Announcement Announcement Module
Collapse
No announcement yet.
security.context.rmi.ContextPropagatingRemoteInvoc ation with Jython Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • security.context.rmi.ContextPropagatingRemoteInvoc ation with Jython

    Firstly, not sure if this is the right place to past this, forum admin please move if not right.

    Before I ask the question I will give some background to what I am trying to achieve.

    I have been tasked with testing the performance of a client server application that appears to use the spring framework. To do this I am planing to use the Grinder (Jython).

    I have used The Grinder's TCP Proxy to record the traffic between the client and server, the first of many http post's looks like this:

    Code:
    	response = myRequest.POST('remoting/SchedulerService',
    		u'\xAC\xED\x00\x05sr'
    		u'\x00Korg.springframework.security.context.rmi.ContextPropagatingRemoteInvocation\x1F\x1F\xB4\xC7\x0A\xDE\xDF>\x02\x00\x01L\x00\x0FsecurityContextt'
    		u'\x006Lorg/springframework/security/context/SecurityContext;xr'
    		u'\x005org.springframework.remoting.support.RemoteInvocation_l\x8B\x9F\xF6\x0A\x11\x0A\x02\x00\x04[\x00\x09argumentst'
    		u'\x00\x13[Ljava/lang/Object;L\x00\x0Aattributest'
    		u'\x00\x0FLjava/util/Map;L\x00\x0AmethodNamet'
    		u'\x00\x12Ljava/lang/String;[\x00\x0EparameterTypest'
    		u'\x00\x12[Ljava/lang/Class;xpur'
    		u'\x00\x13[Ljava.lang.Object;\x90\xCEX\x9F\x10s)l\x02\x00\x00xp\x00\x00\x00\x00pt'
    		u'\x00\x0FgetWorkTypeListur'
    		u'\x00\x12[Ljava.lang.Class;\xAB\x16\xD7\xAE\xCB\xCDZ\x99\x02\x00\x00xp\x00\x00\x00\x00sr'
    		u'\x008org.springframework.security.context.SecurityContextImpl\xBC\x09q\xA7\x90/\x92t\x02\x00\x01L\x00\x0Eauthenticationt'
    		u'\x00-Lorg/springframework/security/Authentication;xpp',
    		( NVPair('Content-Type', 'application/x-java-serialized-object'), ))
    So it appears that I have a Java serialised object, created using org.springframework.security.context.rmi.ContextPr opagatingRemoteInvocation.

    I have succeeded in de serialising the response, and am happy with that, but now I'm trying to understand how to create the request that simulates this. I have googled evrey think I can find around ContextPropagatingRemoteInvocation and RemoteInvocation, but can't seem to create an object that I can serialise to send to the the server.

    Here is my best attempt (I'm not sure if I am progressing in the right direction):


    Code:
    	from org.springframework.security.context.rmi import ContextPropagatingRemoteInvocationFactory
    	from org.springframework.security.context.rmi import ContextPropagatingRemoteInvocation
    
    	factory = ContextPropagatingRemoteInvocationFactory()
    	factory.addAttribute('methodName', 'getWorkTypeList')
    	Attributes = factory.getAttributes()
    	print 'repr(Attributes)'
    	print repr(Attributes)
    But this produces an error:
    Code:
    Aborted run due to Jython exception: <type 'exceptions.AttributeError'>: 'org.springframework.security.context.rmi.ContextPr' object has no attribute 'addAttribute' [calling TestRunner]
    <type 'exceptions.AttributeError'>: 'org.springframework.security.context.rmi.ContextPr' object has no attribute 'addAttribute'
    	factory.addAttribute('methodName', 'getWorkTypeList')
    If someone can guide me on the right track to reproduce the above serialised object I should be right for the rest of the application. Am I even on the right track trying to use spring to try and create this http post?

    Thanks,

    Dave.

  • #2
    First of all, configuring this for a standard Spring app involves injecting an instance of ContextPropagatingRemoteInvocationFactory into an RmiProxyFactoryBean a la setRemoteInvocationFactory. This API exists in an higher up class: http://static.springsource.org/sprin...ocationFactory)

    In my opinion, I would pursue getting this working first with plain Java. After that, perhaps look at coding a custom factory that subclasses ContextPropagatingRemoteInvocationFactory and has some extra steps to dump out a trace of the data you seek. Essentially, can you inject your own interceptor and harvest the info you seek. Again, this only works if the communication is working correctly, which requires that you back up and make sure the basics are in place.

    Comment


    • #3
      Thanks Greg,

      This put me on the track to finding my solution. I never got springpython working with the Grinder, but honestly only spend a couple of minutes trying, as I already had the Java Spring loaded and that was my prefered path to take.

      Hopefully this info might help someone:

      To get my script working with the spring framework I had to load (all Jython):
      Code:
      from org.springframework.context.support import ClassPathXmlApplicationContext
      Then I could call:
      Code:
      ctx = ClassPathXmlApplicationContext(strXMLFile)
      where strXMLFile is a string variable containing the path to the XML from the vendors client application that contained all the <Beans> entries.

      I then was able to create the service object calling (in my case)
      Code:
      schedulerService = ctx.getBean("schedulerService")
      Finally from de-serialising the recorded request i was able to determine the methods to call from the service and any parameters to pass to them:
      Code:
      result = schedulerService.getWorkTypeList()
      result = schedulerService.getWorkQueueList(3)
      I confirmed the de-serialised response from the original script matched result, I also confirmed using wireshark that what was being send and received matched the clients requests and responses.

      Thanks Greg for your help.

      Dave.

      Comment

      Working...
      X