B
Buu Nguyen
Hi everyone,
I have a RMI application in which data must be secured. I do as
follow: the first time a client connect a server, it receives a unique
key which serves as an identifier, which is to be passed into every
remote call to server, so that the server can distinguish it against
other clients and give it approriate permissions. Great, rite! The
problem is that if the call is not remote, i.e. server object call
each other then I have to pass a fake key (as it is a server object,
not client thus have no key) and the security is checked on that fake
key! I want to know if there is anyway to distinguish whether the
current method is called by client object or other server object.
Thanks for any suggestions!
Nguyen
I have a RMI application in which data must be secured. I do as
follow: the first time a client connect a server, it receives a unique
key which serves as an identifier, which is to be passed into every
remote call to server, so that the server can distinguish it against
other clients and give it approriate permissions. Great, rite! The
problem is that if the call is not remote, i.e. server object call
each other then I have to pass a fake key (as it is a server object,
not client thus have no key) and the security is checked on that fake
key! I want to know if there is anyway to distinguish whether the
current method is called by client object or other server object.
Thanks for any suggestions!
Nguyen