Jini: A Java SOA that rocks

Jan Newmarch
jan@newmarch.name
Monash University

Demo: Flashing clocks

Eight fallacies of distributed systems

The network is reliable
Bandwidth is infinite
The network is secure
Topology doesn't change
There is one administrator
Transport cost is zero
The network is homogeneous
Latency is zero

Some middleware systems

Remote Procedure Call (RPC)
Remote method calls (CORBA)
Java RMI (Remote method calls through mobile proxies)
EJB's
Servlets/CGI/ASP/...
Web services
Jini

Common to (most) middleware systems

Separate parties communicating across the network
Mechanism for advertising services
Mechanism for discovering services
Defined model for interaction
Programming model

Jini is...

... a paradigm for building distributed systems
... a set of specifications
... a programming model
... a reference implementation

Jini as paradigm

Mantra: the network cannot be ignored

Failure happens - prepare for it
Failure happens - handle it
Costs are not zero - warn about them
Security is not an afterthought
The network is not under your control - define services in the abstract and download code to implement them

Jini as specification

The principles of Jini can be implemented in many languages
But ... Jini defines one way of making these principle concrete
Jini defines
- An advertisement and discovery protocol
- Some possible interaction protocols

Jini as programming model

Jini defines a Java API for...

advertising Java objects as services
finding Java services
distributed leasing
interaction between clients and services
remote event model
transactions
security, security, security

Jini as reference implementation

Sun have supplied a reference implementation since first release
This has now been open-sourced (Apache license)
The implementation is on track to become an Apache incubator project
There are other implementations of parts of the Jini spec

The end of protocols

This has been in Jini since the beginning - but its importance is only slowly being realised

Jini moves proxy objects around the network to represent services
There are security implications that are addressed by Jini
The proxy runs locally in a client
The proxy communicates with the service somehow
Jini does not mandate the communications protocol
Jini proxies can use
- JRMP (the Java RMI protocol)
- IIOP (the CORBA protocol)
- SOAP (the Web Services protocol)
- Sockets, or anything else

Jini in action details

· Remote object is exported on the server side
(Produces a proxy to the remote object)

· Client side obtains the proxy somehow (RMI Registry, Jini Lookup Service, UDDI, etc.)
(Code may be downloaded in the process)

· Execution of the call is initiated on the client side

· Communication between client and server occurs

· Execution of the call occurs on the server side

Jini Environment

There must be a Jini lookup service running to act as the "billboard"

The Jini distribution contains one, called reggie

An HTTP server should be running, to deliver class files

The converter server runs with one set of class files

Converter
ConverterImpl
Server

The converter client runs with another set of class files

Converter
Client

These files should be on the HTTP server so that clients can find the class definitions

Converter
ConverterImpl

JDK 1.2 Security

Jini security uses the security model of JDK 1.2, with no changes or extensions

Security is based on granting permissions (access rights), in security files

Debug the application with a slack policy


      grant {
          permission java.security.AllPermission "", "";
      };

Leave it like this of production only at your peril

Service requirements

grant { permission net.jini.discovery.DiscoveryPermission "*"; // multicast request address permission java.net.SocketPermission "224.0.1.85", "connect,accept"; // multicast announcement address permission java.net.SocketPermission "224.0.1.84", "connect,accept"; // RMI connections permission java.net.SocketPermission "*.dstc.edu.au:1024-", "connect,accept"; permission java.net.SocketPermission "130.102.176.249:1024-", "connect,accept"; permission java.net.SocketPermission "127.0.0.1:1024-", "connect,accept"; // reading parameters // like net.jini.discovery.debug! permission java.util.PropertyPermission "net.jini.discovery.*", "read"; };

Client policy

grant { permission net.jini.discovery.DiscoveryPermission "*"; // multicast request address permission java.net.SocketPermission "224.0.1.85", "connect,accept"; // multicast announcement address permission java.net.SocketPermission "224.0.1.84", "connect,accept"; // RMI connections permission java.net.SocketPermission "127.0.0.1:1024-", "connect,accept"; permission java.net.SocketPermission "*.dstc.edu.au:1024-", "connect,accept"; permission java.net.SocketPermission "130.102.176.249:1024-", "connect,accept"; // DANGER // HTTP connections - this is where external code may come in - careful!!! permission java.net.SocketPermission "127.0.0.1:80", "connect,accept"; permission java.net.SocketPermission "*.dstc.edu.au:80", "connect,accept"; // reading parameters // like net.jini.discovery.debug! permission java.util.PropertyPermission "net.jini.discovery.*", "read"; };

Jini: A Java SOA that rocks

Demo: Flashing clocks

Eight fallacies of distributed systems

Some middleware systems

Common to (most) middleware systems

Jini is...

Jini as paradigm

Jini as specification

Jini as programming model

Jini as reference implementation

The end of protocols

Jini in action

Jini in action details

Lookup discovery and join

Service discovery

Client and service interaction

Support Services

Non-distributed Application

Distributed Version

Client Structure

Server Structure

SIMPLE SYSTEM

Jini Converter Service

Jini Service Specification

Jini Service Implementation

Jini Server

Jini Client

Jini Environment

SECURITY

JDK 1.2 Security

Service requirements

Client requirements

Client policy

Variations

URLs