Dear Karl,
Karl Pauls wrote:
Does your provider bundle export the package in which MyPermission is defined?
The provider bundle does not export the permissionmanagement package.
Why is that needed? Thanks!
KR
Hasan
This is the MANIFEST.MF of the provider bundle
Manifest-Version: 1.0
Export-Package: testbundles.provider;uses:="testbundles.permissionmana
gement"
Bundle-Version: 1.0.0.SNAPSHOT
Build-Jdk: 1.6.0_07
Built-By: hasan
Tool: Bnd-0.0.255
Bnd-LastModified: 1229385746578
Bundle-Name: Test Bundle - Provider
Bundle-ManifestVersion: 2
Created-By: Apache Maven Bundle Plugin
Import-Package: testbundles.provider,testbundles.permissionmanagement
Bundle-SymbolicName: testbundles.provider
This is the MANIFEST.MF of the permissionmanagement bundle
Manifest-Version: 1.0
Export-Package:
testbundles.permissionmanagement;uses:="org.osgi.service.
permissionadmin,org.osgi.service.condpermadmin,org.osgi.framework,org
.osgi.service.component"
Service-Component: OSGI-INF/serviceComponents.xml
Built-By: hasan
Tool: Bnd-0.0.255
Bundle-Name: Test Bundle - Permission Management
Created-By: Apache Maven Bundle Plugin
Bundle-Version: 0.1.0.SNAPSHOT
Build-Jdk: 1.6.0_07
Bnd-LastModified: 1229384791707
Bundle-ManifestVersion: 2
Import-Package: org.osgi.framework;version="1.3",org.osgi.service.comp
onent;version="1.0",org.osgi.service.condpermadmin;version="1.0",org.
osgi.service.permissionadmin;version="1.2",testbundles.permissionmana
gement
Bundle-SymbolicName: testbundles.permissionmanagement
regards,
Karl
On Tue, Dec 16, 2008 at 11:37 AM, Hasan <[email protected]> wrote:
Hi all,
I have problems in using Permission derived from java.security.Permission
with the felix ConditionalPermissionAdmin.
I have 3 bundles:
- PermissionManagement: defines MyPermission class and assigns this
permission to all bundles
- Provider: exposes a function f with security check on MyPermission
- Consumer: try to use function f
I run these bundles in felix + framework.security + scr and got access
denied
(Consumer is not allowed to use function f although MyPermission is already
assigned to all bundles)
Questions: How should I assign and check self-defined Permissions?
Any help is appreciated.
More infos to affected code snippets below.
Kind regards and thanks in advance
Hasan
Problems in detail:
I have a bundle named PermissionManagement which defines a new Permission
class
as follows:
public class MyPermission extends Permission {
private String actions;
public MyPermission(String name, String actions) {
super(name);
this.actions = actions;
System.out.println("MyPermission constructor called with params: " +
name + ", " + actions);
}
...
@Override
public String getActions() {
System.out.println("MyPermission getActions method called");
return this.actions;
}
}
PermissionManagement also defines a class called "PermissionManager" to
assign
MyPermission to all bundles using ConditionalPermissionAdmin as follows:
cpa.addConditionalPermissionInfo(new ConditionInfo[]{
null
},
new PermissionInfo[]{
new PermissionInfo(
MyPermission.class.getName(), "MyName", "MyAction")
});
Provider bundle defines a class DummyProvider which exposes a function F
guarded with security check
public String f() {
MyPermission myPerm = new MyPermission("MyName", "MyAction");
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkPermission(myPerm);
}
return "test";
}
Consumer bundle has an Activator as follows:
public class Activator implements BundleActivator {
@Override
public void start(BundleContext arg0) throws Exception {
DummyProvider dp = new DummyProvider();
System.out.println(dp.f());
}
...
}
in felix shell
-> start file:///.../consumer-1.0-SNAPSHOT.jar
DummyProvider constructor called
MyPermission constructor called with params: MyName, MyAction
MyPermission hashCode method called
MyPermission hashCode method called
MyPermission hashCode method called
MyPermission hashCode method called
MyPermission getActions method called
java.security.AccessControlException: access denied
(testbundles.permissionmanagement.MyPermission MyName MyAction)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
--
Hasan Hasan
trialox AG
Binzmühlestrasse 14, CH-8050 Zürich
Tel: +41 44 635 7577
Fax: +41 44 635 7574
URL: http://trialox.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
