I think what I'm trying to achieve is probably very simple (or at least should be) but I've been trying for at least 5 hrs now:
I'm using RMI for a distributed app I'm building for my degree.
Up until today I got around the need for using a SecurityManager by including all shared classes (those I pass between client and server) in a class library .jar file referenced by both client and server projects.
This has worked fine, but now I've coded a method that returns an object of a class that I do NOT want to include in the shared library (because I don't want the client to be able to construct these objects); therefore, I've decided to try and get the dynamic class loading working.
I'm using netbeans and testing on a single computer.
Here's what I'm trying:
My main() method has the standard code I've seen: if (System.getSecurityManager() == null) System.setSecurityManager(new RMISecurityManager());
In the server project's Run properties, I'm specifying VM Options: -Djava.security.policy=c:\security.policy -Djava.rmi.server.codebase="file://C:/"
I've copied the ellusive class's .java file into C:\ to keep the URL simple, but I've also tried directing it to the netbean project's bin\ folder using '%20' for spaces, both with the same results - about a five second pause (so it's finding something I think) and then the error message from the client's output:
error unmarshalling return; nested exception is: java.lang.ClassNotFoundException: mypackage.myClass
My policy file's contents are:
I've tried about 20 different ways of formatting the codebase argument's URL.. can anyone help?
Yes, after posting I guessed it might want the .class file instead, so I directed it their instead - still no joy, unfortunately!
I'm carrying out all testing on one computer, so (+if+ I could get it to work) a local codebase address would not be a problem.
Noted about the server-side security manager. I might want to use callbacks, but the server still won't need to download class files from the client, so I'll still try and set the codebase, but will try without loading a security manager on the server-side.
For the time being I've put the class in the shared library but have defined it within the same package as the server code. By doing this I've been able to set the class's accessibility back to default, but the client can still access it as Object (from the shared library).
This solution is good enough, but I still wonder why the client refuses to accept the class file from the C:\ codebase.
I don't know what this business is about the class's accessibility, or why you had to change the package to do so. You need to make a .jar file consisting of all the shared downloadable code and you need to describe its location via a codebase URL that means the same thing to the server, the Registry, and the client. Sounds like you have just done most if not all of that.