geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kington, Max" <mking...@espeed.co.uk>
Subject RE: JNDI Impl
Date Fri, 08 Aug 2003 13:11:55 GMT
With regards to point 3, absolutely. Why you say, well

JDBC connections offer SSL connections to and from hosts. 
JMS providers offer SSL connections between providers/consumers and servers

In any half secured environment, you do these things, if
you then go an add administered objects to an insecure JNDI
this negates the whole effort.  JNDI is often overlooked as
a very core point of any security architecture.

Max


-----Original Message-----
From: Aaron Mulder [mailto:ammulder@alumni.princeton.edu]
Sent: 08 August 2003 15:33
To: geronimo-dev@incubator.apache.org
Subject: Re: JNDI Impl


	I'll suggest a couple things to think about for the JNDI 
implementation:

1) Should there be a remote JNDI?  It's traditional, but not really 
required by the specs AFAICT, as long as you don't mind forcing all 
application clients to use a client container.

2) If so, should there be one JNDI impl with both local and remote 
features, or two separate impls, a remote-only and a local-only

3) If there is a remote JNDI, should it be "securable"?  That is, should 
you be able to require people to log in in order to access it?

Aaron

On Fri, 8 Aug 2003, Richard Monson-Haefel wrote:
> The JNDI implementation I wrote for OpenEJB was really simple. It used a
> binary tree to locate sub contexts and cached lookups for speed. It wasn't
a
> full fledged JNDI implementation in that you could not dynamically bind or
> unbind objects. The JNDI Environment Naming Context is supposed to be
> immutable after server start up. That's why its possible to create a very
> lightweight implementation that is easy to maintain and very fast.
> 
> If you created a stand alone JNDI ENC it wouldn't be very useful outside
of
> the J2EE context.  It may be better in the long run to have a complete
JNDI
> implementation which is based on something in the commons. For the short
> term, however, we can use something more akin to what I created for
OpenEJB
> -- its doesn't take long to create and is flexible enough to play nice
with
> other systems.
> 
> James Strachan wrote:
> 
> > Just a thought - Richard do you think the JNDI is gonna need much hooks
> > to Geronimo or will it be just a 100% vanilla JNDI.
> >
> > Am wondering if (say) Henri moved the JNDI to Jakarta Commons for us so
> > its easy to reuse (thanks Henri!), we could then add any extra stuff we
> > need inside Geronimo for now and if it turns out that some reusable
> > code can be pushed back into Commons we can do that too.
> >
> > On Friday, August 8, 2003, at 08:04  am, Henri Yandell wrote:
> >
> > >
> > > Additional:
> > >
> > > Am also a Commons committer, so can handle things like setting the
> > > project
> > > up and website etc.
> > >
> > > I believe the person to speak to about the Tomcat JNDI is Costin
> > > Manolache. No idea if he's hooked into the Geronimo feed yet.
> > >
> > > Hen
> > >
> > > On Fri, 8 Aug 2003, Henri Yandell wrote:
> > >
> > >>
> > >> I'm happy to help with the JNDI if required. Moving Tomcat's JNDI
> > >> impl to
> > >> Commons has been a 'how the hell do I approach that' task on my list
> > >> for a
> > >> while.
> > >>
> > >> I've also got a peculiar JNDI implementation
> > >> [http://www.osjava.org/simple-jndi] so might have some odd ideas to
> > >> throw
> > >> in.
> > >>
> > >> Hen
> > >>
> > >> On Thu, 7 Aug 2003, Richard Monson-Haefel wrote:
> > >>
> > >>> I created a JNDI implementation for the Environment Naming Context
in
> > >>> OpenEJB that was simple and fast.  I think David Blevin's may have
> > >>> modified it so that it plays nice with servlets in Tomcat or with
> > >>> Tomcat's JNDI implementation. At any rate, I would be happy to
> > >>> recreate
> > >>> a similar implementation for Geronimo.  Should I plan on doing this?
> > >>> Anyone object?
> > >>>
> > >>> --
> > >>> Richard Monson-Haefel
> > >>> Author of J2EE Web Services (Addison-Wesley 2003)
> > >>> Author of Enterprise JavaBeans, 3rd Edition  (O'Reilly 2001)
> > >>> Co-Author of Java Message Service (O'Reilly 2000)
> > >>> http://www.Monson-Haefel.com
> > >>>
> > >>>
> > >>
> > >
> > >
> >
> > James
> > -------
> > http://radio.weblogs.com/0112098/
> 
> --
> Richard Monson-Haefel
> Author of J2EE Web Services (Addison-Wesley 2003)
> Author of Enterprise JavaBeans, 3rd Edition  (O'Reilly 2001)
> Co-Author of Java Message Service (O'Reilly 2000)
> http://www.Monson-Haefel.com
> 
> 

Mime
View raw message