16.2 HttpsConnection

HTTPS is the secure version of the HTTP protocol [reference 9]. (See Section 15.3, "The HttpConnection Interface," for more information.) The MIDP Specification version 2.0 requires a secure HTTP connection to comply with one or more of the following specifications:

  • HTTP over TLS: documented in both RFC 2818 [reference 11] and TLS Protocol Version 1.0 as specified in RFC 2246 [reference 4].

  • SSL V3: specified in The SSL Protocol Version 3.0 [reference 12].

  • WTLS: specified in the Wireless Application Protocol Wireless Transport Layer Security document WAP-199 [reference 13].

  • WAP™ TLS Profile and Tunneling Specification WAP-219-TLS [reference 14].

The HttpsConnection interface extends the interface HttpConnection to define MIDP HTTPS API. The HttpsConnection interface has the same methods and behaviors as its superinterface, and adds information about the security parameters of the connection. An application accesses an HttpsConnection by calling the method. The application must supply a URI with the scheme "https:". RFC 2818 [reference 11] defines the scheme.

A secure link must be established so the request headers can be sent securely. The secure link may be established as early as in the invocation of the method. It may also be established when the application opens the connection's input or output stream or calls methods that cause a transition to the connected state. (See Section 15.3, "The HttpConnection Interface," for information on these methods.) Any method that can cause a secure link to be established may experience security-related failures; such methods throw a CertificateException to indicate these failures.

1 Security of HttpsConnection

Access to the secure HTTP connection may be restricted to prevent unauthorized transmission or reception of data. Trusted MIDlet suites needing to use HTTPS must request the permission as described in "Trusted MIDlet Suite Security Model" on page 308.

The device may try to authorize the MIDlet when the MIDlet calls the method with a valid HTTPS connection string. If the authorization fails and the MIDlet is not allowed to use the HTTPS API, the method throws a SecurityException. The device might also check the MIDlet's permission when the MIDlet calls the openInputStream, openDataInputStream, openOutputStream, and openDataOutputStream methods.

2 Example

The following example shows a MIDlet using an HttpsConnection. The example opens the connection, reads the server's response, and closes the connection and its input stream. The example does not set any request headers. It uses the default request method of GET, does not request that the response be in any particular language, and so on. See Section 15.3.5, "HTTP Request Headers," for more information.

void getViaHttpsConnection(String url)
        throws CertificateException, IOException {
    HttpsConnection c = null;
    InputStream is = null;
    try {
        // Open the secure connection using the URL provided
        c = (HttpsConnection);

        // Get the InputStream. This opens the connection if it was
        // not already done by Opening the
        // connection does the SSL handshake and reads the
        // HTTP response headers. The implementation stores the
        // headers until the application requests them.
        is = c.openDataInputStream();

        // Always check the response code
        if (c.getResponseCode() == HttpConnection.HTTP_OK) {
            // Get the length of the data
            int len = (int)c.getLength();
            if (len > 0) {
                // If have the length, read it all in at once
                byte[] data = new byte[len];
                int actual = is.readFully(data);
            } else {
                // If don't have the length, read char by char
                int ch;
                while ((ch = != -1) {
        } else {
            // Handle error response codes
            // ...
    } finally {
        // Close the connection and its input stream.
        if (is != null) is.close();
        if (c != null) c.close();

     Python   SQL   Java   php   Perl 
     game development   web development   internet   *nix   graphics   hardware 
     telecommunications   C++ 
     Flash   Active Directory   Windows