The EAServer authentication service implements the SessionManager::Manager interface. When using CORBA naming services, you can resolve this object by using the special name AuthenticationService. Without using naming services, you must supply a CORBA Interoperable Object Reference (IOR), which is a text string that describes how to connect to the server hosting the object.
Standard CORBA IOR strings are hex-encoded and not human-readable. EAServer supports both standard format IORs and a URL form that is human-readable. For information on standard-format IORs, see “Instantiating components using a third-party ORB”.
URL format IORs The URL string format offers the benefits of being human-readable. Also, for Java applets, you can create URL strings that connect to the applet’s download host by default; this feature simplifies deployment since you do not need to change hard-coded IORs when you move your application to another server. IOR strings in URL format must have the form:
protocol://host:iiop_port
where
protocol is iiops if
connecting to a secure port and iiop otherwise.
host is the EAServer host address or machine name. In an applet, you can omit the host name to specify that the connection must go to the host from which the applet was downloaded.
iiop_port is the port number for IIOP requests. Your server may accept IIOP connections at several different ports, each of which uses a diffferent security profile. For example, the default server configuration provides listeners at these ports:
2000 accepts unsecure IIOP connections.
2001 accepts IIOPS connections with encryption and server-side authentication.
2002 accepts IIOPS connections with encryption and mutual (client and server) authentication. Mutual authentication requires that your end users have valid digital certificates, and that those certificates are issued by a certificate authority that is trusted by the server.
The EAServer Security Administration and Programming Guide describes how to configure listeners and security profiles.
An example URL-format IOR is iiop://machina:2000,
which specifies that the server runs on the machine named “machina” and
listens for IIOP requests on port 2000. In an applet, you can omit
the host name to specify that the connection must go to the host
from which the applet was downloaded. For example, iiop://:2000 specifies
a connection to port 2000 on the applet’s host.
Standard format IORs Use the standard IOR format if you must have portability to other standard Java ORB implementations. Your server generates IOR strings embedded within text files each time it starts. Several files are generated for each IIOP listener. There are files formatted as an HTML param tag; these can be used to compose HTML applet sections. There are also files that contain the IOR by itself. Additionally, there are different files generated for compatibility with different IIOP protocol versions.
For each listener, the server prints a hex-encoded IOR string with standard encoding to the following files in the EAServer html subdirectory:
<listener><iiop-version>.ior – Contains the IOR string by itself, followed by a newline.
<listener>_<iiop-version>_param.ior – Contains the IOR as part of an HTML param definition that can be inserted into an applet section.
where
<listener> is the name of the listener.
<iiop-version> is the version of IIOP and can be either 10 (which represents IIOP version 1.0) or 11 (which represents IIOP version 1.1). Use the file that matches the IIOP version that is supported by your client ORB.
For example, a server will generate the following files for a listener named iiops2. All files are created in the html subdirectory:
iiops2_10.ior
iiops2_11.ior
iiops2_10_param.ior
iiops2_11_param.ior
Your applet can retrieve the IOR if you supply it in applet parameters. In this case, you can copy the contents of one of the param format files to the HTML file. Alternatively, you can add code that connects to EAServer via HTTP and downloads one of the generated .ior files.
If you change a server’s host name or port
number, you must edit or replace IOR values that contain the host
name, including hex-format IORs copied from the server-generated .ior files.
When using the EAServer ORB, use the URL string format and omit
the host name. When using another vendor’s ORB, you can
download the contents of a generated .ior file, or you can store
server IORs in the ORB vendor’s name server.
Creating the Manager instance Once the applet or application has obtained the server’s IOR string or an equivalent IIOP URL string, it calls the ORB.string_to_object method to convert the IOR string into a SessionManager::Manager instance, as shown in the following example:
import org.omg.CORBA.*;
import java.awt.*;
import SessionManager.*;
public class myApplet extends Applet {
String ior;
ORB orb;
... deleted ORB.init() code and code that
retrieves IOR from applet parameters ...
Manager manager = ManagerHelper.narrow(
orb.string_to_object(ior));
