RMI Security
Hi all,
I am fairly new to the whole RMI world, but my problem is this. I am currently developing an intranet site which has applets within it. To allow communication to the server I am currently developing an RMI server application. Th problem I have is with the Policy File. Does the client need to have the policy file? And how can I go about starting the RMIRegistry from within my application? as the server will be compiled down into a jar file for ease of use i.e. NO DOS PROMPT. A quick response would be greatfully appreciated,
Cheers,
Osh
Another question I have, is now that I have managed to get the policy file to work within my JBuilder, but the problem I have is that when I create my jar file, it doesnt include the appropriate parameters for my VM. How do I go about adding this to my jar file, or am I just trying to do something that is completely stupid?
Similar Messages
-
How to run the rmi security manager
how to run the rmi security manager
You need to make a special class, where you give all permissions or socket permissions, then in promt you just call this class with following:
java -Djava.security.all=all then package name, then Class name. All is the name og permission class.
Good luck! -
RMI security with client authentication
Hy,
I'm trying to set a secure RMI application using JSSE and SSL.
I have succeeded in writing an application with client and server authentication using both an RMISSLServerSocketFactory and RMISSLClientSocketFactory and passing those factories to the server while exporting the remote object.
The problem is I had to set both server public and private keys and client public and private keys in the custom Socket Factories. This implies that those keys are on the server disk which is problematic for the client private key.
Is there a way of giving the client private key only when the Client want to contact the server and not when exporting the remote object?
(I tried to do that using -Djava.net.ssl.keyStore and -Djava.net.ssl.trustStore properties but it doesn't seem to work).
Thank you for your helpEven when I haven't wrote RMI over SSL code, I've done that using standard SSL client authentication between a client and a server.
In that context, I got the SSLSocketFactory by using a SSLContext initialized with the proper TrustManager and KeyManager classes.
But I guess you can start by specifying from the command line the system properties related to keystores and truststores:
-Djavax.net.ssl.keyStore=<your keystore pathname>
-Djavax.net.ssl.keyStorePassword=<your keystore password>
-Djavax.net.ssl.trustStore=<your truststore pathname>
-Djavax.net.ssl.trustStorePassword=<your truststore password>
You can also see the RMISSLClientSocketFactory and RMISSLServerSocketFactory provided in the /samples/rmi folder of the JSSE 1.0.3_01 distribution.
The client factory version uses the default socket factory provided by JSSE, so it can be configured from the properties above.
Hope this helps. -
Hi I have followed the sun java RMI trail (tutorial).
However my server side application is giving me a security exception. I think it s because of the grant code sections:
grant {
permission java.net.SocketPermission "*:1024-65535",
"connect,accept";
permission java.net.SocketPermission "*:80", "connect";
};My problem is that I can't understand were to put this code segment, and I read the same page over and over again, and could not find were is says were to put it!!
As I said I think it is from this, but maybe it is from other parts! not sure! ... Maybe you need to run the server side from a web server??
The links of the tutorial I am following is the following (from sun java website itself):
http://java.sun.com/docs/books/tutorial/rmi/
and the following link is were there is the grant permission code:
http://java.sun.com/docs/books/tutorial/rmi/running.html
Thanks for any sugestions!I still have the exception:
ComputeEngine exception: access denied (java.net.SocketPermission host resolve)
java.security.AccessControlException: access denied (java.net.SocketPermission host resolve)I followed the tutorial step by step, reading and writing the provided code so far. So this is what I have now at the moment:
I create a permision file and I called it java.policy. In this file I have the following code:
grant {
permission java.net.SocketPermission "*:1024-65535",
"connect,accept";
permission java.net.SocketPermission "*:80", "connect";
};Then I have the following code sugested by WirajR in the engine class, which is the server side application:
static{
System.setProperty("security.policy", "java.policy");
}I compiled everything, and no errors are given. But when i run just the server side, I still recieve the above error. When I debuged the application it stops on the following line:
Naming.rebind(name, engine);Were name is a string containing the following text :
"//host/Compute"and engine is the class to be exposed over RMI.
