400 likes | 671 Views
Advanced Remote Method Invocations. RMI – Advanced topics. The Java RMI API has a rich collection of features . We will look at some of RMI’s more interesting advanced features , namely: stub downloading security manager client callback .
E N D
RMI – Advanced topics • The Java RMI API has a rich collection of features. • We will look at some of RMI’s more interesting advanced features, namely: • stub downloading • security manager • client callback. • Although these features are not inherent to the distributed object paradigm, they are helpful mechanisms and can be useful to application developers.
RMI Stub Downloading • RMI is designed to allow stubs to be made available to the clientdynamically (in HW_#3). Doing so allows changes to be made in the remote methods without affecting the client program. • The stub can be filed with an web server and be downloaded usingHTTP/FTP. • Security measures are needed in both the client side and the server side: • A java security policy file needs to be set on the server host and also on the client host. • A Java Security Manager should be instantiated in both the client and server programs.
Stub downloading • If the stub will be downloaded from a remote server, transfer the stub class to the appropriate directory that HTTP server can reach, e.g., www.csc.calpoly.edu/~mliu/www, and make sure that the RIGHTaccess permission to the file is set. • Whenactivating the server, specify command option java -D java.rmi.server.codebase = <URL> \ -D java.rmi.server.hostname=<server host name> \ -D java.security.policy=<full directory path to java.policy file>
The java.policy file • The RMI security managerdoesnotpermitnetwork access. Exceptions can be made via the specification in a java.policy file. • grant { // permits socket access to all common TCP ports, including the default // RMI registry port (1099) – need for both the client and the server. permission java.net.SocketPermission "*:1024-65535", "connect,accept,resolve"; // permits socket access to port 80, the default HTTP port – needed // by client to contact an HTTP server for stub downloading permission java.net.SocketPermission "*:80", "connect"; }; • grant{ // Allow everything hw_#3 permission java.security.AllPermission; };
The java.policy file - 2 • This file can be filed in the same directory as the server class file. • When activating the client, a java.policy file also should be specified: • java-D java.rmi.server.useCodebaseOnly=true -D java.rmi.server.codebase =http://hostname:80/stub_dir/ -Djava.security.manager-D java.security.policy=java.policy SomeClient [ -D property=value ] [ -Djava.security.policy=someURL SomeApp where someURL is a URL specifying the location of a policy file ] • java.rmi.server.codebase: this property specifies the locationsfrom which classes that are published by this JVM. • java.rmi.server.useCodebaseOnly: If this value is true, automatic loading of classes is prohibited except from the local CLASSPATH and from the java.rmi.server.codebase property set on this JVM. • Default security policy file: $java_jre_home/lib/security/java.policy • permission java.net.SocketPermission "localhost:1024-", "listen";
The java.policy file - 3 • The "-D java.security.manager" argument ensures that the default security manageris installed, and thus the application is subject to policy checks. • Default security manager is not required if the application installs a security manager. • If you use java -Djava.security.manager –D java.security.policy==someURL SomeApp, then just the specified policy filewill be used; all the ones indicated in the security properties file will be ignored. Ref: http://java.sun.com/j2se/1.4.2/docs/guide/security/PolicyFiles.html
RMI Security Manager • Since RMI involves access to/from a remote/foreign host, and possibly object downloading, it is important for both the server and the client to protect its system from malicious access. • The RMISecurityManager--a Java class, can be instantiated in both the client and the server for limiting access privileges. • RMI'sclass loaderwillnot download any classesfrom remote locationsif no security manager has been set. • RMISecurityManagerdoes not apply to applets, which run under the protection of their browser's security manager. • You can instantiate/write your own security manager, if so desired. try { System.setSecurityManager(new RMISecurityManager( )); }catch { …}
Sample Code for Stub Downloading • The possible ways--accept, connect, listen, and resolve,toconnect to a host in SocketPermission java class. • The "listen" action is only meaningful when used with "localhost". • The "resolve" action is implied when any of the other actions are present. The action "resolve" refers to host/ipname servicelookups. • p1 = new SocketPermission(“ise.gmu.edu:7777", "connect, accept"); allows that code to connect to port 7777 on ise.gmu.edu, and to accept connections on that port. • p2 = new SocketPermission("localhost:1024-", "accept, connect, listen"); allows that code to accept connections on, connect to, or listen on any port between 1024 and 65535 on the local host. Ref: http://java.sun.com/j2se/1.4.2/docs/api/java/net/SocketPermission.html
Algorithm for building an RMI Application Serverside: • Open a directory for all the files to be generated for this application. • Specify the remote-serverinterface, and compile it to generate the interface class file. • Build the remote server class by implementing the interface, and compile it using javac. • Use rmic to process the server class to generate a stub.class file and a skelton.class file: rmicSomeServerImpl • If stub downloading is desired, copy the stub file to an appropriate directory on the HTTP host. • Activate the RMIRegistry, if it has not already been activated. • Set up a java.policy file. • Activate the server, specifying (i) the codebase if stub downloading is desired, (ii) the server host name, and (iii) the security policy file.
Sample Code for Stub Downloading public interface HelloInterface extends Remote { public String sayHello() throws java.rmi.RemoteException; } // end of HelloInterface interface public class HelloImpl extends UnicastRemoteObject implements HelloInterface { public HelloImpl() throws RemoteException { super( ); } public String sayHello() throws RemoteException { return "Hello, World!"; } } // end HelloImpl class
Sample Code for Stub Downloading public class HelloServer { public static void main(String args[]) { try{ // System.setSecurityManager( new RMISecurityManager()); startRegistry(RMIPortNum); HelloImplexportedObj = new HelloImpl(); registryURL = "rmi://cs1.cs.gmu.edu:" + portNum + "/hello"; Naming.rebind(registryURL, exportedObj); System.out.println("Hello Server ready."); }// end try catch (Exception re) { System.out.println("Exception in HelloServer.main: " + re); } } // end main
Sample Code for Stub Downloading grant { // Allows RMI clients to make socket connections to the // public ports on any host. // If you start the RMI registry on a port in this range, you // will not incur a resolve access violation. permission java.net.SocketPermission "*:1024-65535", "connect, accept, resolve"; // Permits socket access to port 80, the default HTTP port - // needed by client to contact an HTTP server for stub // downloading. permission java.net.SocketPermission "*:80", "connect, accept, resolve"; };
Sample Code for Stub Downloading build: $(JAVAC) HelloInterface.java $(JAVAC) HelloServer.java $(JAVAC) HelloImpl.java rmic: $(RMIC) HelloImpl runs: $(JAVA) -D java.security.policy=java.policy -D java.rmi.server.codebase=http://server_URL HelloServer
Algorithm for building an RMI Application Client side: • Open a directory for all the files to be generated for this application. • Implement the client program or applet, and compile it to generate the client class. • If stub downloading is not in effect, copy the server interface stub class file. • Set up a java.policy file. • Activate the client, specifying (i) the server host name, (ii) the security policy file, and (iii) the codebase if stub downloading is desired.
Client Code for Stub Downloading - 1 public class HelloClient { public static void main(String args[]) { try { System.setSecurityManager(new RMISecurityManager()); String registryURL = "rmi://ise.gmu.edu:" + portNum + "/hello"; // find the remote object and cast it to an interface object HelloInterface h = (HelloInterface)Naming.lookup(registryURL); // invoke the remote method String message = h.sayHello(); } // end try catch (Exception e) { System.out.println("Exception in HelloClient: " + e); } // end catch } //end main }//end class
Client Code for Stub Downloading - 2 build: $(JAVAC) HelloClient.java $(JAVAC) HelloInterface.java runc: $(JAVA) –D java.rmi.server.useCodebaseOnly=true -D java.rmi.server.codebase=http://URL_stub_dir/ -D java.security.policy=java.policy HelloClient
Introduction • In the client server model, the server is passive: the IPC is initiated by the client; the server waits for the arrival of requests and provides responses. • Some applications require theserver to initiate communication upon certain events. Examples applications are: • monitoring • games • auctioning • voting/polling • chat-room • message/bulletin board • groupware
Polling vs. Callback In the absence of callback, a client will have to poll a passive server repeatedlyif it needs to be notified thatan event has occurred at the serverend.
Two-way communications • Some applications require that both sidesmay initiate IPC. • Using sockets, duplex communication can be achieved by using two sockets on either side. • With connection-oriented sockets, each side acts as both a client and a server. Process 2
RMI Callbacks • A callback clientregistersitself with anRMI server. • The servermakes a callback to each registeredclient upon the occurrence of a certain event.
RMI Callback Interface • The server provides a remote method (in serverinterface), which allows a client to registeritselffor callbacks. • A clientremote interfacefor the callback is needed, in addition to the server-side interface. • The clientremote interface specifies a method for accepting a callback from the server. • The client program is a subclass of RemoteObject, and implements the callback (client) remote interface, including the callbackmethod—NotifyMe(). • The clientregisters itself for callback in its main method, by passing an object reference to the client remote interface. • The server invokes the client’s remote method—NotifyMe(), upon the occurrence of the anticipated event.
Algorithm for building an RMI Callback Application Serverside: • Open a directory for all the files to be generated for this application. • Specify the remote-server interface, and compile it to generate the interface class file. • Build the remote server class by implementing the interface, and compile it using javac. • Use rmic to process the server class to generate a stub class file and a skeleton class file: rmicServerInterfaceImpl • If stubdownloading is desired, copy the stub file to an appropriate directory on the HTTP host. • Activate the RMIRegistry, if it has not already been activated. • Set up a java.policy file. • Activate the server, specifying (i) the codebase if stub downloading is desired, (ii) the server host name, and (iii) the security policy file. • Obtain the CallbackClientInterface and its stub file. Use rmicCallbackClientInterfaceImpl to generate the stub file for the callback.
Remote Interface for Server public interfaceCallbackServerInterfaceextends Remote { // remote method public String sayHello() throws java.rmi.RemoteException; // method to be invoked by a client to add itself to the callback list public void registerForCallback( CallbackClientInterface CallbackObject) throws java.rmi.RemoteException; public void unregisterForCallback( CallbackClientInterface CallbackObject) throws java.rmi.RemoteException; }
Client Remote Interface for Callback // a remote interface specifying a callback method public interfaceCallbackClientInterface extends java.rmi.Remote { // callback method to be called by the server public void NotifyMe ( String message ) throws java.rmi.RemoteException; }
ServerInterfaceImpl with callback public class CallbackServerInterfaceImpl extends UnicastRemoteObject implements CallbackServerInterface { public CallbackServerInterfaceImpl() throws RemoteException { super( ); clientList = new Vector(); } public String sayHello( ) throws java.rmi.RemoteException { return("hello"); } public synchronized void registerForCallback( CallbackClientInterface callbackClientObject) throws java.rmi.RemoteException{ if (!(clientList.contains(callbackClientObject))) { clientList.addElement(callbackClientObject); doCallbacks(); } } private synchronized void doCallbacks( ) throws java.rmi.RemoteException{ for (int i = 0; i < clientList.size(); i++){ CallbackClientInterface nextClient = (CallbackClientInterface)clientList.elementAt(i); String returnMsg = nextClient.notifyMe("Num of clients=" + clientList.size()); } } }
ClientInterfaceImpl with callback public class CallbackClientInterfaceImpl extends UnicastRemoteObject implements CallbackClientInterface { public CallbackClientInterfaceImpl() throws RemoteException { super( ); } public String notifyMe (String message){ String retMessage = "Call back received: " + message; return retMessage; } }
Algorithm for building an RMI Callback Application Clientside: • Open a directory for all the files to be generated for this application. • Implement the client program or applet, and compile it to generate the client class. • If stub downloading is not in effect, copy the server interface stub class file by hand. • Implement the callbackclient interface—client interface impl class • using rmicto generate a stub class and a skeleton class for it for both client callback interface and server interface. • Set up a java.policy file. • Activate the client, specifying (i) the server host name, (ii) the security policy file, and (iii) the codebase if stub downloading is desired.
CallbackClient public class CallbackClient { public static void main(String args[]) { try { // stub downloading System.setSecurityManager(new RMISecurityManager()); String registryURL = "rmi://cs1.cs.gmu.edu:" + portNum + "/callback"; CallbackServerInterface h = (CallbackServerInterface)Naming.lookup(registryURL); CallbackClientInterfacecallbackObj = new CallbackClientInterfaceImpl(); // register for callback h.registerForCallback(callbackObj); System.out.println (“Registered for callback."); h.unregisterForCallback(callbackObj); } catch (Exception e) { System.out.println ("Exception in CallbackClient: " + e); } // end catch } // end of main() }//end class
Summary-1 • Stub downloading allows a stubclassto bedownloadedto an object clientatruntime, thereby allowing a remote object’s implementation to be modified and its stub class regenerated without affecting the software on the client host. • A security manager oversees access restrictionsspecified in a Javasecurity policy file, which can be a system-wide policy file, or a policy file applied to an individual application only. • For security protection, the use of security managers is recommended in all RMI applications, regardless of whether stub downloading is involved.
Summary-2 • Client callback: • Client callback is useful for an application where the clients desire to be notified by the server of the occurrence of some event. • Client callback allows an object server to make a remote method call to a client via a reference to a client remote interface.
Summary-3 • Client callback: • To provide client callback, the client-side • supplies a remote interface, • instantiates a callbackinterface object • passes a reference to the object to the server via a remote method call to the server. • The object server: • collects these client references in a data structure. • invokes a callback method, defined in the client remote interface, to pass data to the client, when the awaited event occurs. • Two sets of stub-skeletons are needed: one for the server remote interface, the other one for the client remote interface.