java.rmi.AccessException: Registry.rebind 不允许; origin /10.0.0.71 是非本地主机
java.rmi.AccessException: Registry.rebind disallowed; origin /10.0.0.71 is non-local host
我有一个使用 RMI 的简单 client/server 计算器应用程序。服务器和客户端在不同的 linux 机器上。客户端ip是10.0.0.71 server ip是10.0.1.100.
这是远程接口:
package com.simplecalc.commons;
import java.rmi.Remote;
import java.rmi.RemoteException;
public interface Calculator extends Remote {
public float add(float a, float b) throws RemoteException;
}
这是实现远程接口的服务器端代码:
package com.simplecalc.server;
import java.rmi.RemoteException;
import com.simplecalc.commons.Calculator;
public class CalculatorImpl implements Calculator {
@Override
public float add(float a, float b) throws RemoteException {
float result = a + b;
System.out.println("$ (" + a + " + " + b + ") = " + result);
return result;
}
}
这是 运行 应用程序的服务器端代码:
package com.simplecalc.server;
import java.rmi.RemoteException;
import java.rmi.registry.LocateRegistry;
import java.rmi.registry.Registry;
import java.rmi.server.UnicastRemoteObject;
import com.simplecalc.commons.Calculator;
public class Server {
private static void setPolicy() {
System.setProperty("java.security.policy", "file:///calculator.policy");
if (System.getSecurityManager() == null) {
System.setSecurityManager(new SecurityManager());
}
}
public static void main(String[] args) throws RemoteException {
setPolicy();
int port = 1099;
Calculator engine = new CalculatorImpl();
Calculator stub = (Calculator) UnicastRemoteObject.exportObject(engine, 0);
Registry registry = LocateRegistry.getRegistry(port);
System.out.println("Registering calculator object ...");
registry.rebind(Calculator.class.getSimpleName(), stub);
}
}
最后,这是调用计算器的客户端:
package com.simplecalc.client;
import java.rmi.NotBoundException;
import java.rmi.RemoteException;
import java.rmi.registry.LocateRegistry;
import java.rmi.registry.Registry;
import com.simplecalc.commons.Calculator;
public class CalculatorClient {
private static void setPolicy() {
System.setProperty("java.security.policy", "file:///calculator.policy");
if (System.getSecurityManager() == null) {
System.setSecurityManager(new SecurityManager());
}
}
public static void main(String[] args) throws RemoteException, NotBoundException {
setPolicy();
int port = 1099;
String server="10.0.1.100";
Registry registry = LocateRegistry.getRegistry(server, port);
Calculator calculator = (Calculator) registry.lookup(Calculator.class.getSimpleName());
registry.rebind(server, calculator);
float result = calculator.add(10F, 5F);
System.out.println("Result: " + result);
}
}
这是 calculator.policy 文件:
grant {
permission java.security.AllPermission;
permission java.net.SocketPermission "localhost:1099", "connect, resolve";
permission java.net.SocketPermission "127.0.0.1:1099", "connect, resolve";
permission java.net.SocketPermission "10.0.0.71:1099", "connect, resolve";
permission java.net.SocketPermission "localhost:80", "connect, resolve";
};
我编译了服务器代码并成功启动了 rmiregistry,如下所示:
cd server_classes_directory
rmiregistry 1099 &
然后我就成功了运行 class com.simplecalc.server.Server
当我 运行 class com.simplecalc.client.CalculatorClient 我得到异常:
Exception in thread "main" java.rmi.ServerException: RemoteException occurred in server thread; nested exception is:
java.rmi.AccessException: Registry.rebind disallowed; origin /10.0.0.71 is non-local host
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:389)
at sun.rmi.transport.Transport.run(Transport.java:200)
at sun.rmi.transport.Transport.run(Transport.java:197)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:196)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:573)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:835)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.lambda$run[=18=](TCPTransport.java:688)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:687)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer( StreamRemoteCall.java:283)
at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:260)
at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:375)
at sun.rmi.registry.RegistryImpl_Stub.rebind(RegistryImpl_Stub.java:155)
at com.simplecalc.client.CalculatorClient.main(CalculatorClient.java:27)
Caused by: java.rmi.AccessException: Registry.rebind disallowed; origin /10.0.0.71 is non-local host
at sun.rmi.registry.RegistryImpl.checkAccess(RegistryImpl.java:350)
at sun.rmi.registry.RegistryImpl_Skel.dispatch(RegistryImpl_Skel.java:128)
at sun.rmi.server.UnicastServerRef.oldDispatch(UnicastServerRef.java:468)
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:300)
at sun.rmi.transport.Transport.run(Transport.java:200)
at sun.rmi.transport.Transport.run(Transport.java:197)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:196)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:573)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:835)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.lambda$run[=18=](TCPTransport.java:688)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:687)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
大家有什么想法吗?
