java rmi认证&安全。 exportObject 使其公开?
问题:
当您UnicastRemoteObject.exportObject(instance)时。该实例现在是否可供所有客户公开使用?即使找到它的端口需要一点技巧。
情况是这样的:
我有一个 java RMI 客户端/服务器设置,我想添加一些身份验证。允许客户端在任何其他 RPC 调用工作之前使用用户/密码组合。
我在网上发现了一个简单的建议,乍一看似乎是个好主意。
interface LoginService implements Remote {
public MainService login(String username, char[] password) throws RemoteException;
}
interface MainService implements Remote {
/* all my real rpc calls go here */
}
这个想法是,创建一个远程对象来体现对 RPC 的经过身份验证的访问。并通过执行身份验证的第一层访问它。
LoginServiceImpl.login() 必须看起来像这样。
public MainService login(String username, char[] password) throws RemoteException {
/* verify username and password */
MainService service = new MainServiceImpl();
MainService stub = UnicastRemoteObject.exportObject(service, 0);
return stub;
}
因此,每个调用 login() 的客户端都会获得自己专用的 MainService 远程实例。当然,我会将整个内容封装在 ssl 中以保护纯文本密码。
这就是问题所在:
似乎在我导出新的 MainServiceImpl 实例后,它现在已公开可用。任何其他知道要查找内容的客户端都可以连接到它并调用该 MainServiceImpl 实例。
我必须在创建 MainService 之后将其导出,否则 RMI 不会将存根发送到客户端。相反,它会尝试序列化 MainService 实例。
我可以将用户名粘贴在 MainService 中,但这实际上没有帮助。
The Question:
When you UnicastRemoteObject.exportObject(instance). Does that instance now become publicly available to all clients. Even if a little tricky is required to find its port.
This is the situation:
I have a java RMI client/server setup and I wanted to add some authentication. Allowing the client to user a user/pass combo before any of the other RPC calls work.
I found a simple suggestion online that looked like a good idea at first.
interface LoginService implements Remote {
public MainService login(String username, char[] password) throws RemoteException;
}
interface MainService implements Remote {
/* all my real rpc calls go here */
}
The idea is, create a remote object to embody the post-authenticated access to RPC. And access it through a first tier that does the authentication.
LoginServiceImpl.login() has to looking something like that.
public MainService login(String username, char[] password) throws RemoteException {
/* verify username and password */
MainService service = new MainServiceImpl();
MainService stub = UnicastRemoteObject.exportObject(service, 0);
return stub;
}
So each client that calls login() gets its own dedicated remote instance of MainService. Naturally I'd wrap the whole thing in ssl to protect the plain-text password.
This is the problem:
It seems that after I've exported my new MainServiceImpl instance, its now publicly available. Any other client that knows what to look for could connect to it and make calls on that MainServiceImpl instance.
I have to export the MainService after I create it or RMI won't send the stub to the client. Instead it will try to serialize the MainService instance.
I could stick the username in the MainService, but that won't actually help.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
在切换到 JRMP(RMI 有线协议)之前,您需要进行身份验证。有一个 JSR 可以解决这个问题,但它被否决了。 JERI 为 JINI 做这件事。
You need to do authentication before switching to JRMP (the RMI wire-protocol). There was a JSR for this, but it got voted down. JERI does it for JINI.
SSL 与客户端身份验证可以解决这个问题。
SSL with client authentication would solve this problem.