如何组织RMI客户端 - 服务器体系结构 [英] How to organize RMI Client-Server architecture

问题描述

我正在RMI中开发一个安全的银行服务，其中包含服务器和客户端的GUI。

I am developing a secured Banking service in RMI with a GUI both for Server and Client.

服务器必须能够记录每个操作（新用户，删除用户，提款，寄存...）
客户将执行这些操作。
由于一切都是安全的，客户必须首先在GUI中创建一个带有名称和密码的帐户。之后，GUI将Bank UserList（arrayList）中的User添加为新Customer，User可以执行多个操作。
起初看起来很简单，但我认为我的概念不正确。

The Server must be able to log every operations (new User, deleted User, Withdrawal, Lodgement...) The Client will do these operations. As everything is secured, the Client must at first, create an account with a name and a password in the GUI. After that, the GUI adds the User in the Bank UserList(arrayList) as a new Customer and the User can do several operations. It seems straightforward at first but I think my conception is not correct.

通过RMI发送整个银行是否正确？因为起初我以为Bank会是服务器，但我找不到另一种方法来做到这一点。
目前，客户端GUI要求输入登录名和密码，并通过RMI接收银行。用户的名称和密码的哈希值。

Is it correct to send the whole Bank by RMI ? Because at first I thought Bank would be the server but I cannot find another way to do that. Currently, the Client GUI asks for a login and a password, and receives the Bank by RMI. A User is characterized by a name and a hash of the password.

private String name;
private byte[] passwordDigest;

事实上，GUI正在进行所有安全检查，我不知道它是否相关。当您键入login // password时，它将搜索Bank中的登录名并比较密码的哈希值。
事实上，我的印象是客户知道太多信息，因为当你拥有银行时，你拥有一切......

In fact the GUI is doing every security checking and I don't know if it's relevant. When you type login//password, it will search the login in the Bank and compare the hash of the password. In fact I have the impression that the Client knows too much information because when you have the Bank you have everything..

看起来是否正确或是我需要改变我的实施？

Does it seem correct or do I need to change my implementation ?

推荐答案

你需要两个远程对象类。

You need two remote object classes.

第一个是通过 Naming.lookup（）获得的;它是一个单身人士;它包含一个 login（）方法。

The first one is obtained via Naming.lookup(); it is a singleton; and it contains a login() method.

此方法返回第二个远程对象，它不是单例，未在注册表中注册，并为每个返回值重新创建。此对象包含所有银行业务方法以及 logout（）方法，该方法将其取消导出;它可能还实现了 Unreferenced 接口，因此它可以检测死客户端，并取消导出自身。因为它每个客户端存在一次，它可以保存客户端状态，并且因为只能通过成功的登录步骤获得它才能解决您的安全问题。

This method returns the second remote object, which is not a singleton, not registered in the Registry, and is created anew for every return value. This object contains all the banking methods and also a logout() method, which unexports it; it probably also implements the Unreferenced interface so it can detect a dead client, and unexport itself. Because it exists once per client, it can hold client state, and because it can only be obtained by a successful login step it solves your security problem.

public interface Login extends Remote
{
    Session login(String username, char[] password /* or whatever */)
        throws LoginException, RemoteException;
}

public interface Session extends Remote
{
    void logout() throws RemoteException;
    void deposit(...) throws RemoteException;
    void withdraw(...) throws RemoteException;
}

public class LoginImpl extends UnicastRemoteObject implements Login
{
    public Session login(String username, char[] password)
        throws LoginException, RemoteException
    {
        // username/password check; if it fails throw a LoginException
        return new SessionImpl(username); // or whatever
    }
}

public class SessionImpl extends UnicastRemoteObject implements Session, Unreferenced
{
    public void logout() throws RemoteException
    {
        unexportObject(this, true);
    }

    public void unreferenced()
    {
        unexportObject(this, true); // needs to be in a try/catch block of course
    }

    // etc
}

我在2001年的书中将其描述为远程会话模式。

I described this as the Remote Session pattern in my book in 2001.

当然你也需要传输层安全性：请参阅 javax.rmi.ssl。

Of course you also need transport layer security: see javax.rmi.ssl.

这篇关于如何组织RMI客户端 - 服务器体系结构的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！