On 7/07/2005 9:07 PM, b Laskowski wrote:
[EMAIL PROTECTED] wrote:
Should we be invoking the deploy tool in startup scripts with the
following (taken from GERONIMO-502)?
java -Djava.security.manager
-Djava.security.policy=var/security/deployer.policy -jar
bin/deployer.jar <standard> switches and parameters
Why? I wonder what the benefit would be of doing so? Please elaborate.
One of the benefit is to allow for remote class loading of classes,
which cannot be loaded from the deployer classpath. For instance,
exceptions nested within DeploymentExceptions may not be defined by the
deployer classpath, e.g. org.tranql.ql.QueryException, which result in
ClassNotFoundException to be thrown on the deployer side.
I don't think that we should enable remote class loading by default,
especially with the provided policy file. Perhaps that we could control
the installation of a security manager via a switch.
Thanks,
Gianny
John
Jacek
