Hi,
I am new to osgi. I am using knoflerfish 3.0.0 and i have been trying to
set up security policies.
This is what i've understood reading the various blogs and documents.
Please correct me if i'm wrong.
The framework should first be started with AllPermissions.Then the custom
bundle which is to set up the policies is to be given AllPermission by the
framework and started first so that the policies are set up before other
bundles are installed and started.
There are still some questions on my mind,
1. How do i deny permissions?
All the permissions i am able to set have access "allow".
2. How do i give permissions limited to specific bundles coming from a
specific location?
For eg, if i want to allow only bundles which come from a specific
folder "test", to be able to make changes(additions) to the
conditions & permissions i have set, how should i do it? i tried to do
this using the following snippet:
ConditionInfo condInfo1= new ConditionInfo(BUNDLE_LOCATION_CONDITION, new
String[] {"*test*"});
PermissionInfo permInfo1=new
PermissionInfo("org.osgi.framework.PackagePermission",
"org.osgi.service.condpermadmin", "import");
cpaService.setConditionalPermissionInfo("CPAServicePerm", new
ConditionInfo[] {condInfo1}, new PermissionInfo[] {permInfo1});
and i found that other bundles are still able to add conditional
permissions.
3. At what stage does the framework come into picture?
If i were trying to install a bundle fetched over the network ( bundle
location url containing http:// for example), the jar is to be fetched and
then installed. At what point does the framework check for the applicable
permissions for this location/signer? Before fetching it to the local
machine or before installing? Is there a demarcation between fetching and
installing? please forgive my ignorance.
Thank you.
regards,
Pavithra
_______________________________________________
OSGi Developer Mail List
[email protected]
https://mail.osgi.org/mailman/listinfo/osgi-dev
