4 Replies Latest reply on Sep 27, 2001 10:35 AM by osw

    RMI question.

    osw
    osw Sep 26, 2001 6:55 AM

      Hi again.
      Still trying to understand user principal propagation. Looks like I found how it goes but due to lack of RMI experince I need confirmation from RMI gurus.
      So SecurityAssociation class on the client side stores user principals and credentials inside its static InheritableThreadLocal class instances. Using InheritableThreadLocal variables ensures that the principals data within them will be also available in child threads no matter where they are: on the local JVM or created on the server side by RMI calls.

      Do I get it right ?
      Do inheritable Thread data propagate with RMI calls ?

      Regards,
      Andrew.

      • 9306 Views
      • Tags:
        • 1. Re: RMI question.
          ko5tik
          ko5tik Sep 27, 2001 2:44 AM (in response to osw)

          If oyu look at the souce:
          http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/jboss/jboss/src/main/org/jboss/ejb/plugins/jrmp/interfaces/GenericProxy.java?rev=1.14&content-type=text/vnd.viewcvs-markup

          You will notice that this proxy pulls principal and credential out of SecurityAssotiation
          ( look in the invokeContainer() method )

            • Actions
          • 2. Re: RMI question.
            osw
            osw Sep 27, 2001 8:14 AM (in response to osw)

            Right, and there would be no question if both client and server were running the same java machine. In my case they are not.
            So I can rephrase my question: how remote client SecurityAssociation class shares its static data with SecurityAssociation class on the server side ?

              • Actions
            • 3. Re: RMI question.
              ko5tik
              ko5tik Sep 27, 2001 8:39 AM (in response to osw)

              If yo look in the same file:

              ------
              protected MarshalledObject createMarshalledObject(final Object id,
              final Method method,
              final Object[] args)
              throws SystemException, IOException
              {
              RemoteMethodInvocation rmi =
              new RemoteMethodInvocation(id, method, args);

              // Set the transaction propagation context
              rmi.setTransactionPropagationContext(getTransactionPropagationContext());

              // Set the security stuff
              // MF fixme this will need to use "thread local" and therefore same construct as above
              // rmi.setPrincipal(sm != null? sm.getPrincipal() : null);
              // rmi.setCredential(sm != null? sm.getCredential() : null);
              // is the credential thread local? (don't think so... but...)
              rmi.setPrincipal(getPrincipal());
              rmi.setCredential(getCredential());

              return new MarshalledObject(rmi);
              }
              ------

              Your questions would suddently dissapear. I assume
              principal & credential are serialized and transported to server.

                • Actions
              • 4. Re: RMI question.
                osw
                osw Sep 27, 2001 10:35 AM (in response to osw)

                Thank you very much.

                Regards,
                Andrew.

                  • Actions