You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@karaf.apache.org by "Oliver Lietz (JIRA)" <ji...@apache.org> on 2015/12/17 20:11:46 UTC
[jira] [Commented] (KARAF-3400) Enabling Java System Security and
OSGi security leaves Karaf in unusable state
[ https://issues.apache.org/jira/browse/KARAF-3400?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15062585#comment-15062585 ]
Oliver Lietz commented on KARAF-3400:
-------------------------------------
Framework Security is still broken in 4.0.3 - any chance to get this fixed?
> Enabling Java System Security and OSGi security leaves Karaf in unusable state
> ------------------------------------------------------------------------------
>
> Key: KARAF-3400
> URL: https://issues.apache.org/jira/browse/KARAF-3400
> Project: Karaf
> Issue Type: Bug
> Components: karaf-core
> Affects Versions: 3.0.2, 4.0.0.M1
> Reporter: Achim Nierbeck
> Assignee: Jean-Baptiste Onofré
>
> It seems to boil down to the new functionalities of OSGi, like Bundle Adapt fails with the default security configuration
> {code}
> java.security.AccessControlException: access denied ("org.osgi.framework.AdaptPermission" "org.osgi.framework.wiring.BundleRevision" "adapt")
> at java.security.AccessControlContext.checkPermission(AccessControlContext.java:372)
> at org.eclipse.osgi.internal.permadmin.EquinoxSecurityManager.internalCheckPermission(EquinoxSecurityManager.java:117)
> at org.eclipse.osgi.internal.permadmin.EquinoxSecurityManager$CheckPermissionAction.run(EquinoxSecurityManager.java:60)
> at java.security.AccessController.doPrivileged(Native Method)
> {code}
> Just switch framework to equinox and enable the security params in etc/system.properties
> {code}
> #
> # By default, only Karaf shell commands are secured, but additional services can be
> #
> # To enable OSGi security, uncomment the properties below,
> # install the framework-security feature and restart.
> #
> java.security.policy=${karaf.etc}/all.policy
> org.osgi.framework.security=osgi
> org.osgi.framework.trust.repositories=${karaf.etc}/trustStore.ks
> {code}
> This also happens with Felix but needs the additional Felix.Security bundle to be installed.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)