[Entitlements] Fix "No SecurityManager when entitlements are enabled" (#119742)

Author: ldematte

distribution/tools/server-cli/src/main/java/org/elasticsearch/server/cli/SystemJvmOptions.java

@@ -141,7 +141,7 @@ private static Stream<String> maybeWorkaroundG1Bug() {
 
     @UpdateForV9(owner = UpdateForV9.Owner.CORE_INFRA)
     private static Stream<String> maybeAllowSecurityManager(boolean useEntitlements) {
-        if (useEntitlements == false && RuntimeVersionFeature.isSecurityManagerAvailable()) {
+        if (RuntimeVersionFeature.isSecurityManagerAvailable()) {
             // Will become conditional on useEntitlements once entitlements can run without SM
             return Stream.of("-Djava.security.manager=allow");
         }

x-pack/qa/security-example-spi-extension/src/main/java/org/elasticsearch/example/ExampleSecurityExtension.java

@@ -36,7 +36,8 @@
 public class ExampleSecurityExtension implements SecurityExtension {
 
     static {
-        if (RuntimeVersionFeature.isSecurityManagerAvailable()) {
+        final boolean useEntitlements = Boolean.parseBoolean(System.getProperty("es.entitlements.enabled"));
+        if (useEntitlements == false && RuntimeVersionFeature.isSecurityManagerAvailable()) {
             // check that the extension's policy works.
             AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
                 System.getSecurityManager().checkPropertyAccess("myproperty");