正如错误所述,您无法绑定、重新绑定或取消绑定 to/from 远程注册表。您必须 运行 在同一主机中。这是 RMI 的基本安全措施。
但是您的客户一开始就不应该进行绑定。这没有意义。它试图做的就是将它刚刚查找的服务器重新绑定到同一个注册表中。只需删除它。
终于找到问题了
- 问题是我用来注册和查找 rmi 服务的方法只有在客户端和服务器在同一台机器上时才有效。
- 不需要实例化
SecurityManager
- 远程接口实现必须扩展
UnicastRemoteObject
- 我完全打开 java 安全策略。
这是新的远程接口实现:
package com.simplecalc.server;
import java.rmi.RemoteException;
import java.rmi.server.UnicastRemoteObject;
import com.simplecalc.commons.Calculator;
public class CalculatorImpl extends UnicastRemoteObject implements Calculator {
@Override
public float add(float a, float b) throws RemoteException {
float result = a + b;
System.out.println("$ (" + a + " + " + b + ") = " + result);
return result;
}
}
这是新服务器class:
package com.simplecalc.server;
import java.rmi.RemoteException;
import java.rmi.registry.LocateRegistry;
import java.rmi.registry.Registry;
import java.rmi.server.UnicastRemoteObject;
import com.simplecalc.commons.Calculator;
public class Server {
public static void main(String[] args) throws RemoteException {
final int port = 1099;
final String serverIp = "10.0.1.100";
final String serviceName = Calculator.class.getSimpleName();
final String url = "rmi://" + serverIp + ":" + port + "/" + serviceName;
System.out.println("Registering calculator object ...");
CalculatorImpl engine = new CalculatorImpl();
Naming.rebind(url, engine);
System.out.println("Server listening on " + url);
}
}
这是新客户class:
package com.simplecalc.client;
import java.rmi.NotBoundException;
import java.rmi.RemoteException;
import java.rmi.registry.LocateRegistry;
import java.rmi.registry.Registry;
import com.simplecalc.commons.Calculator;
public class CalculatorClient {
public static void main(String[] args) throws RemoteException, NotBoundException {
final int port = 1099;
final String serverIp = "10.0.1.100";
final String serviceName = Calculator.class.getSimpleName();
final String url = "rmi://" + serverIp + ":" + port + "/" + serviceName;
Calculator calculator = (Calculator) Naming.lookup(url);
float result = calculator.add(10F, 5F);
System.out.println("Result: " + result);
}
}
calculator.policy 文件:
grant {
permission java.security.AllPermission;
};
我有一个使用 RMI 的简单 client/server 计算器应用程序。服务器和客户端在不同的 linux 机器上。客户端ip是10.0.0.71 server ip是10.0.1.100.
这是远程接口:
package com.simplecalc.commons;
import java.rmi.Remote;
import java.rmi.RemoteException;
public interface Calculator extends Remote {
public float add(float a, float b) throws RemoteException;
}
这是实现远程接口的服务器端代码:
package com.simplecalc.server;
import java.rmi.RemoteException;
import com.simplecalc.commons.Calculator;
public class CalculatorImpl implements Calculator {
@Override
public float add(float a, float b) throws RemoteException {
float result = a + b;
System.out.println("$ (" + a + " + " + b + ") = " + result);
return result;
}
}
这是 运行 应用程序的服务器端代码:
package com.simplecalc.server;
import java.rmi.RemoteException;
import java.rmi.registry.LocateRegistry;
import java.rmi.registry.Registry;
import java.rmi.server.UnicastRemoteObject;
import com.simplecalc.commons.Calculator;
public class Server {
private static void setPolicy() {
System.setProperty("java.security.policy", "file:///calculator.policy");
if (System.getSecurityManager() == null) {
System.setSecurityManager(new SecurityManager());
}
}
public static void main(String[] args) throws RemoteException {
setPolicy();
int port = 1099;
Calculator engine = new CalculatorImpl();
Calculator stub = (Calculator) UnicastRemoteObject.exportObject(engine, 0);
Registry registry = LocateRegistry.getRegistry(port);
System.out.println("Registering calculator object ...");
registry.rebind(Calculator.class.getSimpleName(), stub);
}
}
最后,这是调用计算器的客户端:
package com.simplecalc.client;
import java.rmi.NotBoundException;
import java.rmi.RemoteException;
import java.rmi.registry.LocateRegistry;
import java.rmi.registry.Registry;
import com.simplecalc.commons.Calculator;
public class CalculatorClient {
private static void setPolicy() {
System.setProperty("java.security.policy", "file:///calculator.policy");
if (System.getSecurityManager() == null) {
System.setSecurityManager(new SecurityManager());
}
}
public static void main(String[] args) throws RemoteException, NotBoundException {
setPolicy();
int port = 1099;
String server="10.0.1.100";
Registry registry = LocateRegistry.getRegistry(server, port);
Calculator calculator = (Calculator) registry.lookup(Calculator.class.getSimpleName());
registry.rebind(server, calculator);
float result = calculator.add(10F, 5F);
System.out.println("Result: " + result);
}
}
这是 calculator.policy 文件:
grant {
