RemotingHandler

EJOE does already contain applicable RemotingHandlers. Their employment makes the implementation of custom ServerHandlers redundant, does not relieve however in all cases of further server-lateral adjustments, since in complex server architectures necessary functionality often cannot be served in particular simply by reflection.

The use of the RemotingHandler requires additional information about the classes and methods available on the server. RemotingHandler require an extended parameter list:

  • package and name of the targeted class
  • name of the method or constructor to use
  • the required arguments of the targeted method or constructor
When using a RemotingHandler you have to encapsulate your client requests within a sepcial container: The RemotingRequest. This container is used both as data-container and as distinctive mark for a request of type "RemoteReflection" on the server.
import de.netseeker.ejoe.EJClient;
import de.netseeker.ejoe.request.RemotingRequest;
...
{
	EJClient ejClient = new EJClient( "192.168.1.21", 80 );
	List result = null;
	try
	{
		RemotingRequest request = new RemotingRequest( "com.who.AddressManagement",		
			"listAddressesByName", new Object[]{ "Mustermann" } );
		result = (List)ejClient.execute(request );
	}
	catch(RemoteException re)
	{
		//EJServer did return an Error
	}
	catch(IOException e)
	{
		//connection or serialization issues maybe?
	}
	...
}
Remoting-Requests have to be encapsulated within a RemotingRequest!

security concerns

RemotingHandler are a dangerous thing by nature - at least in theory: Clients could tap all possible functions of the server via a RemotingRequest. EJOE does reject all remote reflection calls by default and does permit such calls only, which are registered in a special configuration file.

EJOE looks for a file called "ejoe-reflectionconf.properties" on the classpath. If it does exist, remote-reflection calls will be permitted for all classes and packages listed within that file. If it does not exist, EJOE will load a very restricitve default configuration from the file "META-INF/ejoe-reflection-conf.properties".

#############################################################################################
# This is the default configuration for remote reflection in EJOE.
# EJOE handles received reflection requests by clients VERY restrictive:
# Only packages/classes which are listed in this file
# can be used for remote reflection.
# To overwrite the reflection settings, provide a customized
# ejoe-reflection-conf.properties on the classpath.
#############################################################################################
de.netseeker.ejoe.test.*

The recursive permission of all classes of a package as well as of all sub-packages and their classes takes place via indication of the star symbol:

package.path.*

The purposeful permission of individual classes takes place via the completely qualified indication of package- and classnames:

package.path.MyClass