Author: mschaaf
Date: Mon Apr 26 07:30:42 2010
New Revision: 937947
URL: http://svn.apache.org/viewvc?rev=937947&view=rev
Log:
- some additions to the zookeeper discovery to be compiant with the TCK
- some refactoring in the zookeeper discovery
- added some basic security checks to the DSW to comply with the TCK security
tests
Added:
cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/
cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm
Modified:
cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java
cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java
cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java
cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java
cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java
cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java
cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java
cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java
Modified:
cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java
URL:
http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java?rev=937947&r1=937946&r2=937947&view=diff
==============================================================================
---
cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java
(original)
+++
cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java
Mon Apr 26 07:30:42 2010
@@ -71,14 +71,21 @@ public class EndpointListenerTrackerCust
for (String key : sref.getPropertyKeys()) {
LOG.finest("modifiedService: property: " + key + " => " +
sref.getProperty(key));
}
- String[] scopes =
getStringPlusProperty(sref.getProperty(EndpointListener.ENDPOINT_LISTENER_SCOPE));
- LOG.fine("trying to discover service for scopes[" + scopes.length +
"]: ");
+
+ String[] scopes = Util.getScopes(sref);
+
+ LOG.info("trying to discover services for scopes[" + scopes.length +
"]: ");
if(scopes!=null) for (String scope : scopes) {
- LOG.fine("Scope: "+scope);
+ LOG.info("Scope: "+scope);
}
if (scopes.length > 0) {
for (String scope : scopes) {
LOG.fine("*********** Handling scope: " + scope);
+ if("".equals(scope) || scope == null){
+ LOG.warning("skipping empty scope from EndpointListener
from " + sref.getBundle().getSymbolicName());
+ continue;
+ }
+
String objClass = getObjectClass(scope);
LOG.fine("*********** objectClass: " + objClass);
@@ -100,10 +107,10 @@ public class EndpointListenerTrackerCust
interest.im.close();
interest.im = null;
}
-
+
InterfaceMonitor dm = new
InterfaceMonitor(zooKeeperDiscovery.getZookeeper(),
objClass,
interest, scope, bctx);
- dm.process();
+ dm.start();
interest.im = dm;
List<String> handledScopes =
handledEndpointlisteners.get(sref);
@@ -149,34 +156,7 @@ public class EndpointListenerTrackerCust
}
- private String[] getStringPlusProperty(Object property) {
-
- if (property instanceof String) {
- // System.out.println("String");
- String[] ret = new String[1];
- ret[0] = (String)property;
- return ret;
- }
-
- if (property instanceof String[]) {
- // System.out.println("String[]");
- return (String[])property;
- }
-
- if (property instanceof Collection) {
- Collection col = (Collection)property;
- // System.out.println("Collection: size "+col.size());
- String[] ret = new String[col.size()];
- int x = 0;
- for (Object s : col) {
- ret[x] = (String)s;
- ++x;
- }
- return ret;
- }
-
- return new String[0];
- }
+
// public void discoveredEndpont(EndpointDescription epd) {
// LOG.info("Endpoint Discovered: " + epd.getProperties());
Modified:
cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java
URL:
http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java?rev=937947&r1=937946&r2=937947&view=diff
==============================================================================
---
cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java
(original)
+++
cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java
Mon Apr 26 07:30:42 2010
@@ -19,9 +19,12 @@
package org.apache.cxf.dosgi.discovery.zookeeper;
import java.io.ByteArrayInputStream;
+import java.util.Dictionary;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import java.util.Properties;
+import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
@@ -31,6 +34,8 @@ import org.apache.zookeeper.ZooKeeper;
import org.apache.zookeeper.data.Stat;
import org.jdom.Element;
import org.osgi.framework.BundleContext;
+import org.osgi.framework.Filter;
+import org.osgi.framework.FrameworkUtil;
import org.osgi.framework.ServiceReference;
import org.osgi.service.remoteserviceadmin.EndpointDescription;
import org.osgi.service.remoteserviceadmin.EndpointListener;
@@ -63,6 +68,9 @@ public class InterfaceDataMonitorListene
discoveredServiceTracker = dst;
bctx = bc;
this.scope = scope;
+
+