I am betting my problem is with name!! ... maybe
or else my permission file has invalid data.
Also wanted to add that security seems to have been taken care of in that tutorial by the following lines of code:
if (System.getSecurityManager() == null) {
System.setSecurityManager(new RMISecurityManager());
}Aren't these to set the security policy? -
Hi, there!
This is cross-post from "NetWeaver AS, Java" forum.
I have a security issue when I try to run RMI client code in the web application on the Web AS 2004s. There is
lookup statement in JSP or servlet code:
Naming.lookup("//server/RemoteClass")
which throws
java.io.AccessControlException: access denied (java.io.FilePermission
D:\usr\sap\AS1\JC00\j2ee\cluster\server0\apps\sap.com\MyEntApp\servlet_jsp\MyWebApp\work\com\mycompany\packagename\RemoteClassImpl_Stub.class read)
I have investigated where "java.security.policy" parameter is setup, there has value "./java.policy". This file is
regenerated each time when web AS is started, thus I created another policy file, granted file permission for
above path and set it as -Djava.security.policy in server start parameter. It doesn't resolve problem, I have
investigated this parameter doesn't correlate with real application run-time permissions. Has anybody ideas?
Thanks
P.S. This code works fine as a standalone application.File Name : policy.txt
grant {
permission java.security.AllPermission;
};Run ur program as follows:
java -Djava.security.policy=policy.txt <Java Client > -
I am trying to connect to my RMI Server and am having a problem. My code looks like this:
if( System.getSecurityManager() == null ) {
SecurityManager security=new SecurityManager();
security.checkAccept(serverAddress, serverPort);
System.setSecurityManager( security );
registry=LocateRegistry.getRegistry(serverAddress, (new Integer(serverPort)).intValue());
// look up the remote object
rmiServer= (PRFromDatabaseInterface)(registry.lookup("prFromDBServer"));
// call the remote method
System.out.println("Connecting to rmiServr");
return rmiServer.attemptLogin(email, password);The error I am getting looks like this:
Exception in thread "AWT-EventQueue-0" java.security.AccessControlException: access denied (java.net.SocketPermission 192.168.2.201:3500 accept,resolve)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
at java.security.AccessController.checkPermission(AccessController.java:427)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkAccept(SecurityManager.java:1157)
at us.mylan.pr.main.FromDatabase.<init>(FromDatabase.java:84)Does anyone have any ideas what is wrong?I Just realized the port wasn't specified. When I do specifity it, I get this error:
sending Sample Text to 192.168.4.204:4000
java.rmi.UnmarshalException: Error unmarshaling return header; nested exception is:
java.io.EOFExceptionAnd then the server throws a different error:
Exception in thread "RMI TCP Connection(idle)" java.security.AccessControlException: access denied(java.net.SocketPermission 192.167.4.6:54458 accept, resolve)Which I do not understand why it is port 54458. The client code looks like:
public class RmiClient {
static public void main(String args[])
PRFromDatabaseInterface rmiServer;
Registry registry;
String serverAddress="192.168.4.204";
String serverPort="4000";
String text="Sample Text";
System.out.println("sending "+text+" to "+serverAddress+":"+serverPort);
try{
// get the registry
registry=LocateRegistry.getRegistry(serverAddress, (new Integer(serverPort)).intValue());
// look up the remote object
rmiServer= (PRFromDatabaseInterface)(registry.lookup("prFromDBServer"));
// call the remote method
rmiServer.attemptLogin("[email protected]", "password");
catch(RemoteException e){
e.printStackTrace();
catch(NotBoundException e){
e.printStackTrace();
}Edited by: BDJ2K on Jan 10, 2009 6:38 AM -
Hello,
I'm planning to create some client-server applications using the WebLogic
RMI implementation but I'm a little bit worried about the security issues
that can be raised.
Basically, I don't know whether or not WebLogic provides dynamic class
loading (RMIClassLoader). If so, how to prevent this to happen, since I want
to make it sure that no hostile client will be able to hack my application
in that it will download some classes that will mess with my data.
Anybody has any comments on that?
Thanks in advance for any help.
Andre Mendonca
[email protected]Just to make things clearer, this is the RMI specification from Javasoft
(very interesting, by the way):
"When parameters and return values for a remote method invocation are
unmarshalled to become live objects in the receiving JVM, class definitions
are required for all of the types of objects in the stream. The
unmarshalling process first attempts to resolve classes by name in its local
class loading context (the context class loader of the current thread). RMI
also provides a facility for dynamically loading the class definitions for
the actual types of objects passed as parameters and return values for
remote method invocations from network locations specified by the
transmitting endpoint. This includes the dynamic downloading of remote stub
classes corresponding to particular remote object implementation classes
(and used to contain remote references) as well as any other type that is
passed by value in RMI calls, such as the subclass of a declared parameter
type, that is not already available in the class loading context of the
unmarshalling side."
My question is: If a client invokes a method in the object residing in the
weblogic server, passing as a parameter an object that the server doesn't
know, will weblogic try to download the class from the client location?
Continuing: later in the specification, one can read:
"For every class descriptor read from an RMI marshal stream, the
resolveClass method reads a single object from the stream. If the object is
a String (and the value of the java.rmi.server.useCodebaseOnly property is
not true), then resolveClass returns the result of calling
RMIClassLoader.loadClass with the annotated String object as the first
parameter and the name of the desired class in the class descriptor as the
second parameter. Otherwise, resolveClass returns the result of calling
RMIClassLoader.loadClass with the name of the desired class as the only
parameter."
So, can I set this property to false in the StartWebLogic.cmd file and
expect weblogic not to download any unknown code? Will weblogic classloader
understand it? What's the default behavior of weblogic server?
By the way, I'm using WLS 4.5.1, in a windows NT environment.
Thanks in advance.
Andre Mendonca
[email protected]
"Andre Mendonca" <[email protected]> wrote in message
news:[email protected]...
Hello,
I'm planning to create some client-server applications using the WebLogic
RMI implementation but I'm a little bit worried about the security issues
that can be raised.
Basically, I don't know whether or not WebLogic provides dynamic class
loading (RMIClassLoader). If so, how to prevent this to happen, since Iwant
to make it sure that no hostile client will be able to hack my application
in that it will download some classes that will mess with my data.
Anybody has any comments on that?
Thanks in advance for any help.
Andre Mendonca
[email protected] -
Are arguments passed to remote methods hashed in some way? Or do I need to manually secure the arguments I am passing to my remote methods.
Well, I kind of agree with you. Anything is nonsense until you understand it. By the way, landing on the moon was a very stupid idea...
I have personally completed the development of RMI over JXTA and it is running on my machines everyday. That means RMI can run over any known network infrastructure that can transport bits and bytes reasonably fast, thanks to the network independent design goal of JXTA.
It is true the current implementation of Jini is built on RMI. It sounds silly that you would run RMI over Jini over RMI. But it does not do any harm to keep that technical option open. Suppose you want to run your existing RMI applications on somebody's existing secured Jini infrastructure without major modifications of your applications.
Use your imagination, dude, otherwise programming would be a very boring job. -
Error: while generating SQL.java.rmi.ServerException:
Hi:
I tried the JGuru's "MusicStore" example. HOwever at Task 6 and 7 I am getting the following error:
Error: while generating SQL.java.rmi.ServerException:
RemoteException occured in server thread; nested exception is:
* java.rmi.RemoteException: Error connecting to database;
nested exception is:
* SQL Exception: Failed to start database 'MusicStoreDB', see
the next exception for details.
Please make sure the database name/user/password is valid
and the J2ee server and database are running.
However when i check my database it is running perfectly:
E:\>%j2ee_home%\bin\cloudscape -start
Sun Feb 16 12:48:11 PST 2003: [RmiJdbc] Starting Cloudscape RmiJdbc Server Version
Sun Feb 16 12:48:14 PST 2003: [RmiJdbc] COM.cloudscape.core.JDBCDriver registered i
Sun Feb 16 12:48:14 PST 2003: [RmiJdbc] Binding RmiJdbcServer...
Sun Feb 16 12:48:14 PST 2003: [RmiJdbc] No installation of RMI Security Manager...
Sun Feb 16 12:48:14 PST 2003: [RmiJdbc] RmiJdbcServer bound in rmi registry
Server:
J2EE server listen port: 1050
Naming service started:1050
Binding DataSource, name = jdbc/DB2, url = jdbc:cloudscape:rmi:CloudscapeDB;crea
te=true
Binding DataSource, name = jdbc/Cloudscape, url = jdbc:cloudscape:rmi:Cloudscape
DB;create=true
Binding DataSource, name = jdbc/InventoryDB, url = jdbc:cloudscape:rmi:Cloudscap
eDB;create=true
Binding DataSource, name = jdbc/DB1, url = jdbc:cloudscape:rmi:CloudscapeDB;crea
te=true
Binding DataSource, name = jdbc/MusicStore, url = jdbc:cloudscape:rmi:MusicStore
DB;create=false
Binding DataSource, name = jdbc/XACloudscape, url = jdbc/XACloudscape__xa
Binding DataSource, name = jdbc/XACloudscape__xa, dataSource = COM.cloudscape.co
re.RemoteXaDataSource@1d88db7
Starting JMS service...
Initialization complete - waiting for client requests
Binding: < JMS Destination : jms/Topic , javax.jms.Topic >
Binding: < JMS Destination : jms/Queue , javax.jms.Queue >
Binding: < JMS Cnx Factory : TopicConnectionFactory , Topic , No properties >
Binding: < JMS Cnx Factory : QueueConnectionFactory , Queue , No properties >
Binding: < JMS Cnx Factory : jms/QueueConnectionFactory , Queue , No properties
>
Binding: < JMS Cnx Factory : jms/TopicConnectionFactory , Topic , No properties
>
Starting web service at port: 8000
Starting secure web service at port: 7000
J2EE SDK/1.3.1
Starting web service at port: 9191
J2EE SDK/1.3.1
J2EE server startup complete.
Can anyone suggest me a way out..plzwhat type of persistent u r using also post ur query if bmp and check with another example with cmp.
-
GF 3.1.1 - java.security.AccessControlException: access denied - server.log
I am upgrading an old NB4.1 produced JSP system that runs on Netscape iplanet to NB7.0.1 built JSP system running on Glassfish 3.1.1. I have four main files: login.html, login.jsp, ApplicationRmiConnection, and MenuManager.jsp . Three of four are working. The login.html is only a startup means to be sent to the login.jsp. The ApplicationRmiConnection is a servlet called by the login.jsp. It reads a properties file, establishes connection with the RMI and database (currently on the OLD system (Netscape iplanet)) which it does quite well. After the ApplicationRmiConnection is established and working the MenuManager.jsp . The first output from the MenuManager.jsp is a series of application.log calls for verification of data passed in from the successful ApplicationRmiConnection database read.
How does GF 3.1.1 loose AccessControl permissions to the server.log to which it is writing? All I am using is application.log statements and it coughs, chokes, and quits.
