2 Replies Latest reply on Feb 11, 2002 12:10 PM by Nikolaj G.

    RMI security problem

    Nikolaj G. Newbie

      Hi there,

      I think I have a RMI security problem...

      Im trying to implement a simple JMS queue with an EventManager and a Client to send message (using the HelloMDB example and HelloSender). PS I havn't added anything special to conf/catalina/jboss.jcml - just using the "queue/testQueue" Im using JBoss2.4.4 & Tomcat 4.0.1

      Hope to get some help, thanks.

      /nikolaj


      PS the error:

      [Client] Could not send message: javax.naming.CommunicationException [Root exception is java.rmi.UnmarshalException: error unmarshalling return; nested exception is:
      java.lang.ClassNotFoundException: org.jboss.mq.referenceable.ObjectRefAddr (no security manager: RMI class loader disabled)]
      javax.naming.CommunicationException. Root exception is java.rmi.UnmarshalException: error unmarshalling return; nested exception is:
      java.lang.ClassNotFoundException: org.jboss.mq.referenceable.ObjectRefAddr (no security manager: RMI class loader disabled)
      java.lang.ClassNotFoundException: org.jboss.mq.referenceable.ObjectRefAddr (no security manager: RMI class loader disabled)

        • 1. Re: RMI security problem
          Adrian Brock Master

          You need to include jboss/client/jbossmq-client.jar in
          the classpath of the client.

          Alternatively, do as the message says. Configure a
          security manager on the client so the class can be
          downloaded from the server.

          Regards,
          Adrian

          • 2. Re: RMI security problem
            Nikolaj G. Newbie

            Hi warjort,

            Thanks, it working now... Im using Idea and somehow jbossmq-client.jar and log4j.jar didn't show in the local CLASSPATH for the project (did put in the Default CLASSPATH, hmm).

            Well, since you're here :-) my question is - how do I configure a security manager on the client. I've been trying the following as VM parameter input:

            -Djava.security.policy=C:\jdk1.3.1_01\jre\lib\security\nosecurity.policy

            ... with no luck.

            The "nosecurity.policy" (in jdk/jre/lib/security) file looks like this:

            grant
            {
            permission java.security.AllPermission;
            };

            Am I in the right way... hmm, also I looked at the "rmisecurity" but didn't get the point...

            Im asking because it would be nice to know, no? Im thinking about people accessing the MDB from another machine. Sorry, Im in the learning period know, so trash this message or give me a link, if its to trivial.

            Thanks for your input.

            /nikolaj, copenhagen.