user manual

ManualsBrandsBorland Software ManualsHome Theater ServerHome Theater Server 6

121

122

123

124

125

126

127

128

129

130

Chapter 11: Writing enterprise bean clients 113

EJB to CORBA mapping

Current current = Current.narrow( obj );

if( current == NULL ) {

cerr << "Couldn't resolve current" << endl;

exit( 1 );

}

// execute transaction

try {

current->begin();

atmSession->transfer("checking", "saving", 100.00 );

current->commit( 0 );

} catch( ... ) {

current->rollback();

}

catch( ... ) {

...

}

Mapping for security

Security aspects of the EJB specification focuses on controlling access to

enterprise beans. CORBA defines a number of ways to define the identities,

including the following cases:

■

Plain IIOP. CORBA's principal interface was deprecated in early 1998. The

principal interface was intended for determining the identity of a client.

However, the authors of the CORBA security services implemented a

different approach, GIOP.

■

The GIOP specification contains a component called service context, which

is an array of value pairs. The identifier is a CORBA long and the value is a

sequence of octet. Among other purposes, entries in the service context

can be used to identify a caller.

■

Secure IIOP. The CORBA security specification defines an opaque data

type for the identity. The real type of the identity is determined by the

chosen security mechanism; for example, GSS Kerberos, SPKM, or CSI-

ECMA.

■

IIOP over SSL. SSL uses X.509 certificates to identify servers and,

optionally, clients. When a server requests a client certificate, the server

can use the certificate as a client identity.