JSON-RPC-Java

Introduction

JSON-RPC-Java is a key piece of Java web application middleware that allows JavaScript DHTML web applications to call remote methods in a Java Application Server without the need for page reloading (now refered to as AJAX). It enables a new breed of fast and highly dynamic enterprise Web 2.0 applications (using similar techniques to Gmail and Google Suggests).

Latest News

1 Oct 2007 - Released version 1.0.1. This is a maintenance release for the stable branch of JSON-RPC-Java and contains a minor enhancement to allow class level security for Bean Serialization and an ExceptionTransformer interface (fully backwards compatible with 1.0).

The JSON-RPC-Java project will be merging with the jabsorb project and this release will be the official "end of the line" for the com.metaparadigm.jsonrpc package space as the merged project will be adopting the jabsorb.org package name. It is preferred for users to start testing upgrades of their apps to jabsorb-1.1.x. More details to be posted here soon...
20 Apr 2007 - The CVS repository has been migrated to a new Subversion repository. Please see the developer page for details on how to access it.
28 Mar 2006 - Released version 1.0, the first major release of JSON-RPC-Java. The major change with this release is the license change from LGPL to Apache License, Version 2.0. There are also minor API additions (backwards compatible with 1.0rc2). See CHANGES.txt for complete details.
Archived news ...

JSON-RPC-Java Overview

JSON-RPC-Java is a dynamic JSON-RPC implementation in Java. It allows you to transparently call server-side Java code from JavaScript with an included lightweight JSON-RPC JavaScript client. It is designed to run in a Servlet container such as Tomcat and can be used with JBoss and other J2EE Application servers to allow calling of plain Java or EJB methods from within a JavaScript DHTML web application.

Minimal or zero changes are necessary to existing server-side Java code to allow calling from JavaScript (such as the marshalling and unmarshalling of special types) as JSON-RPC-Java dynamically maps JavaScript objects to and from Java objects using Java reflection. JSON-RPC-Java allows simple exporting of Java objects by reflection on their method signatures (a single line of code is required to provide access to all public methods of a Java object).

JSON-RPC-Java is intended for use in next generation Java / DHTML / JavaScript enterprise web applications to allow them to provide a similar level of speed and interactivity to that of typical standalone client server GUI applications.

Explanation of standard formats and protocols:

JSON (JavaScript Object Notation) is a lightweight data-interchange format with language bindings for C, C++, C#, Java, JavaScript, Perl, TCL and others.
JSON-RPC is a simple remote procedure call protocol similar to XML-RPC although it uses the lightweight JSON format instead of XML.
XMLHttpRequest object (or MSXML ActiveX in the case of Internet Explorer) is used in the browser to call remote methods on the server without reloading the page.
JSON-RPC-Java is a Java implementation of the JSON-RPC protocol.

Highlights of some of the features of JSON-RPC-Java:

Dynamically call server-side Java methods from JavaScript DHTML web applications. No Page reloading.
Asynchronous communications.
Transparently maps Java objects to JavaScript objects.
Lightweight protocol similar to XML-RPC although much faster.
Leverages J2EE security model with session specific exporting of objects.
Supports Internet Explorer, Mozilla, Firefox, Safari, Opera and Konqueror [1].

Object Broker Functionality

JSON-RPC-Java has some basic ORB (Object Request Broker) functionality with an API to register Java classes as:

References - Objects of classes registered as References will be returned as opaque reference objects to JavaScript that when passed to succussive Java method calls will then be reassociated back to the original Java object (great for security sensitive objects).

Callable References - Objects of classes registered as Callable References will return dynamic proxies to allow invocation on the particular object instance in the server-side Java. There are extensions to the JSON-RPC protocol in the provided JSON-RPC JavaScript client for dynamic proxy creation support.

Browser Support

Supported	Internet Explorer 6.0, Mozilla 1.7, Firefox 1.0, Safari 1.2, Opera 8, Konqueror 3.3 + patch [1]
Passed compat test	Internet Explorer 5.01, 5.5, Netscape 7, Mozilla 1.3 - 1.7, Opera 7.60, Camino 0.8.2, Galeon 1.3
Untested	Internet Explorer 4 (Windows), Mozilla < 1.3
Not supported [2]	IE 5.x (Mac), Netscape < 7, Safari < 1.2, Opera < 7.60, Konqueror <= 3.2, 3.3 without patch.

View the Browser Compatibility Database for a complete list of tested browsers.

[1] Konqueror 3.3 now implements the XMLHttpRequestObject although due to a bug with the POST method it does not work. This patch to kdelibs-3.3 resolves the problem and has been accepted into kdelibs CVS so should be available in Konqueror/KDE 3.4.

[2] These browsers don't have the XMLHttpRequest object.

Security

JSON-RPC-Java is built with security in mind and leverages the existing authentication and session management of J2EE. Objects are exported to specific clients after your application's own authentication checks meaning only authenticated clients can call methods on objects they have authorization to access. JAAS can be leveraged with callback hooks in JSON-RPC-Java to ensure methods are called with only the privileges the authenticated user has.

Bugs and Limitations

Does not yet support marhsalling of objects with circular references. Circular references are detected and an excpetion is thrown.

JSON-RPC-Java Resources

Presentations:
- Building next generation web applications using JSON-RPC-Java - Michael Clark
Documentation: