Name
Socket Permissions
Type
java.net.SocketPermission
Name
hostname:port
, where
each component of the name may be
specified by a wildcard. In particular, the
hostname may be
given as a hostname (possibly DNS qualified) or an IP address. The
leftmost position of the
hostname may be specified as an
asterisk, such that the host
piccolo.East.Sun.COM would be matched by each of
these strings:
piccolo piccolo.East.Sun.COM *.Sun.COM * 129.151.119.8
The port component of the name can be specified as a single port number or as a range of port numbers (e.g., 1-1024). When a range is specified, either side of the range may be excluded:
1024 (port 1024) 1024- (all ports greater than or equal to 1024) -1024 (all ports less than or equal to 1024) 1-1024 (all ports between 1 and 1024, inclusive)
Actions
accept, listen, connect, and resolve. These map into the normal socket usage: accept is used to see if the program can accept an incoming connection from a particular host; listen is used to see if the program can accept any incoming socket connections; connect is used to see if the program can make a connection to a particular host; and resolve is used to see if the IP address for a particular hostname can be obtained from the machine’s name service.
Code is always able to make a socket connection to (and accept a connection from) the host from which it was loaded, even if that specific permission is not listed in a policy file. That particular permission cannot be changed by an end user or ...
Get Java Security, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.