Name: rlT66838 Date: 11/11/99


java version "1.2.2"
Classic VM (build JDK1.2.2-001, native threads, symcjit)

We are testing the http tunnelling that rmi does in the situation where the
client sits within a firewall which prohibits incoming & outgoing connections on
ports above 1024 i.e. prevents connection via the default rmi port of 1099.

We found that when we told the firewall to drop requests on those ports, then
rmi definitely tries to do a socket connection on port 1099, then tries to do an
http post request to redirect to port 1099, and finally tries to call the
rmi-cgi script; all as per the various technical articles - fine.

However, if we use the firewall to deny requests, then all we see is an attempt
to do the direct socket connection on 1099, but no attempt to do the subsequent
http post request or cgi script request and the client throws the following
message.

java.net.ConnectException: Connection refused: no further information
java.rmi.ConnectException: Connection refused to host: xxxxxxx; nested exception
is:
java.net.ConnectException: Connection refused: no further information
java.net.ConnectException: Connection refused: no further information
        at sun.rmi.transport.proxy.RMIMasterSocketFactory.checkConnector(RMIMast
erSocketFactory.java:292)
        at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMaster
SocketFactory.java:169)
        at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:497)
        at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:194
)
        at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:178)
        at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:322)
        at sun.rmi.registry.RegistryImpl_Stub.lookup(Unknown Source)
        at java.rmi.Naming.lookup(Naming.java:89)

The problem is we cannot what settings our client may sit within and http
tunnelling must work under all circumstances.
(Review ID: 97738)
======================================================================