See the discussion on the net-dev mailing list:
http://mail.openjdk.java.net/pipermail/net-dev/2011-February/002712.html
Summary:
trustProxy was added for situations where the user is behind a firewall and deferring all actual connections to a proxy. I would have expected that -DtrustProxy=true would cause
*.blabla.bla to imply bla.blabla.bla, but it does not. Maybe inProxyWeTrust() should accept wildcards.
>: java -version
java version "1.7.0-ea"
Java(TM) SE Runtime Environment (build 1.7.0-ea-b130)
Java HotSpot(TM) Server VM (build 21.0-b02, mixed mode)
>: java -DtrustProxy=true Test
false
Source:
-----------
import java.net.*;
import java.nio.channels.*;
public class Test {
public static void main(String[] args) throws Exception {
SocketPermission star_All = new SocketPermission("*.blabla.bla", "listen,accept,connect");
SocketPermission www_All = new SocketPermission("bla.blabla.bla", "listen,accept,connect");
System.out.println(star_All.implies(www_All));
}
}
http://mail.openjdk.java.net/pipermail/net-dev/2011-February/002712.html
Summary:
trustProxy was added for situations where the user is behind a firewall and deferring all actual connections to a proxy. I would have expected that -DtrustProxy=true would cause
*.blabla.bla to imply bla.blabla.bla, but it does not. Maybe inProxyWeTrust() should accept wildcards.
>: java -version
java version "1.7.0-ea"
Java(TM) SE Runtime Environment (build 1.7.0-ea-b130)
Java HotSpot(TM) Server VM (build 21.0-b02, mixed mode)
>: java -DtrustProxy=true Test
false
Source:
-----------
import java.net.*;
import java.nio.channels.*;
public class Test {
public static void main(String[] args) throws Exception {
SocketPermission star_All = new SocketPermission("*.blabla.bla", "listen,accept,connect");
SocketPermission www_All = new SocketPermission("bla.blabla.bla", "listen,accept,connect");
System.out.println(star_All.implies(www_All));
}
}