J2EE™ Security for Servlets, EJBs and Web Services: Applying Theory and Standards to Practice

Security from Downloaded Code

RMI allows a client to download the stub and other classes from a specified URL at runtime. With this comes the burden of protecting the client program from potentially dangerous code, for the code downloaded from unknown locations cannot be completely trusted. To illustrate class downloading from a URL we place the archive files server_stub.jar and common.jar on a Web server. Let us assume that their respective URLs are:

http://www.pankaj-k.net/jsbook/ch8/server_stub.jar
http://www.pankaj-k.net/jsbook/ch8/common.jar

In fact, these are valid URLs and you can use them in your experimentation.

As in the earlier section, we need three command shell windows to run the application. Run the rmiregistry in the first window, ...

Get J2EE™ Security for Servlets, EJBs and Web Services: Applying Theory and Standards to Practice now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

J2EE™ Security for Servlets, EJBs and Web Services: Applying Theory and Standards to Practice by Pankaj Kumar

Security from Downloaded Code

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly