MIDP2.0 gives facility for protection domains. Every MIDLET gets installed into a specific protection domain on device.

Setting MIDlet Permissions

In a protection domain, Midlet suite sets permission to allow particular operations. There are specific attributes in JAD file that describes certain permissions.

MIDlet-Permissions: javax.microedition.io.Connector.http
MIDlet-Permissions-opt: javax.microedition.io.Connector.socket

This attribute means that Midlet Suite needs to make HTTP connections and it may make socket connections.

J2ME wireless toolkit 2.0 automatically sets permissions. Click Settings -> Permissions.

Security

There are 4 security domains. Untrusted,trusted minimum and maximum. A Midlet Suite can run in any of the 4 domains.Default is untrusted domain. To change security domain at runtime ,click Edit -> Prefernces and set Security.

Signing MIDlet Suites

Downloaded code can be dangenerous. Midlets can make unauthorised connections with network. A signed MIDlet suite assures the user that the contents of the MIDlet suite are clean and MIDlet suite comes from an identifiable source. The MIDP implementation on the device can verify the identity of the developer by verifying the developer's signature. It can use the developer's public key to verify the integrity of the MIDlet suite itself.

The signing process can be done by choosing Project -> Sign in J2ME wireless toolkit 2.0.