Way over my head, can you give an example? Is the idea to set a different security manager in my portlet and the revert back to the jetspeed policy? Thanks Jeff
----- Original Message ---- From: David Sean Taylor <[EMAIL PROTECTED]> To: Jetspeed Users List <[email protected]> Sent: Tuesday, December 19, 2006 1:35:57 PM Subject: Re: Problems setting Security Manager for RMI J Marshall wrote: > When I set the RMISecurity manager with if > (System.getSecurityManager() == null) > > > System.setSecurityManager ( new RMISecurityManager() ); > > in my portlet, it seems to cause problems with the overall security > manager. When I use the admin user, and call my portlet, the admin > user seems to loose admin features -- the "Jetspeed Administrative > portlet" link disappears. > > What is the proper way to use RMI clients in a portal? I use RMI > extensivly in Jetspeed1 and I am starting the migration process to > Jetspeed2 > Yes, we have our own security policy hooked into the default security manager, and this will step on it if you call it later on. I recommend re-adding our security policy after setting your manager, something like here: http://java.sun.com/j2se/1.4.2/docs/api/java/security/Policy.html#setPolicy(java.security.Policy) I am planning on working on a solution to allow for the security configuration to be strictly based on security constraints, not a mixture of constraints + permissions Once this option is available, you can safely configure out our policy via the Spring configuration --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
