RMI hostname and port mapping_SysAdmin

Introduction

The censhare Server always starts up with a specific RMI URL, for example:

 RMI binding check ok: rmi://censhare.local:1099/corpus.RMIServer

This is not only the hostname and port to which the server binds itself. It also tells the client after it connected to connect to this URL. If you do NAT on the hostname or on the port, the client still gets this URL and tries to connect to it, which will fail in the case of NAT.

Mapping

You can map both, the hostname and/or the port to a different one, where the server is not directly listening. For example:

local hostname: censhare.local
 local port: 1099/30543-30548
 external hostname: firewall.customer.com
 external port: 433

The NAT policy redirects firewall.customer.com to censhare.local and the ports 443 to (we need a new port) 20546 for an SSL connection. At services/rmiconnection/config.xml you can add a new connection via censhare-Admin or edit the config.xml in the custom area:

<connection
    type="ssl"
    bindname="corpus.RMIServerExtSSL"
    rmiport="20546"
    client-map-host-from="censhare.local"
    client-map-host-to="firewall.customer.com"
    client-map-port-from="20546"
    client-map-port-to="443"
    server-port-range-from="20546"
    server-port-range-to="20546"
    server-bind-addr=""
    send-buffer-size="0"
    receive-buffer-size="0"
    socket-connect-timeout="15000"
    socket-read-timeout="130000"
    socket-accept-timeout="0"
    />

First, you define that it is an SSL connection:

 type="ssl"

Then you need a new RMI bind name:

 bindname="corpus.RMIServerExtSSL"

The port where the censhareServer is listening to the connection:

 rmiport="20546"

A hostname you want to map for a client:

 client-map-host-from="censhare.local"

To which hostname you want to map to for a client:

 client-map-host-to="firewall.customer.com"

A port you want to map for a client:

 client-map-port-from="20546"

To which port you want to map to for a client:

 client-map-port-to="443"

The port range for the one port we are listening to:

 server-port-range-from="20546"  server-port-range-to="20546"

The client Host URL for the Server would then look like this:

 rmis://firewall.customer.com:443/corpus.RMIServerExtSSL