Entering content frame

Background documentation Integration with Other Services Locate the document in its SAP Library structure

Security Service

The naming system uses the Security Provider Service for authentication when obtaining an InitialContext. The following security roles are available:

·        "jndi_get_initial_context" – this security role is checked in the getInitialContext operation. The users that want new InitialContext and have permission to get it will receive it; otherwise an exception is thrown. The default user group mapped to this role is All.

·        "jndi_all_operations” – this security role is checked after the previous role. If the client is mapped to this role, it will get an InitialContext and permission to perform all naming operations in this context. Otherwise, it will get a context in which only lookup operation is allowed. The default user group mapped to this role is Administrators.

P4 Service

IF you want to perform a naming operation in the naming system, you will need a context instance. The getInitialContext method of the chosen factory returns a proper context according to the type of the client and the properties set in the environment. If the client is running on the server side, the factory will get a new instance of the ServerContextImpl without using the P4. But, if the client is a remote one, the P4 Provider Service will provide the connection between the client side and the server side. Instead of getting the ServerContextImpl you will get a ServerContextInface_Stub, which will be used as a connection to the server side in all naming operations performed over this context.

Serialization and Deserialization

When you want to bind an object with a specified name in the naming system, you need a context instance. The getInitialContext operation returns OffsetClientContext (extends ClientContext) if the client is an application, and a ClientContext – if the client is not an application. In the bind method of the ClientContext the object is serialized to byte array and passed to the ServerContextInface.bind method.

Note

If it is not possible to serialize the object, it is placed in a hash map and kept only on the client side.

The serialization is made in order to send the object from the client side to the server side if the client is a remote one, or to replicate the object through the cluster. Serialization is also done in order to get a new instance of this object when the corresponding name is looked up. The serialization is always done, no matter whether the operation is global or local, or whether or not the client is on this server.

During the lookup operation the object reaches the client side as a byte array and has to be deserialized. If the original object cannot be resolved, the ObjectReference is returned to the client and it can try to narrow (PortableRemoteObject.narrow(…)) the ObjectReference to the object of the class it expects to get from the lookup operation. If an exception occurs during deserialization of the object, com.sap.engine.services.jndi.persistent.UnsatisfiedReferenceImpl is returned to the client and it can try to narrow it to the object from the required class.

Remote Object Container Service

The Remote Object Container Service specifies remote objects in the cluster and provides access to them. It keeps remote resources called initial objects, which can be accessed through certain names. The initial object contains an implementation of the java.rmi.Remote interface. At JNDI Registry Service start up, the interface provided by the Remote Object Container Service is obtained from the ObjectRegistry. The setInitialObject method of this interface is called with the following arguments:

...

       1.      The name with which this remote resource will be accessible.

       2.      The remote object, which has to be available in the cluster – in this case, it is an object used by the JNDI Registry Service to get an instance of the ServerContextInface. This object is set as an initial object in the Remote Object Container Service and can be accessed with a certain name.

When a remote client tries to get InitialContext, in the getInitialContext method of the initial context factory the com.sap.engine.servicer.rmi_p4.P4ObjectBroker.resolveInitialReference(…) method is called, which is used to get the desired object interface by a given name. Then, with the help of the returned object a ServerContextInface instance (a stub) is obtained, which represents the connection between the ClientContext with which the client is working, and the functionality of the JNDI Registry Service on the server side.

Shell Interface

The Naming Service uses the shell interfaces for registration of naming shell commands.

JNDI Registry Service References

The JNDI Registry Service has strong references to the P4 Provider Service and Log interface, and weak references to the IIOP Provider Service and the Administration Adapter Service, and to the Security, Shell, Cross, and Log interfaces.

 

 

Leaving content frame