Java Reference
In-Depth Information
You want to govern permissions for an application based on HTTP, rather than on any
type of TCP connection. Furthermore, you want to specify host names for the HTTP
permissions, rather than individual IP addresses.
Solution
Make use of the
java.net.URLPermission
class, which was introduced in Java
8, in order to define a higher-level permission than a standard
java.net.SocketPermission
offers. Doing so will allow you to express per-
missions in the context of HTTP request methods and URL scheme. In the following
mission to access resources defined by a given URL, and also for a set of user-settable
request methods and request headers. In this case, the
URLPermission
class repres-
public static void main(String[] a) {
URLPermission urlPermission = new
URLPermission("
https://www.apress.com/index.php/author/
try {
AccessController.checkPermission(urlPermission);
System.out.println("Ok to open socket");
} catch (AccessControlException ace) {
System.out.println(ace);
}
}
In this case, permission would be denied, as this URL is to a private host. However,
if you had built an application that performed a callback to a remote application server,
the host would perform a validity check and then provide access to open the socket for
valid requests.
How It Works
Oftentimes, sandboxed applications require the use of permissions to access remote re-
sources. Prior to Java 8, the
java.net.SocketPermission
was used to perform