Peter Warde

Ranch Hand
+ Follow
since Aug 18, 2004
Merit badge: grant badges
For More
Cows and Likes
Total received
In last 30 days
Total given
Total received
Received in last 30 days
Total given
Given in last 30 days
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Peter Warde

Does anyone know how to map Roles stored in a database and retrieved on succesful authentication with roles in declaritive authorization constraints in the web and ejb tier?

Also are there any example out there of how this is achieved?


If you have reservation process that includes a payment transaction involving processing a credit card by accessing another system using XML-RPC over HTTPS or looking up customer details on another system using HTTPS, and you want the process to be all within a single transaction so that if the process fails at some point the payment transaction on the other system rolls back etc, how can you guarantuee this?

Or do you just assume that the other systems support transactions propagated from you to them with the HTTPS protocol?

Any one has any thoughts?


Thanks Cleuton,

I have in fact taken up the idea of a J2EE Application Client as opposed to a Java stand-alone client - it does all the work for me and is configurable through its deployment descriptor. It also can use RMI-IIOP/SSL without any additional work.

I think also there is a good adavantage of increased availability if you access the ejb container directly - if the web servers crash the client application can still access the application. You can easily use Java Web Start. The drawback is that the ejb-container must be in the DMZ if the application client is accessing it across the internet.

I think this sounds right, but any thoughts are good.

I am considering the pro's and con's of allowing an application client to access either the web or the ejb container as both are possible under the J2EE spec.

The benefits of connecting to the web tier is that only the web tier needs to be exposed to the outside world in the DMZ while the application tier can remain buried within the organisations security infra-structure behind inner firewalls. Of course this is a benefit only if the application client connects accross the internet - if it connects across a secure intranet I don't think it is a benefit as there is no exposure to the outside world.

The advantage of connectivity directly to the ejb container is that of greater performance (as the overhead of the web container is gone) and greater availability. If the web servers crash application clients can still access the system.

Does anyone have any thoughts on this (ie as to whether my reasoning are correct or not) and/or can throw any other light on this dilemma?


Hi Dan,

I do mean the class diagram. Cade shows 3 statesless session beans, but the rest are presumably POJOs eg Product, ShoppingCart, ReturnRequest etc. Some of these should be depicted in my opinion as EntityBeans eg Product (but not ShoppingCart - why isn't this shown as a Stateful Session Bean?).

What's your opinion? And why does Cade take this approach to doing his diagram. I'm somewhat confused about to what degree we should show a J2EE technology solution and have stereotypes indicting <<SessionBean>>, <<Filter>> etc in our class diagrams.

Any thoughts would be much appreciated.



I'm doing Part 2 (passed Part 1 83%) and I have 2 questions about it.

Firstly - Cade shows the domain model with only java classes with no <<EJBEntityBean>> stereotype. Why's this and how should the domain model be depicted in UML terms?

Secondly - I have read some where in this forum that it might be good idea to do a "detailed class design separated from the domain model". So is this just a series of fragments - how do you relate it to the domain mdel if it is separate from it?

Any thoughts on these ( I suppose the question is generally about how to organise the project best so any advice on this too would be good).


I'm gettint ready to move to Part 2 of SCEA. Can anybody suggest what to read for part 2 (ignoring of course the stuff on part 1). For instance are the Java Blueprints useful - and which version - and J2EE patterns etc.

Any help would be useful.

I'm a bit confused as to when you should use Java IDL and RMI/IIOP.

My understanding is that:

you should use Java IDL when you wish to access a CORBA server

you should use RMI/IIOP in an EJB application server when you wish to service requests froma CORBA server.

Is this correct? Can't RMI/IIOP access a CORBA server as well?

Any cleaing up of the distinction between Java IDL and RMI/IIOP would be greatly appreciated.


From my understand the prototype pattern in Java means clone(). What is exactly the difference between myClass.clone() and new MyClass()?
Can anybody recommend a good UML tool to use with Netbeans? Everything seems to be for Eclipse.


I'm building a FAQ ie a load of questions followed by the answers. You click on the question and you get the answer.

I'm using html links for the questions and html anchors for the answer as both questions and answers are in the same page ie

<a href="#answer">question</a>


<a name="answer"/>answer</a>

This fairly standard, but the trouble is that the answers don't always position themselves to the top of the page.

Why is this and is their a solution to this? What is the proper design for a FAQ?

Can anyone help?

The Concept objects state that

- Draw UML Diagrams
- Interpret UML diagrams

I'm using UML Distilled and it lists the following UML diagrams:

- Class
- Sequence
- Object
- Package
- Deployment
- Use Cases
- State Machine
- Communication
- Composite
- Component
- Collaborations
- Interaction Overview
- Timing

Are we supposed to study all these and are there any missing? Is UML Distilled the right book to use for this. And to what depth do we need to go?

Any help?


My lowest score was on EL
17 years ago