Hi Anthony, yes, what you want to do is possible and OSGi provides what you need. You might want to have a look at the ConditionalPermissionAdmin Service. A (somewhat outdated but still relevant) starting point to OSGi and Java Security could be:
http://felix.apache.org/site/presentations.data/Building%20Secure%20OSGi%20Applications.pdf we have a page on the security provider for felix (needs some updating but mostly to say that the framework.security provider is released by now): https://cwiki.apache.org/confluence/display/FELIX/Apache+Felix+Framework+Security and last but not least, the upcoming OSGi in Action book has a full chapter on OSGi and Java Security - you could get it from the early access at manning.com (full disclosure: I'm one of the authors). The code examples of that chapter are available at: http://code.google.com/p/osgi-in-action/ regards, Karl On Fri, Feb 25, 2011 at 11:18 AM, Muller, Anthony <[email protected]> wrote: > Hello, > > I'd like to get information about how to secure an osgi application based on > Felix. > > 1) The main idea would be that only signed bundles could be deployed into the > application. But I have no idea if it's possible and how to do that.... > > 2) Another question: is it possible to add some restrictions to some bundles > (like a bundle cannot create a new thread) ? > > Thanks and regards, > Anthony > -- Karl Pauls [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
