ConditionalPermissionAdmin is about setting the ProtectionDomain for the classes in a bundle. It is not about checking permissions upon method invocation or establishing user roles.
Some requirements work has starting in OSGi for future specifications regarding Authentication [1] and Authorization [2] based upon the work to date on OSGi EnRoute [3]. [1] https://github.com/osgi/design/blob/master/rfps/rfp-0164-Authentication.pdf [2] https://github.com/osgi/design/blob/master/rfps/rfp-0165-Authorization.pdf [3] http://enroute.osgi.org/ -- BJ Hargrave Senior Technical Staff Member, IBM OSGi Fellow and CTO of the OSGi Alliance hargr...@us.ibm.com office: +1 386 848 1781 mobile: +1 386 848 3788 From: Frank Langel <fr...@frankjlangel.com> To: <osgi-dev@mail.osgi.org> Date: 2015/05/18 11:59 Subject: [osgi-dev] (Conditional)PermissionAdmin Sent by: osgi-dev-boun...@mail.osgi.org Hi, Please see attached slides. I am trying to implement security checks in OSGI 1. Ability to secure methods using @RequiresRoles @RequiresPermission 2. Ability to create invocation context to transparent permission checking As this doesn’t come out of the box, I created a few suggestions of how it could be done. Would you agree with suggestions ? I created PDF so that I could maintain nice formatting . Thanks a lot Frank [attachment "OSGI_Permission.pdf" deleted by BJ Hargrave/Austin/IBM] _______________________________________________ OSGi Developer Mail List osgi-dev@mail.osgi.org https://mail.osgi.org/mailman/listinfo/osgi-dev
_______________________________________________ OSGi Developer Mail List osgi-dev@mail.osgi.org https://mail.osgi.org/mailman/listinfo/osgi-dev
