JRMPInvoker RMI/JRMP

The org.jboss.invocation.jrmp.server.JRMPInvoker class is an MBean service that provides the RMI/JRMP implementation of the Invoker interface. The JRMPInvoker exports itself as an RMI server so that when it is used as the Invoker in a remote client, the JRMPInvoker stub is sent to the client instead and invocations use the RMI/JRMP protocol.

The JRMPInvoker MBean supports a number of attribute to configure the RMI/JRMP transport layer. Its configurable attributes are:

• RMIObjectPort: sets the RMI server socket listening port number. This is the port RMI clients will connect to when communicating through the proxy interface. The default setting in the jboss-service.xml descriptor is 4444, and if not specified, the attribute defaults to 0 to indicate an anonymous port should be used.

• RMIClientSocketFactory: specifies a fully qualified class name for the java.rmi.server.RMIClientSocketFactory interface to use during export of the proxy interface.

• RMIServerSocketFactory: specifies a fully qualified class name for the java.rmi.server.RMIServerSocketFactory interface to use during export of the proxy interface.

• ServerAddress: specifies the interface address that will be used for the RMI server socket listening port. This can be either a DNS hostname or a dot-decimal Internet address. Since the RMIServerSocketFactory does not support a method that accepts an InetAddress object, this value is passed to the RMIServerSocketFactory implementation class using reflection. A check for the existence of a public void setBindAddress(java.net.InetAddress addr) method is made, and if one exists the RMIServerSocketAddr value is passed to the RMIServerSocketFactory implementation. If the RMIServerSocketFactory implementation does not support such a method, the ServerAddress value will be ignored.

• SecurityDomain: specifies the JNDI name of an org.jboss.security.SecurityDomain interface implementation to associate with the RMIServerSocketFactory implementation. The value will be passed to the RMIServerSocketFactory using reflection to locate a method with a signature of public void setSecurityDomain(org.jboss.security.SecurityDomain d). If no such method exists the SecurityDomain value will be ignored.

   <!-- RMI/JRMP invoker -->
   <mbean code="org.jboss.invocation.jrmp.server.JRMPInvoker"
      name="jboss:service=invoker,type=jrmp">
      <attribute name="RMIObjectPort">4444</attribute>
      <attribute name="ServerAddress">${jboss.bind.address}</attribute>
      <!--
      <attribute name="RMIClientSocketFactory">custom</attribute>
      <attribute name="RMIServerSocketFactory">custom</attribute>
      <attribute name="RMIServerSocketAddr">custom</attribute>
      <attribute name="SecurityDomain">ssl-domain-name</attribute>
      -->
      <depends>jboss:service=TransactionManager</depends>
   </mbean>

Custom socket example for mutual authentication

This example shows a javabean type of configuration of the RMIServerSocketFactory to require mutual authentication, required cipher suites, and protocols:

   <mbean code="org.jboss.invocation.jrmp.server.JRMPInvoker"
      name="jboss:service=invoker,type=jrmp,socketType=SSLSocketFactory,wantsClientAuth=true">
      <attribute name="RMIObjectPort">0</attribute>
      <attribute name="RMIClientSocketFactory">org.jboss.security.ssl.RMISSLClientSocketFactory
      </attribute>
      <attribute name="RMIServerSocketFactoryBean"
         attributeClass="org.jboss.security.ssl.RMISSLServerSocketFactory"
         serialDataType="javaBean">
        <property name="bindAddress">${jboss.bind.address}</property>
        <property name="securityDomain">java:/jaas/rmi-ssl</property>
        <property name="wantsClientAuth">true</property>
        <property name="needsClientAuth">true</property>
        <property name="CiperSuites">TLS_DHE_DSS_WITH_AES_128_CBC_SHA</property>
        <property name="Protocols">SSLv2Hello,SSLv3,TLSv1</property>
      </attribute>
   </mbean>