Java Reference
In-Depth Information
emulator and run them simultaneously to see how the hit counts are independent of each
other and associated with each session.
To test the MIDlet on a server without setting up your own, you can set the MIDlet property
CookieMIDlet-URL
to the URL
http://65.215.221.148:8080/wj2/cookie
.
Design Tips
This section contains some suggestions about creating networked MIDlets.
1.
Use GET rather than POST. It's simpler, and you won't have to worry about fiddling
around with the request headers.
2.
Don't hard-code URLs. Put them in a MIDlet property in the application descriptor.
This will make it possible to change the URL without recompiling your code.
3.
Put network access in a separate thread. Network access always takes time; it shouldn't
hold up the user interface. Furthermore, you must let your users know what's going on.
Put up a “loading progress” type of message or some kind of indication that your appli-
cation is trying to access a network resource.
4.
Make sure you handle exceptions gracefully. Network connections on wireless devices
are not tremendously reliable, so you should make sure you're prepared for the worst.
Catch all your exceptions and do something reasonable.
5.
Clean up after yourself. On a small device, resources are scarce, so be sure to close con-
nections when you are done with them.
try - finally
blocks are especially useful for
ensuring that unused streams and connections are closed.
1
The code in
Jargoneer
(Chapter 2) demonstrates this technique.
Using HTTPS
HTTP is not a secure protocol. It operates on top of TCP/IP sockets. Information exchanged
using HTTP is highly susceptible to eavesdroppers. A more secure alternative, HTTPS, runs
atop Transport Layer Security (TLS), Secure Sockets Layer (SSL), or a similar protocol. TLS and
SSL provide a layer of authentication and encryption between sockets and higher-level proto-
cols like HTTP, POP3, SMTP, and NNTP.
TLS 1.0 is really just an updated version of SSLv3. For more information on these proto-
cols, see
http://wp.netscape.com/eng/ssl3/
and
http://www.ietf.org/rfc/rfc2246.txt
.
In typical TLS interactions, the server sends a certificate to the client to authenticate itself.
The client must have Certificate Authority (CA) root certificates on hand to verify the server's
certificate. (The J2ME Wireless Toolkit comes with a utility,
MEKeyTool
, that can be used to modify
the set of CA root certificates used by the toolkit emulator. Real devices may have similar utilities,
but in general, you'll have to make sure that your server certificate is signed by a CA that is
widely recognized.) If the client can verify the certificate, the client will then send a secret value
You are probably familiar with the
try - catch
blocks that are used in Java for exception handling. The
finally
clause is not as well known, but it is very useful. Code in the
finally
block will be executed
regardless of how control leaves the
try
block.
1.
Search WWH ::
Custom Search