Thanks for the thoughts. Sounds like this is acceptable
Swing Client->Biz Delegate (Stateful Session Bean)->Session Facade(Stateless Session Bean)->DAO
Originally posted by Dhiren Joshi:
Mark how would u control client authentication if there is no controller between the Biz delegate and client .?
Even if u had method level authentication how would u pass your principal?
Please give your suggestions.
Originally posted by Parag Doshi:
From what I understand, there are atleast 2 choices to connect from the Swing client to the business tier:
1. Swing client connecting to the web tier by making a HTTPRequest (hence the use of URLConnection) to a different controller (possibly SwingController) on the web tier, thereby, using a common web tier.
2. The Swing client acts as a EJB CLient and has a BusinessDelegate (a POJO) which uses a ServiceLocator to connect to the business tier using RMI-IIOP, thereby, bypassing the web tier.
In both the instances the BusinessDelegate either lives on the ejb client tier (for swing) or the web tier (for webapp) and communicates via a SL with the business tier (which could have EJBActions, EJBController, SessionFacades etc etc).
That's very interesting. I have never thought about using URLConnection to connect to web tier from client tier. Could you please point me some documentation/link that describes this approach in detail.