The Security Policy Chapter defines a security policy for APIs in this specification. The examples below use the External Client Policy Format to represent permissions for several Clients. These are examples only and are not a complete security policy.
The policy does not restrict any behavior and therefore includes all permissions. Such a policy could be useful for a Client being e.g. an operator.
client A;
grant allowed "network" {
permission javax.microedition.io.HttpProtocolPermission "http://*:*";
permission javax.microedition.io.HttpsProtocolPermission "https://*:*";
permission javax.microedition.io.DatagramProtocolPermission "datagram://*:*";
permission javax.microedition.io.DatagramProtocolPermission "datagram://:*";
permission javax.microedition.io.SocketProtocolPermission "socket://*:*";
permission javax.microedition.io.SocketProtocolPermission "socket://:*";
permission javax.microedition.io.SSLProtocolPermission "ssl://**.*";
}
grant allowed "misc" {
permission javax.microedition.io.PushRegistryPermission "*" "static,dynamic,alarm";
permission javax.microedition.io.CommProtocolPermission "comm:*";
permission java.util.PropertyPermission "*" "read";
permission javax.microedition.event.EventPermission "*" "read,register,post,postsystem";
permission javax.microedition.midlet.AutoStartPermission;
}
|
The policy does not restrict any behavior and therefore includes all permissions. Such a policy could be useful for a Client being e.g. an manufacturer.
client B;
grant allowed {
permission javax.microedition.io.HttpProtocolPermission "http://*";
permission javax.microedition.io.HttpsProtocolPermission "https://*";
permission javax.microedition.io.DatagramProtocolPermission "datagram://*";
permission javax.microedition.io.DatagramProtocolPermission "datagram://";
permission javax.microedition.io.SocketProtocolPermission "socket://*";
permission javax.microedition.io.SocketProtocolPermission "socket://";
permission javax.microedition.io.SSLProtocolPermission "ssl://*";
}
grant allowed "misc" {
permission javax.microedition.io.PushRegistryPermission "*" "static,dynamic,alarm";
permission javax.microedition.io.CommProtocolPermission "comm:*";
permission java.util.PropertyPermission "*" "read";
permission javax.microedition.event.EventPermission "*" "read,register,post,postsystem";
permission javax.microedition.midlet.AutoStartPermission;
}
|
This is an example of a policy containing permissions for function groups and permissions; it does not contain permissions for APIs outside of this specification. It could be useful for a Client being a so-called Identified Third Party.
client C;
grant allowed "NetAccess" {
permission javax.microedition.io.HttpProtocolPermission "http://*";
permission javax.microedition.io.HttpsProtocolPermission "https://*";
}
grant allowed "LowLevelNetAccess" {
permission javax.microedition.io.DatagramProtocolPermission "datagram://*";
permission javax.microedition.io.DatagramProtocolPermission "datagram://";
permission javax.microedition.io.SocketProtocolPermission "socket://*";
permission javax.microedition.io.SocketProtocolPermission "socket://";
permission javax.microedition.io.SSLProtocolPermission "ssl://*";
}
grant allowed "ApplicationAutoInvocation" {
permission javax.microedition.io.PushRegistryPermission "*" "static,dynamic,alarm";
}
grant allowed "LocalConnectivity" {
permission javax.microedition.io.CommProtocolPermission "comm:*";
}
grant allowed {
permission java.util.PropertyPermission "microedition.*" "read";
permission javax.microedition.event.EventPermission "*" "read,register,post";
}
|
This is an example of a policy containing permissions for function groups and permissions; it does not contain permissions for APIs outside of this specification. It could be useful for a Client being a so-called Unidentified Third Party.
client D;
grant allowed "NetAccess" {
permission javax.microedition.io.HttpProtocolPermission "http://*";
permission javax.microedition.io.HttpsProtocolPermission "https://*";
}
grant allowed "LowLevelNetAccess" {
permission javax.microedition.io.SocketProtocolPermission "socket://*";
permission javax.microedition.io.SocketProtocolPermission "socket://";
permission javax.microedition.io.SSLProtocolPermission "ssl://*";
}
grant allowed "LocalConnectivity" {
permission javax.microedition.io.CommProtocolPermission "comm:*";
}
grant allowed {
permission java.util.PropertyPermission "microedition.*" "read";
permission javax.microedition.event.EventPermission "*" "read,register,post";
}
|
Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.