EJB programming & troubleshooting: Without JNDI in EJB
As everybody aware that, to get the reference of the component, you need to use the JNDI lookup to get the reference. Is there any other way by which I can get the reference of the component, other than JNDI.
Why I am asking this question is, Can anybody (Unauthorized Person) lookup my component other than the authorized clients. For security reasons, I don’t want anyone (Unauthorized Person) to look-up for my component from the remote place.
Please help me out.
Thanks in advance
Inter component calls always uses JNDI. However if it is security that you are worried about: The EJB specification has very clear rules for Security that needs to be implemented by the container, which establishes control over who can access the Beans and the other resources in your application. So JNDI or not, there is little scope for a remote unauthorized client to access your beans. Of course once again the Application has to be architected to authenticate and authorize the client, be it a Servlet or a Browser or Stand alone client.