CONTENTS | PREV | NEXT | Java Remote Method Invocation |
The RMI transport layer normally attempts to open direct sockets to hosts on the Internet. Many intranets, however, have firewalls that do not allow this. The default RMI transport, therefore, provides two alternate HTTP-based mechanisms which enable a client behind a firewall to invoke a method on a remote object which resides outside the firewall.As described in this section, the HTTP-based mechanism that the RMI transport layer uses for RMI calls only applies to firewalls with HTTP proxy servers.
To get outside a firewall, the transport layer embeds an RMI call within the firewall-trusted HTTP protocol. The RMI call data is sent outside as the body of an HTTP POST request, and the return information is sent back in the body of the HTTP response. The transport layer will formulate the POST request in one of two ways:
The RMI transport implementation includes an extension of the classjava.rmi.server.RMISocketFactory
, which is the default resource-provider for client and server sockets used to send and receive RMI calls; this default socket factory can be obtained via the java.rmi.server.RMISocketFactory.getDefaultSocketFactory
method. This default socket factory creates sockets that transparently provide the firewall tunnelling mechanism as follows:
- Client sockets first attempt a direct socket connection. Client sockets automatically attempt HTTP connections to hosts that cannot be contacted with a direct socket if that direct socket connection results in either a
java.net.NoRouteToHostException
or ajava.net.UnknownHostException
being thrown. If a direct socket connection results in any other exception being thrown, such as ajava.net.ConnectException
, an HTTP connection will not be attempted.- Server sockets automatically detect if a newly-accepted connection is an HTTP POST request, and if so, return a socket that will expose only the body of the request to the transport and format its output as an HTTP response.
Client-side sockets, with this default behavior, are provided by the factory'sjava.rmi.server.RMISocketFactory.createSocket
method. Server-side sockets with this default behavior are provided by the factory'sjava.rmi.server.RMISocketFactory.createServerSocket
method.
There is no special configuration necessary to enable the client to send RMI calls through a firewall.The client can, however, disable the packaging of RMI calls as HTTP requests by setting the
java.rmi.server.disableHttp
property to equal the boolean valuetrue
.
Note - The host name should not be specified as the host's IP address, because some firewall proxies will not forward to such a host name.
Depending on the server's platform and network environment, this information may or may not be available to the Java virtual machine on which the server is running. If it is not available, the host's fully qualified name must be specified with the property java.rmi.server.hostname
when starting the server.
For example, use this command to start the RMI server class ServerImpl
on the machine chatsubo.javasoft.com:
java -Djava.rmi.server.hostname=chatsubo.javasoft.com ServerImpl
Calls transmitted via HTTP requests are at least an order of magnitude slower that those sent through direct sockets, without taking proxy forwarding delays into consideration.Because HTTP requests can only be initiated in one direction through a firewall, a client cannot export its own remote objects outside the firewall, because a host outside the firewall cannot initiate a method invocation back on the client.