A security manager is required for any VM that downloads executable (Java) code from another source -- doesn't matter if it's a "client" or a "server," as these terms just describe the process' role in one relationship. If I have a program that is remotely available to a client, but also uses another program as a remote source, then that program is both a "server" and a "client," respectively. Policies describe the actions allowed for each server codebase. Even if you're only going to load one stub from one RMI server, you need a policy for that. Even if you want to give all possible server sources all possible permissions, you need a policy that says that; it must be explicit. ------------------ Michael Ernest, co-author of: The Complete Java 2 Certification Study Guide [This message has been edited by Michael Ernest (edited December 30, 2001).]
Make visible what, without you, might perhaps never have been seen. - Robert Bresson
Joined: Dec 19, 2001
Thanks for the reply I understand what you said.
So if i am not using dymanic classloading in RMI i need not install a security manager or need not use a policy file.