+ LOG.fine("InterfaceDataMonitorListenerImpl is recursive: "+recursive);
}
public synchronized void change() {
@@ -94,7 +102,7 @@ public class InterfaceDataMonitorListene
List<String> children;
try {
- LOG.fine("Processing " + znode);
+ LOG.info("Processing the children of " + znode);
children = zookeeper.getChildren(znode, false);
for (String child : children) {
@@ -125,7 +133,7 @@ public class InterfaceDataMonitorListene
try {
Stat s = zookeeper.exists(node, false);
if (s.getDataLength() <= 0) {
- LOG.fine(node + " does not contain any discovery data");
+ //LOG.info(node + " does not contain any discovery data");
return null;
}
byte[] data = zookeeper.getData(node, false, null);
@@ -149,10 +157,27 @@ public class InterfaceDataMonitorListene
if (bctx.getService(sref) instanceof EndpointListener) {
EndpointListener epl =
(EndpointListener)bctx.getService(sref);
- LOG.info("calling EndpointListener; " + epl + "from
bundle "
- + sref.getBundle().getSymbolicName());
-
- epl.endpointAdded(epd, scope);
+ // return the >first< matching scope of the listener
+ String[] scopes = Util.getScopes(sref);
+ for (String currentScope : scopes) {
+ LOG.fine("matching " + epd + " against
"+currentScope);
+ Filter f =
FrameworkUtil.createFilter(currentScope);
+
+ Dictionary d = new Properties();
+ Map<String, Object> props = epd.getProperties();
+ Set<Map.Entry<String, Object>> entries =
props.entrySet();
+ for (Map.Entry<String, Object> entry : entries) {
+ d.put(entry.getKey(), entry.getValue());
+ }
+
+ if(f.match(d)){
+ LOG.fine("MATCHED " + epd + "against
"+currentScope);
+ LOG.info("calling EndpointListener; " + epl +
" from bundle "
+ + sref.getBundle().getSymbolicName()
+ " based on scope ["+currentScope+"]");
+ epl.endpointAdded(epd, currentScope);
+ break;
+ }
+ }
}
}
} else if (!prevVal.equals(epd.getProperties())) {
Modified:
cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java
URL:
http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java?rev=937947&r1=937946&r2=937947&view=diff
==============================================================================
---
cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java
(original)
+++
cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java
Mon Apr 26 07:30:42 2010
@@ -40,12 +40,17 @@ public class InterfaceMonitor implements
private boolean closed = false;
public InterfaceMonitor(ZooKeeper zk, String intf,
EndpointListenerTrackerCustomizer.Interest zkd, String scope, BundleContext
bctx) {
+ LOG.fine("Creating new InterfaceMonitor for scope ["+scope+"] and
objectClass ["+intf+"] ");
listener = new InterfaceDataMonitorListenerImpl(zk, intf,
zkd,scope,bctx);
zookeeper = zk;
znode = Util.getZooKeeperPath(intf);
}
- public void process() {
+ public void start() {
+ process();
+ }
+
+ private void process() {
LOG.finest("Kicking off a zookeeper.exists() on node: " + znode);
zookeeper.exists(znode, this, this, null);
}
Modified:
cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java
URL:
http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java?rev=937947&r1=937946&r2=937947&view=diff
==============================================================================
---
cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java
(original)
+++
cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java
Mon Apr 26 07:30:42 2010
@@ -18,10 +18,14 @@
*/
package org.apache.cxf.dosgi.discovery.zookeeper;
+import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
+import org.osgi.framework.ServiceReference;
+import org.osgi.service.remoteserviceadmin.EndpointListener;
+
public class Util {
static final String PATH_PREFIX = "/osgi/service_registry";
@@ -43,4 +47,44 @@ public class Util {
return PATH_PREFIX + '/' + name.replace('.', '/');
}
+
+ static String[] getStringPlusProperty(Object property) {
+
+ if (property instanceof String) {
+ // System.out.println("String");
+ String[] ret = new String[1];
+ ret[0] = (String)property;
+ return ret;
+ }
+
+ if (property instanceof String[]) {
+ // System.out.println("String[]");
+ return (String[])property;
+ }
+
+ if (property instanceof Collection) {
+ Collection col = (Collection)property;
+ // System.out.println("Collection: size "+col.size());
+ String[] ret = new String[col.size()];
+ int x = 0;
+ for (Object s : col) {
+ ret[x] = (String)s;
+ ++x;
+ }
+ return ret;
+ }
+
+ return new String[0];
+ }
+
+ public static String[] getScopes(ServiceReference sref) {
+ String[] scopes =
Util.getStringPlusProperty(sref.getProperty(EndpointListener.ENDPOINT_LISTENER_SCOPE));
+ ArrayList<String> normalizedScopes = new
ArrayList<String>(scopes.length);
+ for (String scope : scopes) {
+ if(scope!=null || "".equals(scope))
