Is communication in java rmi secure?

问题

Is communication between clients and servers in java rmi secure (i.e. encrypted by default)?

回答1:

Encoded, yes. Encrypted, no.

JERI for JINI gives JRMP (the RMI protocol) over SSL, IIRC.

JSR #76 would have provided RMI Security, however it was controversially voted down.

回答2:

I think you mean "encrypted" not "encoded". The answer is no. If you're using RMI in a non-trusted environment I would suggest something like RMI over SSH tunneling.

回答3:

By secure I guess you mean encrypted. Not by default with RMI. You can use custom socket factories to encrypt RMI comms.

回答4:

In short, no.

http://java.sun.com/j2se/1.4.2/docs/guide/rmi/faq.html#encryption

In essence, the network channel has to be encrypted if you need things to be secure.

回答5:

Not mentioned this far: You can set up a VPN between the machines for full layer 2 security.

来源：https://stackoverflow.com/questions/2314809/is-communication-in-java-rmi-secure

标签

java

rmi

易学教程内所有资源均来自网络或用户发布的内容，如有违反法律规定的内容欢迎反馈！
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!