I am doing scea part-2. In my assignment there is an external Inventory System which is java based and owned by the client company itself for which I am supposed to develop the SuD. I am assuming that the InventorySystem have exposed remote EJB services to cater the need of the inventory checking required by SuD.From my SuD, I am making remote EJB call ( and not the Web Service call) to get the inventory level. I am also assuming that both the SuD and the Inventory system will be within the same firewall and no specific security measure is needed.
My confusions are following:
1) Is my assumption about the external inventory lookup through remote EJB call ( and NOT through the Web Service call) correct/possible?
2) Is my assumption about the requirement of no special security measurement correct?
Please provide your opinion/suggestions regarding this.
Sounds like a factory homes assignment, if it is, then its already assumed that the inventory system is web service based, i could agree with the second point if you describe it in your assumption list but I wouldn't agree with the first one as its already stated in the assignment description and in my opinion shouldn't be changed.
For your first assumption, either of EJB or webservice should be fine.. But for second one, you need to have some security considerations. Transport level security may not be required within LAN but request still needs to be authenticated and authorized.