I am really new in java-RMI and developed a small application on it.But to run my server and client I need to execute-
Java -Djava.security.policy=client.policy
So what should I do to ommite '-Djava.security.policy=client.policy' this command? Or is there any way to implement the security policy in java program?
Thanks in advance.
Policy file is required in RMI Application so that client can connect to the remote server.you also need to implement the securityManager in the client as well as in the Server. this security manager will allow you to connect to any rmi remote host to which client is intended to connect.I think policy file cannot be ommitted in RMI. it is required.
Related
In my case, the server has been secured by passing all console access to SSH,
but the client console must remain with Telnet because it is integrated in an application that can't be modified.
Due to incompatibility of protocols I imagine a "proxy" service in order to manage the SSH protocol including authentication and encryption decoding,
that would redirect the shell dialog in plain-text to a local socket (no file transfer or other feature needed).
Any advice about solution based on Windows utility (putty, netcat ...) or JEE service dev will be welcome.
I can only install something on the Windows client system.
Thx
Is it possible to run class file which is on different system?
For instance,
I have 2 machines (server and client) and there are 2 java class files SocketServer.class and SocketClient.class in respective machines.
I need to run SocketClient.class from server machine to make connection establish between server and client. (Note: I should not run SocketClient.class manually)
Please advice?
Thanks in advance.
-Sithik
It is my understanding that the client generally makes the connection to the server to access resources on the server. In the past I have used an API to access resources on the server. Essentially I am not running the classes from the server directly I am using the API as a form of abstraction in order to handle the communication between the resources on the client side and server side.
I also mainly implement the Factory Design Pattern which may help you here.
http://howtodoinjava.com/2012/10/23/implementing-factory-design-pattern-in-java/
Ultimately your application should make requests of a server first and once a connection is established then the server will provide a response.
I have a client <-> server application that uses CORBA for communication. The client application is launched in a client machine using Java Web Start. I need to enable IIOP over SSL for the applications. On the server side, this easily done by setting keystore and keystore password in the jacorb.properties. I am not sure how to enable SSL on the client side with Javaws launch as I know very little about Java Web Start.
What are my options for enabling SSL for the javaws client
application?
If the client keystore file is placed in the server machine, how should the client application access or retrieve it?
Or can the client application generate a keystore dynamically everytime it is launched?
A little history of the application if it might help.
Prior to the upgrade the client application used custom SSL socket factory classes which retrieved the keystore from remote server machine. However, for various other reasons, we had to remove these socket factory class during the JacORB upgrade.
I decided to package the keystore in a jar and access it with JNLP. I wrote a sample program to test it. The code is available on GitHub
https://github.com/KiranMohan/corba-javaws-ssl
I am trying to work to secure a java based RMI service using SSL.
I have some basic questions about the capabilities of using SSL. Specifically, from what I understand, the client and server connecting via SSL will need to have appropriate credential certificates in both client and server, for a client to be granted access to the server. Am I correct in my understanding?
Also, what I want to know is, can a person who is already using my RMI service and has access to a client machine , make a copy of the certificate in the client machine to other client machines-- and then invoke my RMI service from those other machines as well?
How do I prevent such a situation from occurring? I mean, in a REST API you can use OAuth authentication, can we have some kind of authentication in an RMI Service?
Also, can I possibly limit usage of the RMI service? For eg, a specific client may be allowed to make only 5000 calls per day to my RMI service, and if he makes more calls the calls occurring after the 5000 calls limit are all denied? How do I do such rate limiting and/or authentication for my RMI Service?
Specifically, from what I understand, the client and server connecting via SSL will need to have appropriate credential certificates in both client and server, for a client to be granted access to the server. Am I correct in my understanding?
No. Only the server needs a certificate. The client certificate is optional.
Also, what I want to know is, can a person who is already using my RMI service and has access to a client machine , make a copy of the certificate in the client machine to other client machines-- and then invoke my RMI service from those other machines as well?
Certainly. Physical security of the certificates and the application is your problem. SSL can't solve it for you.
Also, can I possibly limit usage of the RMI service? For eg, a specific client may be allowed to make only 5000 calls per day to my RMI service, and if he makes more calls the calls occurring after the 5000 calls limit are all denied? How do I do such rate limiting and/or authentication for my RMI Service?
Code it yourself. Stick a daily counter in the database.
i am developing a client/server program in which i want to invoke a method of client program
through server program.
this is vnc based application in which the server will be running and listening to any arbitrary port number .... the client will connect to the server using a method which has argument in the form of ip and port number of server.
after that the server will be able to take control of the client's screen.
i want to call this method from server !!
i want to add a facility in which the client will submit a request and server will then connect to the client ..
i have heard about RMI but i want to know is there any other way available to achieve this if not pls post some good tutorial links on RMI .
RMI is a Java-only way for network programming or method calling but Web Service is language-independent. By web service you can integrate some application.
But my recommendation is using MOM systems. This type of system support two approach : Synchronous Model and 'Asynchronous Model'. In Java MOM is implemented via JMS.(look in here). JMS is an API and have several implementation such as :
Apache ActiveMQ
Open JMS Queue and etc
better than RMI, you could make a web service and a client for it :)
http://www.artima.com/lejava/articles/threeminutes.html