[jira] Created: (FELIX-849) checking a "self-defined" permission (extends java.security.Permission) does not work

Tue, 16 Dec 2008 06:33:07 -0800 

checking a "self-defined" permission (extends java.security.Permission) does 
not work
-------------------------------------------------------------------------------------

                 Key: FELIX-849
                 URL: https://issues.apache.org/jira/browse/FELIX-849
             Project: Felix
          Issue Type: Bug
          Components: Conditional Permission Admin
            Reporter: Hasan
            Priority: Minor


I have problems in using Permission derived from java.security.Permission
with the felix ConditionalPermissionAdmin.

I have 3 bundles:
- PermissionManagement: defines MyPermission class and assigns this permission 
to all bundles
- Provider: exposes a function f with security check on MyPermission
- Consumer: try to use function f

I run these bundles in felix + framework.security + scr and got access denied
(Consumer is not allowed to use function f although MyPermission is already 
assigned to all bundles)

Problems in detail:

I have a bundle named PermissionManagement which defines a new Permission class
as follows:

public class MyPermission extends Permission {
   private String actions;

   public MyPermission(String name, String actions) {
       super(name);
       this.actions = actions;
       System.out.println("MyPermission constructor called with params: " +
           name + ", " + actions);
   }
   ...

   @Override
   public String getActions() {
       System.out.println("MyPermission getActions method called");
       return this.actions;
   }

}

PermissionManagement also defines a class called "PermissionManager" to assign
MyPermission to all bundles using ConditionalPermissionAdmin as follows:

   cpa.addConditionalPermissionInfo(new ConditionInfo[]{
       null
   },
   new PermissionInfo[]{
       new PermissionInfo(
       MyPermission.class.getName(), "MyName", "MyAction")
   });

Provider bundle defines a class DummyProvider which exposes a function F 
guarded with security check

   public String f() {
       MyPermission myPerm = new MyPermission("MyName", "MyAction");
       SecurityManager security = System.getSecurityManager();
       if (security != null) {
           security.checkPermission(myPerm);
       }
       return "test";
   }

Consumer bundle has an Activator as follows:
public class Activator implements BundleActivator {

   @Override
   public void start(BundleContext arg0) throws Exception {
       DummyProvider dp = new DummyProvider();
       System.out.println(dp.f());
   }
   ...
}

in felix shell
-> start file:///.../consumer-1.0-SNAPSHOT.jar
DummyProvider constructor called
MyPermission constructor called with params: MyName, MyAction
MyPermission hashCode method called
MyPermission hashCode method called
MyPermission hashCode method called
MyPermission hashCode method called
MyPermission getActions method called

java.security.AccessControlException: access denied 
(testbundles.permissionmanagement.MyPermission MyName MyAction) 

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to