You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@felix.apache.org by Guido Spadotto <gs...@soluta.net> on 2009/09/16 11:51:07 UTC

"Filtering" exported packages/interfaces

Hi all,
 I've tried to search this in the specs, but having some references from 
you
would surely help me in finding the correct solution.

The Problem: I'd like to put several type of interfaces in a single bundle.
The exposed interfaces will be of two types: "3rd party" interfaces and
"framework" interfaces.
Framework interfaces are meant to be used by other framework components,
and they expose the framework "nuts and bolts" low-level functionalities.
3rd Party interfaces are "narrower" interfaces that provide "protected" 
hooks
into the framework that might be used by 3rd party service developers.

Each type of interface will reside in its own package (org.example.3p 
and org.example.fw).

I'd like to make framework interfaces visible only to specific 
bundles/components
of the framework environment I'm writing (and whose bundles I am in full 
control of),
whilst 3p interfaces will be exported as usual (i.e. no restrictions on 
their visibility).

The Question: is there an easy/correct way of achieving this in OSGi ?
Which sections in the Core/Compendium Specs cover this (Release 4, 
Version 4.1),
if any?

Thank you
-- 
Guido Spadotto

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
For additional commands, e-mail: users-help@felix.apache.org

Re: "Filtering" exported packages/interfaces

Posted by "Richard S. Hall" <he...@ungoverned.org>.

On 9/16/09 16:57, Karl Pauls wrote:
> On Wed, Sep 16, 2009 at 4:51 PM, Guido Spadotto<gs...@soluta.net>  wrote:
>    
>> Richard S. Hall wrote:
>>      
>>> On 9/16/09 11:58, Karl Pauls wrote:
>>>        
>>>> On Wed, Sep 16, 2009 at 11:51 AM, Guido Spadotto<gs...@soluta.net>
>>>>   wrote:
>>>>          
>>>>> I'd like to make framework interfaces visible only to specific
>>>>> bundles/components of the framework environment I'm writing (and whose
>>>>> bundles I am in full
>>>>> control of), whilst 3p interfaces will be exported as usual (i.e. no
>>>>> restrictions on
>>>>> their visibility).
>>>>> The Question: is there an easy/correct way of achieving this in OSGi ?
>>>>>
>>>>>            
>>>> I guess you are looking for security. Have a look at the
>>>> ConditionalPermissionAdmin and the related permissions defined by
>>>> OSGi.
>>>>          
>>> As Karl says, there is no real way to do this other than security.
>>> Otherwise, you could try to approximate it with mandatory attributes. In the
>>> future, the spec could address such use cases (e.g., through composite
>>> bundles, so you could create a subsystem), but even then the only way to get
>>> guarantees is with security and granting permissions.
>>> ->  richard
>>>        
>> Thanks Karl and Richard,
>> I'm studying the Conditional Permission Admin Spec.
>>
>> If I got it right, I should write a custom condition that distinguishes
>> between framework and 3rd Party
>> bundles and - based on that - gets enabled or not.
>>
>> Once I have that condition, I can use it to grant these permissions
>> ServicePermission[FQN_Of_FW_Interface,GET ] and
>> PackagePermission[FQN_Of_FW_Package,IMPORT]
>> to Framework Bundles.
>>
>> 3rd Party services, that is all services contained in bundles
>> that do not satisfy my custom condition, will not be able to
>> import my FW packages, or get FW services.
>>      
> Yup, that is correct. Alternatively, you could use different
> certificates for each domain (framwork and 3rd) and sign the bundles
> with the certificate of the domain they belong too. This way you could
> use the BundleSignerCondtion instead of your custom condition. If
> signing is not an option you can go with the custom condition
> approach.
>
>    

The new R4.2 spec adds more fine-grained support to PackagePermission, 
so I believe it will be possible to grant bundle X permission to import 
foo from bundle Y. Of course, we don't yet implement that feature.

-> richard

> regards,
>
> Karl
>
>    
>> Richard, what do you mean by "approximating with mandatory attributes" ?
>>
>> Please correct/extend my thoughts if you see I'm wrong.
>> --
>> Guido Spadotto
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
>> For additional commands, e-mail: users-help@felix.apache.org
>>
>>
>>      
>
>
>    

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
For additional commands, e-mail: users-help@felix.apache.org

Re: "Filtering" exported packages/interfaces

Posted by Karl Pauls <ka...@gmail.com>.

