Java Reference
In-Depth Information
API permissions indicate that a specific permission is required when using a restricted
API, such as the socket connection interface. To do this, your MIDlet must have the per-
mission
javax.microedition.io.Connector.socket
, which indicates permission to use this
API. Note that this is a necessary but not sufficient requirement to actually use the API; the
runtime may prompt the user for approval or deny the operation on the basis of the origin
of the application. API permissions are strings named after the package and class of the
restricted API. (As I introduce APIs in subsequent chapters, I note the permissions
required for restricted APIs.) Two JAD fields indicate permissions:
MIDlet-Permissions
and
MIDlet-Permissions-Opt
. The first names are the required permissions, and the second
names are the optional permissions that MIDlets in the suite may use.
■
Caution
Just providing permission in your JAD file
doesn't
entitle you to access the restricted APIs that
require that permission. As I note in Chapter 1 in the section titled “Marketing and Selling Your Application,”
your application may also require a signature from a third party, such as Java Verified or a wireless operator,
to use the API you require.
A final aspect of packaging your application is
signing
—that is, the process of crypto-
graphically signing your application to prove that you're the originator of the application.
Signing is the final link in the chain of the Java ME permission mechanism; signatures
indicate that applications come from sources with a particular level of trust, and depend-
ing on the signatures an application bears, the application may be granted additional
permissions to operate. Begin with a certificate provided by a well-known provider such
as VeriSign, and import this into the NetBeans keystore using the Security Manager. To do
this, follow these steps:
1.
Obtain a certificate from an authority trusted by the operators on which you'll be
deploying your application.
2.
Import the certificate into your keystore using the keytool application included
with the JDK. Enter this command from a command line:
% keytool -import -alias
your_alias_for_certificate
-file
your_certificate_file
-keystore
your_keystore.ks
3.
In the NetBeans IDE, add your keystore to the IDE by going to Project Properties
➤
Signing
➤
Security Manager
➤
Add Keystore.
4.
Still in the Signing pane, tick the Sign Distribution box and select the alias of the
certificate you just imported.