Examples of java.net.SocketPermission$EphemeralRange

• java.net.SocketPermission
  etf.org/rfc/rfc2732.txt">RFC 2732: Format for Literal IPv6 Addresses in URLs:

   ipv6reference = "[" IPv6address "]" 

  For example, you can construct a SocketPermission instance as the following:

   String hostAddress = inetaddress.getHostAddress(); if (inetaddress instanceof Inet6Address) { sp = new SocketPermission("[" + hostAddress + "]:" + port, action); } else { sp = new SocketPermission(hostAddress + ":" + port, action); } 

  or

   String host = url.getHost(); sp = new SocketPermission(host + ":" + port, action); 

  The full uncompressed form of an IPv6 literal address is also valid.

  The port or portrange is optional. A port specification of the form "N-", where N is a port number, signifies all ports numbered N and above, while a specification of the form "-N" indicates all ports numbered N and below. The special port value {@code 0} refers to the entire ephemeralport range. This is a fixed range of ports a system may use to allocate dynamic ports from. The actual range may be system dependent.

  The possible ways to connect to the host are

   accept connect listen resolve 

  The "listen" action is only meaningful when used with "localhost" and means the ability to bind to a specified port. The "resolve" action is implied when any of the other actions are present. The action "resolve" refers to host/ip name service lookups.

  The actions string is converted to lowercase before processing.

  As an example of the creation and meaning of SocketPermissions, note that if the following permission:

   p1 = new SocketPermission("puffin.eng.sun.com:7777", "connect,accept"); 

  is granted to some code, it allows that code to connect to port 7777 on {@code puffin.eng.sun.com}, and to accept connections on that port.

  Similarly, if the following permission:

   p2 = new SocketPermission("localhost:1024-", "accept,connect,listen"); 

  is granted to some code, it allows that code to accept connections on, connect to, or listen on any port between 1024 and 65535 on the local host.

  Note: Granting code permission to accept or make connections to remote hosts may be dangerous because malevolent code can then more easily transfer and share confidential data among parties who may not otherwise have access to the data. @see java.security.Permissions @see SocketPermission @author Marianne Mueller @author Roland Schemers @serial exclude

    /**
     * @tests serialization/deserialization.
     */
    public void testSerializationSelf() throws Exception {
        SocketPermission permission = new SocketPermission("harmony.apache.org", "connect");;

        SerializationTest.verifySelf(permission);
    }

String name, String actions) {
// XXX shorten list to most popular ones?
if (claz.equals(FilePermission.class)) {
return new FilePermission(name, actions);
} else if (claz.equals(SocketPermission.class)) {
return new SocketPermission(name, actions);
} else if (claz.equals(RuntimePermission.class)) {
return new RuntimePermission(name, actions);
} else if (claz.equals(PropertyPermission.class)) {
return new PropertyPermission(name, actions);
} else if (claz.equals(NetPermission.class)) {

    public synchronized void enablePermissionCache(PermissionCache c) {
  if (c != null) {
      cache = c;
      connectPerm = new CachedPermissionImpl
    (cache, new SocketPermission("*","connect"));
      cacheEnabled = true;
  }
    }

      addPermission(new MBeanServerPermission("newMBeanServer"));

      JMXServiceURL url = createJMXConnectorServerAddress();
      JMXConnectorServer cntorServer = JMXConnectorServerFactory.newJMXConnectorServer(url, createServerEnvironment(), newMBeanServer());

      addPermission(new SocketPermission("localhost:" + url.getPort(), "listen"));
      try
      {
         cntorServer.start();
      }
      finally

      JMXServiceURL url = createJMXConnectorServerAddress();
      JMXConnectorServer cntorServer = JMXConnectorServerFactory.newJMXConnectorServer(url, createServerEnvironment(), newMBeanServer());

      // Required by the server
      addPermission(new SocketPermission("localhost:" + url.getPort(), "listen"));

      JMXConnector cntor = null;
      try
      {
         cntorServer.start();

         RemoteModifiablePolicy policy = (RemoteModifiablePolicy)Policy.getPolicy();
         policy.setSeparateClientServerPermissions(true);

         try
         {
            JMXConnectorFactory.connect(cntorServer.getAddress());
            fail();
         }
         catch (SecurityException x)
         {
         }

         // Allow any client to connect to the server
         addPermission(new SocketPermission("*:1024-" + url.getPort(), "accept"));
         // Allow this client to open a socket to connect to the server
         policy.addClientPermission(new SocketPermission("localhost:" + url.getPort(), "connect"));
         cntor = JMXConnectorFactory.connect(cntorServer.getAddress());
      }
      finally
      {
         if (cntor != null) cntor.close();

      try
      {
         cntorServer = JMXConnectorServerFactory.newJMXConnectorServer(url, serverEnv, newMBeanServer());

