Java Reference
In-Depth Information
}
// try
catch (RemoteException re)
{
System.err.println (re);
}
The only exception to deal with here is the general RMI
RemoteException
.If
the remote
method1()
had declared any custom exceptions that it might throw,
then those would be caught here too.
Obviously the remote
add()
method would be called similarly. And the
server-side
doSomethingLocal()
method cannot be called at all from the
client, since that method is not a remote method.
18.5 RMI security issues
Since the advent of Java 2, the security issues surrounding RMI have become
more stringent. Some of these issues were present in JDK 1.1 and before, but
we assume a Java 2 platform in the following discussion. The issues to be dealt
with are the need for a
security manager
, the specification of the
codebase
where
downloadable bytecodes may be found, and the
policy file
that defines permissions
granted to the client and server applications.
18.5.1 The security manager
On both the client and server sides, a security manager typically must be run-
ning (see Chapter 14 for a discussion of security managers). Normally, the
java.rmi.RMISecurityManager
is used, though you are free to use one
of your own if special requirements must be met. A security manager is required
in order to guarantee that the classes that get loaded do not perform operations
that they should not be allowed to perform. If no security manager is specified,
then Java will not permit any class loading, by either RMI clients or servers, aside
from what can be found in the local
CLASSPATH
.For this simple example, the
server finds all of its classes in its own
CLASSPATH
so a security manager is
not strictly required. However, more complicated servers might need to receive a
remote object from the client as a method parameter, possibly requiring the trans-
fer of bytecodes from the client to server, and thus involve the security manager.
It is safest to always install a security manager with the following code:
if (System.getSecurityManager() == null) {
System.setSecurityManager (new RMISecurityManager ());
}
The same code snippet should be used on the client side as well, since it is normal
for clients to download remote bytecodes for the stub objects if nothing else. The
one exception is when the RMI client is an applet, in which case the web browser
Search WWH ::
Custom Search