+ normalizedScopes.add(scope);
+ }
+ return normalizedScopes.toArray(new String[normalizedScopes.size()]);
+ }
+
}
Added:
cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm
URL:
http://svn.apache.org/viewvc/cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm?rev=937947&view=auto
==============================================================================
---
cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm
(added)
+++
cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm
Mon Apr 26 07:30:42 2010
@@ -0,0 +1,29 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+(java.security.AllPermission )
+
+(org.osgi.framework.PackagePermission "*" "import")
+(org.osgi.framework.PackagePermission "*" "export")
+
+(org.osgi.framework.ServicePermission "*" "register")
+(org.osgi.framework.ServicePermission "*" "get")
+
+(org.osgi.framework.AdminPermission "*" "metadata")
+(org.osgi.framework.AdminPermission "*" "listen")
Modified:
cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java
URL:
http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java?rev=937947&r1=937946&r2=937947&view=diff
==============================================================================
---
cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java
(original)
+++
cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java
Mon Apr 26 07:30:42 2010
@@ -18,6 +18,9 @@
*/
package org.apache.cxf.dosgi.dsw.handlers;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
@@ -51,14 +54,20 @@ public class ClientServiceFactory implem
importRegistartion = ir;
}
- public Object getService(Bundle requestingBundle, ServiceRegistration
sreg) {
+ public Object getService(final Bundle requestingBundle, final
ServiceRegistration sreg) {
String interfaceName = sd.getInterfaces() != null &&
sd.getInterfaces().size() > 0 ? (String)sd
.getInterfaces().toArray()[0] : null;
+
LOG.info("************ getService() from serviceFactory for " +
interfaceName);
try {
- Object proxy = handler.createProxy(sreg.getReference(),
dswContext, requestingBundle
- .getBundleContext(), iClass, sd);
+ Object proxy = AccessController.doPrivileged(new
PrivilegedAction<Object>() {
+ public Object run() {
+ return handler.createProxy(sreg.getReference(),
dswContext, requestingBundle
+ .getBundleContext(),
iClass, sd);
+ }
+ });
+
synchronized (this) {
++serviceCounter;
}
Modified:
cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java
URL:
http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java?rev=937947&r1=937946&r2=937947&view=diff
==============================================================================
---
cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java
(original)
+++
cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java
Mon Apr 26 07:30:42 2010
@@ -22,6 +22,9 @@ import java.lang.reflect.InvocationHandl
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
@@ -45,7 +48,7 @@ public class ServiceInvocationHandler im
introspectType(iType);
}
- public Object invoke(Object proxy, Method m, Object[] params) throws
Throwable {
+ public Object invoke(Object proxy, final Method m, Object[] params) throws
Throwable {
if (OBJECT_METHODS.contains(m)) {
if (m.getName().equals("equals")) {
params = new Object[] {Proxy.getInvocationHandler(params[0])};
@@ -56,7 +59,12 @@ public class ServiceInvocationHandler im
ClassLoader oldCl = Thread.currentThread().getContextClassLoader();
try {
Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
- return m.invoke(serviceObject, params);
+ final Object[] paramsFinal = params;
+ return AccessController.doPrivileged(new
PrivilegedExceptionAction<Object>() {
+ public Object run() throws Exception {
+ return m.invoke(serviceObject, paramsFinal);
+ }
+ });
} catch (Throwable ex) {
Throwable theCause = ex.getCause() == null ? ex : ex.getCause();
Modified:
cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java
URL:
http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java?rev=937947&r1=937946&r2=937947&view=diff
==============================================================================
---
cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java
(original)
+++
cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java
Mon Apr 26 07:30:42 2010
@@ -22,16 +22,12 @@ import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Dictionary;
-import java.util.Enumeration;
import java.util.HashMap;
-import java.util.HashSet;
import java.util.Hashtable;
-import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
-import java.util.Set;
import java.util.logging.Logger;
import org.apache.cxf.dosgi.dsw.ClassUtils;
@@ -337,8 +333,8 @@ public class RemoteServiceAdminCore impl
/**
* Importing form here ....
