This content has been marked as final. Show 4 replies
there are 2 separate restrictions you need to deal with when running your own socket listener.
the first restriction is setting up the listener in the first place. in order to do this you need to be granted to right to listen on a specific port on a specific local interface. in your example, this would look like:
permission java.net.SocketPermission "*:54321", "listen,resolve";
the second restriction is "who you can accept connections from", which is based on the client host and port. if you want to accept connections from anywhere, this permission would look like:
permission java.net.SocketPermission "*", "accept";
Edited by: jtahlborn on Apr 24, 2012 2:10 PM
Ok, that does make sense. However, one concern that I have is from the Javadoc for SocketPermission:
'The "listen" action is only meaningful when used with "localhost"'
Further, why is it that the application works correctly with only the following line:
permission java.net.SocketPermission "*:*", "accept";
In other words, I don't need to add "listen" in order to make it work. Sorry if I'm not grasping something simple here. And thanks for the response!
The catalina.policy file must already have a listen permission in it somewhere. Tomcat listens.