Java Reference
In-Depth Information
You want to govern permissions for an application based on HTTP, rather than on any
type of TCP connection. Furthermore, you want to specify host names for the HTTP
permissions, rather than individual IP addresses.
Solution
Make use of the java.net.URLPermission class, which was introduced in Java
8, in order to define a higher-level permission than a standard
java.net.SocketPermission offers. Doing so will allow you to express per-
missions in the context of HTTP request methods and URL scheme. In the following
example, the URLPermission class is used to access an author URL at the ht-
tp://www.apress.com website. The URLPermission class represents the per-
mission to access resources defined by a given URL, and also for a set of user-settable
request methods and request headers. In this case, the URLPermission class repres-
ents the resources defined at the author URL on the apress.com site.
public static void main(String[] a) {
URLPermission urlPermission = new
URLPermission(" https://www.apress.com/index.php/author/
author/view/id/1866 " );
try {
AccessController.checkPermission(urlPermission);
System.out.println("Ok to open socket");
} catch (AccessControlException ace) {
System.out.println(ace);
}
}
In this case, permission would be denied, as this URL is to a private host. However,
if you had built an application that performed a callback to a remote application server,
the host would perform a validity check and then provide access to open the socket for
valid requests.
How It Works
Oftentimes, sandboxed applications require the use of permissions to access remote re-
sources. Prior to Java 8, the java.net.SocketPermission was used to perform
Previous Page
Next Page
Java 8 Recipes
Search WWH ::




Custom Search
Home