Question
I'm learning Java RMI and I'm trying to do an assignment which requires me to have two different client types interacting with the same server.
One of the two clients has more privleges than the other one, and this means that the first one is the only one that can call a certain method.
Let's make a quick sample:
we have 3 classes:
Server exports a method called doSomething() which cannot be called from UserClient but only from AdminClient.
Is there a way to do something like this?
I know that, since I'm writing the code, it's quite easy to write the UserClient and stop him from calling that method, but I'm asking more something on server-side security, provided that the client's code can be modified to call doSomething().
The doSomething() should be like:
https://stackoverflow.com/questions/23392079
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianvoid doSomething(){
Class caller = getCaller().getClass();
if (caller instanceof UserClient) return;
...
}
Solution
You can't. Your server won't know who the remote client is.
I suggest placing your domain logic behind 2 different remote services, one implementing a UserInterface and one implementing an AdminInterface. Hand out the UserInterface stub to the UserClient, hand out the AdminInterface stub to the AdminClient.
