Subject: | Re: Basic RMI port usage questions |
From: | Peter Jones - JavaSoft East <[log in to unmask]> |
Reply-To: | Peter Jones - JavaSoft East <[log in to unmask]> |
Date: | Fri, 28 Feb 2003 00:09:54 -0500 |
Content-Type: | text/plain |
>I am attempting a basic usage of RMI between two machine with a firewall >between. The registry and remote application are running on the same machine >which runs UNIX OS. The client app runs on Win2000. The Java version is >1.3.1 > >The RMI registry has been started on port 1510. This port has been opened >through the firewall. However, the connection fails. We see the following >behavior: > >There is activity on port 1510 >There is also an attempt to connect on port 2679 which is the SSL sync port. >Why? > >In a configuration where there is no firewall where the RMI connection >succeeds, we observe that the RMI server changes listening ports each time >it is started. The sequence is: > >The RMI server starts. >The client connects on 1510 and then requests an additional port to connect >on. >The RMI server provides that information back to the client. > >What are the implications on the firewall? What ports need to be opened? Is >there a way to restrict port usage to one or a few ports. By default, UnicastRemoteObject binds to an anonymous listening port (chosen once per virtual machine instance), but that behavior can be varied in a couple of ways: - You can tell UnicastRemoteObject explicitly what TCP port to bind to and to receive calls for a given remote object on. For a remote implementation class that extends UnicastRemoteObject, this can be done by using the superclass constructor that has an "int" parameter (which is the TCP port to use). For a remote implementation class that does not extend UnicastRemoteObject, this can be done by using the static UnicastRemoteObject.exportObject method that has an "int" parameter. - You can export a UnicastRemoteObject with a custom server socket factory (instance of java.rmi.server.RMIServerSocketFactory), by using the UnicastRemoteObject constructor or static exportObject method that has custom socket factory paraeters. An RMIServerSocketFactory can control the creation of server socket objects for remote objects exported with it, so it can map a request for an anonymous port (zero) to a specific port value, rather than an arbitrary one. The first approach is the easiest if you do not otherwise need to use a custom server socket factory. (A custom server socket factory can also be used to limit the network intefaces to listen on, for example.) If you do use a custom server socket factory, don't forget to override Object.hashCode and Object.equals as appropriate: http://developer.java.sun.com/developer/bugParade/bugs/4492317.html http://java.sun.com/j2se/1.4.1/docs/api/java/rmi/server/RMIClientSocketFactory.html http://java.sun.com/j2se/1.4.1/docs/api/java/rmi/server/RMIServerSocketFactory.html -- Peter ========================================================================== To unsubscribe, send email to listserv@java.sun.com and include in the body of the message "signoff RMI-USERS". For general help, send email to listserv@java.sun.com and include in the body of the message "help". For a list of frequently asked RMI questions please refer to: http://java.sun.com/j2se/1.3/docs/guide/rmi/faq.html |