use of a(n RMI)Securitymanager


I try to use an RMISecurityManager in my application (discovery and use of a River/Jini service requires this). First I tried to have set it during initialization of the Application class. Execution seems to stall at this point (System.setSecurityManager()). Then tried to set it in my custom ApplicationServlet’s init() that behaves the same way. No exception is thrown whatsoever.

This happens using gradle’s jetty plugin for executing the webapp, so the source of problem might lay there: I followed docs to create the necessary config file for jetty and policy file for the webapp, passed that configuration to jetty plugin. I am going to check them again, in the meantime I would like present this problem if anyone experienced a similar one.

With no security stuff and related code the webapp does work.

Thanks for your help!


Ultimately, the configuration of a security manager needs to be done outside of the web application, by the web server (e.g. Tomcat).

Thankfully, I’ve never needed to do anything like this - but a quick google found the following, which looks to be relevant to your situation.

See also

Other application servers will require different configurations - I can’t find anything specific for Jetty yet, I’m afraid - but at least you’ve got something to start with!



Hello Charles,

Thanks for the references this helps to compare patterns of configuration in different containers.

My attempts try to use info found here:

Reading it again I realize that jetty expects residence of config files at certain places, so my problem boils down to how to define them with gradle’s jetty plugin.

I’ll come back with my findings.