The Security Policy Chapter defines a security policy for APIs in this specification. The examples below use the External Client Policy Format to represent permissions for several Clients. These are examples only and are not a complete security policy.
The policy does not restrict any behavior and therefore includes all permissions. Such a policy could be useful for a Client being e.g. an operator.
client A; grant allowed "network" { permission javax.microedition.io.HttpProtocolPermission "http://*:*"; permission javax.microedition.io.HttpsProtocolPermission "https://*:*"; permission javax.microedition.io.DatagramProtocolPermission "datagram://*:*"; permission javax.microedition.io.DatagramProtocolPermission "datagram://:*"; permission javax.microedition.io.SocketProtocolPermission "socket://*:*"; permission javax.microedition.io.SocketProtocolPermission "socket://:*"; permission javax.microedition.io.SSLProtocolPermission "ssl://**.*"; } grant allowed "misc" { permission javax.microedition.io.PushRegistryPermission "*" "static,dynamic,alarm"; permission javax.microedition.io.CommProtocolPermission "comm:*"; permission java.util.PropertyPermission "*" "read"; permission javax.microedition.event.EventPermission "*" "read,register,post,postsystem"; permission javax.microedition.midlet.AutoStartPermission; } |
The policy does not restrict any behavior and therefore includes all permissions. Such a policy could be useful for a Client being e.g. an manufacturer.
client B; grant allowed { permission javax.microedition.io.HttpProtocolPermission "http://*"; permission javax.microedition.io.HttpsProtocolPermission "https://*"; permission javax.microedition.io.DatagramProtocolPermission "datagram://*"; permission javax.microedition.io.DatagramProtocolPermission "datagram://"; permission javax.microedition.io.SocketProtocolPermission "socket://*"; permission javax.microedition.io.SocketProtocolPermission "socket://"; permission javax.microedition.io.SSLProtocolPermission "ssl://*"; } grant allowed "misc" { permission javax.microedition.io.PushRegistryPermission "*" "static,dynamic,alarm"; permission javax.microedition.io.CommProtocolPermission "comm:*"; permission java.util.PropertyPermission "*" "read"; permission javax.microedition.event.EventPermission "*" "read,register,post,postsystem"; permission javax.microedition.midlet.AutoStartPermission; } |
This is an example of a policy containing permissions for function groups and permissions; it does not contain permissions for APIs outside of this specification. It could be useful for a Client being a so-called Identified Third Party.
client C; grant allowed "NetAccess" { permission javax.microedition.io.HttpProtocolPermission "http://*"; permission javax.microedition.io.HttpsProtocolPermission "https://*"; } grant allowed "LowLevelNetAccess" { permission javax.microedition.io.DatagramProtocolPermission "datagram://*"; permission javax.microedition.io.DatagramProtocolPermission "datagram://"; permission javax.microedition.io.SocketProtocolPermission "socket://*"; permission javax.microedition.io.SocketProtocolPermission "socket://"; permission javax.microedition.io.SSLProtocolPermission "ssl://*"; } grant allowed "ApplicationAutoInvocation" { permission javax.microedition.io.PushRegistryPermission "*" "static,dynamic,alarm"; } grant allowed "LocalConnectivity" { permission javax.microedition.io.CommProtocolPermission "comm:*"; } grant allowed { permission java.util.PropertyPermission "microedition.*" "read"; permission javax.microedition.event.EventPermission "*" "read,register,post"; } |
This is an example of a policy containing permissions for function groups and permissions; it does not contain permissions for APIs outside of this specification. It could be useful for a Client being a so-called Unidentified Third Party.
client D; grant allowed "NetAccess" { permission javax.microedition.io.HttpProtocolPermission "http://*"; permission javax.microedition.io.HttpsProtocolPermission "https://*"; } grant allowed "LowLevelNetAccess" { permission javax.microedition.io.SocketProtocolPermission "socket://*"; permission javax.microedition.io.SocketProtocolPermission "socket://"; permission javax.microedition.io.SSLProtocolPermission "ssl://*"; } grant allowed "LocalConnectivity" { permission javax.microedition.io.CommProtocolPermission "comm:*"; } grant allowed { permission java.util.PropertyPermission "microedition.*" "read"; permission javax.microedition.event.EventPermission "*" "read,register,post"; } |
Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.