[jboss-user] [Remoting] - Re: securing servlet invoker?

tom.elrod@jboss.com do-not-reply at jboss.com
Wed Jul 12 13:32:52 EDT 2006


The problem with the servlet invoker on the server side is that because it is deployed in a web container, remoting does not know all the configuration associated (such as ssl).  Therefore, just assume lowest common denominator, which is plain old http (non ssl).  This is really only important for discovery since locator url published in detection message would be something like (servlet://myhost:8080/bla).

However, if are not using remoting discovery and can explicitly set the locator url on the client, then can use 'http' or 'https' as on the client side will be using the HTTPClientInvoker (or HTTPSClientInvoker) regardless of if is talking to http server invoker or servlet server invoker (which would be running within a web container).  The HTTP(S)ClientInvoker has no implicit knowledge of what implementation it is sending and receiving http requests to/responses from.



View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3957434#3957434

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3957434



More information about the jboss-user mailing list