Easy response to ws-security specification interoperability challenges, part 3rd using EJB proxies

Introduction

The previous articles in this series describe the interoperability issues at the Ws-security specification level to help you choose the right solution. This article focuses on how to implement the EJB proxy method. This approach involves building an EJB Web service proxy as a binder between the Java 1.3 client and the Java 1.4 Web service provider. Compared to the middleware proxy approach described in previous articles in this series, implementing the EJB proxy approach is only a basic programming practice. If your front-end middleware layer contains websphere®application Server V6.0 or later, or other Java EE applications that support Java EE 1.4 Applications, there is no need for other middleware infrastructures. In addition, the scalability of this approach is not as good as the middleware proxy approach, because each Java EE 1.3 client application needs to be manually modified. The EJB proxy method described in this article is best suited for situations where lightweight low-cost solutions are required to meet sandbox, test, or proof-of-concept requirements.

The work required to implement the EJB proxy method is primarily application development, but this workaround also introduces another application that requires the operations team for deployment, protection, and management. This approach will also involve testers and deployment personnel.

Application developers who implement the EJB proxy approach should have basic Java EE and Web service development skills.

This article details how to implement the EJB proxy method using a fully implemented example that can be deployed in your environment. Understanding the Solution section describes this approach in detail. Building the Solution section will explain how to develop the sample application provided. Using the sample Application section explains how to customize and run the sample application in a run-time environment.

Understanding the Solution

The sample application assumes that you are attempting to integrate the following:

Need ws-security java EE 1.4 Web service Provider Application

Java EE 1.3 Client application that needs to invoke the Web service provider

Figure 1 provides a detailed run-time view of the sample EJB proxy solution. In Figure 1, the client application (a Java EE 1.3 Servlet) communicates with the Java RMI/IIOP 1.4 EJB proxy application. The EJB proxy application then communicates with the Web service provider application using the Web service and the Ws-security V1.0 specification. Note that the client application can be a Java 1.3 Servlet, Java-ee 1.3 Portlet, or any client application that cannot communicate using the Ws-security V1.0 specification.

Figure 1. Ejbproxy Solution Components

The tasks and products that are required to create the solution are shown in table 1.

Table 1. Tasks and products required to create the solution

tasks	environment	responsible for the role
1. Create Java EE 1.4 EJB Proxy application that includes the following artifacts in a single Java EE 1.4 EJB project: A Java EE 1.4 session B EAN A Java 1.4 Web service client proxy	application developer
2. If necessary, create a shared library that contains the class files used in the Web service.	rational application Developer	application Developer
3. Integrates the Java EE 1.3 client application with the Java EE 1.4 EJB session Bean.	rational application Developer	application Developer
4. The EJB session BeanIntegrates with Java EE 1.4 Web service Client Agent.	rational application Developer	application Developer
5. Configure the EJB proxy application for ws-security.	rational application Developer	application Developer
6. Packaging solution.	rational application Developer	application Developer
7. Deploy the solution at run time and unit test.	websphere application Server	deployment personnel and test Test Engineer

The implementation of Task 1 involves developing session beans and WEB service client proxies using the appropriate wizards in Rational application Developer. A detailed example of this can be found in the Building solution section.

The implementation of Task 2 depends on your application requirements. If your Web service interface includes complex object types, you need to create shared libraries to pass complex objects between the client application and the EJB proxy application. Because the Java EE 1.3 client application and the EJB proxy communicate using RMI, these object classes must be serializable, that is, the Java.io.Serializable interface must be implemented. By using the appropriate WEB service code generation options in Rational application Developer, you can create complex data classes that implement the Java.io.Serializable interface.