Skip to content
This repository has been archived by the owner on Jun 22, 2024. It is now read-only.

chartsyone/chartsy-jshell

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
dist
dist
 
 
nbproject
nbproject
 
 
src
src
 
 
.classpath
.classpath
 
 
.gitignore
.gitignore
 
 
.project
.project
 
 
README.md
README.md
 
 
build.xml
build.xml
 
 

Repository files navigation

JShell via RMI

This project provides a custom JShell execution engine that can connect to an already-running remote JVM (host) and execute code snippets in the target JVM using the Java RMI technology.

The client and the host must both have project's compiled library chartsy-jshell.jar on its classpaths. The client requires classes from the package one.chartsy.jshell on the classpath while host needs both one.chartsy.jshell and one.chartsy.jshell.host.

Technologies used

Example usage

  1. Start the host and run the following code somewhere from your codebase. The intention is to create an instance of the remotely accessible JShellLink object and binding it to the RMI registry.
int port = 52099;
JShellLink.register(new JShellLinkFacade(port), LocateRegistry.createRegistry(port), false);
  1. Launch JShell client with custom execution engine using the following command:
jshell -J-cp -J./lib/chartsy-jshell.jar --execution rmi:host(localhost),port(52099)

In the above command you may need to alter the host and port parameters to match the target JVM hostname and the port number on which the RMI registry was created.

(Un)Security

It should be obvious that disastrous things can happen when bad people gain access to your JVM instance using JShell. To prevent bad things to happen the RMI port should not be publicly accessible.

This project takes some additional security measures to prevent unauthorised access by incorporating a secret access key that must be passed from the client to the host before JShell session can be established. The host verifies if the hash of the access key provided by the client matches the hash stored on the host.

To enable this feature:

  1. On the host side start the JVM with system property chartsy.jshell.secret.hash set to the hash of the access key computed using the algorithm implemented in the PBKDF2 class. This system property can be set either on the command line or programatically, for example, by executing:
System.setProperty("chartsy.jshell.secret.hash", "22lEL0T36LRs313UEzoHg5iqwvV5rRqTzL4JfG4tbdc=");
  1. On the client side launch the JShell passing an additional secret parameter to the execution engine:
jshell -J-cp -J./lib/chartsy-jshell.jar --execution rmi:host(localhost),port(52099),secret(password123)

Known limitations

  • The host I/O is not redirected to the JShell console, thus when executing methods like System.out.println or e.printStackTrace the results are visible only in the host VM logs and not on your screen.
  • The remote runtime system flags (-Rflag) of the JShell command-line are ignored.

Disclaimer

This project comes with absolutely no warranty. Use at your own risk.

About

JShell via RMI - lightweight

Topics

java java-9 java-rmi jshell

Resources

Readme
Activity

Stars

7 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages