Saturday, March 03, 2007

JAVA 認證心得 -- SCBCD (15)


Bean Provider

  • It is the responsibility of the Bean Provider to implement ejbRemove() method in the CMP entity bean class
  • It is mandatory for the Bean Provider to declare environment entries in the deployment descriptor if the enterprise bean is coded to access environment entries at runtime.
  • The bean provider is typically responsible for specifying finder and select queries in the bean’s deployment descriptor
  • The bean provider is typically responsible for declaring the resource connection factory references in the deployment descriptor
  • A Bean Provider can use following resource managers:

    1. javax.sql.DataSource for obtaining JDBC connections

    2.javax.jms.QueueConnectionFactory/javax.jms.TopicConnectionFactory for obtaining JMS connections.

    3. javax.mail.Session for obtaining JavaMail connections

    4. for obtaining URL connections.

  • The Bean Provider must specify a primary key class in the deployment descriptor. The primary key type must be a legal Value Type in RMI-IIOP. The class must provide suitable implementation of the hashCode() and equals(Object otherObject) methods to simplify the management of the primary keys by the Container.
  • Assign the abstract schema name of the EJB.
  • Bean Provider is responsible for deciding whether the message-driven bean will be associated with a Queue or Topic in the target environment
  • The Enterprise Bean Provider is typically an application domain expert. The Bean Provider develops reusable enterprise beans that typically implement business tasks or business entities.


  • Deployer is responsible for assigning security principals to the security roles.
  • Assign principals and/or groups of principals used for managing security in the operational environment to the security roles defined in the security-role elements of the DD
  • Application assembler and deployer should typically define the appropriate security policies for an application.
  • Assigning the security domain to the application
  • Bind a resource manager connection factory reference used by a bean to actual resource factory.
  • [MDB] The Deployer must guarantee that the bean is associated with a specific queue or topic

Application assembler

  • Application assembler and deployer should typically define the appropriate security policies for an application.
  • Linking security role reference to security roles

System Admin

  • Security domain administration
  • System Administrator is Monitor Databases

Container Provider

  • Container Provider is responsible for providing the security infrastructure
  • The EJB 2.0 complaint containers MUST be able to publish remote home references in a CORBA CosNaming service.
  • EJB containers are required to be able to publish EJBHome object references in a CORBA CosNaming service. The CosNaming service must implement the IDL interfaces in the CosNaming module defined in and allow clients to invoke the resolve and list operations over IIOP.
  • The CosNaming service must follow the requirements in the CORBA Interoperable Name Service specification for providing the host, port, and object key for its root NamingContext object. The Cos-Naming service must be able to service IIOP invocations on the root NamingContext at the advertised host, port, and object key.
  • The EJB container needs to ensure that all the EJB invocations received through the home and component interfaces are associated with some principal. The container must never return null from the getCallerPrincipal() method.
  • The container is required to enforce the security policies given by Deployer, but may or may not use the Java programming language security for that purpose.
  • The container provides a security domain and multiple principal realms to the enterprise beans, but is not required to support multiple security or principal realms.

Read more!

No comments: