1 of 1 people found this helpful
Normally you should set the credentials to your InitialContext.
With this context you can lookup the references to your SLSB's, you can cache it if you want (this will be a good idea because the lookup is slow)
A SLSB proxy is not connected with a special SLSB at server side.
So the reference will be valid as long as it exists.
But one restriction, it depends to the configuration whether it is valid after a complete cluster (or single node) restart.
It might happen that the reference and the InitialContext become invalid.
In this case I drop all references and re-create it.
Thank you. Would greatly appreciate any pointers to the configuration you mentioned as well for behavior after a restart.
Upon further experimentation, I think for a case like the Swing app, maintaining and sending the credentials for each lookup seems inefficient and unsafe. It will be better to use a scheme where a token is generated upon the first lookup and used for all later lookups.
Is this possible? Is SRP or Kerberos the approach to use in this case?