javasecurityauthenticationrmi

Secure authentication of client over RMI


I was thinking to authenticate users of my RMI service like this

interface RemoteService extends Remote { ... }
interface RemoteServiceProvider extends Remote { ... }
class RemoteServiceProviderImpl implements RemoteServiceProvider {
   RemoteService getService(String authCode) throws RemoteException {
     if (check(authCode)) return (RemoteService) UnicastRemoteObject.export(theRemoteService, 0);
     else throw ...;
   }

}

However, that's probably not really secure. I suspect that when the the real service is exported, anybody who guesses the correct port can acquire it.

How can I do this the right way?


Solution

  • It looks like when the the real service is exported, anybody who guesses the correct port can acquire it.

    No. They would also have to guess a remote object UID, and there is a system property that causes them to be generated via a secure RNG. They would also have to have the remote interface class, and they would also have to be able to construct a remote stub to the object with the correct IP:port, remote interface(s), and remote UID. Not easy. However you should certainly look into SSL with mutual authentication if you have serious security concerns, and maybe the full Jini/Secure JERI thing if you are totally and utterly serious about secure RMI. See also my RMI-SSL White Paper.