SecureConnection





SecureConnection

The SecureConnection interface defines the API for a secure socket connection. Interface SecureConnection, like its superinterface SocketConnection, allows a client to connect to a server and has the added benefit of a secure transport. The MIDP Specification version 2.0 requires that a SecureConnection comply with one or more of the following specifications:

  • TLS Protocol Version 1.0: specified in RFC 2246 [reference 4].

  • SSL V3: specified in The SSL Protocol Version 3.0 [reference 12].

  • WAP(TM) TLS Profile and Tunneling Specification: specified in WAP-219-TLS-20010411-a [reference 14].

There is no support for the complementary server-side secure connection in the MIDP Specification version 2.0.

An application opens a secure connection on a target host by calling the Connector.open method. The application must supply a GCF string with the scheme ssl, a host, and a port number. The host may be a fully qualified host name or an IPv4 number. For example, "ssl://host.com:79" defines a target socket on the host.com system at port 79. RFC 1900 [reference 2] recommends the use of names rather than IP numbers for best results in the event of IP number reassignment. Some networks and devices, however, may support only IP addresses since DNS name resolution may introduce additional latency and costs.

Unlike an HTTPS connection, the Connector.open method always opens the secure connection. If the secure connection cannot be established due to errors related to certificates, the Connector.open method throws a CertificateException.

16.3.1 Security of SecureConnection

Access to secure connections may be restricted to prevent unauthorized transmission or reception of data. Trusted MIDlet suites needing to use an SSL/TLS connection must request the javax.microedition.io.Connector.ssl permission as described in Section 18.3, "Trusted MIDlet Suite Security Model."

The device may try to authorize the MIDlet when the MIDlet calls the Connector.open method with a valid connection string. If the authorization fails and the MIDlet is not allowed to use the secure socket API, the Connector.open method throws a SecurityException. The device might also check the MIDlet's permission when the MIDlet calls the openInputStream, openDataInputStream, openOutputStream, and openDataOutputStream methods.

2 Example

The following example shows how a SecureConnection would be used to access a program at a remote location that echoes back the characters sent to it.

// Open the connection, check its protocol, and set its options
SecureConnection sc =
    (SecureConnection)Connector.open("ssl://host.com:79");
SecurityInfo info = sc.getSecurityInfo();
boolean isTLS = (info.getProtocolName().equals("TLS"));
sc.setSocketOption(SocketConnection.LINGER, 5);

// Open the connection's streams
InputStream is  = sc.openInputStream();
OutputStream os = sc.openOutputStream();

// Write to the output stream and read from the input stream
os.write("Hello World\n".getBytes());
int ch = 0;
while (ch != -1) {
    ch = is.read();
}

// Close the connection and its streams
is.close();
os.close();
sc.close();

     Python   SQL   Java   php   Perl 
     game development   web development   internet   *nix   graphics   hardware 
     telecommunications   C++ 
     Flash   Active Directory   Windows