My output stacktrace is:
INFO: PWC1412: WebModule[null] ServletContext.log():ApplicationRmiConnect: getRealPath("/") = [C:\Program Files\glassfish\glassfish-3.1\glassfish\domains\domain1\applications\MyApplication\]
INFO: PWC1412: WebModule[null] ServletContext.log():MenuMgr: sParms - RMI Connect = com.company.rmi.ServerAppClientAdapter@19ca6bc
INFO: PWC1412: WebModule[null] ServletContext.log():MenuMgr: caught an Exception
WARNING: StandardWrapperValve[jsp]: PWC1406: Servlet.service() for servlet jsp threw exception
java.security.AccessControlException: access denied (java.io.FilePermission C:\Program Files\glassfish\glassfish-3.1\glassfish\domains\domain1\logs\server.log read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
at java.io.File.exists(File.java:731)
at com.sun.enterprise.server.logging.GFFileHandler.publish(GFFileHandler.java:676)
at java.util.logging.Logger.log(Logger.java:481)
at com.sun.logging.LogDomains$1.log(LogDomains.java:354)
at java.util.logging.Logger.doLog(Logger.java:503)
at java.util.logging.Logger.logp(Logger.java:619)
at com.sun.enterprise.web.logger.IASLogger.write(IASLogger.java:127)
at com.sun.enterprise.web.logger.LoggerBase.log(LoggerBase.java:190)
at com.sun.enterprise.web.logger.IASLogger.log(IASLogger.java:57)
at org.apache.catalina.core.StandardContext.log(StandardContext.java:6828)
at org.apache.catalina.core.ApplicationContext.log(ApplicationContext.java:449)
at org.apache.catalina.core.ApplicationContextFacade.log(ApplicationContextFacade.java:359)
at org.apache.jsp.MenuMgr_jsp._jspService(MenuMgr_jsp.java from :533)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:111)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:403)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:492)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:378)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1539)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:98)
at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:91)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:162)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:330)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:174)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:828)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:725)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1019)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:225)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:662)The problem area has been found. We need to know the best method to replace the two lines of code we commented out. Here is what we found.
Glassfish 3.1.1 Security does not play well with old RMI security (JDK1.2 vintage). Furthermore, once the old RMI security has messed with the mind of GF3.1.1 security the GF security truly believes it has in some cases no permission to read its own server.log file.
Here is the offending code commented out in the Server Client Adapter (client wrapper):
Note: this is legacy rmi code. i.e. manually executed rmic on the appropriate classfiles as this was originally created for java 1.2.
// if(System.getSecurityManager() == null)
// System.setSecurityManager(new RMISecurityManager());
remote = (com.davisco.rmi.ServerAppServantAdapter_Stub)Naming.lookup(stringbuffer.toString());
A thank you goes out to www.velocityreviews.com/forums/t276590-access-denied-java-lang-runtimepermission-createsecuritymanager.html even if it is five years old.
Again, this is using the original version of RMI. How do we re-implement the RMI Security Manager without offending GF 3.1.1 security? -
Access denied security policy file
All i a simple client which is trying to talk to a remote EJB. When i try and startup the client i get the following error.
java.security.AccessControlException: access denied (java.util.PropertyPermission java.security.policy write)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
at java.security.AccessController.checkPermission(AccessController.java:427)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.System.setProperty(System.java:699)
at com.db.abmonitor.client.Client.example(Client.java:51)And i am calling it like
System.setProperty("java.security.policy", "client.policy");
if (System.getSecurityManager() == null)
System.setSecurityManager(new RMISecurityManager()); And i have defined a client.policy file in the src directory of the project under eclipse, with the following entries
grant {
permission java.security.AllPermission;
};Anyone got any ideas ?Ah RMI headaches...
here is what i blogged for my own self when i was starting with the RMI security stuff:
Since i havent figured out how to do SecurityManager stuff properly, i can override 2 checkPermission methods in SecurityManager with empty method bodies, thats a quick and dirty fix.
- Alternativly, you can set your policy file located in /lib/security/java.policy to: http://java.sun.com/docs/books/tutorial/rmi/example-1dot2/java.policy
- or pass the property to the policy location: -Djava.security.policy=./policy.all
maybe that will help...
i think that maybe your policy file isnt being found where it should be -
Hello All,
I have a basic question about RMI. Usually we run RMI client like:
java -dcodebase=http://mysite.com -djava.securit.policy=mypolicy.policy client
Is it possible to run RMI client on web browsers, say, through Java servlet, Tomcat is installed?
If possible, how to configure Tomcat and the client, may be servlet? I don't think RMI server need change.
Thanks
ChenTomcat is for servers. Why would that change the
client?Thanks for the reply. I want to put RMI client in Tomcat, the RMI client connect to RMI server (not in the Web server, some other place). The questionis :
Every RMI client need start like this:
java -Djava.rmi.security=my.policy myclient
But in Tomcat, we only have classes. The servlet call the class(es) to finish the request and return response. In fact my question is how to provide security policy to these classes?
