Win a copy of Beginning Java 17 Fundamentals: Object-Oriented Programming in Java 17 this week in the Java in General forum!

Marcin Cinik

+ Follow
since Jan 25, 2012
Cows and Likes
Total received
In last 30 days
Total given
Total received
Received in last 30 days
Total given
Given in last 30 days
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Marcin Cinik

Unfortunately up to now I wasn't able to find answers - I'm too busy at the moment to investigate further. Maybe someone else already knows answers ?
9 years ago

I have a question regarding servlet security. In the specification (in XSD) it stands:

A value of INTEGRAL means
that the application requires that the data sent between the
client and server be sent in such a way that it can’t be
changed in transit

CONFIDENTIAL means that the application
requires that the data be transmitted in a fashion that
prevents other entities from observing the contents of the

My questions:
* does INTEGRAL enforce mutual SSL authentication (so called SSL-client authentication) ? Or does it only indicate that certificate-based one-side server authentication should be conducted
* CONFIDENTIAL - it's pretty clear - when it's off - no encryption (which apparently is not mandatory in SSL), when it's on, encryption is also on - can someone confirm that ?
* is it possible in SSL to have only encryption without cert-based server authentication ? so server's identity is not confirmed by the browser ?
* how can I specify both INTEGRAL and CONFIDENTIAL - user-data-constraint is limited to allow only one transport-guarantee - should I specify 2 user-data-constraint ?

9 years ago
Would you recommend to depict any interfaces for managers / dao on component or class diagram ?
I can see that Cade skips all interfaces.
Thanks Eduardo,

For JMS I would just give "JMS API" as required interface (even though JMS API is not an interface).
When it comes to JAX-WS generated client I propose to have "" as provided interface.

The deployment diagram should rather depict machines / application servers / protocols / DMZ / firewalls / load-balancers in my opinion.

Does anyone know how to depict that my component uses JMS and JAX-WS API on component diagram ?
According to UML components have "required" interfaces which are depicted as half-round sockets, but JMS-API is comprised of many interfaces and I want to only show that component uses JMS API to send JMS message.

Another thing is generated JAX-WS web-service client. What interfaces does it realize ? How to depict its dependency on WSDL ?

JAX-WS 2.0 spec says:

Service is an abstraction that represents a WSDL service. A WSDL service is a collection of related
ports, each of which consists of a port type bound to a particular protocol and available at a particular
endpoint address.