public final class SocketProtocolPermission extends GCFPermission
SocketProtocolPermission
consists of a
URI string but no actions list.
The URI string specifies a socket stream connection. It takes the following general form:
socket://{host}:{portspec} | socket://[:{portspec}]The exact syntax for the
SocketProtocolPermission
URI
is provided by this BNF.
The value of the {host}
field must be a symbolic hostname,
a literal IPv4 address or an IP-literal
with an IPv6Address
as specified by
RFC 3986.
An IP-literal
requires to surround
the IPv6Address
with square brackets ('[', ']'),
IPvFuture
addresses are not supported.
The {host}
field is omitted to indicate a "server mode"
connection. Server-mode URIs may also omit the {portspec}
field to indicate a system-assigned port number. In such a case, the
SocketProtocolPermission
is
normalized to the equivalent
URI "socket://:1024-65535"
.
If the {host}
string is a DNS name, an asterisk may
appear in the leftmost position to indicate a match of 1 or more
entire domain labels.
Partial domain label matches are not permitted, therefore
"*.sun.com" is valid, but "*sun.com" is not.
An asterisk by itself matches all hosts in "client-mode" connections;
The {portspec}
string takes the following form:
portnumber | "-" portnumber | portnumber "-" [portnumber] | "*"A
{portspec}
specification of the form "N-"
(where N is a port number)
signifies all ports numbered N and above, while a specification of the
form "-N" indicates all ports numbered N and below.
A single asterisk may be used in place of the {portspec}
field to indicate all ports.
Therefore, the URI "socket://:*"
matches
server-mode socket connections to all ports, and
the URI "socket://*:*"
matches
client-mode socket connections to all hosts on all ports.
Note: The syntax of URLs accepted by Connector.open
for
sockets differs from the syntax for SocketProtocolPermission.
In the socket:
protocol, the ":" delimiter must always be present
even if there is no port number; whereas the delimiter must not be
present unless there is a port number in SocketProtocolPermission.
Connector.open(java.lang.String)
Constructor and Description |
---|
SocketProtocolPermission(java.lang.String uri)
Creates a new
SocketProtocolPermission with the
specified URI as its name. |
Modifier and Type | Method and Description |
---|---|
boolean |
equals(java.lang.Object obj)
Checks two
SocketProtocolPermission objects for equality. |
java.lang.String |
getActions()
Returns the canonical string representation of the actions, which
currently is the empty string "", since there are no actions defined
for
SocketProtocolPermission . |
int |
hashCode()
Returns the hash code value for this object.
|
boolean |
implies(java.security.Permission p)
Checks if this
SocketProtocolPermission object "implies"
the specified permission. |
java.security.PermissionCollection |
newPermissionCollection()
Returns a new
PermissionCollection for storing
SocketProtocolPermission objects. |
getProtocol, getURI
public SocketProtocolPermission(java.lang.String uri)
SocketProtocolPermission
with the
specified URI as its name. The URI string must conform to the
specification given above, and is
normalized
to facilitate subsequent comparisons.uri
- the URI string.java.lang.IllegalArgumentException
- if uri
is malformed.java.lang.NullPointerException
- if uri
is null
.Permission.getName()
public boolean equals(java.lang.Object obj)
SocketProtocolPermission
objects for equality.equals
in class java.security.Permission
obj
- the object we are testing for equality with this object.true
if obj
is a
SocketProtocolPermission
and has the same URI string as
this SocketProtocolPermission
object.Object.hashCode()
,
HashMap
public java.lang.String getActions()
SocketProtocolPermission
.getActions
in class java.security.Permission
public int hashCode()
hashCode
in class java.security.Permission
Object.equals(java.lang.Object)
,
System.identityHashCode(java.lang.Object)
public boolean implies(java.security.Permission p)
SocketProtocolPermission
object "implies"
the specified permission.
Because the {host}
field of the permission URI may
indicate an individual host by means of either a symbolic hostname
or an IP address,
a thorough evaluation of the implies relation between
two SocketProtocolPermission
objects requires
the underlying platform to be able to transform symbolic hostnames
into IP addresses (via address lookup) and vice-versa
(via name lookup).
Either service may be unavailable on a given platform.
As a result, the comparison of URI strings from two permissions
can only be best-effort.
For each SocketProtocolPermission
constructed with
a URI that contains a {host}
field, the implementation
will attempt to determine both the fully-qualified domain name
(the "canonical name") and the IP address(es) of the host.
However, either value may be unknown.
To determine whether this object implies another permission, p, this method first ensures that all of the following are true (and returns false if any of them are not):
Then implies
checks each of the following, in order,
and for each returns true if the stated condition is true:
{host}
field.
If none of the above are true, implies
returns false.
implies
in class java.security.Permission
p
- the permission to check against.true
if the specified permission is implied by this object,
false
if not.public java.security.PermissionCollection newPermissionCollection()
PermissionCollection
for storing
SocketProtocolPermission
objects.
SocketProtocolPermission
objects must be stored in a
manner that allows
them to be inserted into the collection in any order, but that also
enables the PermissionCollection
implies method to be
implemented in an efficient (and consistent) manner.
If null
is returned,
then the caller of this method is free to store permissions of this
type in any PermissionCollection they choose (one that uses a Hashtable,
one that uses a Vector, etc).
newPermissionCollection
in class java.security.Permission
PermissionCollection
suitable for storing
SocketProtocolPermission
objects, or
null
if one is not defined.Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. Use of this specification is subject to license terms.