java.rmi.AccessException:不允许Registry.rebind; origin /10.0.0.71是非本地主机

时间:2018-04-30 15:30:33

标签: java rmi remote-access remote-server

我有一个使用RMI的简单客户端/服务器计算器应用程序。服务器和客户端在不同的Linux机器上。客户端IP为10.0.0.71,服务器IP为10.0.1.100。

这是远程接口:

package com.simplecalc.commons;

import java.rmi.Remote;
import java.rmi.RemoteException;

public interface Calculator extends Remote {
    public float add(float a, float b) throws RemoteException;
}

这是实现远程接口的服务器端代码:

package com.simplecalc.server;

import java.rmi.RemoteException;
import com.simplecalc.commons.Calculator;

public class CalculatorImpl implements Calculator {
    @Override
    public float add(float a, float b) throws RemoteException {
        float result = a + b;
        System.out.println("$ (" + a + " + " + b + ") = " + result);
        return result;
    }
}

这是运行应用程序的服务器端代码:

package com.simplecalc.server;

import java.rmi.RemoteException;
import java.rmi.registry.LocateRegistry;
import java.rmi.registry.Registry;
import java.rmi.server.UnicastRemoteObject;

import com.simplecalc.commons.Calculator;

public class Server {

    private static void setPolicy() {
        System.setProperty("java.security.policy", "file:///calculator.policy");
        if (System.getSecurityManager() == null) {
            System.setSecurityManager(new SecurityManager());
        }
    }

    public static void main(String[] args) throws RemoteException {
        setPolicy();
        int port = 1099;
        Calculator engine = new CalculatorImpl();
        Calculator stub = (Calculator) UnicastRemoteObject.exportObject(engine, 0);
        Registry registry = LocateRegistry.getRegistry(port);
        System.out.println("Registering calculator object ...");
        registry.rebind(Calculator.class.getSimpleName(), stub);
    }
}

最后,这是调用计算器的客户端:

package com.simplecalc.client;

import java.rmi.NotBoundException;
import java.rmi.RemoteException;
import java.rmi.registry.LocateRegistry;
import java.rmi.registry.Registry;

import com.simplecalc.commons.Calculator;

public class CalculatorClient {

    private static void setPolicy() {
        System.setProperty("java.security.policy", "file:///calculator.policy");
        if (System.getSecurityManager() == null) {
            System.setSecurityManager(new SecurityManager());
        }
    }

    public static void main(String[] args) throws RemoteException, NotBoundException {
        setPolicy();
        int port = 1099;
        String server="10.0.1.100";

        Registry registry = LocateRegistry.getRegistry(server, port);
        Calculator calculator = (Calculator) registry.lookup(Calculator.class.getSimpleName());
        registry.rebind(server, calculator);
        float result = calculator.add(10F, 5F);
        System.out.println("Result: " + result);
    }
}

这是calculator.policy文件:

grant {
    permission java.security.AllPermission;
    permission java.net.SocketPermission "localhost:1099", "connect, resolve";
    permission java.net.SocketPermission "127.0.0.1:1099", "connect, resolve";
    permission java.net.SocketPermission "10.0.0.71:1099", "connect, resolve";
    permission java.net.SocketPermission "localhost:80", "connect, resolve";
};

我编译了服务器代码并成功启动了rmiregistry,如下所示:

cd server_classes_directory
rmiregistry 1099 &

然后我成功地运行了课程com.simplecalc.server.Server

当我运行类com.simplecalc.client.CalculatorClient时,我得到了异常:

