Jay
Reputation: 20169
Implement java security policy using hostname instead of IP address?
I am currently having to do the following to allow mail sending in our java security policy.
permission java.net.SocketPermission "smtp.example.com", "resolve";
permission java.net.SocketPermission "10.0.0.1:25", "connect,resolve";
permission java.net.SocketPermission "10.0.0.2:25", "connect,resolve";
permission java.net.SocketPermission "10.0.0.3:25", "connect,resolve";
However the IP address is subject to change from time to time, and I need to ensure our applications don't break if someone adds a new smtp server.
Is it possible to compromise to allow connections based on hostname rather than IP address?
Upvotes: 0
Views: 727
Answers (1)
Sage
Reputation: 15438
From the java doc of SocketPermission page:
A SocketPermission consists of a host specification and a set of "actions" specifying ways to connect to that host. The host is specified as
host = (hostname | IPv4address | iPv6reference) [:portrange]
An example of the creation and meaning of SocketPermissions:
new SocketPermission("puffin.eng.sun.com:7777", "connect,accept");
Upvotes: 2
Related Questions
- How to resolve ip address to hostname?
- Recommended way to get hostname in Java
- How to use HostnameVerifier?
- IP Address to Hostname in Java?
- In Java 8, how do I get my hostname without hard-coding it in my environment?
- 'hostname' equivalent on windows
- Resolving ip-address of a hostname
- IP to host name
- Java - How to invoke a IP Address to find host name?
- Server-Address in client-side java