Sybase NNTP forums - End Of Life (EOL)

The NNTP forums from Sybase - forums.sybase.com - are now closed.

All new questions should be directed to the appropriate forum at the SAP Community Network (SCN).

Individual products have links to the respective forums on SCN, or you can go to SCN and search for your product in the search box (upper right corner) to find your specific developer center.

Protecting components when using memory IIOP

3 posts in General Discussion (old) Last posting was on 2000-02-16 20:23:49.0Z
Jonas Olsson Posted on 2000-02-16 12:19:09.0Z
Newsgroups: sybase.public.easerver
From: "Jonas Olsson" <Jonas.Olsson@cambiosys.com>
Subject: Protecting components when using memory IIOP
Date: Wed, 16 Feb 2000 13:19:09 +0100
Lines: 18
Organization: Cambio Healthcare Systems
X-Newsreader: Microsoft Outlook Express 4.72.3110.5
X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3
NNTP-Posting-Host: 195.100.184.126
Message-ID: <347_gRJEBiHe$GA.149@forums.sybase.com>
Path: forums-1-dub!forums-1-dub!forums-master.sybase.com!forums.sybase.com
Xref: forums-1-dub sybase.public.easerver:28587
Article PK: 160728

I've implemented inter-component calls using memory IIOP as verified in one
of my previous posts. All is well.
However, my component set-up calls for one component to call others, NOT
directly available to the client.
Easy enough (?), put the "public" component in one Role and the others in
another. Let the client use a user part of the "public" Role and all is
well? No, 'cause memory IIOP uses the current user and the inter-component
call fails (NO_PERMISSION).
Is there an easy way to allow a component to call any other component on the
server without supplying a specific (i.e. hard/soft-coded) user? Is it
possible to change the user of an ongoing session for this purpose?

--
Jonas Olsson
Software Development Engineer
Cambio Healthcare Systems


Dave Wolf [Sybase] Posted on 2000-02-16 12:37:51.0Z
Newsgroups: sybase.public.easerver
From: "Dave Wolf [Sybase]" <dwolf@sybase.com>
Subject: Re: Protecting components when using memory IIOP
Date: Wed, 16 Feb 2000 07:37:51 -0500
Lines: 35
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 5.00.2314.1300
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300
NNTP-Posting-Host: 158.159.8.18
Message-ID: <347_SQ2hjsHe$GA.149@forums.sybase.com>
References: <347_gRJEBiHe$GA.149@forums.sybase.com>
Path: forums-1-dub!forums-1-dub!forums-master.sybase.com!forums.sybase.com
Xref: forums-1-dub sybase.public.easerver:28585
Article PK: 154689

Dont use the string_to_object() method for the intercomponent calls to the
non-public components. Rather use the SessionManager API just like you were
a client and pass the proper user credntials for your internal user. Pass
the URL as iiop://0:0.

The calls will still be in-memory but now you can be sure only the
components you want to be public are public.

Dave Wolf
Internet Applications Division

Jonas Olsson <Jonas.Olsson@cambiosys.com> wrote in message
news:gRJEBiHe$GA.149@forums.sybase.com...
> I've implemented inter-component calls using memory IIOP as verified in
one
> of my previous posts. All is well.
> However, my component set-up calls for one component to call others, NOT
> directly available to the client.
> Easy enough (?), put the "public" component in one Role and the others in
> another. Let the client use a user part of the "public" Role and all is
> well? No, 'cause memory IIOP uses the current user and the inter-component
> call fails (NO_PERMISSION).
> Is there an easy way to allow a component to call any other component on
the
> server without supplying a specific (i.e. hard/soft-coded) user? Is it
> possible to change the user of an ongoing session for this purpose?
>
> --
> Jonas Olsson
> Software Development Engineer
> Cambio Healthcare Systems
>
>


Evan Ireland Posted on 2000-02-16 20:23:49.0Z
Newsgroups: sybase.public.easerver
Date: Thu, 17 Feb 2000 09:23:49 +1300
From: Evan Ireland <eireland@sybase.com>
Organization: Sybase, Inc.
X-Mailer: Mozilla 4.7 [en] (WinNT; U)
X-Accept-Language: en
MIME-Version: 1.0
To: "Dave Wolf [Sybase]" <dwolf@sybase.com>
Subject: Re: Protecting components when using memory IIOP
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Lines: 57
NNTP-Posting-Host: 130.214.8.61
Message-ID: <347_38AB0755.A4E1270D@sybase.com>
References: <347_gRJEBiHe$GA.149@forums.sybase.com> <347_SQ2hjsHe$GA.149@forums.sybase.com>
Path: forums-1-dub!forums-1-dub!forums-master.sybase.com!forums.sybase.com
Xref: forums-1-dub sybase.public.easerver:28547
Article PK: 154683


"Dave Wolf [Sybase]" wrote:
>
> Dont use the string_to_object() method for the intercomponent calls to the
> non-public components. Rather use the SessionManager API just like you were
> a client and pass the proper user credntials for your internal user. Pass
> the URL as iiop://0:0.
>
> The calls will still be in-memory but now you can be sure only the
> components you want to be public are public.

I have considered a possible enhancement for poolable components where
object references obtained in the component's constructor would have
the system credentials by default. This would allow intercomponent calls
to be selectively 'privileged' or 'non-privileged' depending on the
place the object reference for the intercomponent call was created.

Comments are welcome. If we get lot's of support for this possible
enhancement, it will probably happen. With no support, it probably
won't happen.

Please send your votes of support for this feature directly to me.

> Dave Wolf
> Internet Applications Division
>
> Jonas Olsson <Jonas.Olsson@cambiosys.com> wrote in message
> news:gRJEBiHe$GA.149@forums.sybase.com...
> > I've implemented inter-component calls using memory IIOP as verified in
> one
> > of my previous posts. All is well.
> > However, my component set-up calls for one component to call others, NOT
> > directly available to the client.
> > Easy enough (?), put the "public" component in one Role and the others in
> > another. Let the client use a user part of the "public" Role and all is
> > well? No, 'cause memory IIOP uses the current user and the inter-component
> > call fails (NO_PERMISSION).
> > Is there an easy way to allow a component to call any other component on
> the
> > server without supplying a specific (i.e. hard/soft-coded) user? Is it
> > possible to change the user of an ongoing session for this purpose?
> >
> > --
> > Jonas Olsson
> > Software Development Engineer
> > Cambio Healthcare Systems
> >
> >

--
________________________________________________________________________________

Evan Ireland Sybase EA Server Engineering eireland@sybase.com
Wellington - New Zealand +64 4 934-5856