Just to be really clear, the presence of javax.* package is not 
necessarily an EE issue.  As an example, javax.management (JMX API) is 
part of Java 1.5 but there are third party implementations available that 
allow JMX to be used on Foundation 1.0 systems.  As such, one can run a 
bundle that has Import-Package: javax.management and 
Bundle-RequiredExecutionEnvironment: CDC1.0/Foundation1.0.

I have no idea if this is true in the case of the JAAS support (I suspect 
you can get that separately).  Even if *you* can't, someone else might be 
able to.  So, spec Import-Package for javax.* stuff and use the BREE to 
deal with dependencies on java.* packages.

Jeff





Oleg Besedin/Ottawa/[EMAIL PROTECTED] 
Sent by: [EMAIL PROTECTED]
11/01/2007 11:43 AM
Please respond to
Equinox development mailing list <[email protected]>


To
Equinox development mailing list <[email protected]>
cc

Subject
Re: [equinox-dev] [sec] questions about EE for security







I agree, we certainly should use Import-Package. And, from what I 
understand, Scott is correct, the intention is to have Foundation 1.1 as a 
minimum execution environment for those bundles. 

>From a practical side, I just tried J9 (http://wiki.eclipse.org/J9) and 
from a quick glance things like javax.security.auth.Subject are, indeed, 
not present there. I think we'll need to find at least one Foundation 1.1 
VM that has those packages (or can accept them as a separate download?) to 
claim 1.1 as a minimum execution environment. 

Thanks, 
Oleg 




Thomas Watson <[EMAIL PROTECTED]> 
Sent by: [EMAIL PROTECTED] 
11/01/2007 09:28 AM 

Please respond to
Equinox development mailing list <[email protected]>


To
Equinox development mailing list <[email protected]> 
cc

Subject
Re: [equinox-dev] [sec] questions about EE for security








Both John and Rem are correct.

Bundles which want to run on a smaller EE than J2SE-1.4 and have access to 
the javax.security.auth packages should use import-package (e.g. 
Import-Package: javax.security.auth). You should not make J2SE-1.4 your 
required EE only because other bundles you depend on use the EE.

Equinox is a broad community. A large number of our bundles do run on 
Foundation 1.1/1.0 (and even down to the minimum OSGi EE). But there are 
some extra features which require higher EEs. Currently parts of the 
security work in the incubator can only run on J2SE-1.4 or higher. For 
example, the core extension bundles 
(org.eclipse.equinox.security.boot.jre14x or 
org.eclipse.equinox.security.boot.jre15x) are installed into the extension 
classloader of the VM. This is required because we need to make the our 
security provider available to the VM and it will only search for 
providers on the boot classpath or the extension class loader. 
Unfortunately at that level the code will only have access to classes that 
are provided by the EE. They do not have the option to import additional 
packages which may come from other bundles installed in a Framework 
running on Foundation 1.1 EE.

I opened a couple of bugs against the security bundles. All Equinox 
bundles should use Import-Package to access packages outside the java.* 
namespace. We could also split some of the bundles to allow parts of it to 
run on a Foundation EE.

https://bugs.eclipse.org/bugs/show_bug.cgi?id=208399
https://bugs.eclipse.org/bugs/show_bug.cgi?id=208400

Tom



John Arthorne ---10/31/2007 09:30:11 PM---I think the right approach is to 
set your bundle's EE to reflect the EE dependencies of *your* bundle, and 
not the bundles you

From: 

John Arthorne <[EMAIL PROTECTED]> 

To: 

Equinox development mailing list <[email protected]> 

Date: 

10/31/2007 09:30 PM 

Subject: 

Re: [equinox-dev] [sec] questions about EE for security





I think the right approach is to set your bundle's EE to reflect the EE 
dependencies of *your* bundle, and not the bundles you depend on. I.e., if 
your bundle doesn't directly depend on 1.4, you could still specify an EE 
of Foundation 1.1 for your bundle. If it turns out that the JAAS bundle 
requires 1.4, then your bundle will transitively fail to resolve anyway. 
That way you're not building assumptions into your bundle about the EE of 
downstream bundles that may change in the future. 

John 

Scott Lewis <[EMAIL PROTECTED]> 
Sent by: [EMAIL PROTECTED] 
10/31/2007 05:53 PM 


Please respond to
Equinox development mailing list <[email protected]>



To
Equinox development mailing list <[email protected]> 
cc

Subject
[equinox-dev] [sec] questions about EE for security










Hi Folks,

Some questions:  I thought I understood (from Equinox Summit) that the 
recently approved minimum EE for Equinox 3.4 (Ganymede) was CDC 
1.1/Foundation 1.1.

I see from looking at the equinox JAAS integration bundles (e.g. 
org.eclipse.equinox.security.auth) that the runtime environment minimum 
for those bundles is set to JRE 1.4.  I understand this, as the JAAS 
work depends upon packages like javax.security.auth, and 
javax.security.auth.login, etc.  which do not seem to be in CDC 
1.1/Foundation 1.1.

So maybe I just answered my own question:  it seems that the JAAS 
security bundles/plugins must assume JRE 1.4 (and can't/won't run on CDC 
1.1/Foundation 1.1).  So the implicit (to me anyway) idea here is that 
bundles that use/extend/depend upon the JAAS security integration also 
obviously must assume JRE 1.4 and not just CDC 1.1.  Correct?

Scott


_______________________________________________
equinox-dev mailing list
[email protected]
https://dev.eclipse.org/mailman/listinfo/equinox-dev
_______________________________________________
equinox-dev mailing list
[email protected]
https://dev.eclipse.org/mailman/listinfo/equinox-dev
_______________________________________________
equinox-dev mailing list
[email protected]
https://dev.eclipse.org/mailman/listinfo/equinox-dev
_______________________________________________
equinox-dev mailing list
[email protected]
https://dev.eclipse.org/mailman/listinfo/equinox-dev

<<image/gif>>

<<image/gif>>

<<image/gif>>

<<image/gif>>

<<image/gif>>

<<image/gif>>

<<image/gif>>

<<image/gif>>

<<image/gif>>

<<image/gif>>

<<image/gif>>

<<image/gif>>

_______________________________________________
equinox-dev mailing list
[email protected]
https://dev.eclipse.org/mailman/listinfo/equinox-dev

Reply via email to