 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Java Forum / Security / October 2003Socket : security and accept ...
I want to accept connection only if the host of the clients of the sockets are members of a restricted list. This list is specified on my server. For instance, my server is waiting on accept(). My client is trying to connect using connect(). If the client is hosted by an unauthorized host, I want the client to catch an IOException (connection refused by foreign host) on the connect call. I think that I need to use SecurityManager but I really do not know how to do that ... If someone could give me a sample code ... Thanks by advance Pascal BEGUE > I want to accept connection only if the host of the clients of the > sockets are members of a restricted list. This list is specified on my [quoted text clipped - 5 lines] > hosted by an unauthorized host, I want the client to catch an > IOException (connection refused by foreign host) on the connect call. This is only possible in some limited sense, when a (multihomed) server only accepts connections on a specific network interface. Connections to the specific interface will be accepted, but attempts to connect to the other interfaces will result in "connection refused". Unless your list of approved clients coincides with the topology of your network, this isn't your solution. In the normal case, the server cannot prevent connections from succeeding. It has to accept each connection, but can see where it comes from, check against the list, and close it if necessary. The client won't get "connection refused" in this case, but if you write both server and client code, then the server can tell the client why it closes the connection, and the client can deal with that information in an appropriate way. /gordon  Signature[ do not email me copies of your followups ] g o r d o n + n e w s @ b a l d e r 1 3 . s e If you are running your server program on a Linux (2.4 kernel) then you can use "iptables" to set the packet filtering rules so that all incoming connections from a specified set of IP addresses are DROPPED. Pankaj Kumar, Author, "J2EE Security ..." (www.j2ee-security.net) > I want to accept connection only if the host of the clients of the > sockets are members of a restricted list. This list is specified on my [quoted text clipped - 14 lines] > > Pascal BEGUE Why don't you consider unsing SSLSocket. If you build a proper PKI (private key infrastructure) you can have the clients to authenticate themselves by using the TrustManager. All the data being transferred will also be encrypted. That's much better and basically more flexible than just using plain IP-Address based authentication. Cheers, Sven > I want to accept connection only if the host of the clients of the > sockets are members of a restricted list. This list is specified on my [quoted text clipped - 14 lines] > > Pascal BEGUE Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.