Now that we have considered in detail the MIDP
Security Model, let's learn more about the networking APIs in the
specification, provided through the Generic Connection Framework (GCF).
Symbian's implementation of MIDP complies with the specification, providing implementations of the following protocols:
HTTP
HTTPS
Sockets
Server sockets
Secure sockets
Datagrams
Serial port access.
The local
connectivity protocol (serial port access) is similar in nature to the
network protocols, but its connection string depends on the target
handset model, therefore you must study it separately.
1. HTTP and HTTPS Support
To open an HTTP connection we use the Connector.open() method with a URL of the form www.myserver.com. Code to open an HttpConnection and obtain an InputStream would look something like this:
try{
String url = "www.myserver.com";
HttpConnection conn = (HttpConnection)Connector.open(url);
InputStream is = conn.openInputStream();
...
conn.close()
}
catch(IOException ioe){...}
Under the MIDP security model,
untrusted MIDlets can open an HTTP connection only with explicit user
confirmation. Signed MIDlets that require access to an HTTP connection
must explicitly request permission:
MIDlet-Permissions: javax.microedition.io.Connector.http, ...
Opening an HTTPS
connection follows the same pattern as a normal HTTP connection, with
the exception that we pass in a connection URL of the form https://www.mysecureserver.com and cast the returned instance to an HttpsConnection object, as in the following example:
try{
String url = "https://www.mysecureserver.com";
HttpsConnection hc = (HttpsConnection)Connector.open(url);
InputStream is = hc.openInputStream();
...
hc.close()
...
}
catch(IOException ioe){...}
The security policy related
to access permissions by trusted and untrusted MIDlets is the same as
the one for HTTP connections, except that the permission setting has a
different name:
MIDlet-Permissions: javax.microedition.io.Connector.https, ...
2. Socket and Server Socket Support
MIDP makes support for socket connections a recommended practice. Socket
connections come in two forms: client connections, in which a socket
connection is opened to another host; and server connections in which
the system listens on a particular port for incoming connections from
other hosts. The connections are specified using Universal Resource
Identifiers (URI). You should be familiar with the syntax of a URI from
web browsing. They have the format <string1>://<string2><string1> identifies the communication protocol to be used (e.g., http) and <string2>
provides specific details about the where connection. The protocol may be one
of those supported by the Generic Connection Framework .
To open a client socket connection to another host, we pass a URI of the following form to the connector's open() method:
socket://www.symbian.com:5000
The host may be specified
as a fully qualified hostname or IP address and the port number refers
to the connection endpoint on the remote peer. Some sample code is shown
below:
SocketConnection sc = null;
OutputStream out = null;
try{
sc = (SocketConnection)Connector.open ("socket://200.251.191.10:7900");
...
out = c.openOutputStream();
...
}
catch(IOException ioe){...}
A server socket connection
is used to listen for inbound socket connections. To obtain a server
socket connection, we can pass a URI in either of the following forms to
the connector's open() method:
socket://:79
socket://
In the first case, the
system listens for incoming connections on port 79 (of the local host).
In the latter case, the system allocates an available port for the
incoming connections.
ServerSocketConnection ssc = null;
InputStream is = null;
try{
ssc = (ServerSocketConnection)Connector.open("socket://:1234");
SocketConnection sc = (SocketConnection)ssc.acceptAndOpen();
...
is = sc.openInputStream();
...
}
catch(IOException ioe){...}
The ServerSocketConnectioninterface extends the Stream-ConnectionNotifier interface. To obtain a connection object for an incoming connection the acceptAndOpen() method must be called on the ServerSocketConnection instance. An inbound socket connection results in the call to the acceptAndOpen() method, returning a StreamConnection object which can be cast to a SocketConnection as desired.
A signed MIDlet suite containing MIDlets which open socket connections must explicitly request the appropriate permissions:
MIDlet-Permissions: javax.microedition.io.Connector.socket,
javax.microedition.io.Connector.serversocket, ...
If the protection domain to
which the signed MIDlet suite would be bound grants, or potentially
grants, these permissions, then the MIDlet suite is installed and the
MIDlets it contains will be able to open socket connections. This can be
done either automatically or with user permission, depending upon the
security policy in effect on the device for the protection domain to
which the MIDlet suite has been bound.
Whether MIDlets in
untrusted MIDlet suites can open socket connections depends on the
security policy relating to the untrusted domain in force on the device.
3. Secure Socket Support
Secure socket connections are
client socket connections over SSL. To open a secure socket connection
we pass in a hostname (or IP address) and port number to the connector's
open() method using the following URI syntax:
ssl://hostname:port
We can then use the secure socket connection in the same manner as a normal socket connection, for example:
try{
SecureConnection sc = (SecureConnection)
Connector.open("ssl://www.secureserver.com:443");
...
OutputStream out = sc.openOutputStream();
...
InputStream in = sc.openInputStream();
...
}
catch(IOException ioe){...}
A signed MIDlet suite that contains MIDlets which open secure connections must explicitly request permission:
MIDlet-Permissions: javax.microedition.io.Connector.ssl, ...
If the protection domain to
which the signed MIDlet suite would be bound grants, or potentially
grants, this permission, the MIDlet suite can be installed and the
MIDlets it contains will be able to open secure connections. This can be
done automatically or with user permission, depending on the security
policy in effect. Whether untrusted MIDlets can open secure connections
depends on the permissions granted in the untrusted protection domain.
4. Datagram Support
Symbian's MIDP
implementation includes support for sending and receiving UDP datagrams.
A datagram connection can be opened in client or server mode. Client
mode is for sending datagrams to a remote device. To open a client-mode
datagram connection we use the following URI format:
datagram://localhost:1234
Here the port number indicates
the port on the target device to which the datagram will be sent.
Sample code for sending a datagram is shown below:
String message = "Hello!";
byte[] payload = message.toString();
try{
UDPDatagramConnection conn = null;
conn = (UDPDatagramConnection)
Connector.open("datagram://localhost:1234");
Datagram datagram = conn.newDatagram(payload, payload.length);
conn.send(datagram);
}
catch(IOException ioe){...}
Server mode connections are for
receiving (and replying to) incoming datagrams. To open a datagram
connection in server mode, we use a URI of the following form:
datagram://:1234
The port number in this case
refers to the port on which the local device is listening for incoming
datagrams. Sample code for receiving incoming datagrams is given below:
try{
UDPDatagramConnection dconn = null;
dconn = (UDPDatagramConnection)Connector.open("datagram://:1234");
Datagram dg = dconn.newDatagram(300);
while(true){
dconn.receive(dg);
byte[] data = dg.getData();
...
}
}
catch(IOException ioe){...}
A signed MIDlet suite
which contains MIDlets that open datagram connections must explicitly
request permission to open client connections or server connections:
MIDlet-Permissions: javax.microedition.io.Connector.datagram,
javax.microedition.io.Connector.datagramreceiver, ...
If the protection domain to
which the signed MIDlet suite would be bound grants, or potentially
grants, the requested permissions, the MIDlet suite can be installed and
the MIDlets it contains will be able to open datagram connections. This
can be done automatically or with user permission, depending on the
security policy in effect. Whether untrusted MIDlets can open datagram
connections depends on permissions granted to MIDlet suites bound to the
untrusted protection domain.
