I guess I'm not 100% sure I understand what you are asking exactly. Let me first try to explain what the different options are and then try to answer what I think you are asking.
If there is a security manager installed the framework will do permission checks where the spec mandates it. However, assuming you didn't install the framework.security provider, all bundles will have AllPermission by default -- except, if you have set felix.security.defaultpolicy=true. In that case, your security policy will be consulted for bundles as well. Hence, if you want behavior just as some ordinary library in an application with a security manager you probably want to _not_ install the framework.security provider and set felix.security.defaultpolicy=true (either as a -D property or as one passed to the felix constructor). That in turn will make it so that you _do_ get permission checks triggered from Felix as well as potentially from bundles which you can grant (or deny by omission, respectively) via your security policy. Otherwise, if you just don't want failing permission checks then, don't install the framework.security provider and _don't_ set felix.security.defaultpolicy. That will make it so that you _do_ get permission checks triggered from Felix as well as potentially from bundles but at least bundles will have AllPermission by default (hence, all you need to do in your policy is to give felix.jar and your external code that calls into Felix permissions). If, on the other hand, you don't want _any_ permission checks triggered by felix despite a security manage being around the answer is: no - thats not possible. regards, Karl On Wed, Sep 21, 2016 at 10:48 PM, Benson Margulies <ben...@basistech.com> wrote: > I'd like to run a Felix container as if it was just some ordinary > piece of an application inside of a security manager; I don't want any > security manager checks or behaviors from the container. Can I do > this, or does the container always interact with the SecurityManager > if there is one? > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@felix.apache.org > For additional commands, e-mail: users-h...@felix.apache.org > > -- Karl Pauls karlpa...@gmail.com
