Enterprise Component Comparison: An Examination Of J2EE, CORBA, And .NET presented by Seth Freeman, Phil Griffith and Frank Manni Semester Project- Final Presentation CSE333 – Distributed Component Systems (FALL 2005) Instructor Prof. Steven A. Demurjian Department of Computer Science and Engineering University of Connecticut [email_address] [email_address] [email_address]
CORBA Cannot transport some types of documents easily, such as .pdf or .doc files. Supports various events, i.e. transaction, notification, security services. Does not directly support .NET. Readable Interface Descriptions. SOAP wsdl files are difficult to read through. Protocol(IIOP)does not easily transport over the internet. This limits the scope of where CORBA can be used. ORB must be present on all machines, or elaborate coding is required to workaround. Standard specification, which is Defined by the OMG. Data cannot be read by humans alone. Because it is in the correct/digital format. Data is in the correct format when it is received from the ORB. This saves time from having to parse XML. Disadvantages Advantages
CORBA ORBs Communicate by Using the GIOP (General Inter-Orb Protocol). This Protocol Defines the Format of the Messages That Are Passed Over the ORB to and From the Client and Object. When GIOP Runs Over TCP/IP it is a Part of IIOP. SECP Will Be Another Layer Below the GIOP That Adds Security to Message Transportation.
SECP Will Transport GIOP Messages Security
SECP is Still in Progress. Its Status is “Approved.”
CORBA Security Three Parts to SECP: 1) Circuit Establishment--Creating a Secure, Bidirectional Connection Between a Client and Target. 2) Context Establishment -- Allowing Both a Client and Target to Set up Security Contexts, and Based off the Specified Security Context of the Client and the Target, Certain Behaviors May Take Place. 3) Message Transport-- Final Phase of the SECP, and This Phase Securely Transports the Messages and Then Destroys the Contexts.
1) The Client ORB Simulates That the Server ORB and the Bridge Are Actually Part of Its Own Object. The Client Requests This Object Using the Dynamic Skeletal Interface (DSI).
2) The DSI, Using the Bridge, Translates the Requests.
3) The DSI Invokes the Request Through DII of the Server. Any Results Are Passed Back.
Note: To Do This, the Bridge Must Have Access to the Interface Repository, or Have Pre-defined Knowledge of the Object Specifications. Also, the Standard Method for Transferring This Information is GIOP.
Microsoft Makes Use of XML (Over the SOAP and HTTP Protocols) in its .NET Framework for Implementing Web Services. The Main Reason is That With XML the Client Does Not Need to Know the Language the Web Services Are Implemented in.
.NET has a command line tool to generate source code from a WSDL into a specified language (VB.NET or C#). The source code can be added to a project and instantiating an object will enable the use of the web service.
There Are 4 Components in the .Net Infrastructure That Allow Clients to Find and Use Web Services.
Authorization - There are two ways to use authorization in .NET using Security demands or Principals.
Security demands : Places a restriction on an entire class or methods within a class. Limits the use of class based on full trust or partial trust users.
Principals : They are very similar to security demands as you can place restrictions on classes or methods. After defining roles for them the principal object can use the IsInRole() method to see the status of the current user.
.NET can achieve interoperability between objects in different application domains through remote communication. The goal of remoting is to allow the ability to enable communication between objects regardless of the protocols or formats being used on both side.
To accomplish inter process communication there needs to be:
A remote object on the server side that will listen for requests.
There are 2 proxies created on the client side the TransparentProxy and the RealProxy that make requests.
The RealProxy is the object that transmits the method call to the server machine.
The TransparentProxy is an object that contains a list of all classes and methods.
Query: SELECT Lic_License_Number, Org_Name,Lic_Class,Lic_Status,Lic_Cancel_Date,Lic_License_Date,Org_TIN,Org_Status FROM csg.Organization, csg.License WHERE Org_Tin=Lic_Tin and Lic_Tin_Type = 'O' and lower(Org_Name) like '%aetna%'
Java time averaged over 10 trials: 453 ms
.NET time averaged over 10 trials: 843ms
Result Set Size is 4
After testing a similar query in an Access database the query time averaged 63ms for .NET. The average time for the Java program was 16ms.
Query: SELECT Lic_License_Number, Org_Name,Lic_Class,Lic_Status,Lic_Cancel_Date,Lic_License_Date,Org_TIN,Org_Status FROM csg.Organization, csg.License WHERE Org_Tin=Lic_Tin and Lic_Tin_Type = 'O' and lower(Org_Name) like '%a%'
Java time averaged over 10 trials: 5834 ms
.NET time averaged over 10 trials: 6653ms
Result Size is 17113
The time discrepancy is less severe. Wasn’t able to duplicate the query in access due to replicating 17,000 entries.