Distinct ONC RPC/XDR for Java includes three different versions of HTTP to RPC gateways.
HTTP to RPC Gateway
HTTP to RPC Gateway (CGI Version)
HTTP to RPC Gateway (Servlet Version)
RPCGw
RPCGw translates and executes RPCs that are encapsulated in HTTP requests. It runs as an add on to the web server. It uses the standard CGI interface for communication with the web server. Together with a ClientHTTP object at the client site, RPCGw allows you to execute arbitrary RPCs on the internet where usually firewalls are blocking all protocols, such as RPC, which do not use fixed ports. It also allows you to call RPC servers from a Java applet which are not located on the same host as the web server. With this feature you can easily separate the web server from other application or database servers. In order to preserve the integrity and the privacy of your network, RPCGw uses a sophisticated access control list that allows you to specify exactly which procedure of which RPC program and version can be executed on which host via which protocol. In addition, it allows you to log all RPC activities to a local file.RPCGw receives the RPC request encoded in an HTTP POST request from the ClientHTTP object on its standard input stream via the CGI interface. It decodes the request parameters (host, program number, version number, procedure number and protocol type (TCP or UDP)), checks the access control list, creates an RPC connection and forwards the request to the RPC server via the standard RPC protocol. It then waits for the reply and sends the return parameters encapsulated in an HTTP reply (of MIME type application/octet-stream) via the web server back to the original requester. RPCGw is generic in the sense that it does not know about the server interfaces and the parameter types. It simply forwards all requests if permitted by the access control list. This means that there is no need to adapt RPCGw to a specific RPC server interface since it will work for any interface.
Since RPCGw is a utility which should run on any common web server architecture, it is difficult to provide all the different binary formats. For this reason, the source code for RPCGw is included in the Distinct ONC RPC/XDR for Java Toolkit. Given the portable source files and the simple make files, you should be able to compile and install this utility on any server architecture.
To install RPCGw you should first compile it for your server architcture. In the included make file, customize the compile options to select the desired security policy (none or access control list) and logging features (on/off and log-filename). Compiling the RPCGw utility requires an ONC RPC/XDR library for the target platform. For most types of UNIX, this library is usually included in the standard distribution. For Win32, please refer to Distinct ONC RPC/XDR Toolkit - 32. After compiling, copy the executable into the script directory of your web server (for example, the cgi-bin\shell directory for Netscape web servers). If you have chosen to work with the access control list (highly recommended) use a text editor to create a file named RPCGw.cfg in the same directory. This file holds the access control list. It will be read by RPCGw each time it is invoked. Each line in this file has five entries delimited by white spaces (e.g. tabs): hostname (symbolic name), program (decimal number), version (decimal number), protocol (TCP or UDP), procedure (decimal number). Each entry is exactly one string without spaces or a '*' character. Thus, a typical RPCGw.cfg file might look like this:
island 77 1 tcp 1 * 79 1 * *Line one of the above example for an access control list allows procedure number 1 in an RPC service with program number 77, version number 1 on a host named "island" via the TCP protocol to be called, while line two authorizes a call to any procedure of an RPC service with program number 79, version number 1 on any host via TCP or UDP. In general, '*' matches any parameter provided by the remote client. Other regular expressions are not recognized. To keep your network secure, you should be highly restrictive when creating the RPCGw access control list and allow only access to those services, hosts and procedures that are really required by the applications and that cannot be abused by an unauthorized person. In general, please contact your local security manager before installing RPCGw on a web server with high security priorities or that is available to the outside world.To create an RPC client object, which calls an RPC server via HTTP and RPCGw, from within a Java applet, use the following construction sequence in your code.
// construct the HTTP protocol object ClientHTTP Protocol = new ClientHTTP( getDocumentBase().getHost(), // web server "/cgi-bin/rpcgw", // local URL of RPCGw program "island", // host where RPC server lives cou.COUNTSERV, // program number cou.COUNTVERS, // version number true); // use TCP ("false" for UDP)// initialize RPC client object RPCClient = new cou(Protocol);
rpcgw.pl
rpcgw translates and executes RPCs that are encapsulated in HTTP requests. It uses the standard CGI interface for communication with the web server. rpcgw consists of two components: a Perl script and a Java application. The Perl script rpcgw.pl only collects the environment variables from the CGI interface and then calls the Java application RPCGWCGI.class to perform the actual work. rpcgw requires that your web server supports Perl scripts and has a Java virtual machine installed. If your server also supports the Java servlet interface, you should consider using RPCGWServlet instead of rpcgw, as it will provide better performance.Together with a ClientHTTP object at the client site, rpcgw allows you to execute arbitrary RPCs on the internet where usually firewalls are blocking all protocols, such as RPC, which do not use fixed ports. It also allows you to call RPC servers from a Java applet which are not located on the same host as the web server. With this feature you can easily separate the web server from other application or database servers. In order to preserve the integrity and the privacy of your network rpcgw uses a sophisticated access control list that allows you to specify exactly which procedure of which RPC program and version can be executed on which host via which protocol. In addition it allows you to log all RPC activities to a local file.
