Saturday, January 31, 2009

2009-01-31 Saturday - Java Daemon Services

In the next week or so I want to come back and spend some time looking at the following tools:

"This is a Java library you can use in your application to support Unix daemonization. By taking advantages of POSIX API, this library lets you fork your process into background with proper daemonization steps."

Java Service Wrapper
"The Wrapper makes it possible to install a Java Application as a Windows NT Service. The scripts provided with the Wrapper also make it very easy to install those same Java Applications as daemon processes on UNIX systems."

"The Wrapper correctly handles user log outs under Windows, service dependencies, and the ability to run services which interact with the desktop."

Apache Commons Daemon
Since 1994, the Java programming language evolved and became a valid tool to develop, other than applets and client applications, reliable and performant server applications. The major disadvantage of the Java platform is that still today the only portable way to start a Java application relies on a single point of entry: the public static void main(String[]) method.

Having a single-point of entry is a valid solution for client applications, where interactively a user can command to the application to quit (which can terminate the Virtual Machine process at calling the System.exit(int) method), but in those cases where the application is not interactive (server applications) there is currently no portable way to notify the Virtual Machine of its imminent shutdown.

A server application written in Java might have to perform several tasks before being able to shutdown the Virtual Machine process. For example in the case of a Servlet container, before the VM process is shut down, sessions might need to be serialized to disk, and web applications need to be destroyed.

One common solution to this problem is to create (for example) a ServerSocket and wait for a particular message to be issued. When the message is received, all operations required to shut down the server applications are performed and at the end the System.exit method is called to terminate the Virtual Machine process. This method, however, implies several disadvantages and risks: for example in case of a system-wide shutdown, it might happen that the Virtual Machine process will be shut down directly by the operating system, without notifying the running server application. Or, for example, if an attacker finds out what is the required message to send to the server, and discovers a way to send this message to the running server application, he can easily interrupt the operation of a server, bypassing all the security restrictions implemented in the operating system.

Most multi-user operating systems already have a way in which server applications are started and stopped, under Unix based operating systems non interactive server applications are called daemons and are controlled by the operating system with a set of specified signals. Under Windows such programs are called services and are controlled by appropriate calls to specific functions defined in the application binary, but although the ways of dealing with the problem are different, in both cases the operating system can notify a server application of its imminent shutdown, and the application has the ability to perform certain tasks before its process of execution is destroyed.

No comments: