200 likes | 268 Views
Java Remote Method Invocation (RMI) Slides for CSCI 3171 Lectures E. W. Grundke. Background: Java Object Serialization. Motivation Normal streams do byte I/O, character I/O and other primitive I/O; not object I/O. Serialization can output/input objects and primitives.
E N D
Java Remote Method Invocation (RMI) Slides for CSCI 3171 Lectures E. W. Grundke
Background: Java Object Serialization • Motivation • Normal streams do byte I/O, character I/O and other primitive I/O; not object I/O. • Serialization can output/input objects and primitives. • Need to handle “graphs” of objects. • Uses • With file I/O streams: • persistent storage of objects • built-in data file format for applications • With sockets: • transmission of objects to another virtual machine • With RMI: • parameters and return values for remote method calls • Applets can be serialized.
References • Cay S. Hortmann and Gary Cornell • Core Java 2 Volume I – Fundamentals • Sun Microsystems Press 2001 • Philip Heller and Simon Roberts • Java Developer’s Handbook • Sybex 1999
Documentation • Serialization: …\docs\guide\serialization\index.html • RMI Specification: …\docs\guide\rmi\spec\ • RMI Tutorial: …\docs\guide\rmi\getstart.doc.html • Packages • java.rmi • java.rmi.server
Serialization Classes/Interfaces • Package java.io (Good documentation in the following classes.) • Serializable interface • implemented by objects to be serialized/deserialized • a marker interface only; no methods or fields! • ObjectOutputStream: a filter-like stream • constructor ObjectOutputStream(OutputStream) • writeObject(Object)(incl. arrays, strings) • writeType(Object) (like DataOutputStream) • flush(), close() • ObjectInputStream: a filter-like stream • constructor ObjectInputStream(InStream) • readObject() (incl. arrays, strings) • readType() (like DataInputStream) • close()
The Serialization (Output) Process • Output for a primitive: • binary output as for DataOutputStream • Output for an object: • class name • serial version unique ID (a long SHA “class fingerprint”) • primitive fields: name, data type, value • object fields: recursively, data on referenced objects • objects numbered serially as written • serial numbers replace object references • superclass description • not written: • no transient or static fields • no methods; these come from the .class file!
The Deserialization (Input) Process • Input for a primitive: • binary input as for DataOutputStream • Input for an object: • "analogous" to calling a constructor • memory for new object allocated, set to zeros • field values from input • non-serializable object/superclasses: • no-arg constructor is called • recursively, any objects referenced
Security Hazards • Private fields may be compromised while serialized. • Class design may be reverse engineered from the serialized form.
Customized Serialization • Fields declared transient are not serialized. Used for • references to non-serializable objects • (typically platform-dependent fields) • sensitive fields • Special serialization formats: • private void writeObject(ObjectOutputStream) • private void readObject(ObjectInputStream) • in the object’s class (not in the I/O stream) • default I/O methods in object stream classes: defaultReadObject(), defaultWriteObject() • Total customization • implement java.io.Externalizable • Output: writeExternal() • Input: no-arg constructor, then readExternal()
Other Relevant Classes/Interfaces • java.io.ObjectStreamClass • description of serialization properties of a class • method: • long getSerialVersionUID() • depends on class name/modifiers, interface(s), static inits, • field names/types/mods, constructor/method sigs/mods • but not on method code, superclasses • returns 0L if not serializable or externalizable • java.io.ObjectStreamField • deals with properties of fields in serializable classes • java.io.ObjectInputValidation • callback interface for validation of objects in a graph
Java RMI Overview RMIServer RMIServer RMIClient RMIServers RMIRegistry(Listening socket)
RMI Details RMIClient RMIServer StubClasses SkeletonClasses Network Network (Registry not shown)
Registry • advertises available classes • default TCP/IP port 1099 • listens on behalf of all RMI servers • Stub • a local proxy object for the remote object • implements same interface as the remote object • calls the remote object • passes parameters • provides return values/objects or exception • Skeleton (not required in some environments) • remote counterpart of the stub
Dynamic Class Loading RMIClient RMIServer WebServer WebServer RMIRegistry
RMI Steps (see Sun Tutorial) • Write Java source files • choose package/directory names (optional) • write a Java interface for the remote class • public interface X extends java.rmi.Remote • methods must throw java.rmi.RemoteException • parameters, return values usually remote interface types; if not, local copies of objects will be created • write the remote class • implement the above interface • define a constructor throwing RemoteException • export the object to accept remote method calls
write the server class (possibly same as the remote class) • server’s main() must • use an RMI security manager • create remote object(s) • register remote object(s) with the RMI registry • use Naming.rebind() • write a client program using the remote service use an RMI security manager • get reference to remote object from Naming.lookup() • Compile and deploy files * • javac as usual (but watch the directories) • rmic to compile stubs and skeletons from .class files • produces MyClass_Stub.class, etc.* client/server only, no download directory
Start execution • start the registry • Windows: start rmiregistry • Unix: rmiregistry & • start the server * • start the client * * Requires a security policy file; e.g.: java -Djava.security.policy=policy Server simplest policy file: grant { // Allow everything for now permission java.security.AllPermission;};
RMI Classes/Interfaces • java.rmi.Naming • registry access • URL format: prot://host:port/name • default protocl: rmi • default host: localhost • default port: 1099 • all static methods: • void bind(String name, Remote obj); • void rebind(String name, Remote obj); • void unbind(String name); • Remote lookup(String url); returns a stub • String[] list(String registry); • (more readable code using the Registry class)
java.rmi.registry.LocateRegistry • createRegistry() • getRegistry() • java.rmi.registry.Registry • methods as in Naming • java.rmi.server.RMIClassLoader
Java Also Supports: • Persistent references to remote objects • Automatic object activation by using persistent references • Custom socket factories • support for (e.g.) SSL