Its very hard to say - if you can make a simple example available to me I can have a look. Otherwise, if there are no other exceptions/print-outs and you are sure your rules are syntactically correct and should match then I don't know either. The one thing to make sure is that you really have the self signed certificate in that keystore as a _trusted certificate_ - otherwise it will not work.
regards, Karl On Thu, Jan 23, 2014 at 11:59 AM, felixandre <[email protected]>wrote: > I had also tried to invert the order of the rules, but without success... > This is the rule (added before the DENY rule): > > ALLOW { > [org.osgi.service.condpermadmin.BundleSignerCondition "CN=xxx, > O=xxx, > OU=xxx, L=xxxxx C=xx"] > ( java.io.FilePermission "*" "read, write") > } "We allow signed bundles to write file" > > Moreover, to be sure, I verified the jar signature with jarsigner -verify > myjar.jar -verbose -certs and all the fields match. I run Felix with all > the > needed properties (afaik): > > java -Dorg.osgi.framework.security=osgi -Djava.security.policy=all.policy > -Dfelix.keystore=file:myks.jks -Dfelix.keystore.pass=mypwd > -Dfelix.keystore.type=jks -jar bin/felix.jar > > The signature was a "selfsigned" signature, could this be the problem? I > think it isn't, but what can be the problem then? > > > > -- > View this message in context: > http://apache-felix.18485.x6.nabble.com/Problem-with-Felix-security-and-bundle-policies-tp5006903p5006951.html > Sent from the Apache Felix - Users mailing list archive at Nabble.com. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > -- Karl Pauls [email protected] http://twitter.com/karlpauls http://www.linkedin.com/in/karlpauls https://profiles.google.com/karlpauls
