You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@karaf.apache.org by "Oliver Lietz (JIRA)" <ji...@apache.org> on 2015/12/17 20:11:46 UTC

[jira] [Commented] (KARAF-3400) Enabling Java System Security and OSGi security leaves Karaf in unusable state

    [ https://issues.apache.org/jira/browse/KARAF-3400?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15062585#comment-15062585 ] 

Oliver Lietz commented on KARAF-3400:
-------------------------------------

Framework Security is still broken in 4.0.3 - any chance to get this fixed?

> Enabling Java System Security and OSGi security leaves Karaf in unusable state
> ------------------------------------------------------------------------------
>
>                 Key: KARAF-3400
>                 URL: https://issues.apache.org/jira/browse/KARAF-3400
>             Project: Karaf
>          Issue Type: Bug
>          Components: karaf-core
>    Affects Versions: 3.0.2, 4.0.0.M1
>            Reporter: Achim Nierbeck
>            Assignee: Jean-Baptiste Onofré
>
> It seems to boil down to the new functionalities of OSGi, like Bundle Adapt fails with the default security configuration 
> {code}
> java.security.AccessControlException: access denied ("org.osgi.framework.AdaptPermission" "org.osgi.framework.wiring.BundleRevision" "adapt")
> 	at java.security.AccessControlContext.checkPermission(AccessControlContext.java:372)
> 	at org.eclipse.osgi.internal.permadmin.EquinoxSecurityManager.internalCheckPermission(EquinoxSecurityManager.java:117)
> 	at org.eclipse.osgi.internal.permadmin.EquinoxSecurityManager$CheckPermissionAction.run(EquinoxSecurityManager.java:60)
> 	at java.security.AccessController.doPrivileged(Native Method)
> {code}
> Just switch framework to equinox and enable the security params in etc/system.properties
> {code}
> #
> # By default, only Karaf shell commands are secured, but additional services can be
> #
> # To enable OSGi security, uncomment the properties below,
> # install the framework-security feature and restart.
> #
> java.security.policy=${karaf.etc}/all.policy
> org.osgi.framework.security=osgi
> org.osgi.framework.trust.repositories=${karaf.etc}/trustStore.ks
> {code}
> This also happens with Felix but needs the additional Felix.Security bundle to be installed. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)