Synopsisrmid [ options ] DescriptionThe rmid command starts an RMI activation daemon on the local host. The activation daemon services all requests to register activatable objects and is responsible for activating objects due to client requests to invoke methods on them. If no port option is given, the activation daemon runs on a default port of 1098. Internally, the activation daemon creates a java.rmi.activation.Activator and its own RMI naming registry (listening to port 1098). The daemon binds a java.rmi.activation.ActivationSystem object to the name java.rmi.activation.ActivationSystem in its internal registry. The rmid daemon provided by Sun requires you to specify a security policy file on the command line, using the -J option: > rmid -J-Djava.security.policy=myrmid.policy ... This policy file determines what operations are allowed when launching JVMs for activation groups. For example, a policy file for rmid might include permissions such as the following: grant { permission com.sun.rmi.rmid.ExecPermission "/opt/rmid/bin/*"; permission com.sun.rmi.rmid.ExecOptionPermission "-Djava.security.policy=/usr/rmi-app/act-group.policy"; }; This allows rmid to execute any commands in the /opt/rmid/bin directory and to start any activation groups using the command-line option to invoke the security policy file act-group.policy. When registering activation groups, you can specify what commands to use to start the group's JVM, what command-line arguments to include, and what Java properties to override using the -D option for the JVM. Permission to run the specified commands has to be given to rmid in its policy file using com.sun.rmi.rmid.ExecPermission enTRies. The ability to add command-line options to the activation startup command is granted using com.sun.rmi.rmid.ExecOptionPermission enTRies. You can also control the application of security policies using the sun.rmi.activation.execPolicy JVM option on the rmid command: > rmid -J-Dsun.rmi.activation.execPolicy=<default|policyClass|none> ... If this option isn't used or is used with the value default, the java.security.policy file determines the ability of the activator to execute commands and add command-line options to the JVM startup commands. If a class name is provided as the value of this option, then instead of using the security policy file, call checkExecCommand( ) on this class before activating groups: public void checkExecCommand(ActivationGroupDesc desc, String[] command) throws SecurityException { if (command or options are not allowed) { throw new SecurityException(...); } } If the value of the execPolicy property is none, rmid won't do any checking of security policies before running activation commands. Options
Environment
|