Technology Sharing

Spring Boot integrated rmi quick start demo

2024-07-12

한어Русский языкEnglishFrançaisIndonesianSanskrit日本語DeutschPortuguêsΕλληνικάespañolItalianoSuomalainenLatina

1. What is RMI?

RMI (Remote Method Invocation) is a basic idea in distributed programming. There are many technologies for implementing remote method invocation, such as CORBA and WebService, both of which are independent of each programming language. Java RMI is a remote method invocation mechanism designed specifically for the Java environment. It is a Java API for implementing remote procedures (RPC), which can directly transmit serialized Java objects and distributed garbage collection. Its implementation depends on the JVM, so it supports calls from one JVM to another. In Java RMI, the remote server implements specific Java methods and provides interfaces. The local client only needs to provide corresponding parameters according to the definition of the interface class to call the remote method, where the object is encoded and transmitted in a serialized manner. So the exploitation of deserialization vulnerabilities often involves RMI, which is what it means. The communication protocol that RMI relies on is JRMP (Java Remote Message Protocol), which is customized for Java and requires that both the server and the client must be written in Java.

Interaction process

rmi_architecture

registry

The interaction process can be simply summarized as:

  1. First, start the RMI Registry service. You can specify the port that the service listens on or use the default port (1099).
  2. Secondly, the server first instantiates an implementation class that provides services locally, and then registers the instantiated implementation class to the RMI Registry through the bind or rebind method of the Naming/Context/Registry class provided by RMI and exposes a name to the outside world;
  3. Finally, the client uses the local interface and a known name (name exposed by the RMI Registry) to get the implementation class from the RMI Service using the lookup methods of the Naming/Context/Registry classes provided by RMI. In this way, although there is no implementation class of this class locally, all methods are in the interface, so the methods of the remote object can be called;

2. Code Engineering

Experimental objectives

Experiment with a simple rmi service and call it through the client

rmi-server

This is a server-side project, mainly providing rmi service interface

pom.xml
  1. <?xml version="1.0" encoding="UTF-8"?>
  2. <project xmlns="http://maven.apache.org/POM/4.0.0"
  3.          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  4.          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  5.     <parent>
  6.         <artifactId>rmi</artifactId>
  7.         <groupId>com.et</groupId>
  8.         <version>1.0-SNAPSHOT</version>
  9.     </parent>
  10.     <modelVersion>4.0.0</modelVersion>
  11.  
  12.     <artifactId>rmi-server</artifactId>
  13.  
  14.     <properties>
  15.         <maven.compiler.source>8</maven.compiler.source>
  16.         <maven.compiler.target>8</maven.compiler.target>
  17.     </properties>
  18.     <dependencies>
  19.         <dependency>
  20.             <groupId>org.springframework.boot</groupId>
  21.             <artifactId>spring-boot-starter-web</artifactId>
  22.         </dependency>
  23.  
  24.         <dependency>
  25.             <groupId>org.springframework.boot</groupId>
  26.             <artifactId>spring-boot-autoconfigure</artifactId>
  27.         </dependency>
  28.         <dependency>
  29.             <groupId>org.springframework.boot</groupId>
  30.             <artifactId>spring-boot-starter-test</artifactId>
  31.             <scope>test</scope>
  32.         </dependency>
  33.         <dependency>
  34.             <groupId>org.springframework.boot</groupId>
  35.             <artifactId>spring-boot-starter-data-jpa</artifactId>
  36.         </dependency>
  37.         <dependency>
  38.             <groupId>com.et</groupId>
  39.             <artifactId>rmi-common</artifactId>
  40.             <version>1.0-SNAPSHOT</version>
  41.         </dependency>
  42.         <dependency>
  43.             <groupId>com.h2database</groupId>
  44.             <artifactId>h2</artifactId>
  45.             <version>1.4.200</version>
  46.         </dependency>
  47.     </dependencies>
  48. </project>
config
  1. package com.et.rmi.server.config;
  2.  
  3. import com.et.rmi.server.dao.CustomerRepository;
  4.  
  5. import com.et.rmi.server.model.Customer;
  6. import com.et.rmi.server.service.CustomerServiceImpl;
  7. import om.et.rmi.common.CustomerService;
  8. import org.springframework.boot.ApplicationArguments;
  9. import org.springframework.boot.ApplicationRunner;
  10. import org.springframework.context.annotation.Bean;
  11. import org.springframework.remoting.rmi.RmiServiceExporter;
  12. import org.springframework.stereotype.Component;
  13.  
  14. import java.util.logging.Logger;
  15.  
  16. @Component
  17. public class RmiServerApplicationRunner implements ApplicationRunner {
  18.  
  19.     private CustomerRepository repository;
  20.     private CustomerServiceImpl customerService;
  21.     private final Logger log = Logger.getLogger(this.getClass().getName());
  22.  
  23.     public RmiServerApplicationRunner(CustomerServiceImpl customerService) {
  24.         this.customerService = customerService;
  25.     }
  26.  
  27.     @Override
  28.     public void run(ApplicationArguments args) throws Exception {
  29.         Customer customer1 = new Customer("John", "Smith", "123-456-7890");
  30.         customerService.saveCustomer(customer1);
  31.         customerService.getCustomers().forEach(System.out::println);
  32.     }
  33.  
  34.     @Bean
  35.     public RmiServiceExporter customerServiceExporter() {
  36.         RmiServiceExporter customerServiceExporter = new RmiServiceExporter();
  37.         customerServiceExporter.setRegistryPort(1199);
  38.         customerServiceExporter.setServiceName("customerService");
  39.         customerServiceExporter.setServiceInterface(CustomerService.class);
  40.         customerServiceExporter.setService(customerService);
  41.         log.info("Started RMI Server");
  42.         return customerServiceExporter;
  43.     }
  44. }
service
  1. package com.et.rmi.server.service;
  2.  
  3. import com.et.rmi.server.dao.CustomerRepository;
  4.  
  5. import com.et.rmi.server.mapper.CustomerMapper;
  6. import com.et.rmi.server.model.Customer;
  7. import om.et.rmi.common.CustomerDTO;
  8. import om.et.rmi.common.CustomerService;
  9. import org.springframework.stereotype.Service;
  10.  
  11. import java.util.List;
  12.  
  13. @Service
  14. public class CustomerServiceImpl implements CustomerService {
  15.  
  16.     private CustomerRepository repository;
  17.  
  18.     public CustomerServiceImpl(CustomerRepository repository) {
  19.         this.repository = repository;
  20.     }
  21.  
  22.     @Override
  23.     public CustomerDTO getCustomer(long id) {
  24.         Customer customer = repository.findById(id).orElseThrow(IllegalArgumentException::new);
  25.         CustomerMapper mapper = new CustomerMapper();
  26.         CustomerDTO dto = mapper.mapToDTO(customer);
  27.         System.out.println(dto);
  28.         return dto;
  29.     }
  30.  
  31.     public List<Customer> getCustomers() {
  32.         return (List<Customer>)repository.findAll();
  33.     }
  34.     public void saveCustomer(Customer customer) {
  35.         repository.save(customer);
  36.     }
  37. }
dao
  1. package com.et.rmi.server.dao;
  2.  
  3. import com.et.rmi.server.model.Customer;
  4. import org.springframework.data.repository.CrudRepository;
  5. import org.springframework.stereotype.Repository;
  6.  
  7. import java.util.Optional;
  8.  
  9. @Repository
  10. public interface CustomerRepository extends CrudRepository<Customer, Long> {
  11.     Optional<Customer> findById(long id);
  12. }
mapper
  1. package com.et.rmi.server.mapper;
  2.  
  3. import com.et.rmi.server.model.Customer;
  4.  
  5. import om.et.rmi.common.CustomerDTO;
  6.  
  7. public class CustomerMapper {
  8.  
  9.     public CustomerMapper() {
  10.     }
  11.  
  12.     public CustomerDTO mapToDTO(Customer customer){
  13.         CustomerDTO dto = new CustomerDTO();
  14.         dto.setFirstName(customer.getFirstName());
  15.         dto.setLastName(customer.getLastName());
  16.         dto.setSocialSecurityCode(customer.getSocialSecurityCode());
  17.         return dto;
  18.     }
  19. }
model
  1. package com.et.rmi.server.model;
  2.  
  3.  
  4. import javax.persistence.*;
  5.  
  6. @Entity
  7. @SequenceGenerator(name = "CUST_SEQ", initialValue = 1_000_001)
  8. public class Customer {
  9.  
  10.     @Id
  11.     @GeneratedValue(strategy = GenerationType.SEQUENCE, generator = "CUST_SEQ")
  12.     private long id;
  13.     private String firstName;
  14.     private String lastName;
  15.     private String socialSecurityCode;
  16.  
  17.     public Customer() {
  18.     }
  19.  
  20.     public Customer(String firstName, String lastName, String socialSecurityCode) {
  21.         this.firstName = firstName;
  22.         this.lastName = lastName;
  23.         this.socialSecurityCode = socialSecurityCode;
  24.     }
  25.  
  26.     public long getId() {
  27.         return id;
  28.     }
  29.  
  30.     public String getFirstName() {
  31.         return firstName;
  32.     }
  33.  
  34.     public void setFirstName(String firstName) {
  35.         this.firstName = firstName;
  36.     }
  37.  
  38.     public String getLastName() {
  39.         return lastName;
  40.     }
  41.  
  42.     public void setLastName(String lastName) {
  43.         this.lastName = lastName;
  44.     }
  45.  
  46.     public String getSocialSecurityCode() {
  47.         return socialSecurityCode;
  48.     }
  49.  
  50.     public void setSocialSecurityCode(String socialSecurityCode) {
  51.         this.socialSecurityCode = socialSecurityCode;
  52.     }
  53.  
  54.     @Override
  55.     public String toString() {
  56.         return "Customer{" +
  57.                 "id=" + id +
  58.                 ", firstName='" + firstName + ''' +
  59.                 ", lastName='" + lastName + ''' +
  60.                 ", socialSecurityCode='" + socialSecurityCode + ''' +
  61.                 '}';
  62.     }
  63. }
application.properties
spring.jpa.show-sql=false
spring.jpa.hibernate.ddl-auto=update
spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.H2Dialect

rmi-client

This is a client project, mainly calling the remote rmi service

pom.xml
  1. <?xml version="1.0" encoding="UTF-8"?>
  2. <project xmlns="http://maven.apache.org/POM/4.0.0"
  3.          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  4.          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  5.     <parent>
  6.         <artifactId>rmi</artifactId>
  7.         <groupId>com.et</groupId>
  8.         <version>1.0-SNAPSHOT</version>
  9.     </parent>
  10.     <modelVersion>4.0.0</modelVersion>
  11.  
  12.     <artifactId>rmi-cilent</artifactId>
  13.  
  14.     <properties>
  15.         <maven.compiler.source>8</maven.compiler.source>
  16.         <maven.compiler.target>8</maven.compiler.target>
  17.     </properties>
  18.     <dependencies>
  19.         <dependency>
  20.             <groupId>org.springframework.boot</groupId>
  21.             <artifactId>spring-boot-starter-web</artifactId>
  22.         </dependency>
  23.  
  24.         <dependency>
  25.             <groupId>org.springframework.boot</groupId>
  26.             <artifactId>spring-boot-autoconfigure</artifactId>
  27.         </dependency>
  28.         <dependency>
  29.             <groupId>org.springframework.boot</groupId>
  30.             <artifactId>spring-boot-starter-test</artifactId>
  31.             <scope>test</scope>
  32.         </dependency>
  33.         <dependency>
  34.             <groupId>com.et</groupId>
  35.             <artifactId>rmi-common</artifactId>
  36.             <version>1.0-SNAPSHOT</version>
  37.         </dependency>
  38.     </dependencies>
  39. </project>
controller
  1. package com.et.rmi.client.controller;
  2.  
  3.  
  4. import om.et.rmi.common.CustomerDTO;
  5. import om.et.rmi.common.CustomerService;
  6. import org.springframework.http.MediaType;
  7. import org.springframework.http.ResponseEntity;
  8. import org.springframework.remoting.rmi.RmiProxyFactoryBean;
  9. import org.springframework.stereotype.Controller;
  10. import org.springframework.web.bind.annotation.PathVariable;
  11. import org.springframework.web.bind.annotation.RequestMapping;
  12. import org.springframework.web.bind.annotation.RequestMethod;
  13.  
  14. @Controller
  15. @RequestMapping(value = "customers")
  16. public class CustomerController {
  17.  
  18.     private RmiProxyFactoryBean proxyFactoryBean;
  19.  
  20.     public CustomerController(RmiProxyFactoryBean proxyFactoryBean) {
  21.         this.proxyFactoryBean = proxyFactoryBean;
  22.     }
  23.  
  24.     @RequestMapping(value = "{id}", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
  25.     public ResponseEntity<CustomerDTO> getCustomer(@PathVariable long id) {
  26.         CustomerService service = (CustomerService) proxyFactoryBean.getObject();
  27.         CustomerDTO dto = service.getCustomer(id);
  28.         return ResponseEntity.ok(dto);
  29.     }
  30. }
config
  1. package com.et.rmi.client.config;
  2.  
  3. import om.et.rmi.common.CustomerService;
  4. import org.springframework.context.annotation.Bean;
  5. import org.springframework.remoting.rmi.RmiProxyFactoryBean;
  6. import org.springframework.stereotype.Component;
  7. import org.springframework.util.StringUtils;
  8.  
  9. import java.util.logging.Logger;
  10.  
  11. @Component
  12. public class Config {
  13.  
  14.     public final Logger log = Logger.getLogger(this.getClass().getName());
  15.  
  16.     @Bean
  17.     public RmiProxyFactoryBean proxyFactoryBean() {
  18.         String remoteHost = System.getProperty("RMI_SERVER_HOST");
  19.         if(StringUtils.isEmpty(remoteHost)){
  20.             remoteHost="127.0.0.1";
  21.         }
  22.         String rmiHost = String.format("rmi://%s:1199/customerService", remoteHost);
  23.         log.info("RMI Host name is " + rmiHost);
  24.         RmiProxyFactoryBean proxy = new RmiProxyFactoryBean();
  25.         proxy.setServiceInterface(CustomerService.class);
  26.         proxy.setServiceUrl(rmiHost);
  27.         proxy.afterPropertiesSet();
  28.         return proxy;
  29.     }
  30. }
application.properties
server.port=8081

