Re: [AXIS2] J2EE Support

[Warren Crossing <wa...@nec.com.au>]

Just had a major issue when using both ws sessions and authentication 
with jboss as.  The first call on a session worked, but the second 
method came from the ws on another thread so the jboss 
securityassociation was lost.  I have hacked a simple solution into 
EJBProvider which looks up the home again (or just do a IC.rebind and 
cause reauthentication) and creates a securityassociation local on the 
current thread.  The second call works from there.

Warren Crossing wrote:
> I use axis1-4 for ws based auth and session management, this ties 
> directly into my sessionbean using the providers and handlers from axis1-4.
> 
> If the context has a session then it talks to the same session bean 
> serviceobject.  If the context has credentials then they are passed into 
> jni to look up the ejb service object.
> 
> What I hope get from this architecture is container based transaction 
> and security support without exposing transactions or neccessarily 
> security through the wsdl. I could add another handler to map security 
> etc..
> 
> I noticed when the session is reaped on timeout that remove() is not 
> called on the session bean.  I might clone EJBProvider and implement 
> ServiceLifecycle so I can call remove() on the destroy() event.
> 
> So why go to this effort in architecture to essentially pass the buck to 
> the next component? I am essentially exposing a call-control sip stack 
> through the ws. I have no place to do any core logic, or event routing, 
> in the ws layer or in the stack as they both maintain session state and 
> transactions in completley different ways, ie cookies and dialogs.
> 
> What I really want is a transactional context to say "detect the call 
> has ended ! debit close the session and modify some database state, 
> handle failure case, make endpoint callbacks etc" which I can't get from 
> the sip stack (aka black box) and don't trust the web server to do 
> (reliably).
> 
> Another reason is I automagically get pooling of service objects. Sure I 
> have to authenticate twice a session, once in the ws and once in jni - 
> ejb, but I don't have to worry about dos and cross host usage.  I don't 
> really need session failover but that's another point for the ejb 
> container (if supported).
> 
> I also get ejb timers facility and concurrency and synchronization. So I 
> think its a win for coupling the two architectures togeather.
> 
> IMHO WS is not an application framework it's just another 
> remoting/messaging technology primarily for .NET and monkey JEE interop. 
> Otherwise why not just use IIOP? It's much faster! =)
> 
> Interested in your feedback.
> 
> 
> 
> michel.lequim@fortis.com wrote:
> 
>> Hi, axis 1 & 2 work in a J2EE environment
>>
>> Michel Lequim
>>
>> -----Original Message-----
>> From: axis-user-return-45997-michel.lequim=fortis.com@ws.apache.org
>> [mailto:axis-user-return-45997-michel.lequim=fortis.com@ws.apache.org]
>> On Behalf Of Andrew Lindley
>> Sent: Friday, June 16, 2006 11:54 AM
>> To: axis-user@ws.apache.org
>> Subject: [AXIS2] J2EE Support
>>
>> I was just wondering, why neither AXIS, nor AXIS2 do support J2EE - is
>>
>> this correct?
>> JBoss e.g. has this feature.
>>
>> Is this information correct?
>>
>> thanks,
>>
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
> 
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org