par2 confusion

In system I want to do all interaction between user and system secured by SSL.In design how i will show that.can someone tell me where i get material on that
connecting with Transmaster,can i use web service.where i get material on that.
credit card validation will be synchronize or asynchronize communication

In my opinion, we cannot show the SSL [transport layer security] in component diagram. We could show in deployment diagram but that is not required by the assignement.

Then as long as the Webservice invocation for authorize credit card with the Transmaster it is SYCNHRONOUS as the requirments clearly says that "it WAITS for the result of authorization".

Thanks mahesh.
In my design i have to show calling card processing system as XML-RPC call over HTTP.
I think i have to use web services for that.
Where i get material on that.Thanks early for the help!!!

according to me, i dont think we need to get into the implementation details.
the focus of the assignment is more at the architectural level.

I mean how you make the interaction with transmaster thru xml-rpc is implementation specific. For now its just that the system has an external dependency with Transmaster.....we are to depict that in the component diagram.

any one who had cleared the assighment pls comment on this.

Please,If anybody who cleared the part2,Can throw some light on that.

Credit Card Authorisation should happen in a secure way ... you can use XMLRPC over HTTPS !

Thanks Rajendran.I have another question on that.For credit card we can make it secure in web tier by using SSL.what about security in communication between web tier and business tier.How i can make it secure.
Then how can i make xml-RPC call from EJB.and how can i process return message,which is XML.
can u tell where i get material on that
Thanks in advance.

Practically you dont need to apply security for the communication between Web tier and the EJB tier ! Because no one is going to acess the EJB Tier directly, The initial request will be handled by the web tier then it forwards it to the BD which then goes to the EJB/Application Tier.
Also one major need of the scecure system is that your web server which receives the initial request should be inside the fire wall.

Hope this helps

Credit Card Authorisation should happen in a secure way ... you can use XMLRPC over HTTPS !

Can You tell where I get good material on that.So that i can refer.
In design can i show one stateless EJB connecting with Trasamaster by XML-RPC over SHTTP.That will be suffice,or i have to show more..........