Application Server 6.x provides a client-side callback mechanism that enables applications to collect authentication data from the user, such as the username and the password.The authentication data collected by the iPlanet CORBA infrastructure is propagated to the application server via IIOP.
If ORBIX 2000 is the ORB used for RMI/IIOP, portable interceptors implement security by providing hooks, or interception points, which define stages within the request and reply sequence.
The authentication is done based on JAAS (Java Authorization and Authentication System API). If a client does not provide a CallbackHandler, then the default CallbackHandler, called the LoginModule, is used by the ACC to obtain the authentication data.
For detailed instructions on using JAAS for authentication, see Chapter 8, Configuring Security, in Sun Java System Application Server Platform Edition 9 Administration Guide.
In Application Server 6.x, no separate appclient script is provided. You are required to place the iasacc.jar file in the classpath instead of the iascleint.jar file. The only benefit of using the ACC for packaging application clients in 6.x is that the JNDI names specified in the client application are indirectly mapped to the absolute JNDI names of the EJBs.
In case of Application Server 6.x applications, a stand-alone client uses the absolute name of the EJB in the JNDI lookup. That is, outside an ACC, the following approach is used to lookup the JNDI:
If your application was developed using Application Server 6.5 SP3, you would have used the prefix “java:comp/env/ejb/” when performing lookups via absolute references.
In Sun Java System Application Server 9, the JNDI lookup is done on the jndi-name of the EJB. The absolute name of the ejb must not be used. Also, the prefix, java:comp/env/ejb is not supported in Sun Java System Application Server 9. Replace the iasclient.jar, iasacc.jar, or javax.jar JAR files in the classpath with appserv-ext.jar.
If your application provides load balancing capabilities, in Sun Java System Application Server 9, load balancing capabilities are supported only in the form of S1ASCTXFactory as the context factory on the client side and then specifying the alternate hosts and ports in the cluster by setting the com.sun.appserv.iiop.loadbalancingpolicy system property as follows:
This property provides the administrator with a list of host:port combinations to round robin the ORBs. These host names can also map to multiple IP addresses. If this property is used along with org.omg.CORBA.ORBInitialHost and org.omg.CORBA.ORBInitialPort as system properties, the round robin algorithm will round robin across all the values provided. If, however, a host name and port number are provided in your code, in the environment object, that value overrides any other system property settings.
The Provider URL to which the client is connected in Application Server 6.5 is the IIOP host and port of the CORBA Executive Engine (CXS Engine). In case of Sun Java System Application Server 9, the client needs to specify the IIOP listener Host and Port number of the instance. No separate CXS engine exists in Sun Java System Application Server 9.
The default IIOP port is 3700 in Sun Java System Application Server 9; the actual value of the IIOP Port can be found in the domain.xml configuration file.