I had also tried to invert the order of the rules, but without success...
This is the rule (added before the DENY rule):
ALLOW {
[org.osgi.service.condpermadmin.BundleSignerCondition "CN=xxx, O=xxx,
OU=xxx, L=xxxxx C=xx"]
( java.io.FilePermission "*" "read, write")
} "We allow signed bundles to write file"
Moreover, to be sure, I verified the jar signature with jarsigner -verify
myjar.jar -verbose -certs and all the fields match. I run Felix with all the
needed properties (afaik):
java -Dorg.osgi.framework.security=osgi -Djava.security.policy=all.policy
-Dfelix.keystore=file:myks.jks -Dfelix.keystore.pass=mypwd
-Dfelix.keystore.type=jks -jar bin/felix.jar
The signature was a "selfsigned" signature, could this be the problem? I
think it isn't, but what can be the problem then?
--
View this message in context:
http://apache-felix.18485.x6.nabble.com/Problem-with-Felix-security-and-bundle-policies-tp5006903p5006951.html
Sent from the Apache Felix - Users mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
