Communication is bidirectional over the same socket connection initiated by the client. The client applications invoke command objects deployed on the server through public command interfaces. The server side invokes client callback objects registered on the client through public callback interfaces. Because the server doesn't have to open a separate socket connection to invoke the client Iris applications that must notify the client through callbacks work even when the client is behind a firewall.

The user must login to the server providing a user and a password. Users are assigned roles and in turn roles are granted privileges to execute command objects. The server verifies the user privileges on each server invocation with little CPU utilization and no IO.

The server supports secure communication based on public key cryptography. To enable secure communication it is enough to install a certificate on the server and the client must specify the secure flag when connecting.

Public Interfaces

These are Java interfaces deployed on both the server and the client. The public interfaces are implemented by server side command objects, client/side callback handlers and non-primitive Java data types that are transferred in the client/server communication.

Command Objects

Command objects are plain Java objects that implement a set of public interfaces deployed both on the client and the server. They are associated with a command name and the client can invoke the command by obtaining a client side proxy object that implements all public command interfaces. Command objects are shared by all connected clients.

Command Factories

Command factories are similar with command objects except that non-primitive types returned by command invocations behave like command objects. Upon remote invocation completion the client obtains a reference to a remote dynamic command object allocated on the server that is owned by the invoking client session. The dynamic objects are automatically destroyed when the client session that created them terminates.

Client Callbacks

Client callbacks are plain Java objects that implement a set of public interfaces deployed both on the client and the server. The client application instantiates a callback handler object that implements one or more public callback interfaces. The server side code can invoke the callback handler on the client through a callback proxy that implements the callback interfaces.

Application Security

Command objects and factories invocations are controlled through execution grants. The user is assigned application defined roles which in turn are assigned grants to execute certain command interfaces, all interfaces implemented by a command or all commands that are part of an application. Planning and designing the application security is intentionally enforced by the Iris development process as it's very difficult to introduce security after all public interfaces and command functionality was implemented. The application developer must determine upfront the user types that will use the application and create application roles for each of the types. The application functionality must be split into commands and interfaces in such a way that will allow assigning execution privileges to appropriate application roles and ultimately user types.

Session Listeners

Session listeners are server side object instances that are invoked when a client session is established or terminates. They are necessary when the application must allocate session resources when the client connects and release these resources when the client disconnects. The application developer must not rely on the client invoking server-side cleanup functionality before disconnecting and must implement session cleanup using a session listener.

Application Listeners

Application listeners are server side object instances that are invoked when the application is started or shutdown and are implemented by the developer to perform application resources initialization and cleanup.

Assembly File

The developer declares the application components deployed on the server in the assembly file application.properties located in the root of the directory structure of the application. Applications are deployed on the server as a list of jar files and class files under a predefined structure. The server creates a class loader using the application jars and class files and uses the information in the assembly file to instantiates command objects and factories, session listeners, application listeners, client callback invocation proxies and initialize application security based on application roles and assigned privileges.