Yes it is possible. Sun is making RMI/IIOP as standard for J2EE servers. And we can use SSL with enterprise applications using latest App Servers. Here the ORBs could delegate the authentication to SSL. SSL can use certificate based authentication. This is standardized. If both ORBs were written to use IIOP/SSL then the server could get the client credentials from SSL. Cheers.