I have to design a system where at one end there will be a web server running web application that will accessed by the client.
And there will be a application server in some other place. The web application I mentioned above will communicate with this application server. Then this application server will communicate with another System using socket programming. I had made my mind to use EJB in this part but later I found that there are some restriction in EJB for socket programming. So can I use any other J2EE components to do the job for us.
We have decided not to use web services because of security reasons.
I would be thankful if anybody tell what would be the best design for our system.
As long as you are not opening a server socket in the ejb tier there is no issues.
For example in your session bean it is perfectly fine to make http connection / open any port to send and read some data then close the socket.
Just think of JDBC connections in the ejb tier opening any port of database ..........
That means that we cannot open server socket in EJB? It it some kind of restriction from the side of applicaiton server or its just like a bad design?
I assume EJB a session bean. There is no restriction for session bean to use socket or other resource. Your EJB as a middleware between your webserver(client) and other third party system (Some other system) is a good solution.
Why did you see security issues in web services ?
I can help you more if you can give simple overview of the system you are trying to develop.