What is HTTP tunneling? How to make RMI calls, across firewalls?
by, 01-02-2012 at 06:40 PM (4318 Views)
Direct sockets are opened into server by RMI transport layer. Firewalls are present in many intranets which doesn’t permit this. To make through some firewall, within firewall trusted HTTP protocol embed the RMI call. RMI uses HTTP tunneling and this is done by the encapsulation of RMI calls present in HTTP POST request.
• When HTTP requests may be forwarded by firewall proxy server just to some known HTTP port: HTTP request are forwarded by firewall proxy servers by listening port 80 & hence CGI scripts are executed for forwarding of the calls, for targeting the RMI server port at similar machine.
• When HTTP requests could be forwarded by firewall proxy server to arbitrary port: To any arbitrary port, firewall proxy forwards HTTP requests on the host machine, which is directly forwarded to that particular port where RMI server listens.
HTTP tunneling disadvantages are its performance degradation. RMI applications are prevented to use callback and CGI scripts makes the incoming requests redirected to any port that is basically security loophole. It is not possible to multiplex the RMI calls via one connection since a response protocol or request is being followed by HTTP tunneling.