Gaurav Dighe wrote:About the first one, you mentioned only to do JNDI Lookup right?
Devaka Cooray wrote:A JSP should only be used as a viewer component - you should not have EJB-accessing logic in it.
Gaurav Dighe wrote:...tell me how to get sessionID here(SessionID) because that will be used in further interaction such as buying product, payement etc....so that we can make sure that a logged in user is only accessing these things or else the container itself takes cares of these things...Means no need to supply session related things as container will take care......I hope you are getting what i am saying
Gaurav Dighe wrote:If there are more than 2 users logging at the same time. then does statefull session bean solve the prupose of securing the identity of the user logged in. or should go with different EJB approach.
Gaurav Dighe wrote:....no need to give ejb security