Exception in thread "main" java.rmi.ServerException: RemoteException occurred in server     thread; nested exception is: 
    java.rmi.AccessException: Registry.rebind disallowed; origin /10.0.0.71 is non-local host
    at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:389)
    at sun.rmi.transport.Transport$1.run(Transport.java:200)
    at sun.rmi.transport.Transport$1.run(Transport.java:197)
    at java.security.AccessController.doPrivileged(Native Method)
    at sun.rmi.transport.Transport.serviceCall(Transport.java:196)
    at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:573)
    at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:835)
    at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.lambda$run$0(TCPTransport.java:688)
    at java.security.AccessController.doPrivileged(Native Method)
    at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:687)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    at java.lang.Thread.run(Thread.java:748)
    at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(    StreamRemoteCall.java:283)
    at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:260)
    at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:375)
    at sun.rmi.registry.RegistryImpl_Stub.rebind(RegistryImpl_Stub.java:155)
    at com.simplecalc.client.CalculatorClient.main(CalculatorClient.java:27)
Caused by: java.rmi.AccessException: Registry.rebind disallowed; origin /10.0.0.71 is     non-local host
    at sun.rmi.registry.RegistryImpl.checkAccess(RegistryImpl.java:350)
    at sun.rmi.registry.RegistryImpl_Skel.dispatch(RegistryImpl_Skel.java:128)
    at sun.rmi.server.UnicastServerRef.oldDispatch(UnicastServerRef.java:468)
    at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:300)
    at sun.rmi.transport.Transport$1.run(Transport.java:200)
    at sun.rmi.transport.Transport$1.run(Transport.java:197)
    at java.security.AccessController.doPrivileged(Native Method)
    at sun.rmi.transport.Transport.serviceCall(Transport.java:196)
    at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:573)
    at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:835)
    at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.lambda$run$0(TCPTransport.java:688)
    at java.security.AccessController.doPrivileged(Native Method)
    at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:687)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    at java.lang.Thread.run(Thread.java:748)

任何想法的人?

2 个答案:

答案 0 :(得分:1)

正如错误所述,您无法绑定,重新绑定或取消绑定远程注册表。您必须在同一主机中运行。这是RMI的基本安全措施。

但是你的客户首先不应该做绑定。这没有意义。它所要做的就是将刚刚查找的服务器重新绑定到同一个注册表中。只需删除它。

答案 1 :(得分:0)

最后我发现了问题。

  1. 事情是,我用来注册和查找rmi服务的方式仅在客户端和服务器位于同一台机器上时才有效。
  2. 没有必要实例化SecurityManager
  3. 远程接口实现必须扩展UnicastRemoteObject
  4. 我完全打开了java安全策略。
  5. 这是新的远程接口实现:

    package com.simplecalc.server;
    
    import java.rmi.RemoteException;
    import java.rmi.server.UnicastRemoteObject;
    import com.simplecalc.commons.Calculator;
    
    public class CalculatorImpl extends UnicastRemoteObject implements Calculator {
        @Override
        public float add(float a, float b) throws RemoteException {
            float result = a + b;
            System.out.println("$ (" + a + " + " + b + ") = " + result);
            return result;
        }
    }
    

    这是新的服务器类:

    package com.simplecalc.server;
    
    import java.rmi.RemoteException;
    import java.rmi.registry.LocateRegistry;
    import java.rmi.registry.Registry;
    import java.rmi.server.UnicastRemoteObject;
    
    import com.simplecalc.commons.Calculator;
    
    public class Server {
    
        public static void main(String[] args) throws RemoteException {
            final int port = 1099;
            final String serverIp = "10.0.1.100";
            final String serviceName = Calculator.class.getSimpleName();
            final String url = "rmi://" + serverIp + ":" + port + "/" + serviceName;
    
            System.out.println("Registering calculator object ...");
            CalculatorImpl engine = new CalculatorImpl();
            Naming.rebind(url, engine);
            System.out.println("Server listening on " + url);
        }
    }
    

    这是新的客户端类:

    package com.simplecalc.client;
    
    import java.rmi.NotBoundException;
    import java.rmi.RemoteException;
    import java.rmi.registry.LocateRegistry;
    import java.rmi.registry.Registry;
    
    import com.simplecalc.commons.Calculator;
    
    public class CalculatorClient {
    
    public static void main(String[] args) throws RemoteException, NotBoundException {
            final int port = 1099;
            final String serverIp = "10.0.1.100";
            final String serviceName = Calculator.class.getSimpleName();
            final String url = "rmi://" + serverIp + ":" + port + "/" + serviceName;
    
            Calculator calculator = (Calculator) Naming.lookup(url);
            float result = calculator.add(10F, 5F);
            System.out.println("Result: " + result);
        }
    }
    

    calculator.policy文件:

    grant {
        permission java.security.AllPermission;
    };