rpcgw receives the RPC request encoded in an HTTP POST request from the ClientHTTP object on its standard input stream via the CGI interface. It decodes the request parameters (host, program number, version number, procedure number and protocol type (TCP or UDP)), checks the access control list, creates an RPC connection and forwards the request to the RPC server via the standard RPC protocol. It then waits for the reply and sends the return parameters encapsulated in an HTTP reply (of MIME type application/octet-stream) via the web server back to the original requester. rpcgw is generic in the sense that it does not know about the server interfaces and the parameter types. It simply forwards all requests if permitted by the access control list. This means that there is no need to adapt rpcgw to a specific RPC server interface since it will work for any interface.
To install rpcgw, first copy the Java RPCGWCGI*.class and rpcgw.pl files into the cgi-bin directory of your web server (for example, the cgi-bin\shell directory for Netscape web servers or the scripts directory for Microsoft IIS). Make sure that the Distinct ONC RPC/XDR for Java package is in the CLASSPATH of the servers local Java virtual machine. For Netscape web servers, the distinct class folder must reside in the directory containing perl.exe. For Microsoft IIS, the distinct class folder must be located in the scripts directory. Then customize the first section of the rpcgw.pl script for your Java environment and to select the security policy (none or access control list) and logging features (on/off and log-filename).
#####################################################
#
# Uncomment or change these lines to configure
# rpcgw to your web servers environment
#
#####################################################
#
# The name of your Java interpreter
#$JAVA = "java";
#
# The option flag used by your Java interpreter for Property definitions
# ("-D" for Java, "-d:" for MS jview)
#$DF = "-D";
#
# The RPCGW log file (comment out for no logging)
##$LogFileName = "rpcgw.log";
#
# Specify whether security checks are performed (default is true)
##$Security = "true";
#
# Specify the name of the access control list (default is "rpcgw.cfg")
##$ConfigFileName = "rpcgw.cfg";
#
#####################################################If you have chosen to work in secure mode (with the access control list, highly recommended) use a text editor to create a file named rpcgw.cfg in the same directory (or with the name specified with ConfigFileName). This file holds the access control list. It will be read by rpcgw each time it is invoked. Each line in this file has five entries delimited by white space (such as tabs and spaces): hostname (symbolic name), program (decimal number), version (decimal number), protocol (tcp or udp) and procedure (decimal number). Each entry is exactly one string or a '*' character. Thus, a sample rpcgw.cfg file might look like this.
island 77 1 tcp 1 * 79 1 * *Line one of the above example for an access control list allows procedure number 1 in an RPC service with program number 77, version number 1 on a host named "island" via the TCP protocol to be called, while line two authorizes a call to any procedure of an RPC service with program number 79, version number 1 on any host via TCP or UDP. In general, '*' matches any parameter provided by the remote client. Other regular expressions are not recognized. To keep your network secure, you should be highly restrictive when creating the rpcgw access control list and allow only access to those services, hosts and procedures that are really required by the applications and that cannot be abused by an unauthorized person. In general, please contact your local security manager before installing rpcgw on a web server with high security priorities or that is available to the outside world.To create an RPC client object, which calls an RPC server via HTTP and rpcgw, from within a Java applet, use the following construction sequence in your code.
