A replacement for the default Java Rmi package, fixing several things I dislike with other rmi packages I've seen so far.
Features
- Supports use with any interface, any method signature (no more RemoteException, unless you want RemoteException).
- Supports casting arguments and return values to any implemented interface, not just the types declared in the method signature.
- Supports the standard Object methods (surprisingly, some replacement packages don't)
- Customizable support for excluding/serializing specified classes and interfaces
- By default, String's, number classes, primitives, etc are serialized
- Any class or interface can be defined to always be serialized, or to never be exposed,
- Mechanism handling this can be extended
- Real callbacks: arguments passed into a proxy are proxied as per above support. And if a remotely received object originated locally, it's automatically resolved to its local version; even if received through a third party!
No more proxies of proxies of proxies...
- Separation of application and network exceptions
- Application exceptions are passed through as in normal java... no big deal here.
- Network exceptions are passed through to a specified error handler, along with a retry object... honest choice between abort (handler supplied return), retry or fail (exception).
Decisions
- No distributed garbage collection. Exported objects are weakly held, and therefore all remote objects are implicitly weak; although there's no reason that, say upon reset after failure, the local host couldn't resolve remote keys to restored objects... Does this mean that this is really a feature?
- Security is currently weak. Well, not stupidly weak, but if one can figure out the hash used by the key, there's nothing stopping one from issuing method calls on that key. Even then, you can only execute exposed methods
Either secure sockets or signed keys/method calls would solve this though.