

      Thanks

        • 1. Re: Authentication in swing app using EJB
          Wolf-Dieter Fink Master

          Normally you should set the credentials to your InitialContext.

          With this context you can lookup the references to your SLSB's, you can cache it if you want (this will be a good idea because the lookup is slow)

          A SLSB proxy is not connected with a special SLSB at server side.

          So the reference will be valid as long as it exists.

          But one restriction, it depends to the configuration whether it is valid after a complete cluster (or single node) restart.

          It might happen that the reference and the InitialContext become invalid.

          In this case I drop all references and re-create it.

          1 of 1 people found this helpful
          • 2. Re: Authentication in swing app using EJB
            raylite3 Apprentice

            Thank you. Would greatly appreciate any pointers to the configuration you mentioned as well for behavior after a restart.

            • 3. Re: Authentication in swing app using EJB
              raylite3 Apprentice

              Hello,

               

              Upon further experimentation, I think for a case like the Swing app, maintaining and sending the credentials for each lookup seems inefficient and unsafe. It will be better to use a scheme where a token is generated upon the first lookup and used for all later lookups.

               

              Is this possible? Is SRP or Kerberos the approach to use in this case?

              Thanks,