File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Developer Certification (SCJD/OCMJD) and the fly likes NX: validation of the IP or HostName Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCA/OCP Java SE 7 Programmer I & II Study Guide this week in the OCPJP forum!
JavaRanch » Java Forums » Certification » Developer Certification (SCJD/OCMJD)
Bookmark "NX: validation of the IP or HostName" Watch "NX: validation of the IP or HostName" New topic
Author

NX: validation of the IP or HostName

Ulrich Heeger
Ranch Hand

Joined: Jun 06, 2003
Posts: 266
Hi everyone,
for the client's configuration gui, the client should choose the IP and the PortNumber. I'm just asking myself if I should validate the IP - perhaps with a method of java.net.InetAddress. What do you think about that and how have you handled this problem?
Thanks in advance & greetings
Ulrich
Bharat Ruparel
Ranch Hand

Joined: Jul 30, 2003
Posts: 493
Hello Ulrich,
Good to see you posting back here. I didn't do any validation around the IP address since I assumed that the user can either enter a DNS name that will be resolved to an IP address or an IP address directly. I did validate the port number as a positive integer, but that is about it.
I may not be the best person to advice you on this since I lost 15 out of 40 points in the GUI section. I believe that it was because of other reasons but I am not sure.
Regards.
Bharat


SCJP,SCJD,SCWCD,SCBCD,SCDJWS,SCEA
Terry Martinson
Ranch Hand

Joined: Oct 18, 2003
Posts: 293
I agree with Bharat on not validating the IP. However, I'm wondering if there is a maximum valid port number that we could check against. (i.e. so then we would validate that port number is greater than 0 and less than ???)
Anyone out there know?
TJ


SCJP, SCJD, SCWCD, SCBCD
Peter Yunguang Qiu
Ranch Hand

Joined: Nov 22, 2003
Posts: 99
I'm wondering if there is a maximum valid port number that we could check against. (i.e. so then we would validate that port number is greater than 0 and less than ???)

I think good port number should be 1024-65535. below 1024 may also OK. I am not sure if there is a strict limitation on it. Anyone has a better idea?
but I didn't validate it.
Peter
Nicholas Cheung
Ranch Hand

Joined: Nov 07, 2003
Posts: 4982
Hi,
Port number between 0 to 1024 is reserved for some purposes.
For example, port 80 is used for HTTP requests, port 433 is used for SSL, etc.
Thus, it is better to avoid using them.
Nick.


SCJP 1.2, OCP 9i DBA, SCWCD 1.3, SCJP 1.4 (SAI), SCJD 1.4, SCWCD 1.4 (Beta), ICED (IBM 287, IBM 484, IBM 486), SCMAD 1.0 (Beta), SCBCD 1.3, ICSD (IBM 288), ICDBA (IBM 700, IBM 701), SCDJWS, ICSD (IBM 348), OCP 10g DBA (Beta), SCJP 5.0 (Beta), SCJA 1.0 (Beta), MCP(70-270), SCBCD 5.0 (Beta), SCJP 6.0, SCEA for JEE5 (in progress)
Ulrich Heeger
Ranch Hand

Joined: Jun 06, 2003
Posts: 266
Hi Bharat, Terry, Peter & Nicholas,
thanks for your help. Concerning the PortNumber I make a check if its an number between 1 and 65535, but I think I will also consider Nicholas' advice and restrict it to between 1024 and 65535
Greetings
Ulrich
james airey
Ranch Hand

Joined: Dec 15, 2003
Posts: 41
Maybe i'm missing the point here as I haven't started on the networking side yet, but ...
The port we are entering is the port of the server we write. Surely then we should define some rule for our server saying look for port 2001, and then keep incrementing until we find a free one, or some such rule. Then we will know where to start.
It just strikes me that the rules on ports are more relevant to the server than to client end validation on something the user enters. I would be more inclined to devote my efforts towards providing the user helpful instructions on how to set the port, and informative feedback if the port they enter is wrong, rather than capturing a number in the range of 1 .. 50000
Andrew Monkhouse
author and jackaroo
Marshal Commander

Joined: Mar 28, 2003
Posts: 11490
    
  95

Hi everyone,
Originally posted by Nicholas Cheung:
Port number between 0 to 1024 is reserved for some purposes.

Many operating systems reserve ports 0 to 1024 for "system" processes: a process that an administrator starts up. You would not normally want any user opening up an FTP server (for example) on your site - you would normally only want the administrator to be able to do that after proper planing and after setting up proper security.
Microsoft deviated from this policy - not being originally designed for use in networks, they did not consider security or other issues, so they allow any user to open any port on their local PC.
Originally posted by Nicholas Cheung:
For example, port 80 is used for HTTP requests, port 433 is used for SSL, etc.

Note that these are standard / default port assignments, but there is nothing to enforce them. You can service HTTP requests on port 8080 if you like (and many people do), or you could service FTP requests on port 80 (why you would want to is beyond me though )
If you would like to know more about what are standard port numbers, you can look at:
From my /etc/services file:
# The latest IANA port assignments can be gotten from
# http://www.iana.org/assignments/port-numbers
# The Well Known Ports are those from 0 through 1023.
# The Registered Ports are those from 1024 through 49151
# The Dynamic and/or Private Ports are those from 49152 through 65535

So to be a good net citizen you should normally pick a port number in the dynamic and/or private ports range (or go with the default port for RMI ).
Originally posted by james airey:
The port we are entering is the port of the server we write. Surely then we should define some rule for our server saying look for port 2001, and then keep incrementing until we find a free one, or some such rule. Then we will know where to start.

Most people would want to have a dedicated port number. You can suggest to the user that they start at port 2001 and go up if you like, but I would not do it programattically. Otherwise you could be on port 2001 today and port 2005 tomorrow - which would mean that every client would need to change their port number.
Originally posted by james airey:
It just strikes me that the rules on ports are more relevant to the server than to client end validation on something the user enters. I would be more inclined to devote my efforts towards providing the user helpful instructions on how to set the port, and informative feedback if the port they enter is wrong, rather than capturing a number in the range of 1 .. 50000

You could always have one common bit of code to validate the socket number, and use it in both client and server
I do agree with the idea that documenting how to set port numbers (on both clients and servers) is far more important than validating the numbers. Personally I did not bother validating the numbers at all - I documented how to set the port number on both the server and on the client, and then accepted any valid number.
Regards, Andrew
[ December 30, 2003: Message edited by: Andrew Monkhouse ]

The Sun Certified Java Developer Exam with J2SE 5: paper version from Amazon, PDF from Apress, Online reference: Books 24x7 Personal blog
 
Consider Paul's rocket mass heater.
 
subject: NX: validation of the IP or HostName