I have been using RMI for many years and am very satisfied with it's performance.
Now, however, I am going to have to get through firewalls to do what I've been tasked with doing. I've read about HTTP tunneling and it seems to be a kludge. I've also read about SSL tunneling. I have not found any indication of how it works nor did a search of this forum return a result.
My question: Has anybody here tried SSL tunneling and, if so, are you pleased with the result? Does it have the degradation of HTTP tunneling or work nearly like a direct connection?
You can't get RMI to do SSH tunnelling unless you can provide an RMIClientSocketFactory that does so. It is doable but it is highly non-trivial, and you will need a third-party SSH library such as Ganymede to help you do it. You will also need to deploy SSH keys and certificates appropriately.
Never done it, but I have SSH tunneling in production for a Telnet applet and it isn't too noticeable. There will be some time cost for the initial SSH handshake and for the encryption, so it would pay to raise the connection pooling times via the system properties linked from the RMI Home Page.