rmisecregistry - The JavaTM Remote Object Secure Registry

The rmisecregistry command creates and starts a secure remote object registry on the current host.

SYNOPSIS

rmisecregistry [option ...]

DESCRIPTION

The rmisecregistry command creates and starts a secure remote object registry on the current host. The command normally produces no output and is typically run in the background.

A remote object registry is a bootstrap naming service that is used by RMI servers on the same host to bind remote objects to names. Clients on local and remote hosts can then look up remote objects and make remote method invocations.

The registry is typically used to locate the first remote object on which an application needs to invoke methods. That object in turn will provide application-specific support for finding other objects.

The methods of the java.rmi.registry.LocateSecureRegistry class are used to obtain a stub for a secure registry operating on a local or remote host.

The access control policy for the secure registry is equivalent to the policy provided by java.rmi.server.BasicCallController used with the java.rmi.registry.RegistryPermission class. A remote call throws java.security.AccessControlException if the export descriptor requires client authentication for the remote method and the client subject has not been granted a RegistryPermission with a name that equals the name of the remote method being invoked.

OPTIONS

-port port
Specifies the "bootstrap" registry port. If this option is not specified, port 1099 is used. To avoid requiring that clients know the details of how a secure registry is exported, each secure registry is coupled with a "bootstrap" non-secure read-only registry. The bootstrap registry contains a single entry, binding the name "java.rmi.registry.Registry" to the stub for the secure registry. A client obtains the secure registry's stub by making a remote call to the bootstrap registry.

-export fileOrURL
Specifies a filename or URL for an export descriptor configuration file, parsed using java.rmi.server.SecureExportFile. Configuration files specified with multiple options are parsed in order, and entries in later files replace entries in earlier files with the same names. The registry is exported using the export descriptor named "Registry".

-login config
Specifies the name of a JAAS login Configuration entry. The name is used to construct a JAAS LoginContext with no CallbackHandler, and the subject produced by that LoginContext is used as the server subject when the registry is exported. If this option is not specified, the registry is exported with a null server subject.

-Joption
Used in conjunction with any java tool option, it passes the option following the -J (no spaces between the -J and the option) on to the java interpreter.

SEE ALSO

java.rmi.registry.LocateSecureRegistry, java.rmi.server.SecureExportFile, java.rmi.server.BasicCallController, java.rmi.registry.RegistryPermission, javax.security.auth.login.LoginContext, javax.security.auth.login.Configuration, and java tool options
Copyright © 2000 Sun Microsystems, Inc. All rights reserved