Transcript Document

Java Remote Method
Invocation (RMI)
Slides for CSCI 3171 Lectures
E. W. Grundke
Background: Java Object Serialization
Motivation
– Normal streams do byte I/O, character I/O and other
primitive I/O; not object I/O.
– Serialization can output/input objects and primitives.
– Need to handle “graphs” of objects.
Uses
– With file I/O streams:
• persistent storage of objects
• built-in data file format for applications
– With sockets:
• transmission of objects to another virtual machine
– With RMI:
• parameters and return values for remote method
calls
– Applets can be serialized.
2
References
Cay S. Hortmann and Gary Cornell
Core Java 2 Volume I – Fundamentals
Sun Microsystems Press 2001
Philip Heller and Simon Roberts
Java Developer’s Handbook
Sybex 1999
3
Documentation
Serialization:
…\docs\guide\serialization\index.html
RMI Specification: …\docs\guide\rmi\spec\
RMI Tutorial: …\docs\guide\rmi\getstart.doc.html
Packages
– java.rmi
– java.rmi.server
4
Serialization Classes/Interfaces
Package java.io (Good documentation in the following classes.)
Serializable interface
– implemented by objects to be serialized/deserialized
– a marker interface only; no methods or fields!
ObjectOutputStream: a filter-like stream
– constructor ObjectOutputStream(OutputStream)
– writeObject(Object)(incl. arrays, strings)
– writeType(Object) (like DataOutputStream)
– flush(), close()
ObjectInputStream: a filter-like stream
– constructor ObjectInputStream(InStream)
– readObject()
(incl. arrays, strings)
– readType()
(like DataInputStream)
– close()
5
The Serialization (Output) Process
Output for a primitive:
– binary output as for DataOutputStream
Output for an object:
– class name
– serial version unique ID (a long SHA “class fingerprint”)
– primitive fields: name, data type, value
– object fields: recursively, data on referenced objects
• objects numbered serially as written
• serial numbers replace object references
– superclass description
– not written:
• no transient or static fields
• no methods; these come from the .class file!
6
The Deserialization (Input) Process
Input for a primitive:
– binary input as for DataOutputStream
Input for an object:
– "analogous" to calling a constructor
– memory for new object allocated, set to zeros
– field values from input
– non-serializable object/superclasses:
• no-arg constructor is called
– recursively, any objects referenced
7
Security Hazards
Private fields may be compromised while serialized.
Class design may be reverse engineered from the serialized
form.
8
Customized Serialization
Fields declared transient are not serialized. Used for
– references to non-serializable objects
• (typically platform-dependent fields)
– sensitive fields
Special serialization formats:
– private void writeObject(ObjectOutputStream)
– private void readObject(ObjectInputStream)
– in the object’s class (not in the I/O stream)
– default I/O methods in object stream classes:
defaultReadObject(), defaultWriteObject()
Total customization
– implement java.io.Externalizable
– Output: writeExternal()
– Input: no-arg constructor, then readExternal()
9
Other Relevant Classes/Interfaces
java.io.ObjectStreamClass
– description of serialization properties of a class
– method:
• long getSerialVersionUID()
• depends on
class name/modifiers, interface(s), static inits,
•
field names/types/mods, constructor/method sigs/mods
•
but not on method code, superclasses
• returns 0L if not serializable or externalizable
java.io.ObjectStreamField
– deals with properties of fields in serializable classes
java.io.ObjectInputValidation
– callback interface for validation of objects in a graph
10
Java RMI Overview
RMI
Client
RMI
RMI
RMI
Server
Server
Servers
RMI
Registry
(Listening
socket)
11
RMI Details
RMI
Client
RMI
Server
Stub
Classes
Skeleton
Classes
Network
Network
(Registry not shown)
12
Registry
– advertises available classes
– default TCP/IP port 1099
– listens on behalf of all RMI servers
Stub
– a local proxy object for the remote object
– implements same interface as the remote object
– calls the remote object
• passes parameters
• provides return values/objects or exception
Skeleton (not required in some environments)
– remote counterpart of the stub
13
Dynamic Class Loading
RMI
Client
RMI
Server
Web
Server
Web
Server
RMI
Registry
14
RMI Steps (see Sun Tutorial)
Write Java source files
– choose package/directory names (optional)
– write a Java interface for the remote class
• public interface X extends java.rmi.Remote
• methods must throw java.rmi.RemoteException
• parameters, return values usually remote interface types;
if not, local copies of objects will be created
– write the remote class
• implement the above interface
• define a constructor throwing RemoteException
• export the object to accept remote method calls
15
– write the server class (possibly same as the remote
class)
• server’s main() must
•
use an RMI security manager
•
create remote object(s)
•
register remote object(s) with the RMI registry
•
use Naming.rebind()
– write a client program using the remote service
use an RMI security manager
• get reference to remote object from
Naming.lookup()
Compile and deploy files *
– javac as usual (but watch the directories)
– rmic to compile stubs and skeletons from .class files
• produces MyClass_Stub.class, etc.
* client/server only, no download directory
16
Start execution
– start the registry
• Windows:
start rmiregistry
• Unix:
rmiregistry &
– start the server *
– start the client *
* Requires a security policy file; e.g.:
java -Djava.security.policy=policy Server
simplest policy file:
grant {
// Allow everything for now
permission java.security.AllPermission;
};
17
RMI Classes/Interfaces
java.rmi.Naming
– registry access
– URL format:
prot://host:port/name
• default protocl:
rmi
• default host:
localhost
• default port:
1099
– all static methods:
• void bind(String name, Remote obj);
• void rebind(String name, Remote obj);
• void unbind(String name);
• Remote lookup(String url); returns a stub
• String[] list(String registry);
– (more readable code using the Registry class)
18
java.rmi.registry.LocateRegistry
– createRegistry()
– getRegistry()
java.rmi.registry.Registry
– methods as in Naming
java.rmi.server.RMIClassLoader
19
Java Also Supports:
Persistent references to remote objects
Automatic object activation by using persistent references
Custom socket factories
– support for (e.g.) SSL
20