Init参与EJB [英] Init params into EJB

问题描述

我必须在EJB中使用身份验证凭据来访问外部Web服务。

I have to use authentication credentials in an EJB to access a external webservice.

我找到了这个主题但据我所知，ejb -jar.xml位于最终jar内，这意味着重新打包以更改密码，我想避免这种情况。

I found this thread but as far as I understand, the ejb-jar.xml resides inside the final jar, this means repacking to change password, I would like to avoid this.

我知道，我可以使用< servlet的> ...< init-param> ... 引用应用程序服务器config dir中的文件，我可以存储用户名和密码。 EJB有类似的方法吗？

I know, that I can use <servlet> ... <init-param>... to reference a file in the application servers config dir, where I can store username and password. Is there a similar way for EJB?

我的下一个想法是在payara服务器中声明一个自定义JNDI资源，但我不确定安全隐患。

My next idea is to declare a custom JNDI resource within the payara server, but I am not sure about the security implications.

将用户名和密码传输到EJB的建议方法是什么？

What is the suggested method to transfer username and password into a EJB?

推荐答案

这就是JNDI的用途。诸如凭证，URL和资源路径之类的东西应该由应用程序部署者（企业部署模型中的假定角色之一）设置，以便应用程序作者不需要担心具体细节。

this is what JNDI is for. things like credentials, urls, and paths to resources are supposed to be set by the application deployer (one of the assumed roles in an enterprise deployment model) so that the application author does not need to worry about the specifics.

每个容器都有不同的机制，用于将值注入内部JNDI树。 Glassfish允许您直接在管理控制台中执行此操作。与WebSphere类似。其他容器也会有类似的机械。然后你可以使用@Resource通过JNDI引用值（如果你想要它注入）或通过直接查找使用：

each container has different mechanics for injecting values into the internal JNDI tree. Glassfish allows you to do it directly in the admin console. similarly with WebSphere. other containers will have similar mechs. then you can reference the value via JNDI using @Resource (if you want it injected) or via direct lookup using:

Context _ctx = new InitiaContext();
String _user = (String) _ctx.lookup( "jndi/tree/path/to/desired/resource" );

HTH

这篇关于Init参与EJB的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！