aspose file tools*
The moose likes EJB and other Java EE Technologies and the fly likes Access restriction on application classes Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Java » EJB and other Java EE Technologies
Bookmark "Access restriction on application classes " Watch "Access restriction on application classes " New topic
Author

Access restriction on application classes

Christophe Monnet
Greenhorn

Joined: Nov 05, 2001
Posts: 11

Hi,
We are developing a EJB-based business application which publishes an
API for the Client application. These APIs are actually the methods of
the EJBRemote objects. The processing flow for any API call from the
Client application is as follows:
Client application -> Session Bean -> Business Object (which does
Validation) -> Business Object (which interacts with the Data access
layer) -> Data access layer.
Now, is it possible to restrict the Client application from directly
calling the Business Object (which interacts with the Data access
layer) without calling the Session Bean layer (thus breaking our
application). In other words, can we force the Client application to
call only our Session Beans?
Since we are hosting our application on an application server
(Weblogic, Websphere etc), the Client may use this application server
for hosting other applications as well; hence we have limited control
on the application server behaviour.
Any idea is welcome.

Regards
Sandeep
Kyle Brown
author
Ranch Hand

Joined: Aug 10, 2001
Posts: 3892
    
    5
It seems to me like not allowing the JAR files that contain the business objects to be installed on the client machines would work fine.
Another option would be to (perhaps) include a check in the top-level business object for something that can only be provided by the Session EJB (perhaps the EJB context).
Kyle
------------------
Kyle Brown,
Author of Enterprise Java (tm) Programming with IBM Websphere
See my homepage at http://members.aol.com/kgb1001001 for other WebSphere information.
[This message has been edited by Kyle Brown (edited October 25, 2001).]


Kyle Brown, Author of Persistence in the Enterprise and Enterprise Java Programming with IBM Websphere, 2nd Edition
See my homepage at http://www.kyle-brown.com/ for other WebSphere information.
 
Don't get me started about those stupid light bulbs.
 
subject: Access restriction on application classes