roy siju

Greenhorn
+ Follow
since Jun 20, 2004
Merit badge: grant badges
For More
Cows and Likes
Cows
Total received
In last 30 days
0
Forums and Threads

Recent posts by roy siju

Hi Ajit,

In case of WebService also, publishing in a registry and binding it is not an mandatory action. If u know the end-point you can bind and call the Service. Isn't it ?

Any of the JAX-RPC Client types ( i.e static stub, dynamic proxy or DII ) can bind and call an endpoint without finding it in registry.

Then the binding and finding overhead will not be there. If u use Static Stub then most of the tools generate the necessary classes from the WSDL. So, the developer deals with only mainly with POJOs . Life is simpler .Isn't it ?

Thanks & Regards
Roy
Hi,

Can anyone please throw some light on the issue ?

Thanks in advance.
Roy
Hi all,

In Java petstore 1.3.2 version the Admin swing gui application connects to EJB Tier via Web Tier and with http post and passes plain XML over http. It also receives the same (i.e plain XML over http ) . So, parsing the XML and converting the java objects back to XML is there in both sides. [ I am talking about HttpPostPetStoreProxy.java ].

In Java petstore 1.3.1 version the Admin swing gui application connects to EJB Tier via Web Tier but it uses JAX-RPC (i.e WebServices ). [I am talking about WebServicePetStoreProxy.java ]

So, I have 2 questions.
=======================
(1) Why in 1.3.2 which is a later version of Petstore than 1.3.1 the WebService approach has been taken out and old "plain XML over http" has been taken ?
In this respect someone has told me that Sun has moved it WebServices related samples to Adventure Builder. Is it true ? If that is the reason to taken away the WebServices approach from Petstore demo then I think it is not good.
Is there any architectural advantage using "plain XML over http" instead of WebServices here?

(2) What is the reason Sun has taken this Swing Client --> Web Tier --> EJB Tier approach ?
Why not Swing Client -> EJB Tier ( using RMI-IIOP not EJB WebService Endpoint ). It should be faster ,no XML parsing will be there . ( If we use WebServices still the XML to object conversion will happen internally].
Or Marshalling and demarshalling of RMI-IIOP request is more expensive than WebService XML parsing/simple XML parsing ?

Has sun provided any good reason to choose this path ? Actually I have not found it in the document.

Any help will be highly appreciated.

Thanks
Roy
Another way can be implementing Service Activator pattern ( If u want to stick to ejb 1.1 spec and not want to use MDB )
http://java.sun.com/blueprints/corej2eepatterns/Patterns/ServiceActivator.html

Thanks
Roy
I think Applet web client for Customers will not be a good idea. As the customer's browser may not have JRE installed...port filtering ( if RMI is used for applet to Server communication) ...To avoid port filtering http tunneling ...blabh blabh etc complexity may arise.

Thanks
Roy
Congratulation Frans. Best of luck for your part II and III.

Thanks
Roy

Hi friends,

Passed SCEA Part I 85%
There were quite a few long questions.

Thanks for all of your support.


Thanks
Roy
Congratulations......
Best of luck for Part II and III

BTW how many lengthy questions were there ( on average ) ?
Is it too much cryptic english to understand?
Hi all,

If a System needs to encapsulate some external interface of wireless network connection. How to achieve this?

I am thinking of either stateless / stateful session bean. But not sure what to use. If it is a simple Socket connection and consecutive requests are related then it may be better to use Stateful Session Bean. But incase of wireless network I am not sure.....

Any thoughts regading Session Beans to use in this situation or can we think about something else.

Thanks
Roy
Hi All,

I get confused with different answers in different places about p2p and pub/sub.

p2p -->
1 sender 1 receiver
OR
N sender 1 receiver

pub/sub -->
1 publisher n subscriber
OR
n publisher n subscriber.

personally I have worked with p2p model in JMS and I have used BOTH 1 sender and n sender.

But, in the examination respect what is the answer ???
[ Even in some place I have found an answer - N receiver in case of p2p..Logic: only 1 receiver will receive rest of then will not receive.
]

Thanks
Roy

Hi All,

Those you have taken recent test (scea Part I) , can you throw any light on the issue:

current scea ejb1.1 or 2.0 based ?
Does any question come from ejb 2.0 ?

Thanks & Regards
Roy
Hi Peter,

Thanks for the clarification....

Just a thought...

In the SSL handshake mechanism the following is one step:

==================================================
"The client sends the ClientKeyExchange message. This is random key
material, and it is encrypted with the server�s public key. This material is
used to create the symmetric key to be used for this session, and the fact
that it is encrypted with the server�s public key is to allow a secure
transmission across the network. The server must verify that the same key
is not already in use with any other client. If this is the case, the server
asks the client for another random key." - Java 2 Network Security...

Marco Pistoia, Duane F. Reller
Deepak Gupta, Milind Nagnur, Ashok K. Ramani
Foreward by Li Gong
Distinguished Engineer and Chief Java Security Architect
Sun Microsystems, Inc.
=========================================================

So, this key is residing both in Server and Client side and this is unique for all sessions. SSL mechanism can use this key to track the user session .....But may be some security violation will occur ...don't know!!!

Any way thanks for your replies..

Thanks
Roy
Hi Peter,

Thanks for your reply.

But I am still not clear about one point.

Bothering you guys too much...sorry...but I really want to make my concepts clear.

Say https is using url rewriting to handle the session.The URL will be shown as usual isn't it?

https://some.server.domain/some/webapp?JSESSIONID=blahblah

Now if from the same browser If I jump to another URL will it be able to read the my https url(referring url) and can break into the server "some.server.domain" . This problem is there with http ( Again mentioning Cade's book..protocol --> http--> url rewriting). So the security gets compromised... What benifit I am getting out of https to become a stateful protocol.

Thanks
Roy
Hi Peter,

I have some doubt about point 2 and point 6. In Cade's book it is written ...In Protocols chapter...
Cookie and URL rewriting both can compromise security in case of http.

From Cade's Guide:
-----------------
"SSL connection also provides a maintenance of state between one request and the next. Using the state in the SSL connection at application level avoids the security problems associated with cookies or URL rewriting"

Regarding point 5 ...
In my project we have 1 web server ( SunOne WebServer ) where we have kept the static contents ( like html, javascripts, images , css etc) and the dynamic request gets forwarded to Application Server ( WAS 4.0 Which has both WebContainer and EJB container..So, Servlet , JSP, EJBs are all in AppServer ). Here I was thinking that if we would have 2 SunOne WebServer and a hardware load balancer in front of it...what will happen?

Thanks
Roy