The current fix for invoking setSecurityManager in ant is to add -Djava.security.manager=allow to the ant script. I know there are several bugs related to this already. This also doesn't work for direct invocation of ant using org.apache.tools.ant.Main. ant should be changed to not call setSecurityManager on JDK18 or higher.
Hello Stephen, thank you for filing this. This helps keep track of all the issues we are currently seeing with the latest Ant release. As you note, Ant will have to stop setting the SecurityManager going forward.
I've reverted the changes we had done in Ant 1.10.13 to try and keep continuing to use SecurityManager. Those introduced more issues than providing any value. With the upcoming release of Ant, it will no longer use/support Java SecurityManager when Ant is used in Java 18+ versions. This should get us past all these issues. It would be very helpful if you could try out our nightly build which contains these fixes and see if it helps you with this issue https://ci-builds.apache.org/job/Ant/job/Ant_Nightly/lastSuccessfulBuild/artifact/distribution/