The new Certification Class of Learn Spring Security is out:


1. Overview

In the previous article titled “Intro to Spring Remoting with HTTP Invokers” we saw how easy is to set up a client/server application that leverages remote method invocation (RMI) through Spring Remoting.

In this article, we will show how Spring Remoting supports the implementation of RMI using Hessian and Burlap instead.

2. Maven Dependencies

Both Hessian and Burlap are provided by the following library that you will need to include explicitly in your pom.xml file:


You can find the latest version on Maven Central.

3. Hessian

Hessian is a lightweight binary protocol from Caucho, the makers of the Resin application server. Hessian implementations exist for several platforms and languages, Java included.

In the following subsections, we will modify the “cab booking” example presented in the previous article to make the client and the server to communicate using Hessian instead of the Spring Remote HTTP based protocol.

3.1. Exposing the Service

Let’s expose the service by configuring a RemoteExporter of type HessianServiceExporter, replacing the HttpInvokerServiceExporter previously used:

@Bean(name = "/booking") 
RemoteExporter bookingService() {
    HessianServiceExporter exporter = new HessianServiceExporter();
    exporter.setService(new CabBookingServiceImpl());
    exporter.setServiceInterface( CabBookingService.class );
    return exporter;

We can now start the server and keep it active while we prepare the client.

3.2. Client Application

Let’s implement the client. Here again, the modifications are quite simple — we need to replace the HttpInvokerProxyFactoryBean with a HessianProxyFactoryBean:

public class HessianClient {

    public HessianProxyFactoryBean hessianInvoker() {
        HessianProxyFactoryBean invoker = new HessianProxyFactoryBean();
        return invoker;

    public static void main(String[] args) throws BookingException {
        CabBookingService service
          =, args)
          service.bookRide("13 Seagate Blvd, Key Largo, FL 33037"));

Let’s now run the client to make it connect to the server using Hessian.

4. Burlap

Burlap is another lightweight protocol from Caucho, based on XML. Caucho stopped maintaining it a long time ago, and for that, its support has been deprecated in the newest Spring releases, even though it is already present.

Therefore you should reasonably continue using Burlap only if you have applications that are already distributed and that cannot easily be migrated to another Spring Remoting implementation.

4.1. Exposing the Service

We can use Burlap exactly in the same way that we used Hessian — we just have to choose the proper implementation:

@Bean(name = "/booking") 
RemoteExporter burlapService() {
    BurlapServiceExporter exporter = new BurlapServiceExporter();
    exporter.setService(new CabBookingServiceImpl());
    exporter.setServiceInterface( CabBookingService.class );
    return exporter;

As you can see, we just changed the type of exporter from HessianServiceExporter to BurlapServiceExporter. All the setup code can be left unchanged.

Again, let’s start the server and let’s keep it running while we work on the client.

4.2. Client Implementation

We can likewise swap Hessian for Burlap at the client side, changing out HessianProxyFactoryBean with BurlapProxyFactoryBean:

public BurlapProxyFactoryBean burlapInvoker() {
    BurlapProxyFactoryBean invoker = new BurlapProxyFactoryBean();
    return invoker;

We can now run the client and see how it connects successfully to the server application using Burlap.

5. Conclusion

With these quick examples, we showed how it is easy with Spring Remoting to choose among different technologies to implement remote method invocation and how you can develop an application being completely unaware of the technical details of the protocol used to represent the remote method invocation.

As usual, you’ll find the sources over on GitHub, with clients for both Hessian and Burlap and the JUnit test that will take care of running both the server and the clients.

Go deeper into Spring Security with the course: