• Post Reply Bookmark Topic Watch Topic
  • New Topic

using codebase without a security manager  RSS feed

 
Mike Curwen
Ranch Hand
Posts: 3695
IntelliJ IDE Java Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
By default, any java program (including ones that make use of RMI) run without any sort of security manager. (is that right?)

RMI provides an implementation of an appropriate-for-RMI-usage security manager, like so:And you'd specify what policies like so:

java -Djava.security.policy=policyfilename
All that from Installing a Security Manager

But what if you don't use a security manager ?

As I understand it, if an RMI application is asked to run code, it will search its local classpath for the class file. If it fails to find it, it will then try to dynamically download that class file from the 'codebase' entry.
ie:

-Djava.rmi.server.codebase=http://localhost:2021/

That is from How codebase works

But I'm using an application that is RMI-enabled and I'm getting the following error, even though I've set up my codebase, policy and classfiles in appropriate (i think) places...
That last piece makes me think that unless you explicitly provide an RMI app with a security manager, it won't use the codebase entry to try to dynamically find a class. (is that right?)
 
Andrew Symantec
Greenhorn
Posts: 15
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi, below is quoated from SUN rmi tutorial.
http://java.sun.com/docs/books/tutorial/rmi/implementing.html
All programs using RMI must install a security manager, or RMI will not download classes (other than from the local class path) for objects received as parameters, return values, or exceptions in remote method calls. This restriction ensures that the operations performed by downloaded code go through a set of security checks.
Enjoy JAVA
[ May 31, 2003: Message edited by: Andrew Symantec ]
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!