The option to enable signed bundles in 3.3 is
(notice "support" and "signature" are reversed).  In 3.4 we are introducing
a more general option called which does not have
simple true|false options, but we will continue to recognize the old 3.3.
option.  Matt is documenting the security options in

The internal security manager class is needed to fully support postponed
conditions in ConditionalPermissionAdmin.  If postponed conditions are not
needed then simply enabling the security manager with"" will enable the built-in security manager which
will satisfy most needs.

There is an option called  This option is used by the
launcher jar to setup a policy to grant the framework and the launcher
AllPermissions and specify the security manager to use.  Unfortunately this
still requires a reference to an internal class if you want to load a
security manager to support postponed conditions.  I've opened a bug to
investigate making this easier.  Perhaps manager can have
a value that indicates the framework should load its internal security
manager.  See


  From:       Jeff McAffer <[EMAIL PROTECTED]>                            
  To:         Equinox development mailing list <>
  Date:       02/06/2008 07:47 AM                                      
  Subject:    Re: [equinox-dev] Signed bundles                         

Marcel Offermans wrote:
> So, reiterating, if I want to run Equinox with OSGi security enabled
> and have it use my own keystore, I have to start it like this
> (formatted a bit for clarity, but typed as one big line):
> java

>   -Dosgi.framework.keystore=keystore
>   -jar org.eclipse.osgi_3.4.0.v20071207.jar
>   -console
>   -consoleLog
> Basically, I'm asking how Equinox is being run to be compliant with
> OSGi security.
Is the above line accurate?  Seems complicated and requires people to
reference internal classes etc.  Could be wrong but I remember it being

equinox-dev mailing list

<<inline: graycol.gif>>

<<inline: ecblank.gif>>

equinox-dev mailing list

Reply via email to