Simone, I was thinking of using the Generic Connector. This would allow for the automatic injection of the Subject into the communication circuit from the Geronimo security environment. We could also benefit from many of the other features provided by the Geronimo network stack.
Regards, Alan -----Original Message----- From: Bordet, Simone [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 20, 2004 10:22 AM To: [EMAIL PROTECTED] Subject: RE: Hot deployment Hi, > The advantages I was thinking of were security etc. around the JMX > invocation. If 160 handles all of this for us, then cool; I was just > concerned that JMX over RMI/JRMP or whatever integrated with > the rest of > security etc. so users don't end up having to define separate > credentials. > > Seems to me that if we layer 160 on top of your stack, > clients get the > standard API and we get low-level integration - does that make sense? Especially for security, some level of generalization about authentication may be achieved with SASL and user input, but I see that quite complex. If you hard code in the client that authentication uses a password, then if you have a communication protocol that supports also certificates you may not be able to use certificates. OTOH, if you hard code the certificate as credential, simpler protocols may not support that kind of authentication. JSR 160 authentication with RMI is pluggable (via a JMXAuthenticator). I may be wrong (still my knowledge of Geronimo is very low) but a suitable JMXAuthenticator may fit the need of having a single point where credentials are defined. Thanks, Simon ----------------------------------------------------------------- Visit our Internet site at http://www.reuters.com Get closer to the financial markets with Reuters Messaging - for more information and to register, visit http://www.reuters.com/messaging Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Reuters Ltd.
