Lingo (Spring Remoting) : Passing client credentials to the server
http://www.jroller.com/sjivan/entry/lingo_spring_remoting_passing_client
Lingo (Spring Remoting) : Passing client credentials to the server
Spring Remoting allows you to export a service interface which a remote client then then look up. Once the remote service interface is looked up, the client can work with this reference like its a local object reference. Well, kinda. There are certain limitations that are associated depending on the remoting transport protocol used.
The Spring distribution currently supports RMI, Spring's HTTP invoker, Hessian, Burlap and JAX-RPC. One of the biggest limitations in these transports is that none of them support passing a method argument by reference. This can be a show stopper for a several usecases such as callbacks. RMI as a transport protocol does support pass-by-reference however the Spring RMI Remoting Strategy does not support this yet. Regardless, RMI is a heavy weight protocol so I'm not a big fan of it.
This brings us to Lingo, an implementation of Spring Remoting over JMS which does support remote callbacks - the contract being that such arguments must either implement java.rmi.Remote or java.util.EventListener. Lingo also supports asynchronous one-way method invocations.
A common requirement in a client-server communication protocol is the propagation of the client's security context to the server during a remote method invocation. One could pass this information as an argument to every method call but that's a really really ugly way to go about it. The right way to do this would be to make such information available in as a ThreadLocal context variable on the server. Lingo does not support passing of client credentials to the server out of the box.
I examined the Lingo code found that adding support for this functionality was actually quite easy. I'll cover most of the details here. You can download the entire source for this as well.
Lingo uses Marshaller's on the client and server side which basically negotiates the underlying client-server JMS communication.
Lingo Marshaller's have a hook for adding and extracting custom JMS header messages. So I created a custom client Marshaller which adds the users Principal (user name) to the message header and a custom server Marshaller which reads this information and makes it available as a ThreadLocal context variable.
Here's the code for an Acegi based client marshaller.
public class AcegiClientMarshaller extends DefaultMarshaller {
protected void appendMessageHeaders(Message message, Requestor requestor,
LingoInvocation invocation) throws JMSException {
SecurityContext sc = SecurityContextHolder.getContext();
Authentication auth = sc.getAuthentication();
//if you're using a custom acegi principal, update this code accordingly
String userName = null;
if (auth != null) {
Object principal = auth.getPrincipal();
if (principal instanceof net.sf.acegisecurity.UserDetails) {
userName = ((net.sf.acegisecurity.UserDetails) principal).getUsername();
} else if (principal instanceof String) {
userName = (String) principal;
} else {
throw new IllegalArgumentException("Invalid principal " + principal);
}
}
//add user name info to the message header
message.setStringProperty(Constants.JMS_CLIENT_ID_PROPERTY, userName);
}
}
As you can see, I grab the principal (user name in our case) of the authenticated user and add it as a custom header property. (I have another simple implementation of a client Marshaller in the source distribution). Even if you're not using Acegi, you can basically follow a similar logic as above to add the client context info as a custom header message.
Now we need to create a server (un)Marshaller which extracts this information and puts it in a ThreadLocal context variable.
public class ServerMarshaller extends DefaultMarshaller {
private static final Log log = LogFactory.getLog(DefaultMarshaller.class);
protected void handleInvocationHeaders(Message message) {
try {
String userName = message.getStringProperty(Constants.JMS_CLIENT_ID_PROPERTY);
ClientContextHolder.setContext(new ClientContextImpl(userName));
}
catch (JMSException e) {
log.error(e.getMessage());
throw new RuntimeException("An Unexpected error occured " + e.getMessage(), e);
}
}
}
Note that in this example we are just passing the user-name String as client context data, however you're not limited to using String's. You can use message.setObjectProperty(..) and message.getObjectProperty() and pass richer context information. The Object would need to be Serializable though.
Now the final step of hooking up the pieces in the client and server Spring ApplicationContext files.
