1 Reply Latest reply on Mar 30, 2004 10:20 AM by Scott Stark

    UserTransaction using HTTP AND RMI

    Andreas Kilian Newbie

      Hello List,

      we have the following problem:
      An intranet client is using RMI to communicate with jboss. Now some people outside the intranet need be able to use the client, too. i have read within this forum that it isn´t very easy to open a two level firewall for rmi because jboss uses dynamic ports. Beside of this, a remote client can also have access to the internet through it's own firewall.

      So we decided to switch to RMI over HTTP. Everything works fine with the communication from outside the firewall, but within the intranet it isn´t possible to connect to the application server anymore. Due to the two-firewalls architecture it isn´t possible to get a connection to the first irewall
      because within the configuration of the http invoker we have to insert the hostname of it.

      To locate the jboss within the DMZ is no option because of security issues.

      Then we thought its no problem to configure a second invoker. RMI and RMI over HTTP at the same time. That would be no problem how it is described in the documentation.

      BUT:

      How is it possible to configure the ClientUserTransaction on both invokers ?

      I read the whole forum and the whole documentation. I always found only descriptions for RMI or HTTP but never for both together.
      Is there no posibitlity to configure jboss to use two invokers, HTTP for the firewall-communication and RMI for the local communication?
      Because of our client-architecture we have to use ClientUserTransactions.

      Kind Regards
      Max Wittmann

        • 1. Re: UserTransaction using HTTP AND RMI
          Scott Stark Master

          RMI/HTTP does not support the ClientUserTransaction context currently. You can configure the RMI/JRMP layer to use fixed ports by setting the JRMPInvoker RMIObjectPort, which is fixed by default ot 4444. The ports for the RMI interface into the naming service can also be fixed, and are by default as of 3.2.3. Read the securing jboss doc on sourceforge for more info on the various ports.