More on RMI

Here's the tip how to manage Java security without creating the file policy.txt and without the java command line argument -Djava.security.policy=policy.txt. Just use this anonymous inner class when setting security manager:

System.setSecurityManager(new RMISecurityManager() {
    public void checkConnect(String host, int port) {}
    public void checkConnect(String host, int port, Object context) {}
});

Update: this trick doesn't work if you will use Java RMI for dynamic code downloading (using the java.rmi.server.codebase property), so stick with the command line argument -Djava.security.policy=policy.txt approach.

Update 2: if you'll use the following security manager it will work with dynamic code download:

System.setSecurityManager(new RMISecurityManager() {
    public void checkPermission(java.security.Permission perm) {}
});

Feel free to post your questions or comments.