Chapter 5. Interoperability and RMI-IIOP

Table of Contents

5.1. Overview
5.1.1. Transaction Interoperability (OTS)
5.1.2. Security Interoperability (CSIv2)
5.2. Interoperability Configuration
5.2.1. COS Naming Service Configuration
5.2.2. Interoperability Activation Configuration
5.2.3. CSIv2 Security Interoperability Configuration
5.2.4. EJB RMI-IIOP Configuration
5.3. RMI-IIOP Client
5.3.1. JEUS Managed Server
5.3.2. WAS from Other Vendors
5.3.3. Standalone Client
5.4. Known Issues

This chapter describes interoperability and RMI-IIOP protocol used by EJB.

JEUS supports RMI-IIOP protocol used to invoke EJB from a different WAS or system. RMI-IIOP is based on CORBA (Common Object Request Broker Architecture) that is defined by OMG (http://omg.org), and EJB specification standard for interoperability. Consider using the RMI-IIOP interoperability function to support remote calls within JEUS or from a different WAS. The RMI-IIOP remote call method is one of the methods that support calls from a different WAS or system. There are other methods that call EJB on JEUS from a different WAS and integrates the transaction (or vice versa), but this chapter only covers the RMI-IIOP method.

Interoperability can mean calling EJB on JEUS from another system and calling EJB on WAS from JEUS, which means JEUS can be both a RMI-IIOP server and client. There needs to be runtime support for ORB (Object Request Broker), and support for transaction and security interoperability.

JEUS contains ORB runtime which automatically creates dynamic stub in memory without using COS Naming Server or stub classes that support the CORBA Naming Service. It implements the OTS (Object Transaction Service) specification for transaction interoperability and the CSIv2 (Common Secure Interoperability version 2) specification for security interoperability.

For more information on CORBA and RMI-IIOP, use the following links.

Since, by default, interoperability is not configured, it must be configured for use.

In order to expose JEUS EJB to RMI-IIOP, activate the Enable Interop option of COS Naming Service and MS. EJB should be deployed with IIOP export related settings configured. If JEUS is only used as a RMI-IIOP client, only the Enable Interop option of the relevant MS needs to be activated.

The interoperability settings are configured using the WebAdmin.

In order to perform CSIv2 protocol, use the information from two additional security environment files and JEUS Security Manager. The two additional security environment files are keystore and truststore.

Security Environment FileDescription
Keystore file A file that stores keys for X.509 and implements Oracle's X.509 keystore. When Secure Socket Layer (SSL) is called, this file is sent to the client.
Truststore file A certificate configuration file for the client side X.509. The format is same as the keystore file.

The paths and necessary information of these two files can be configured through the WebAdmin or system property.

CSIv2 related settings are specified in the Interop Ssl Config of the Enable Interop.


Besides WebAdmin, the setting can also be configured through the system property of the execution script. However, WebAdmin configurations have higher priority.

The following are options for this setting. Set this value by using -D option.


Authentication and authorization may not be needed between trusted nodes.

By setting the IP address to jeus.ejb.csi.trusthosts, you can prevent any unnecessary security checks between trusted nodes. JEUS Security Manager uses the guest user, which represents an anonymous principal for anonymous user access.

RMI-IIOP clients can be standalone clients, or WAS from another JEUS or another vendor. This section describes the methods for using EJB.

The following is the method for calling RMI-IIOP EJB on JEUS or another vendor's WAS from applications running on JEUS MS.

First, COS Naming Server looks up EJB Home Reference (Stub). The Naming Server can get it directly by using the JNDI APIs corbaname URL as follows:


URL has the form of "corbaname:iiop:1.2@<host>:<port>#<name>", and <host> and <port> are the address of the COS Naming Server. Also, by directly specifying the COS Naming Server as the PROVIDER URL, you can get and use the InitialContext.

Since there are multiple methods to specify the PROVIDER URL, you should specify one to use as in the following example.


For clients using dependency injection or a logical JNDI name in the form of "java:comp/env/", the <export-name> option should be mapped to the previous corbaname URL in the JEUS application DD file, such as the jeus-web-dd.xml file.



The method to call RMI-IIOP EJB of JEUS from applications running on another vendor's WAS is similar to the method described in "5.3.1. JEUS Managed Server" .

In this case, check whether ORB configuration is needed like in JEUS, and configure it if necessary. For more information, refer to the relevant product documentation.

Known issues are as follows:

  • Continued retries to access a server for one minute when server access fails

    ORB embedded in JEUS performs retries to access a server for 60 seconds when it cannot access the server. A separate sleep time is not used in this case. Therefore, too many log messages may occur or CPU may experience extreme overload. To prevent this, the following option should be set as a system property of a client (unit: ms, the default value: 60,000).

    com.sun.corba.ee.transport.ORBCommunicationsRetryTimeout=1
  • Unable to find EJB with a name that includes a period (.) in WebLogic

    If <export-name> is specified with a value that includes a period (.) like in "com.acme.CalcHome", lookup fails in WebLogic. Because WebLogic handles a period (.) like a slash (/), it forwards the request as "com/acme/CalcHome". In this case, you must not use a name that includes a period (.).