|
|||||||||
PREV PACKAGE NEXT PACKAGE | FRAMES NO FRAMES |
See:
Description
Class Summary | |
RegistryImpl | Class RegistryImpl implements the Registry interface using an implementation
object obtained from LocateRegistry . |
RMISecureSocketFactory | Class RMISecureSocketFactory creates secures sockets for RMI connections. |
RMISSLServerSocket | Class RMISSLServerSocket extends SSLeayServerSocket by
creating a |
RMISSLServerSocketFactory | Class RMISSLServerSocketFactory provides server sockets for RMI calls. |
RMISSLSocket | Class RMISSLSocket extends the SSLeaySocket and provides
an acoounting for all communications thorugh the created sockets: the most
recent thread which used a socket is associated to it. |
RMISSLSocketFactory | Class RMISSLSocketFactory provides RMISSLSockets for
RMI calls. |
SecureRMIRegistry | Class SecureRMIRegistry starts an RMI registry using secure sockets. |
provides the means for secure RMI calls. In this context, secure means:
The package uses the de.tu_darmstadt.sp.ssl package for the SSL functionality. It is a nice example how to extend the de.tu_darmstadt.sp.ssl package.
In order to have "secure" RMI calls, we need socket factories which produce secure sockets. This is achieved by extending the SSLeayServerSocketFactory by RMISSLServerSocketFactory and SSLeaySocketFactory by RMISSLSocketFactory. We have to extend the default factories of the de.tu_darmstadt.sp.ssl package since a different policy for the created sockets is needed (full authentication for client and server). Finally, instances of the two mentioned factories are used in the RMISecureSocketFactory to create sockets and server sockets.
Every created socket is recorded. This information is needed at runtime by the RMI client or server to find out the peer's identity. This is the reason to extend the SSLeaySocket class, which does not perform any accounting of the connections it has participated into. The new socket class is RMISSLSocket. Wee need also to extend SSLeayServerSocket in order to produce RMISSLSockets. The new server socket class is RMISSLServerSocket.
// Specify the security information -- otherwise factory creation
// Set the new factory into the system
// (Specify a security manager..)
RMISocketFactory.setSocketFactory(new RMISecureSocketFactory());
System.setSecurityManager(new RMISecurityManager());
There is another posibility to create a secure connection, using the new RMI features of Java 2. You should use this alternative if you do not whish to have the secure sockets for all RMI calls. For a detailed description on how to use custom sockets, read the RMI documentation.
// create Unicast remote object..
clientFact = new RMISSLClientSocketFactory();
serverFact = new RMISSLServerSocketFactory();
rmiServerObject = new RMIServerWithCustomSockets(clientFact,serverFact);
The de.tu_darmstadt.sp.rmi package contains also the srmiregistry programm, which is the secure rmiregistry counterpart (uses SSL sockets). The srmiregistry registers itslelf at the normal rmiregistry after creation. Therefore, its usage is:
Note that rmiregistry has to be started before srmiregistry. Inside Java applications, the reference to the newly started registy service may be obtained using the following code:srmiregistry registry_name
my_secure_registry=Naming.lookup(); my_secure_registry.lookup(...)
|
|||||||||
PREV PACKAGE NEXT PACKAGE | FRAMES NO FRAMES |