• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Question on rmiregistry

 
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,
Do I need to have two separate external rmiregistry running, if I am implementing one rmi server without SSL and another with SSL (custom socket implementation)?

Is it possible to have one rmiregistry running externally and having to rebind both server (no ssl and with ssl) on the same port.

Thanks,
Santh
 
Ranch Hand
Posts: 291
Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You can bind two rmi servers using different names to the same registry.

Each rmi server uses a different port number. This is how each communicates with clients. You can specify the port number yourself in the export, or let the rmi runtime pick the port.
 
Santh Narayanan
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
My rmiregistry is running on port 9999

Now I bind my following servers:

Naming.rebind(�rmi://mac:9999/server1�, obj1);
Naming.rebind(�rmi://mac:9999/server2�, obj2);


Server2 (obj2) implements custom socket factory
Server1 (obj1) does not implement SSL

My question is, the rmiregistry which is running on port 9999 is not SSL based registry. So how would the call be secure (RMI over SSL)?

- Santh
 
Bartender
Posts: 4121
IntelliJ IDE Spring Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The client's calls to the rmiregistry would not be using SSL - so they would not be "secure" - but all that is in the call is a request for a stub to the server. Once the client needs to talk to the server, then SSL-wrapped sockets are used for all the calls. The document Implementing a Custom RMI Socket Factory on Sun's site gives specifics on how to do this.

If you want both SSL and non-SSL RMI objects in the same registry, this is the approach to use. It provides security if all you're worried about is someone packet sniffing sensitive information from client/server communication - however, spoofing is still possible (i.e. - initial registry request is intercepted and a "hacked" server implementation is returned by someone). You may not be worried about spoofing, however, because it is a lot more unlikely to happen than packet sniffing.
 
Santh Narayanan
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Nathan.

Having both SSL and non-SSL RMI objects in the same external registry, I am getting an interesting problem when keep my client idle for 5 or 6 minutes.

The system throws an exception "java.rmi.NoSuchObjectException: no such object in table". The client's Naming.lookup(<url> succeeds, but when the client invokes a method it throws the exception. This happens only for RMI over SSL and not the non-SSL RMI. The non-SSL RMI continues to work fine.

The java runtime environment is: build 1.5.0_06-b05

I went thru all following links, still could not find the answer.
http://archives.java.sun.com/cgi-bin/wa?A2=ind0509&L=rmi-users&P=617
http://archives.java.sun.com/cgi-bin/wa?A2=ind0512&L=rmi-users&P=3747
http://archives.java.sun.com/cgi-bin/wa?A2=ind0601&L=rmi-users&P=1985




Thanks,
-Santh
 
Santh Narayanan
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Please Advice.

- Santh
 
Nathan Pruett
Bartender
Posts: 4121
IntelliJ IDE Spring Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Sorry - don't know the cause of this...

Some suggestions - in the case of a NoSuchObjectException, try to do a few loops where you do another Naming.lookup() of the server, and try to call the method again - this would see if the server will permanently throw NoSuchObjectException - or whether this is only some kind of "temporary" problem related to the lease expiring (the message directly above your error) and taking a long time to be renewed for some reason...

The end of that first RMI-users message you referenced seems to imply that using a custom socket factory could cause either removal or replacement of the registry binding or DGC communication failure, which would cause this exception.

Unfortunately, I haven't been able to find anything further on this - perhaps you could email the author of the RMI-users post and see if he can give any further insight?
 
reply
    Bookmark Topic Watch Topic
  • New Topic