Yes, that should be possible. If you create a custom condition it will get passed in the Bundle object in question for evaluation. That is when you could inspect the bundle. Next, all you need to do is to basically start with a security policy that only grant permissions to bundles that pass your custom condition.
You can have a look at this example for a custom condition and how to use it: https://github.com/mcculls/osgi-in-action/tree/master/chapter14/combined-example regards, Karl On Wed, May 18, 2016 at 4:37 PM, Stephen Higgs <shi...@redhat.com> wrote: > So I could write my own logic that checks the bundle via a "custom > condition"? That would be perfect - is there a resource that you would > recommend that shows how to implement a custom condition? > > Thanks! > > --Stephen > > ----- Original Message ----- > From: "Karl Pauls" <karlpa...@gmail.com> > To: users@felix.apache.org > Sent: Wednesday, May 18, 2016 9:34:28 AM > Subject: Re: felix bundle security > > Hm, I guess you could do that, yes. However, are you sure you want to > implement your own provider? If you are running with security enabled, why > not just use the existing provider and write your own custom condition that > checks the bundle? > > regards, > > Karl > > On Wed, May 18, 2016 at 2:54 PM, Stephen Higgs <shi...@redhat.com> wrote: > > > [Note - Originally Sent to Karaf users list, but may be more appropriate > > for the felix users list] > > > > Hi all, > > > > If I wanted to implement custom logic to examine bundles that are > > installed for security purposes, would the following be appropriate? > > > > 1) set org.osgi.framework.security=osgi > > 2) create an implementation of > > org.apache.felix.framework.ext.SecurityProvider > > 3) add the new security provider to startup.properties > > > > Would this achieve the desired ability to checkBundle() for all bundles > > during startup and thereafter? > > > > Thank you, > > > > Stephen Higgs > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscr...@felix.apache.org > > For additional commands, e-mail: users-h...@felix.apache.org > > > > > > > -- > Karl Pauls > karlpa...@gmail.com > http://twitter.com/karlpauls > http://www.linkedin.com/in/karlpauls > https://profiles.google.com/karlpauls > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@felix.apache.org > For additional commands, e-mail: users-h...@felix.apache.org > > -- Karl Pauls karlpa...@gmail.com http://twitter.com/karlpauls http://www.linkedin.com/in/karlpauls https://profiles.google.com/karlpauls
