This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
I'm reading <Java RMI>(O'reilly).I find difficulty in understanding a sentence in this book, which says: "You don't have to use a security manager with your RMI application. The only basic feature of RMI that won't work is dynamic classloading. However, both the RMI registry and the activation daemon do use security policies".
Although RMI registry uses the security policies why "You don't have to use a security manager with your RMI application"? It seems inconsistent.
Actually, I can run rmiregistry and RMI application without the security manager.
So, who can help me to resolve this apparent conflict?
A security manager is required in any JVM that needs to download code, and RMI clients need to download RMI stubs (as well as any other custom classes or interfaces needed to communicate with the RMI server).
SCEA, SCBCD, SCJP1.4, OOAD-UML, OCP 9i
Joined: Apr 11, 2005
Thank you sopal! But why I can run rmiregistry and RMI application without use the security manager?
The book also says:"You don't have to use a security manager with your RMI application".
Joined: Aug 04, 2003
because the code is not being downloaded for u. It can be found in its local classpath