         // Required by the server
         addPermission(new SocketPermission("localhost:" + url.getPort(), "listen"));
         cntorServer.start();

         RemoteModifiablePolicy policy = (RemoteModifiablePolicy)Policy.getPolicy();
         policy.setSeparateClientServerPermissions(true);

         Map clientEnv = createClientEnvironment();
         clientEnv.put(JMXConnector.CREDENTIALS, new String[]{"test", "test"});
         // Allow this client to open a socket to connect to the server
         policy.addClientPermission(new SocketPermission("localhost:" + url.getPort(), "connect"));
         // Allow the authenticated subject to listen and accept a connection
         policy.addServerPermission(new JMXPrincipal("test"), new SocketPermission("localhost:" + url.getPort(), "listen"));
         policy.addServerPermission(new JMXPrincipal("test"), new SocketPermission("*:1024-" + url.getPort(), "accept"));

         // No credentials
         try
         {
            JMXConnectorFactory.connect(cntorServer.getAddress());

      try
      {
         cntorServer = JMXConnectorServerFactory.newJMXConnectorServer(url, serverEnv, newMBeanServer());

         // Required by the server
         addPermission(new SocketPermission("localhost:" + url.getPort(), "listen"));
         cntorServer.start();

         policy.setSeparateClientServerPermissions(true);

         Map clientEnv = createClientEnvironment();
         clientEnv.put(JMXConnector.CREDENTIALS, new String[]{"test", "test"});
         policy.addClientPermission(new SocketPermission("localhost:" + url.getPort(), "connect"));
         policy.addServerPermission(new JMXPrincipal("test"), new AuthPermission("doAsPrivileged"));
         policy.addServerPermission(new JMXPrincipal("test"), new SocketPermission("localhost:" + url.getPort(), "listen"));
         policy.addServerPermission(new JMXPrincipal("test"), new SocketPermission("*:1024-" + url.getPort(), "accept"));
         cntor = JMXConnectorFactory.connect(cntorServer.getAddress(), clientEnv);

         addPermission(new MBeanTrustPermission("*"));
         policy.addServerPermission(new JMXPrincipal("test"), new MBeanPermission("*", "instantiate, registerMBean, getAttribute"));
         MBeanServerConnection cntion = cntor.getMBeanServerConnection();

      JMXConnector cntor = null;
      try
      {
         cntorServer = JMXConnectorServerFactory.newJMXConnectorServer(url, createServerEnvironment(), newMBeanServer());
         // Required by the server
         addPermission(new SocketPermission("localhost:" + url.getPort(), "listen"));
         cntorServer.start();

         policy.setSeparateClientServerPermissions(true);

         policy.addClientPermission(new SocketPermission("localhost:" + url.getPort(), "connect"));
         addPermission(new SocketPermission("localhost:" + url.getPort(), "listen"));
         addPermission(new SocketPermission("*:1024-" + url.getPort(), "accept"));
         cntor = JMXConnectorFactory.connect(cntorServer.getAddress(), createClientEnvironment());

         MBeanServerConnection cntion = cntor.getMBeanServerConnection();

         testAddRemoveNotificationListener(cntion);

      JMXConnector cntor = null;
      try
      {
         cntorServer = JMXConnectorServerFactory.newJMXConnectorServer(url, createServerEnvironment(), newMBeanServer());
         // Required by the server
         addPermission(new SocketPermission("localhost:" + url.getPort(), "listen"));
         cntorServer.start();

         policy.setSeparateClientServerPermissions(true);

         policy.addClientPermission(new SocketPermission("localhost:" + url.getPort(), "connect"));
         addPermission(new SocketPermission("localhost:" + url.getPort(), "listen"));
         addPermission(new SocketPermission("*:1024-" + url.getPort(), "accept"));
         cntor = JMXConnectorFactory.connect(cntorServer.getAddress(), createClientEnvironment());

         MBeanServerConnection cntion = cntor.getMBeanServerConnection();

         testCreateMBean4Params(cntion);

      JMXConnector cntor = null;
      try
      {
         cntorServer = JMXConnectorServerFactory.newJMXConnectorServer(url, createServerEnvironment(), newMBeanServer());
         // Required by the server
         addPermission(new SocketPermission("localhost:" + url.getPort(), "listen"));
         cntorServer.start();

         policy.setSeparateClientServerPermissions(true);

         policy.addClientPermission(new SocketPermission("localhost:" + url.getPort(), "connect"));
         addPermission(new SocketPermission("localhost:" + url.getPort(), "listen"));
         addPermission(new SocketPermission("*:1024-" + url.getPort(), "accept"));
         cntor = JMXConnectorFactory.connect(cntorServer.getAddress(), createClientEnvironment());

         MBeanServerConnection cntion = cntor.getMBeanServerConnection();

         testCreateMBean5Params(cntion);