When an application uses SecurityManager there us the possibility that RestProxy would throw an exception when instantiating a client. This is thrown when ReflectPermission isn't given to the implementation interface and the interface isn't publicly scoped. Given that, by default, the implementation interface is generated in the implementation package this could be made public preventing the chance for this issue being thrown. The latest versions of AutoRest has been updated to generate the implementation interface as public preventing this issue from happening by configuring the following:

service-interface-as-public: true

Perform the following to test and verify whether your clients are affected by the issue, if they are you'll need to regenerate with the newest code generator.

1. Create a policy file with this configuration:

grant {
  permission java.util.PropertyPermission "*", "read";
  permission java.lang.RuntimePermission "getenv.*";
};

2. Build a test application that creates every client in your package. Note: Use a mock HttpClient, all that needs to be done is the client being built.
3. Run the test application with SecurityManager turned on. Pass -Djava.security.manager and -Djava.security.policy=<location of the policy file you created>.
4. Create a test application which performs the following:

private static final HttpClient FAKE_HTTP_CLIENT = request -> Mono.empty();

public static void main(String[] args) {
    // For each async service client in the SDK create an instance of it using the fake HttpClient.
    // The following example is using azure-storage-blob.
    BlobServiceAsyncClient blobServiceAsyncClient = new BlobServiceClientBuilder()
        .connectionString(CONNECTION_STRING)
        .httpClient(FAKE_HTTP_CLIENT)
        .buildAsyncClient();
    
    BlobContainerAsyncClient blobContainerAsyncClient = new BlobContainerClientBuilder()
        .connectionString(CONNECTION_STRING)
        .containerName("container")
        .httpClient(FAKE_HTTP_CLIENT)
        .buildAsyncClient();
}

• AppConfiguration (Regenerate Implementation Layer with Interface Scoping Changes #17370)
• Digital Twins (Regenerate Implementation Layer with Interface Scoping Changes #17371)
• Event Hubs (Regenerate Implementation Layer with Interface Scoping Changes #17372)
• Event Grid (Regenerate Implementation Layer with Interface Scoping Changes #17373)
• Form Recognizer (Regenerate Implementation Layer with Interface Scoping Changes #17374)
• KeyVault (Regenerate Implementation Layer with Interface Scoping Changes #17375)
• Schema Registry (Regenerate Implementation Layer with Interface Scoping Changes #17376)
• Service Bus ([REFACTOR] Regenerate Implementation Layer with Interface Scoping Changes #17377)
• Storage (Regenerate Implementation Layer with Interface Scoping Changes #12829)
• Tables (Regenerate Implementation Layer with Interface Scoping Changes #17378)
• Text Analytics (Regenerate Implementation Layer with Interface Scoping Changes #17379)