Marcin Cinik

Greenhorn
+ Follow
since Jan 25, 2012
Cows and Likes
Cows
Total received
0
In last 30 days
0
Total given
0
Likes
Total received
0
Received in last 30 days
0
Total given
0
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Marcin Cinik

Unfortunately up to now I wasn't able to find answers - I'm too busy at the moment to investigate further. Maybe someone else already knows answers ?
8 years ago
Hello,

I have a question regarding servlet security. In the specification (in XSD) it stands:


A value of INTEGRAL means
that the application requires that the data sent between the
client and server be sent in such a way that it can’t be
changed in transit




CONFIDENTIAL means that the application
requires that the data be transmitted in a fashion that
prevents other entities from observing the contents of the
transmission



My questions:
* does INTEGRAL enforce mutual SSL authentication (so called SSL-client authentication) ? Or does it only indicate that certificate-based one-side server authentication should be conducted
* CONFIDENTIAL - it's pretty clear - when it's off - no encryption (which apparently is not mandatory in SSL), when it's on, encryption is also on - can someone confirm that ?
* is it possible in SSL to have only encryption without cert-based server authentication ? so server's identity is not confirmed by the browser ?
* how can I specify both INTEGRAL and CONFIDENTIAL - user-data-constraint is limited to allow only one transport-guarantee - should I specify 2 user-data-constraint ?





8 years ago
Would you recommend to depict any interfaces for managers / dao on component or class diagram ?
I can see that Cade skips all interfaces.
Thanks Eduardo,

For JMS I would just give "JMS API" as required interface (even though JMS API is not an interface).
When it comes to JAX-WS generated client I propose to have "javax.xml.ws.Service" as provided interface.

The deployment diagram should rather depict machines / application servers / protocols / DMZ / firewalls / load-balancers in my opinion.
Hello,

Does anyone know how to depict that my component uses JMS and JAX-WS API on component diagram ?
According to UML components have "required" interfaces which are depicted as half-round sockets, but JMS-API is comprised of many interfaces and I want to only show that component uses JMS API to send JMS message.

Another thing is generated JAX-WS web-service client. What interfaces does it realize ? How to depict its dependency on WSDL ?

JAX-WS 2.0 spec says:


4.1 javax.xml.ws.Service
Service is an abstraction that represents a WSDL service. A WSDL service is a collection of related
ports, each of which consists of a port type bound to a particular protocol and available at a particular
endpoint address.