The client configuration file looks like
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans> <!-- client side --> <bean id="clientOne" class="org.logicblaze.lingo.jms.JmsProxyFactoryBean"> <property name="serviceInterface" value="org.sanjiv.lingo.test.ExampleService"/> <property name="connectionFactory" ref="jmsFactory"/> <property name="destination" ref="exampleDestination"/> <property name="marshaller" ref="acegiClientMarshaller"/> </bean>
<bean id="acegiClientMarshaller" class="org.sanjiv.lingo.client.AcegiClientMarshaller"/>
<!-- JMS ConnectionFactory to use --> <bean id="jmsFactory" class="org.activemq.ActiveMQConnectionFactory"> <property name="brokerURL" value="vm://localhost"/> </bean></beans>
And the server configuration file looks like
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans> <!-- the server side --> <bean id="serverImpl" class="org.sanjiv.lingo.test.ExampleServiceImpl" singleton="true"/>
<bean id="server" class="org.logicblaze.lingo.jms.JmsServiceExporter"> <property name="service" ref="serverImpl"/> <property name="serviceInterface" value="org.sanjiv.lingo.test.ExampleService"/> <property name="connectionFactory" ref="jmsFactory"/> <property name="destination" ref="exampleDestination"/> <property name="marshaller" ref="serverMarshaller"/> </bean>
<bean id="serverMarshaller" class="org.sanjiv.lingo.server.ServerMarshaller"/>
<!-- JMS ConnectionFactory to use --> <bean id="jmsFactory" class="org.activemq.ActiveMQConnectionFactory"> <property name="brokerURL" value="vm://localhost"/> </bean>
<bean id="exampleDestination" class="org.activemq.message.ActiveMQQueue"> <constructor-arg index="0" value="test.org.sanjiv.lingo.example"/> </bean></beans>
During execution of a remote method, you can extract the client context info by looking it up in the ThreadLocal context variable as illustrated by this example :
public class ExampleServiceImpl implements ExampleService {
public String whoAmI() {
String userName = ClientContextHolder.getUserName();
return userName != null ? userName : "annonymous";
}
}
The source for the ClientContextHolder class which manages the ThreadLocal variables is :
public class ClientContextHolder {
private static InheritableThreadLocal contextHolder = new InheritableThreadLocal();
/**
* Associates a new ClientContext with the current thread of execution.
*/ public static void setContext(ClientContext context) {
contextHolder.set(context);
}
/**
* Obtains the <code>ClientContext</code> associated with the current thread of execution.
*
* @return the current ClientContext
*/ public static ClientContext getContext() {
if (contextHolder.get() == null) {
contextHolder.set(new ClientContextImpl());
}
return (ClientContext) contextHolder.get();
}
public static String getUserName() {
return ((ClientContext) contextHolder.get()).getUserName();
}
}
And there you have it. You can download the complete source for this here and check out the test case to get a better feel of how all the pieces hang together. JRoller doesn't allow uploading .zip files so I've uploaded the sample as a .jar file instead. The source distribution has a Maven 1.x project file. To build and run the tests, run "maven jar".
I like Lingo, it's simple and does the job well. I only wish there was a more active and responsive mailing list.
Feedback welcome.
Update 5/01/06 : I recently required to propagate the client's locale to the server as well and used a similar approach as above. Basically I created a composite ClientMarshaller and ServerMarshaller and added the Client and Server marshallers for propagating the principal (as shown above) and the client's locale declaratively in the Spring applicaiton context file. Here's the relevant code snippet : In LocaleClientMarshaller :
Locale locale = LocaleContextHolder.getLocale();
message.setStringProperty(OptimizerConstants.JMS_LOCALE_LANGUAGE_PROPERTY, locale.getLanguage());
message.setStringProperty(OptimizerConstants.JMS_LOCALE_COUNTRY_PROPERTY, locale.getCountry());
and in LocaleServerMarshaller
String language = message.getStringProperty(OptimizerConstants.JMS_LOCALE_LANGUAGE_PROPERTY);
String country = message.getStringProperty(OptimizerConstants.JMS_LOCALE_COUNTRY_PROPERTY);
if (language != null){
country = country == null ? "" : country;
Locale locale = new Locale(language, country);
LocaleContextHolder.setLocale(locale);
}
Note that I had previously mentioned that in addition to custom String headers, you could add any object that is serializable. Unfortunately this does not work.
org.activemq.message.ActiveMqMessage.setObjectMessage() only supports String and wrappers of primitive data type. And this behavior is specified in the JMS spec.
The setObjectProperty method accepts values of class Boolean, Byte, Short, Integer, Long, Float, Double and String. An attempt to use any other class must throw a JMSException. As a result I cannot pass the java.util.Locale object directly but instead pass the country and language as separate header properties.
Update 07/21/06 : I have commited this functionality into the Lingo codebase. This feature will be available in the Lingo 1.2 release which is due any day now.
Lingo (Spring Remoting) : Passing client credentials to the server的更多相关文章
- Asynchronous calls and remote callbacks using Lingo Spring Remoting
http://www.jroller.com/sjivan/entry/asynchronous_calls_and_callbacks_using Asynchronous calls and re ...
- 【转载】一起来学Spring Cloud | Eureka Client注册到Eureka Server的秘密
LZ看到这篇文章感觉写得比较详细,理解以后,便转载到自己博客中,留作以后回顾学习用,喝水不忘挖井人,内容来自于李刚的博客:http://www.spring4all.com/article/180 一 ...
- Spring Remoting: Remote Method Invocation (RMI)--转
原文地址:http://www.studytrails.com/frameworks/spring/spring-remoting-rmi.jsp Concept Overview Spring pr ...
- Spring Remoting: HTTP Invoker--转
原文地址:http://www.studytrails.com/frameworks/spring/spring-remoting-http-invoker.jsp Concept Overview ...
- Spring Remoting: Burlap--转
原文地址:http://www.studytrails.com/frameworks/spring/spring-remoting-burlap.jsp Concept Overview In the ...
- Spring Remoting: Hessian--转
原文地址:http://www.studytrails.com/frameworks/spring/spring-remoting-hessian.jsp Concept Overview The p ...
- 在ASP.NET中基于Owin OAuth使用Client Credentials Grant授权发放Token
OAuth真是一个复杂的东东,即使你把OAuth规范倒背如流,在具体实现时也会无从下手.因此,Microsoft.Owin.Security.OAuth应运而生(它的实现代码在Katana项目中),帮 ...
- [OAuth]基于DotNetOpenAuth实现Client Credentials Grant
Client Credentials Grant是指直接由Client向Authorization Server请求access token,无需用户(Resource Owner)的授权.比如我们提 ...
- (转)基于OWIN WebAPI 使用OAuth授权服务【客户端模式(Client Credentials Grant)】
适应范围 采用Client Credentials方式,即应用公钥.密钥方式获取Access Token,适用于任何类型应用,但通过它所获取的Access Token只能用于访问与用户无关的Open ...
随机推荐
- SQL基本点—— 思维导图
- Unable to locate package错误
W: GPG error: http://nginx.org precise Release: The following signatures couldn't be verified becaus ...
- simpleRNN
simpleRNN 训练集为<爱丽丝梦境>英文版txt文档,目标:根据随机给出的10个字符,生成可能的后100个字符 词向量空间生产 In [4]: INPUT_FILE = " ...
- socket.io(转载)
socket.io 中文手册,socket.io 中文文档转载于:http://www.cnblogs.com/xiezhengcai/p/3956401.html 服务端 io.on(‘connec ...
- MapReduce实现两表的Join--原理及python和java代码实现
用Hive一句话搞定的,可是有时必需要用mapreduce 方法介绍 1. 概述 在传统数据库(如:MYSQL)中,JOIN操作是很常见且很耗时的.而在HADOOP中进行JOIN操作.相同常见且耗时, ...
- Greatest Number 山东省第一届省赛
Greatest Number Time Limit: 1000ms Memory limit: 65536K 有疑问?点这里^_^ 题目描述 Saya likes math, because ...
- iOS开发多线程篇 08 —GCD的常见用法
iOS开发多线程篇—GCD的常见用法 一.延迟执行 1.介绍 iOS常见的延时执行有2种方式 (1)调用NSObject的方法 [self performSelector:@selector(run) ...
- 在Ubuntu中安装mongodb
# 下载密钥文件 sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 7F0CEB10 gpg: 下载密钥‘7F0CEB ...
- ExtJS TreeGrid的使用方法
假设您是第一次使用ExtJS的TreeGrid的话,我相信总会有一些小麻烦的,以下就来说一说ExtJS中TreeGrid的使用. 本人使用的ExtJS版本号为4.1.1,而且使用了MVC模式.假设不了 ...
- Installing scipy on redhat with error “no lapack/blas resources found”
这是更新scipy出现的结果,需要新版本的scipy,而机器上只装了0.7的版本,更新的时候报错,找到了一个解决方法: wget http://mirror.centos.org/centos/6/o ...