Merry Xmas!
CL -
Hi:
I am a complete newbie on RMI, I want to know whether the following task should be achieved by using RMI. Basically, I have a java application sitting on a server machine (unix machine), and I want to be able to call that application from another client machine using the command line prompt (client machine is WIN2000). I was told to open a TCP port to do this. Umm, basically, does this task involve RMI at all?
Please give me some general direction on this problem, thanx a lot.You could perform the communication as mentioned, having a process open a server socket on the server machine and wait for information to be sent from a client. You will end up defining the format and protocols used in the communications over the socket, but if sufficiently simple, this approach would work fine.
If you want to send more complex data or commands, or invoke methods on the server from the client, RMI is a good avenue to explore. It requires some infrastructure, however: you must be running an RMIRegistry process on the server, you must properly put your stubs and interfaces somewhere they can be dynamically downloaded (or packaged up with the client), and you must work through various RMI Security issues.
These things are not hard to pick up, however, and the RMI path in the Java Tutorial is a good place to start learning about such things. -
Please, help in RMI UnmarshalException: nested exception is: EOFException
Good day,
I have a problem in sample program, similar like an Oracle oriinal in "Getting Started Usin Java RMI", identically on server and client sides. It correctly works in NetBeans IDE, but never alone, as JAR archive or java class, if I used java -jar or java -classpath command-line form. Fragment of the server code includes final check on correct read from remote object, it corrrectly works within NetBeans but cause UnmarshalException in same server side in independent launch form (WeatherBean - sample object, contains points to information about city name, weather description, temperathure an small "weather" icon, WeatherService - interface with one getWeatherInformation() function):
String serverObjectName = "WeatherService";
final int remotePort = 1099;
final String remoteHost = "localhost";
Registry registry = LocateRegistry.getRegistry(remoteHost);
WeatherService remoteObject = (WeatherService)
UnicastRemoteObject.exportObject(service, 0);
registry.rebind(serverObjectName, remoteObject);
//control export output
java.util.List<WeatherBean> list =
service.getWeatherInformation();
for (int i = 0; i < list.size(); i++) {
WeatherBean wb = list.get(i);
service.addTextWeatherString(wb.getCityName() + " " +
wb.getDescription() + " " + wb.getTemperature());
//back read exported object (cause error)
String[] regArr = registry.list();
java.util.List<String> regList = Arrays.asList(regArr);
if (regList.contains(serverObjectName)) {
Remote remote = registry.lookup(serverObjectName);
if (Proxy.isProxyClass(remote.getClass())) {
Proxy proxy = (Proxy) remote;
InvocationHandler invocationHandler =
Proxy.getInvocationHandler(proxy);
WeatherService weatherService = (WeatherService)
Proxy.newProxyInstance(
WeatherService.class.getClassLoader(),
new Class[] { WeatherService.class },
invocationHandler);
list = weatherService.getWeatherInformation();
for (int i = 0; i < list.size(); i++) {
WeatherBean wb = list.get(i);
service.addTextWeatherString(wb.getCityName() + " " +
wb.getDescription() + " " + wb.getTemperature());
}Starts with form java -jar WeatherServiceProj.jar (my project name) cause this error:
java.rmi.UnmarshalException: error unmarshalling return; nested exception is:
java.io.EOFException
at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:173)
at java.rmi.server.RemoteObjectInvocationHandler.invokeRemoteMethod(RemoteObjectInvocationHandler.java:178)
at java.rmi.server.RemoteObjectInvocationHandler.invoke(RemoteObjectInvocationHandler.java:132)
at $Proxy0.getWeatherInformation(Unknown Source)
at deitel.rmi.weather.server.WeatherServiceImpl.main(WeatherServiceImpl.java:381)
Caused by: java.io.EOFException
at java.io.DataInputStream.readInt(DataInputStream.java:375)
at java.io.ObjectInputStream$BlockDataInputStream.readInt(ObjectInputStream.java:2775)
at java.io.ObjectInputStream.readInt(ObjectInputStream.java:949)
at javax.swing.ImageIcon.readObject(ImageIcon.java:441)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at java.io.ObjectStreamClass.invokeReadObject(ObjectStreamClass.java:974)
at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1848)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1752)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1328)
at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:1946)
at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1870)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1752)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1328)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:350)
at java.util.ArrayList.readObject(ArrayList.java:593)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at java.io.ObjectStreamClass.invokeReadObject(ObjectStreamClass.java:974)
at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1848)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1752)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1328)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:350)
at sun.rmi.server.UnicastRef.unmarshalValue(UnicastRef.java:306)
at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:155)
... 4 moreI try to use many forms of java -Dxxxx keys, such as -Djava.rmi.server.codebase or -Djava.rmi.security.policy, but it does not help. Maybe i don't know something else? Key or sustem property, e. g.?
Great thanks for some little help,
Jaroslav
Edited by: EJP on 5/10/2011 20:21: added {noformat}{noformat} tags: please use them.Sweta,
Is this a java mapping or Graphical, If Java, you should not run into this issue as you dont load the nested XSD`s.
Also the error message indicates outofMemory in mercator side when posting your Large message.
java.lang.OutOfMemoryError at com.philips.xi.mercator.MercatorCall.execute(MercatorCall.java:90) at
Regards
Ravi Raman
Edited by: Ravi Raman on Jun 30, 2010 4:26 PM -
Hi,
Developping a small RMI application, I face the following issues:
I can run several RMI servers on a machine (launched with 1 or more userId (root, guest, foo)) but how can RMI clients be notified of how many RMI servers have been launched (and their port number). How to specify the server we want to log in ? Is it possible to have from a client the list of all RMI servers running on a machine ?
I would like that clients use login/passwd to connect the RMI server. In fact, If the client authentifies itself with root/passroot it automatically runs on the root RMI server launched. How can I do that ?
Thanks.
If it is not clear enought I will explain my problems differently.Here are my replies:
1) the issue is that the server can execute system commands (kill ,renice, performance command...). So, I don't want, if a server has been started as root, that every body accessing this server can run a kill on a process. So every user would have to launch its own server and then only access to services it can perform normally when logging on this machine. Moreover the RMI server has to retrieve a lot of infomation in less than 1sec (do some sys calls and internally retrive the state of all processes running on the server machine) so I think is better do launch several servers.
Note: the client MUST have a direct access to the server machine. It is a pre-requiered.
2) Thanks.
3) So the client can send the login/passwd info tho the server, which look in the unix account on the system, register the client with the good server and that accept the connection.
A lot of messages talking aboiut RMI security gives some idea on how implmenting a secured connection between client/server but I cannot find any pseudo-code or code sample.
Do you have sme pointers ?
Thanks
Maybe you are looking for
-
Mail search not working, here's what I tried so far
Hi folks, The problem: Search in Mail no longer works. I can search for a mail that came in 5 minutes ago (and I’m looking at it in my inbox or one of the folders) but Mail won’t find it. Spotlight in the Finder seems OK but it has periods where it c
-
I have a 32GB, 4th Generation iPod Touch, with only 5GB of free iCloud Storage offered. Why should I pay more for iPod Storage, when I receive the same amount of iCloud Storage as the iDevices with less iPod Storage? I understand the Marketing/Busine
-
My page is displayed perfectly in design view, reflecting the CSS rules I've created, but when I preview in Live View and in a browser, it's as if there is no style sheet attached at all... ??
-
Hey All, Got a weird thing happening here. System: OESNW running GW 703 hp3 Problem: I have one user who, when he logs in to webaccess, sees duplicate emails from some, not all senders. It doesn't happen consistently to the same senders either. We tr
-
Flashplayer not working in samsung galaxy 10.1
we have our own intranet site which required adobe flash player 8 or above. by default samsung galaxy tab 10.1 (android) comes with flash 10.1, i cant able to view the flash content. still it is not working after updating to version 11 also. Please h