To such system, it is obvious to choose thick client, and here are two solutions below, 1. three tirs architecture: client + EJB + database 2. four tirs architeture: client + web + EJB + database
the problem is that I can't make decition of choosing 1 or 2, as they have their own advantage respectively.
to 1, it is efficient and simple, but encountering the firewall, to 2, it use socket to connect web server, so it can't keep the state of session, therefore, all span-operation state have to be save in client. Furthermore, it is make the client and web server complex.
Why is the firewall an issue? If the Swing application is used by the travel agents, can't the travel agents' computers be inside the firewall? In this case, there would be no need for SSL between the travel agent's application and the app. server; also, the firewall would not be an issue.
What you said is true and possible only if ALL the travel agents are in same physical location. In real life situation, I do not think this scenario will ever happen, so making it as an assumption is not adviseable.
As far as know, a technique named tunnelling can solve the problem, which use http protocol and 80 port. But, one book I had looked recommend that people don't use this technique commonly as its terrible performance.
Thanks for the advice; it makes sense not to make that assumption.
I don't know if tunneling is a good solution. Here's what Sun had to say about tunneling and I quote from "Sun Certified Enterprise Architect for J2EE Technology Study Guide" by Mark Cade and Simon Roberts, Section 5.9 Tunneling:
"Tunneling can be used to sneak past firewall restrictions either to get into a network or to get out of a network. Using tunneling to get out of a network might be a reasonable way to behave, but using it to get into a network usually suggests that someone doesn't understand his/her job."
What do you think? I too wonder how to solve the problem you mentioned.
Can someone respond whether tunneling is a good approach? For the Swing application, I guess there are only 2 solutions: 1) using Java webstart, or 2) accessing the EJBs via JNDI using tunneling and SSL.
I had adopted Java Webstart framework in my past project, which use Swing + WebServer + AppServer + Database structure.
I found that it is very boring to use this framework, as client tier must communicate with web tier over Socket, it means that you have to modify some classes of Structs framework so that web tier can receive and send stream data to client tier, it result in losing the integrality of the Structs.
So, I don't enjoy this kind of architecture, I prefer to the two architecture as below: 1) thick client: Swing + AppServer(EJB) + Database (i.e. java webstart, it needs also to bypass firewall) 2) thin client: Browser(IE) + WebServer + AppServer + Database
How is your Java Webstart structure? it is like mine?
I never try the Tunnelling technique so I don't know the exact performance.
Thanks for the helpful input. As for the firewall, couldn't we handle it by:
1. Assuming that most of the travel agents will be inside the firewall, and 2. The remote travel agents will have a static ip address. The firewall will let them in because it knows them by their ip address.