Ron-
Thanks for the idea.
I tried your suggested:
GlassFishORBHelper.getOrb(). setCSIv2Prop(ORB_SSL_CLIENT_REQUIRED,"true');
I may be mis-reading you but,
- because getORB() isn't static, I have to instantiate a GlassFishORBHelper object:
- getORB() returns an ORB, which doesn't have a setCSIv2Prop(), although GlassFishORBHelper does.
I tried:
GlassFishORBHelper orbHelper = new GlassFishORBHelper();
// ORB o = orbHelper.getORB() ; // This gives an "Orb initialization erorr - java.lang.NullPointerException"
orbHelper.setCSIv2Prop(ORB_SSL_CLIENT_REQUIRED,"true");
This gives a "javax.enterprise.resource.corba" exception.
Looking at v3/orb/orb-connector/src/main/java/org/glassfish/enterprise/iiop/api/GlassFishORBHelper.java , in getORB(), I see an "if (isServer)" clause - I'm guessing that your approach might work if this app was not a standalone client.
Thanks for the hint. At least it got me looking at the source.
I assume that what I want must be possible otherwise anyone connecting remote EJB clients over the web (assuming they don't VPN or tunnel) to GF would be exposing to any sniffer what they were doing - well, at least what objects they were using as the first part of any lookup wouldn't be encrypted (via port 3700). That just can't be right.
Thanks for any help.
[Message sent by forum member 'ajvok' (ajvok1_at_gmail.com)]
http://forums.java.net/jive/thread.jspa?messageID=389949