On Wed, Sep 16, 2009 at 4:51 PM, Guido Spadotto <gs...@soluta.net> wrote:
> Richard S. Hall wrote:
>>
>> On 9/16/09 11:58, Karl Pauls wrote:
>>>
>>> On Wed, Sep 16, 2009 at 11:51 AM, Guido Spadotto<gs...@soluta.net>
>>>  wrote:
>>>>
>>>> I'd like to make framework interfaces visible only to specific
>>>> bundles/components of the framework environment I'm writing (and whose
>>>> bundles I am in full
>>>> control of), whilst 3p interfaces will be exported as usual (i.e. no
>>>> restrictions on
>>>> their visibility).
>>>> The Question: is there an easy/correct way of achieving this in OSGi ?
>>>>
>>>
>>> I guess you are looking for security. Have a look at the
>>> ConditionalPermissionAdmin and the related permissions defined by
>>> OSGi.
>>
>> As Karl says, there is no real way to do this other than security.
>> Otherwise, you could try to approximate it with mandatory attributes. In the
>> future, the spec could address such use cases (e.g., through composite
>> bundles, so you could create a subsystem), but even then the only way to get
>> guarantees is with security and granting permissions.
>> -> richard
>
> Thanks Karl and Richard,
> I'm studying the Conditional Permission Admin Spec.
>
> If I got it right, I should write a custom condition that distinguishes
> between framework and 3rd Party
> bundles and - based on that - gets enabled or not.
>
> Once I have that condition, I can use it to grant these permissions
> ServicePermission[FQN_Of_FW_Interface,GET ] and
> PackagePermission[FQN_Of_FW_Package,IMPORT]
> to Framework Bundles.
>
> 3rd Party services, that is all services contained in bundles
> that do not satisfy my custom condition, will not be able to
> import my FW packages, or get FW services.

Yup, that is correct. Alternatively, you could use different
certificates for each domain (framwork and 3rd) and sign the bundles
with the certificate of the domain they belong too. This way you could
use the BundleSignerCondtion instead of your custom condition. If
signing is not an option you can go with the custom condition
approach.

regards,

Karl

> Richard, what do you mean by "approximating with mandatory attributes" ?
>
> Please correct/extend my thoughts if you see I'm wrong.
> --
> Guido Spadotto
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
> For additional commands, e-mail: users-help@felix.apache.org
>
>



-- 
Karl Pauls
karlpauls@gmail.com

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
For additional commands, e-mail: users-help@felix.apache.org

Re: "Filtering" exported packages/interfaces

Posted by Guido Spadotto <gs...@soluta.net>.

Richard S. Hall wrote:
> On 9/16/09 11:58, Karl Pauls wrote:
>> On Wed, Sep 16, 2009 at 11:51 AM, Guido 
>> Spadotto<gs...@soluta.net>  wrote:
>>> I'd like to make framework interfaces visible only to specific
>>> bundles/components of the framework environment I'm writing (and 
>>> whose bundles I am in full
>>> control of), whilst 3p interfaces will be exported as usual (i.e. no 
>>> restrictions on
>>> their visibility).
>>> The Question: is there an easy/correct way of achieving this in OSGi 
>>> ?      
>> I guess you are looking for security. Have a look at the
>> ConditionalPermissionAdmin and the related permissions defined by
>> OSGi.
> As Karl says, there is no real way to do this other than security. 
> Otherwise, you could try to approximate it with mandatory attributes. 
> In the future, the spec could address such use cases (e.g., through 
> composite bundles, so you could create a subsystem), but even then the 
> only way to get guarantees is with security and granting permissions.
> -> richard
Thanks Karl and Richard,
 I'm studying the Conditional Permission Admin Spec.

If I got it right, I should write a custom condition that distinguishes 
between framework and 3rd Party
bundles and - based on that - gets enabled or not.

Once I have that condition, I can use it to grant these permissions
ServicePermission[FQN_Of_FW_Interface,GET ] and
PackagePermission[FQN_Of_FW_Package,IMPORT]
to Framework Bundles.

3rd Party services, that is all services contained in bundles
that do not satisfy my custom condition, will not be able to
import my FW packages, or get FW services.

Richard, what do you mean by "approximating with mandatory attributes" ?

Please correct/extend my thoughts if you see I'm wrong.
-- 
Guido Spadotto

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
For additional commands, e-mail: users-help@felix.apache.org

Re: "Filtering" exported packages/interfaces

Posted by "Richard S. Hall" <he...@ungoverned.org>.

On 9/16/09 11:58, Karl Pauls wrote:
> On Wed, Sep 16, 2009 at 11:51 AM, Guido Spadotto<gs...@soluta.net>  wrote:
>    
>> Hi all,
>> I've tried to search this in the specs, but having some references from you
>> would surely help me in finding the correct solution.
>>
>> The Problem: I'd like to put several type of interfaces in a single bundle.
>> The exposed interfaces will be of two types: "3rd party" interfaces and
>> "framework" interfaces.
>> Framework interfaces are meant to be used by other framework components,
>> and they expose the framework "nuts and bolts" low-level functionalities.
>> 3rd Party interfaces are "narrower" interfaces that provide "protected"
>> hooks
>> into the framework that might be used by 3rd party service developers.
>>
>> Each type of interface will reside in its own package (org.example.3p and
>> org.example.fw).
>>
>> I'd like to make framework interfaces visible only to specific
>> bundles/components
>> of the framework environment I'm writing (and whose bundles I am in full
>> control of),
>> whilst 3p interfaces will be exported as usual (i.e. no restrictions on
>> their visibility).
>>
>> The Question: is there an easy/correct way of achieving this in OSGi ?
>>      
> I guess you are looking for security. Have a look at the
> ConditionalPermissionAdmin and the related permissions defined by
> OSGi. You can find an overview at:
>
> http://felix.apache.org/site/presentations.data/Building%20Secure%20OSGi%20Applications.pdf
>
>    

As Karl says, there is no real way to do this other than security. 
Otherwise, you could try to approximate it with mandatory attributes. In 
the future, the spec could address such use cases (e.g., through 
composite bundles, so you could create a subsystem), but even then the 
only way to get guarantees is with security and granting permissions.

-> richard

> regards,
>
> Karl
>
>    
>> Which sections in the Core/Compendium Specs cover this (Release 4, Version
>> 4.1),
>> if any?
>>
>> Thank you
>> --
>> Guido Spadotto
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
>> For additional commands, e-mail: users-help@felix.apache.org
>>
>>
>>      
>
>
>    

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
For additional commands, e-mail: users-help@felix.apache.org

Re: "Filtering" exported packages/interfaces

Posted by Karl Pauls <ka...@gmail.com>.

On Wed, Sep 16, 2009 at 11:51 AM, Guido Spadotto <gs...@soluta.net> wrote:
> Hi all,
> I've tried to search this in the specs, but having some references from you
> would surely help me in finding the correct solution.
>
> The Problem: I'd like to put several type of interfaces in a single bundle.
> The exposed interfaces will be of two types: "3rd party" interfaces and
> "framework" interfaces.
> Framework interfaces are meant to be used by other framework components,
> and they expose the framework "nuts and bolts" low-level functionalities.
> 3rd Party interfaces are "narrower" interfaces that provide "protected"
> hooks
> into the framework that might be used by 3rd party service developers.
>
> Each type of interface will reside in its own package (org.example.3p and
> org.example.fw).
>
> I'd like to make framework interfaces visible only to specific
> bundles/components
> of the framework environment I'm writing (and whose bundles I am in full
> control of),
> whilst 3p interfaces will be exported as usual (i.e. no restrictions on
> their visibility).
>
> The Question: is there an easy/correct way of achieving this in OSGi ?

I guess you are looking for security. Have a look at the
ConditionalPermissionAdmin and the related permissions defined by
OSGi. You can find an overview at:

http://felix.apache.org/site/presentations.data/Building%20Secure%20OSGi%20Applications.pdf

regards,

Karl

> Which sections in the Core/Compendium Specs cover this (Release 4, Version
> 4.1),
> if any?
>
> Thank you
> --
> Guido Spadotto
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
> For additional commands, e-mail: users-help@felix.apache.org
>
>



-- 
Karl Pauls
karlpauls@gmail.com

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
For additional commands, e-mail: users-help@felix.apache.org