Procedure-Level Authorization for Java Remote Method Invocation Using Secure Socket Layer (SSL) Credentials

摘要

Due to the encapsulation of the RMI transport layer, methods invoked over RMI lose access to the sockets through which their particular instances were called. This prevents subroutines from first verifying the credentials of their caller to authorize each particular invocation. We present a technique within Java RMI enabling socket information to be re-embedded into the RMI transport and made accessible to methods on their invocation. This implementation is also thread-independent, which allows for safer parallel processing without the limitation of any thread assumptions.