java.net

Class SocketPermission

Implemented Interfaces:
Guard, Serializable

public final class SocketPermission
extends Permission
implements Serializable

This class models a specific set of permssions for connecting to a host. There are two elements to this, the host/port combination and the permission list.

The host/port combination is specified as followed

 hostname[:[-]port[-[port]]]
 

The hostname portion can be either a hostname or IP address. If it is a hostname, a wildcard is allowed in hostnames. This wildcard is a "*" and matches one or more characters. Only one "*" may appear in the host and it must be the leftmost character. For example, "*.urbanophile.com" matches all hosts in the "urbanophile.com" domain.

The port portion can be either a single value, or a range of values treated as inclusive. The first or the last port value in the range can be omitted in which case either the minimum or maximum legal value for a port (respectively) is used by default. Here are some examples:

The permission list is a comma separated list of individual permissions. These individual permissions are:

 accept
 connect
 listen
 resolve
 

The "listen" permission is only relevant if the host is localhost. If any permission at all is specified, then resolve permission is implied to exist.

Here are a variety of examples of how to create SocketPermission's

 SocketPermission("www.urbanophile.com", "connect");
   Can connect to any port on www.urbanophile.com
 SocketPermission("www.urbanophile.com:80", "connect,accept");
   Can connect to or accept connections from www.urbanophile.com on port 80
 SocketPermission("localhost:1024-", "listen,accept,connect");
   Can connect to, accept from, an listen on any local port number 1024
   and up.
 SocketPermission("*.edu", "connect");
   Can connect to any host in the edu domain
 SocketPermission("197.197.20.1", "accept");
   Can accept connections from 197.197.20.1
 

This class also supports IPv6 addresses. These should be specified in either RFC 2732 format or in full uncompressed form.

Since:
1.2
See Also:
Serialized Form

Constructor Summary

SocketPermission(String hostport, String actions)
Initializes a new instance of SocketPermission with the specified host/port combination and actions string.

Method Summary

boolean
equals(Object obj)
Tests this object for equality against another.
String
getActions()
Returns the list of permission actions in this object in canonical order.
int
hashCode()
Returns a hash code value for this object.
boolean
implies(Permission perm)
Returns true if the permission object passed it is implied by the this permission.
PermissionCollection
newPermissionCollection()
Returns a new PermissionCollection object that can hold SocketPermission's.

Methods inherited from class java.security.Permission

checkGuard, equals, getActions, getName, hashCode, implies, newPermissionCollection, toString

Methods inherited from class java.lang.Object

clone, equals, extends Object> getClass, finalize, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

SocketPermission

public SocketPermission(String hostport,
                        String actions)
Initializes a new instance of SocketPermission with the specified host/port combination and actions string.
Parameters:
hostport - The hostname/port number combination
actions - The actions string

Method Details

equals

public boolean equals(Object obj)
Tests this object for equality against another. This will be true if and only if the passed object is an instance of SocketPermission and both its hostname/port combination and permissions string are identical.
Overrides:
equals in interface Permission
Parameters:
obj - The object to test against for equality
Returns:
true if object is equal to this object, false otherwise.

getActions

public String getActions()
Returns the list of permission actions in this object in canonical order. The canonical order is "connect,listen,accept,resolve"
Overrides:
getActions in interface Permission
Returns:
The permitted action string.

hashCode

public int hashCode()
Returns a hash code value for this object. Overrides the Permission.hashCode().
Overrides:
hashCode in interface Permission
Returns:
A hash code

implies

public boolean implies(Permission perm)
Returns true if the permission object passed it is implied by the this permission. This will be true if:
  • The argument is of type SocketPermission
  • The actions list of the argument are in this object's actions
  • The port range of the argument is within this objects port range
  • The hostname is equal to or a subset of this objects hostname

The argument's hostname will be a subset of this object's hostname if:

  • The argument's hostname or IP address is equal to this object's.
  • The argument's canonical hostname is equal to this object's.
  • The argument's canonical name matches this domains hostname with wildcards
Overrides:
implies in interface Permission
Parameters:
perm - The Permission to check against
Returns:
true if the Permission is implied by this object, false otherwise.

newPermissionCollection

public PermissionCollection newPermissionCollection()
Returns a new PermissionCollection object that can hold SocketPermission's.
Overrides:
newPermissionCollection in interface Permission
Returns:
A new PermissionCollection.

SocketPermission.java -- Class modeling permissions for socket operations Copyright (C) 1998, 2000, 2001, 2002, 2004, 2006 Free Software Foundation, Inc. This file is part of GNU Classpath. GNU Classpath is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version. GNU Classpath is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with GNU Classpath; see the file COPYING. If not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Linking this library statically or dynamically with other modules is making a combined work based on this library. Thus, the terms and conditions of the GNU General Public License cover the whole combination. As a special exception, the copyright holders of this library give you permission to link this library with independent modules to produce an executable, regardless of the license terms of these independent modules, and to copy and distribute the resulting executable under terms of your choice, provided that you also meet, for each linked independent module, the terms and conditions of the license of that module. An independent module is a module which is not derived from or based on this library. If you modify this library, you may extend this exception to your version of the library, but you are not obligated to do so. If you do not wish to do so, delete this exception statement from your version.