C
Chris Smith
Hello,
I'm struggling with a problem. In a new feature for an application I'm
maintaining, user-defined code is uploaded to a web application, and run
in a security manager. The code is permitted to make network
connections to most addresses (excluding those inside the corporate
firewall), but our IT department has insisted that we keep a log of all
outgoing connections originating from such unprivileged code, so that we
can deal with abuse of the network by terminating accounts, etc.
How would I go about this? Using the security manager, I can allow or
disallow connections, but not log them. Could this be done with
SocketFactory somehow?
I know I can disallow network connections in the security policy, and
then provide a custom interface to make network connections using
doPrivileged and put the logging there. I'd rather avoid this if
possible.
--
www.designacourse.com
The Easiest Way To Train Anyone... Anywhere.
Chris Smith - Lead Software Developer/Technical Trainer
MindIQ Corporation
I'm struggling with a problem. In a new feature for an application I'm
maintaining, user-defined code is uploaded to a web application, and run
in a security manager. The code is permitted to make network
connections to most addresses (excluding those inside the corporate
firewall), but our IT department has insisted that we keep a log of all
outgoing connections originating from such unprivileged code, so that we
can deal with abuse of the network by terminating accounts, etc.
How would I go about this? Using the security manager, I can allow or
disallow connections, but not log them. Could this be done with
SocketFactory somehow?
I know I can disallow network connections in the security policy, and
then provide a custom interface to make network connections using
doPrivileged and put the logging there. I'd rather avoid this if
possible.
--
www.designacourse.com
The Easiest Way To Train Anyone... Anywhere.
Chris Smith - Lead Software Developer/Technical Trainer
MindIQ Corporation