*/
- public ImportRegistration importService(EndpointDescription endpoint) {
-
+ public ImportRegistration importService(EndpointDescription endpoint) {
+
LOG.info("importService() Endpoint: " + endpoint.getProperties());
synchronized (importedServices) {
Modified:
cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java
URL:
http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java?rev=937947&r1=937946&r2=937947&view=diff
==============================================================================
---
cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java
(original)
+++
cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java
Mon Apr 26 07:30:42 2010
@@ -1,23 +1,26 @@
/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
package org.apache.cxf.dosgi.dsw.service;
+import java.security.AccessControlContext;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
@@ -25,17 +28,18 @@ import java.util.List;
import java.util.Map;
import java.util.logging.Logger;
+import org.apache.cxf.dosgi.dsw.OsgiUtils;
import org.osgi.framework.BundleContext;
import org.osgi.framework.ServiceReference;
import org.osgi.service.remoteserviceadmin.EndpointDescription;
+import org.osgi.service.remoteserviceadmin.EndpointPermission;
import org.osgi.service.remoteserviceadmin.ExportRegistration;
import org.osgi.service.remoteserviceadmin.ImportRegistration;
import org.osgi.service.remoteserviceadmin.RemoteServiceAdmin;
-
public class RemoteServiceAdminInstance implements RemoteServiceAdmin {
Logger LOG = Logger.getLogger(RemoteServiceAdminInstance.class.getName());
-
+
private BundleContext bctx;
private RemoteServiceAdminCore rsaCore;
@@ -51,38 +55,86 @@ public class RemoteServiceAdminInstance
public List /* ExportRegistration */exportService(ServiceReference ref,
Map properties)
throws IllegalArgumentException, UnsupportedOperationException {
- if (closed)
- return Collections.EMPTY_LIST;
- synchronized (exportedServices) {
- List er = rsaCore.exportService(ref, properties);
- if(er!=null)
- exportedServices.addAll(er);
- return er;
+ SecurityManager sm = System.getSecurityManager();
+ EndpointPermission epp = new EndpointPermission("*",
EndpointPermission.EXPORT);
+
+
+ if (sm != null) {
+ sm.checkPermission(epp);
}
+
+
+ final ServiceReference refFinal = ref;
+ final Map propertiesFinal = properties;
+
+ return AccessController.doPrivileged(new PrivilegedAction<List>() {
+ public List run() {
+
+ if (closed)
+ return Collections.EMPTY_LIST;
+
+ synchronized (exportedServices) {
+ List er = rsaCore.exportService(refFinal, propertiesFinal);
+ if (er != null)
+ exportedServices.addAll(er);
+ return er;
+ }
+ }
+ });
}
public Collection getExportedServices() {
+
+ SecurityManager sm = System.getSecurityManager();
+ EndpointPermission epp = new EndpointPermission("*",
EndpointPermission.READ);
+ if (sm != null) {
+ sm.checkPermission(epp);
+ }
+
if (closed)
return null;
return rsaCore.getExportedServices();
}
public Collection getImportedEndpoints() {
+
+ SecurityManager sm = System.getSecurityManager();
+ EndpointPermission epp = new EndpointPermission("*",
EndpointPermission.READ);
+ if (sm != null) {
+ sm.checkPermission(epp);
+ }
+
if (closed)
return null;
return rsaCore.getImportedEndpoints();
}
public ImportRegistration importService(EndpointDescription endpoint) {
- if (closed)
- return null;
- synchronized (importedServices) {
- ImportRegistration ir = rsaCore.importService(endpoint);
- if(ir!=null)
- importedServices.add(ir);
- return ir;
+
+ final EndpointDescription epd = endpoint;
+
+ SecurityManager sm = System.getSecurityManager();
+ EndpointPermission epp = new EndpointPermission(epd,
OsgiUtils.getUUID(bctx),
+
EndpointPermission.IMPORT);
+ if (sm != null) {
+ sm.checkPermission(epp);
}
+
+ return AccessController.doPrivileged(new
PrivilegedAction<ImportRegistration>() {
+ public ImportRegistration run() {
+
+ if (closed)
+ return null;
+
+ synchronized (importedServices) {
+ ImportRegistration ir = rsaCore.importService(epd);
+ if (ir != null)
+ importedServices.add(ir);
+ return ir;
+ }
+ }
+ });
}
public void close() {
@@ -91,14 +143,14 @@ public class RemoteServiceAdminInstance
synchronized (importedServices) {
LOG.info("Removing all services imported by this RSA instance");
for (ImportRegistration ir : importedServices) {
- LOG.finest("Closing ImportRegistration "+ir);
+ LOG.finest("Closing ImportRegistration " + ir);
ir.close();
}
}
synchronized (exportedServices) {
LOG.info("Removing all services exported by this RSA instance");
for (ExportRegistration er : exportedServices) {
- LOG.finest("Closing ExportRegistration "+er);
+ LOG.finest("Closing ExportRegistration " + er);
er.close();
}
}