permission java.security.AllPermission;
permission java.net.SocketPermission "localhost:1099", "connect, resolve";
permission java.net.SocketPermission "127.0.0.1:1099", "connect, resolve";
permission java.net.SocketPermission "10.0.0.71:1099", "connect, resolve";
permission java.net.SocketPermission "localhost:80", "connect, resolve";
};
我编译了服务器代码并成功启动了 rmiregistry,如下所示:
cd server_classes_directory
rmiregistry 1099 &
然后我就成功了运行 class com.simplecalc.server.Server
当我 运行 class com.simplecalc.client.CalculatorClient 我得到异常:
Exception in thread "main" java.rmi.ServerException: RemoteException occurred in server thread; nested exception is:
java.rmi.AccessException: Registry.rebind disallowed; origin /10.0.0.71 is non-local host
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:389)
at sun.rmi.transport.Transport.run(Transport.java:200)
at sun.rmi.transport.Transport.run(Transport.java:197)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:196)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:573)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:835)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.lambda$run[=18=](TCPTransport.java:688)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:687)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer( StreamRemoteCall.java:283)
at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:260)
at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:375)
at sun.rmi.registry.RegistryImpl_Stub.rebind(RegistryImpl_Stub.java:155)
at com.simplecalc.client.CalculatorClient.main(CalculatorClient.java:27)
Caused by: java.rmi.AccessException: Registry.rebind disallowed; origin /10.0.0.71 is non-local host
at sun.rmi.registry.RegistryImpl.checkAccess(RegistryImpl.java:350)
at sun.rmi.registry.RegistryImpl_Skel.dispatch(RegistryImpl_Skel.java:128)
at sun.rmi.server.UnicastServerRef.oldDispatch(UnicastServerRef.java:468)
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:300)
at sun.rmi.transport.Transport.run(Transport.java:200)
at sun.rmi.transport.Transport.run(Transport.java:197)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:196)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:573)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:835)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.lambda$run[=18=](TCPTransport.java:688)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:687)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
大家有什么想法吗?
正如错误所述,您无法绑定、重新绑定或取消绑定 to/from 远程注册表。您必须 运行 在同一主机中。这是 RMI 的基本安全措施。
但是您的客户一开始就不应该进行绑定。这没有意义。它试图做的就是将它刚刚查找的服务器重新绑定到同一个注册表中。只需删除它。
终于找到问题了
- 问题是我用来注册和查找 rmi 服务的方法只有在客户端和服务器在同一台机器上时才有效。
- 不需要实例化
SecurityManager - 远程接口实现必须扩展
UnicastRemoteObject - 我完全打开 java 安全策略。
这是新的远程接口实现:
package com.simplecalc.server;
import java.rmi.RemoteException;
import java.rmi.server.UnicastRemoteObject;
import com.simplecalc.commons.Calculator;
public class CalculatorImpl extends UnicastRemoteObject implements Calculator {
@Override
public float add(float a, float b) throws RemoteException {
float result = a + b;
System.out.println("$ (" + a + " + " + b + ") = " + result);
return result;
}
}
这是新服务器class:
package com.simplecalc.server;
import java.rmi.RemoteException;
import java.rmi.registry.LocateRegistry;
import java.rmi.registry.Registry;
import java.rmi.server.UnicastRemoteObject;
import com.simplecalc.commons.Calculator;
public class Server {
public static void main(String[] args) throws RemoteException {
final int port = 1099;
final String serverIp = "10.0.1.100";
final String serviceName = Calculator.class.getSimpleName();
final String url = "rmi://" + serverIp + ":" + port + "/" + serviceName;
System.out.println("Registering calculator object ...");
CalculatorImpl engine = new CalculatorImpl();
Naming.rebind(url, engine);
System.out.println("Server listening on " + url);
}
}
这是新客户class:
package com.simplecalc.client;
import java.rmi.NotBoundException;
import java.rmi.RemoteException;
import java.rmi.registry.LocateRegistry;
import java.rmi.registry.Registry;
import com.simplecalc.commons.Calculator;
public class CalculatorClient {
public static void main(String[] args) throws RemoteException, NotBoundException {
final int port = 1099;
final String serverIp = "10.0.1.100";
final String serviceName = Calculator.class.getSimpleName();
final String url = "rmi://" + serverIp + ":" + port + "/" + serviceName;
Calculator calculator = (Calculator) Naming.lookup(url);
float result = calculator.add(10F, 5F);
System.out.println("Result: " + result);
}
}
calculator.policy 文件:
grant {
permission java.security.AllPermission;
};