Sun Java System Application Server Enterprise Edition 8.1 2005Q2 Upgrade and Migration Guide

Migrating Rich Clients

This section describes the steps for migrating RMI/IIOP and ACC clients developed in Planet Application Server 6.x to the Application Server.

Authenticating a Client in Application Server 6.x

Application Server 6.x provides a client-side callback mechanism that enables applications to collect authentication data from the user, such as the username and the password.The authentication data collected by the iPlanet CORBA infrastructure is propagated to the application server via IIOP.

If ORBIX 2000 is the ORB used for RMI/IIOP, portable interceptors implement security by providing hooks, or interception points, which define stages within the request and reply sequence.

Authenticating a Client in Sun Java System Application Server 8.1

The authentication is done based on JAAS (Java Authorization and Authentication System API). If a client does not provide a CallbackHandler, then the default CallbackHandler, called the LoginModule, is used by the ACC to obtain the authentication data.

For detailed instructions on using JAAS for authentication, see Chapter 9, Configuring Security, in Sun Java System Application Server Enterprise Edition 8.1 2005Q2 Administration Guide.

Using ACC in Application Server 6.x and Sun Java System Application Server 8.1

In Application Server 6.x, no separate appclient script is provided. You are required to place the iasacc.jar file in the classpath instead of the iascleint.jar file. The only benefit of using the ACC for packaging application clients in 6.x is that the JNDI names specified in the client application are indirectly mapped to the absolute JNDI names of the EJBs.

In case of Application Server 6.x applications, a stand-alone client uses the absolute name of the EJB in the JNDI lookup. That is, outside an ACC, the following approach is used to lookup the JNDI:


If your application was developed using Application Server 6.5 SP3, you would have used the prefix “java:comp/env/ejb/” when performing lookups via absolute references.


In Sun Java System Application Server 8.1, the JNDI lookup is done on the jndi-name of the EJB. The absolute name of the ejb must not be used. Also, the prefix, java:comp/env/ejb is not supported in Sun Java System Application Server 8.1. Replace the iasclient.jar, iasacc.jar, or javax.jar JAR files in the classpath with appserv-ext.jar.

If your application provides load balancing capabilities, in Sun Java System Application Server 8.1, load balancing capabilities are supported only in the form of S1ASCTXFactory as the context factory on the client side and then specifying the alternate hosts and ports in the cluster by setting the com.sun.appserv.iiop.loadbalancingpolicy system property as follows:


This property provides the administrator with a list of host:port combinations to round robin the ORBs. These host names can also map to multiple IP addresses. If this property is used along with org.omg.CORBA.ORBInitialHost and org.omg.CORBA.ORBInitialPort as system properties, the round robin algorithm will round robin across all the values provided. If, however, a host name and port number are provided in your code, in the environment object, that value overrides any other system property settings.

The Provider URL to which the client is connected in Application Server 6.5 is the IIOP host and port of the CORBA Executive Engine (CXS Engine). In case of Sun Java System Application Server 8.1, the client needs to specify the IIOP listener Host and Port number of the instance. No separate CXS engine exists in Sun Java System Application Server 8.1.

The default IIOP port is 3700 in Sun Java System Application Server 8.1; the actual value of the IIOP Port can be found in the domain.xml configuration file.

Load-balancing and Failover Features in ACC Clients (Enterprise Edition)

Load balancing is handled implicitly by the CXS engine in SunONE Application Server 6.5 upon number of Java engines registered. In Application Server 8.1 Enterprise Edition, this feature requires explicit configuration details from the clients.

After migrating the deployment descriptors from 6.x to 8.1, provide the configuration details in the sun-acc.xml file to enable failover capabilities in your ACC client. See Migrating Deployment Descriptors for information on migrating deployment descriptors.

Define the load balancing properties in the sun-acc.xml file to provide a highly available ACC client. The properties are defined as property elements in the sun-acc.xml file.

For example:

   <target-server name="qasol-e1" address="qasol-e1" port="3700">
   <property name="com.sun.appserv.iiop.loadbalancingpolicy" value="ic-based" />
   <property name="com.sun.appserv.iiop.endpoints" value="qasol-e1:3700,qasol-e1:3800" />

To failover an ACC client on the RMI/IIOP path, information about all the endpoints in a cluster to which the RMI/ IIOP requests can be failed over must be available. You must have defined the IIOP endpoints in the domain.xml file. The iiop-cluster element under the availability-service element defines the IIOP endpoints.

For more information, see Chapter 4, Configuring Load Balancing and Failover, in Sun Java System Application Server Enterprise Edition 8.1 2005Q2 High Availability Administration Guide.