EJB design: EJB3: Stateful session bean servicing stateless webservice bean

  1. I'm looking into writing a login/session handling system in EJB3. This is what I'm thinking: Entity Bean -> Session Facade -> Session Bean (business logic, stateful) -> WebService implementation (stateless session bean). But what I don't understand is; how does the stateless webservice session bean know which stateful session bean to contact? How does this happen? Also, this problem has to have been solved before -- how to generate unique sessionID for the client etc. Does anyone have info/links that could be of help?
  2. to answer your question, you need to have separate authenticate/security session bean whose acls are non restrictive for a guest to pass in his credentials... once authenticated against LDAP/Database/NTLM, you can get a handle creating a stateful session bean, the handle info is stored in httpsession or any secondary data source... Bhagvan K http://www.jroller.com/page/bhagvank
  3. Thanks for your reploy Bhagvan! You say a a statefull session bean handle is stored in HTTPSession .. that sounds like what I want to do. But what I don't understand is the lookup the webservice bean does to find the stateful session bean for a particular client. Cause the client needs to go through the webservice no matter what (this is going to be an API open to authenticated users). Do you have some example code of that, or maybe a link explaining it?
  4. Only Stateless Session Bean can be exposed as a Web Service