rmi-common

This is a public package, both server and client must reference it

  1. package om.et.rmi.common;
  2.  
  3. import java.io.Serializable;
  4.  
  5. public class CustomerDTO implements Serializable {
  6.  
  7.     private String firstName;
  8.     private String lastName;
  9.     private String socialSecurityCode;
  10.  
  11.     public CustomerDTO() {
  12.     }
  13.  
  14.     public String getFirstName() {
  15.         return firstName;
  16.     }
  17.  
  18.     public void setFirstName(String firstName) {
  19.         this.firstName = firstName;
  20.     }
  21.  
  22.     public String getLastName() {
  23.         return lastName;
  24.     }
  25.  
  26.     public void setLastName(String lastName) {
  27.         this.lastName = lastName;
  28.     }
  29.  
  30.     public String getSocialSecurityCode() {
  31.         return socialSecurityCode;
  32.     }
  33.  
  34.     public void setSocialSecurityCode(String socialSecurityCode) {
  35.         this.socialSecurityCode = socialSecurityCode;
  36.     }
  37.  
  38.     @Override
  39.     public String toString() {
  40.         final StringBuffer sb = new StringBuffer("CustomerDTO{");
  41.         sb.append("firstName='").append(firstName).append(''');
  42.         sb.append(", lastName='").append(lastName).append(''');
  43.         sb.append(", socialSecurityCode='").append(socialSecurityCode).append(''');
  44.         sb.append('}');
  45.         return sb.toString();
  46.     }
  47. }
  1. package om.et.rmi.common;
  2.  
  3. public interface CustomerService {
  4.     CustomerDTO getCustomer(long id);
  5. }

The above are just some key codes. For all codes, please refer to the following code repository

Code repository

3. Testing

  • Start the rmi-server service
  • Start the rmi-client service
  • Visit http://127.0.0.1:8081/customers/1000001
  • return{"firstName":"John","lastName":"Smith","socialSecurityCode":"123-456-7890"}

4. References

Personal profile

I have devoted myself to the research of technology for more than 30 years. I am proficient in various languages ​​such as Java, Linux, JavaScript, PHP, CSS, etc. I have made many contributions in the field of open source. I have established a developer documentation site to share some problems in technology development for everyone to read.

my contact information

Mail