I've added some simple support to run tests with a SecurityManager enabled.
The implementation is currently a "hack" in that it is enabled it just detects what should
have all or no permissions based on the ending of the codebase.
i.e. it requires the classes to be in either:
output/classes - all permissions
output/classes-tests - no permissions
rest-of-classpath - all permissions
Anybody have a better idea? It would obviously be better to have a more
intuitive, finer grained and more declarative approach.
Ultimately we need our own Policy implementation that can take an xml description of the permission and handle variable expansion so that the security policy better fits in with the tests resources. Its something on my todo list as part of the JACC policy extension.