Configuring IIOP-RMI transport for remote EJBs

Internet Inter-ORB Protocol Remote Method Invocation (IIOP-RMI) transport is used by CICS® Liberty to communicate with EJB methods that have remote interfaces. This communication can be secured by using Common Secure Interoperability Protocol Version 2 (CSIv2).

IIOP-RMI is used by CICS Liberty as the technology for calling EJB methods with remote interfaces. Using the ejbRemote-3.2, or enterpriseBeansRemote-4.0 feature supports both inbound and outbound IIOP-RMI calls.

Inbound calls allow CICS Liberty to listen as an object request broker (ORB) on a TCP/IP port for IIOP-RMI requests and call the target EJB method. See Configuring Inbound IIOP Communication for details.

Outbound calls are where CICS Liberty makes a request to an ORB to start an EJB method. Outbound calls can be made to the same JVM server the call was made for, or any other Java virtual machine (JVM) capable of acting as an ORB. See Configuring Outbound IIOP Communication for details.

This communication can be secured by using CSIv2, a technology that satisfies the CORBA (Common Object Request Broker Architecture) for authentication, delegation, and privileges. CSIv2 also supports the use of transport layer security (TLS). See Configuring CSIv2 to secure IIOP Communication for details.

For more information, see Common Secure Interoperability version 2 (CSIv2).

Note:

Introduced in version 6.1, several additional exceptions can be triggered by JCICS internal code. On occasion these may be the root cause of problems which are reported to customer applications using JCICS exceptions.

Applications connecting to CICS using RMI over IIOP cause such JCICS exceptions (with an accompanying internal-to-CICS exception) to be serialized to an object stream, and sent to the client program.

If that client deserializes (inflates) the serialized exception chain, (containing the internal-to-CICS exception), the JCICS exception and the internal-to-CICS exception must both be on their local client classpath. Failure to do this results in a SerializationException being issued in the client program.

To avoid these SerializationExceptions, add up-to-date versions of the com.ibm.cics.server.jar and com.ibm.cics.delegate.jar to the client program classpath.

Configuring Inbound IIOP Communication

Enable the ejbRemote-3.2, or enterpriseBeansRemote-4.0 feature by adding it to the server.xml file.

<featureManager>
        <feature>ejbRemote-3.2</feature>
        </featureManager>

Or:

<featureManager>
        <feature>enterpriseBeansRemote-4.0</feature>
        </featureManager>

Optionally, you can configure an IIOP endpoint in the server.xml file.

<iiopEndpoint id="defaultIiopEndpoint" host="host.example.com" iiopPort="2809" />

Important: By default the IIOP endpoint listens on localhost:2809. The default ORB references the IIOP endpoint defaultIiopEndpoint. See Configuring CSIv2 to secure IIOP Communication for more information on configuring ORBs for inbound security.

Configuring Outbound IIOP Communication

Enable the ejbRemote-3.2, or enterpriseBeansRemote-4.0 feature by adding it to the server.xml file.

<featureManager>
        <feature>ejbRemote-3.2</feature>
        </featureManager>

Or:

<featureManager>
        <feature>enterpriseBeansRemote-4.0</feature>
        </featureManager>

Optionally you can configure an ORB with the name service of the remote server.

<orb id="defaultOrb" nameService="corbaname::host.example.com:2809" />

Important: By default the ORB references the local IIOP endpoint defaultIiopEndpoint. See Configuring CSIv2 to secure IIOP Communication for more information on configuring ORBs for outbound security.