1 Reply Latest reply on Jul 23, 2003 8:22 AM by jarikr

    Invocations between EJB components from different security d

    cllach Newbie

      I have two web applications with differents security domains.

      The business components (EJB) of the first web application use the business components (EJB) of the second web application. These EJB components runs on different security domain. How can invoke them?

      If I can't invoke ejbs from different security domain, how can invoke shared ejb components for multiple web applications in a security context? Thank you.

        • 1. Re: Invocations between EJB components from different securi
          jarikr Newbie

          Hi,

          I'm having the same problem. The EJB spec contains such scenarios that allow the creation of a trust relationship between two EJB container, like there exists a trust relationship between the EJB and the WEB container. (Chapter 19 in EJB 2.0).

          The JBoss SX architecture motivated the idea to use JAAS for that purpose. Unfortunately this easier said as done. My attempt was to create a "gateway bean" working like a facade that takes calls of the first EJB container, uses credentials to log on the other container and delegate the call. This has the great restriction that all calls have to be made by the (stateful) gateway bean (it acts as a client and is the only one with the correct security context). Besides it has to authenticate for every call with is a big performance issue.

          So the other idea is to use the SSL enabled JRMPInvoker (i'm trying to get it to work at the moment, but unfortunately the invoker conf in JBoss 3.2.1 has changed somehow and I can't find any documentation for it).

          well I hoped that helped a bit,
          regards, Jari