SocketPermission

This class is a java.security.Permission that governs all networking operations performed with sockets. Like all permissions, a SocketPermission consists of a name , or target, and a list of actions that may be performed on that target. The target of a SocketPermission is the host and, optionally, the port or ports for which permission is being granted or requested . The target consists of a hostname optionally followed by a colon and a port specification. The host may be a DNS domain name, a numerical IP address, or the string "localhost". If you specify a host domain name, you may use * as a wildcard as the leftmost portion of the hostname. The port specification, if present, must be a single port number or a range of port numbers in the form n1-n2 . If n1 is omitted, it is taken to be , and if n2 is omitted, it is taken to be 65535 . If no port is specified, the socket permission applies to all ports of the specified host. Here are some legal SocketPermission targets:

 java.sun.com:80 *.sun.com:1024-2000 *:1024- localhost:-1023 

In addition to a target, each SocketPermission must have a comma-separated list of actions, which specify the operations that may be performed on the specified host(s) and port(s). The available actions are "connect", "accept", "listen", and "resolve". "connect" represents permission to connect to the specified target. "accept" indicates permission to accept connections from the specified target. "listen" represents permission to listen on the specified ports for connection requests . This action is only valid when used for ports on "localhost". Finally, the "resolve" action indicates permission to use the DNS name service to resolve domain names into IP addresses. This action is required for and implied by all other actions.

System administrators configuring security policies must be familiar with this class and understand the risks of granting the various permissions it represents. System programmers writing new low-level networking libraries or connecting to native code that performs networking may need to use this class. Application programmers, however, should never need to use it directly.

Figure 12-21. java.net.SocketPermission

 public final class  SocketPermission  extends java.security.Permission  implements Serializable {  // Public Constructors  public  SocketPermission  (String  host  , String  action  );  // Public Methods Overriding Permission  public boolean  equals  (Object  obj  );        public String  getActions  ( );        public int  hashCode  ( );        public boolean  implies  (java.security.Permission  p  );        public java.security.PermissionCollection  newPermissionCollection  ( );   }