In addition CodeSource.implies() also causes DNS checks, I'm not 100%
sure about the jvm code, but Harmony code uses
SocketPermission.implies() to check if one CodeSource implies another, I
believe the jvm policy implementation also utilises it, because
harmony's implementation is built from
Quite true Gregg, but that doesn't help when Reggie boots and hundreds of hosts
contact it in a short time span against a cold DNS cache. Prior to resolution
of RIVER-396 (PreferredClassProvider classloader cache concurrency
improvement) these timeout failures were effectively serial and caused
I think you're referring to this: http://support.microsoft.com/kb/314882
(Inbound connections limit in Windows XP). If so, that applies only to WinXP.
I understood that Microsoft relaxed that restriction for Vista and later. As
you say it did not apply to the server OS, specifically Win 2003.
Thinking aloud for a moment:
Chris uses a policy to avoid the localhost lookup.
I think if I build the Permissions collection on demand the
SocketPermission's can be ordered by sorting them prior to being added
to SocketPermissionCollection using a ComparatorSocketPermission,
based on the
Actually, more significantly for me is that the default localhost
SocketPermission is checked before a more lenient SocketPermission. In theory,
one should be able to introspect SocketPermission instances and determine that
one may be automatically implied by the other so can be skipped,
That's exactly what I'm thinking, order SocketPermissions first, implemented
using a comparator, add to a new SocketPermissionCollection in order, then
perform the security check.
The comparator can perform the introspection to customise the order for every
securiity check, eg so that wild