// Construct the HTTP protocol object ClientHTTP Protocol = new ClientHTTP( getDocumentBase().getHost(), // my Web-server "/cgi-bin/rpcgw.pl", // the URL of the rpcgw program "island", // the host where the RPC server lives cou.COUNTSERV, // the program number cou.COUNTVERS, // the version number true); // use TCP ("false" for UDP)// Initialize the RPC client object RPCClient = new cou(Protocol);
RPCGWServlet
RPCGWServlet translates and executes RPCs that are encapsulated in HTTP requests. It runs as a servlet on the web server and uses the Java servlet interface for communication with the web server. It requires that your web server supports this interface, or that you run the simple servletrunner server from the Java Servlet Development kit in parallel to your web server.Together with a ClientHTTP object at the client site, RPCGWServlet allows you to execute arbitrary RPCs on the internet where usually firewalls are blocking all protocols, such as RPC, which do not use fixed ports. It also allows you to call RPC servers from a Java applet which are not located on the same host as the web server. With this feature you can easily separate the web server from other application or database servers. In order to preserve the integrity and the privacy of your network RPCGWServlet uses a sophisticated access control list that allows you to specify exactly which procedure of which RPC program and version can be executed on which host via which protocol. In addition it allows you to log all RPC activities to a local file
RPCGWServlet receives the RPC request encoded in an HTTP POST request from the ClientHTTP object on its standard input stream via the CGI interface. It decodes the request parameters (host, program number, version number, procedure number and protocol type (TCP or UDP)), checks the access control list, creates an RPC connection and forwards the request to the RPC server via the standard RPC protocol. It then waits for the reply and sends the return parameters encapsulated in an HTTP reply (of MIME type application/octet-stream) via the web server back to the original requester. RPCGWServlet is generic in the sense that it does not know about the server interfaces and the parameter types. It simply forwards all requests if permitted by the access control list. This means that there is no need to adapt RPCGWServlet to a specific RPC server interface since it will work for any interface.
To install RPCGWServlet, first copy the Java RPCGWServlet*.class files into the servlet directory of your web server (for example, the netscape/suitespot/plugins/Java/servlets directory for Netscape web servers). Make sure that the Distinct ONC RPC/XDR for Java package is in the CLASSPATH of the servers Java virtual machine.
Running RPCGWServlet with Netscape web servers requires Netscape Enterprise Server 3.5.1 (or higher) which supports Java servlets. Modify the obj.conf file found in the /netscape/https-<Server Name>/config directory to include the following section.
<Object name="servlets"> Service fn="java-run" class="sun/servlet/netscape/NSRunner" vpath="/servlet" \ initfile="E:/Netscape/SuiteSpot/https-<Server Name>/config/servlet.properties" </Object>where <Server Name> corresponds to the name of your web server. After restarting the Netscape web server, the servlet.properties file will be recognized.Next, add the following lines to the web servers servlet.properties file.
# rpcgw Servlet (Distinct ONC RPC/XDR for Java) servlet.rpcgw.code=RPCGWServlet servlet.rpcgw.initArgs=\ LogFileName=rpcgw.log,\ Security=true,\ ConfigFileName=rpcgw.cfgThis specifies that the RPCGWServlet can be called by the name rpcgw and defines the initailization parameters.LogFileName The RPCGW log file (none to disable logging)The rpcgw.cfg and rpcgw.log files have to be in the same directory as the servlet.properties file.
Security Specifies whether security checks are performed (default is true)
ConfigFileName Specifies the name of the access control list (see below, default is rpcgw.cfg)If you have chosen to work in secure mode (with the access control list, highly recommended) use a text editor to create a file named rpcgw.cfg in the same directory (or with the name specified with ConfigFileName). This file holds the access control list. It will be read by RPCGWServlet each time it is invoked. Each line in this file has five entries delimited by white space (such as tabs and spaces): hostname (symbolic name), program (decimal number), version (decimal number), protocol (tcp or udp) and procedure (decimal number). Each entry is exactly one string or a '*' character. Thus, a sample rpcgw.cfg file might look like this.
island 77 1 tcp 1 * 79 1 * *Line one of the above example for an access control list allows procedure number 1 in an RPC service with program number 77, version number 1 on a host named "island" via the TCP protocol to be called, while line two authorizes a call to any procedure of an RPC service with program number 79, version number 1 on any host via TCP or UDP. In general, '*' matches any parameter provided by the remote client. Other regular expressions are not recognized. To keep your network secure, you should be highly restrictive when creating the RPCGWServlet access control list and allow only access to those services, hosts and procedures that are really required by the applications and that cannot be abused by an unauthorized person. In general, please contact your local security manager before installing RPCGWServlet on a web server with high security priorities or that is available to the outside world.To create an RPC client object, which calls an RPC server via HTTP and RPCGWServlet from within a Java applet, use the following construction sequence in your code.
// Construct the HTTP protocol object ClientHTTP Protocol = new ClientHTTP( getDocumentBase().getHost(), // my Web-server "/servlet/rpcgw", // the URL of the RPCGWServlet "island", // the host where the RPC server lives cou.COUNTSERV, // the program number cou.COUNTVERS, // the version number true); // use TCP ("false" for UDP)// Initialize the RPC client object RPCClient = new cou(Protocol);