Java RMI: Sniffer Required

Question

Java RMI: Sniffer Required

How can I sniff and analyze Java RMI traffic? There is only a very partial solution in wirehark. I need to know exactly which methods to call and which arguments are passed by sniffing a TCP connection.

+6

java rmi

GabiMe Nov 10 '09 at 16:41

source share

4 answers

You can set some java properties to make rmi more verbose.

Maybe you need this setting:

sun.rmi.client.logCalls (1.4 and later)
If the value of this property is true, then the sun.rmi.client.call logger will be set to Level.FINER. Remote calls are registered at the Level.FINER level, and exceptions from remote calls are registered at the Level.FINE level.

+5

tangens Nov 10 '09 at 16:48

source share

Ethereal may help, but it's pretty low.

0

Kelly S. French Nov 10 '09 at 16:47

source share

I do not know a tool that can sniff and decrypt RMI traffic from wires. If no one else does this, a less optimal solution might be a tool for your stubs / skeletons (possibly generated automatically if you are using Java 5 or newer) or parts of the RMI infrastructure with code for displaying log messages.

You can use AOP or some byte code manipulation tool for this. I used JavaAssist to perform similar tasks with success. He is very friendly to this kind of instrument.

0

monorailkitty Nov 10 '09 at 16:48

source share

erickson · Accepted Answer · 2009-11-10T17:00:40+0000

Do you need to sniff it or deploy a custom factory socket on a client or server?

In the past, I created my own RMI factory server socket, which created a tee in the stream that the RMI service was reading. Since the RMI runtime usually reads one of the threads, my code also received a copy of JRMP for parsing. In my case, I registered remote calls, including their parameters in serialized form, so that I could “replay” them later to test the load. Enough to enable RMI logging options is not enough.

One problem is that the JRMP documentation is poor, and in some cases inaccurate. Another is that a lot of the necessary code is not part of the core Java API. It was complicated. I thought I understood RMI long before I started, but after this small project I was surprised how much more I had to study.

A similar approach can be applied to application data captured by Wireshark, but I never wrote an analyzer for Wireshark, and I'm not sure how complicated it is.

Java RMI: Sniffer Required

More articles: