You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@felix.apache.org by Robert Onslow <ro...@gmail.com> on 2015/09/14 15:05:56 UTC
ConditionalPermissionAdmin tutorial
I have managed to piece together the following approach to implementing
security in OSGI.
First, apply some VM arguments:
-Dorg.osgi.framework.security="osgi" -Dosgi.signedcontent.support=true
-Djava.security.policy=policy.all
Next, install the org.apache.felix.framework bundle
felix.conf:
felix.auto.start.1=file:/boot/org.apache.felix.framework.security-2.4.0.jar
Then it is necessary to create a new bundle with an activator which looks
for a ConditionalPermissionAdmin, on which the permissions will be
registered.
application.security.Activator implements BundleActivator {
public void start(BundleContext context) {
ServiceReference<ConditionalPermissionAdmin> ref =
context.getServiceReference(ConditionalPermissionAdmin.class);
//this is returning null - the Conditional PermissionAdmin service has not
started
ConditionalPermissionAdmin admin = context.getService(ref);
List<ConfitionalPermissionInfo> infos =
admin.getConditionalPermissionInfos();
infos.clear();
infos.add(admin.newConditionalPermissionInfo("ALLOW
{[BundleSignerCondition \"cn=myorgname\" ] (AllPermission)}"));
...
}
Ensure this is started after the security bundle
felix.auto.start.2=file:./boot/myapplication.security_1.0.0.jar
However the ConditionalPermissionAdmin service, which I am expecting to
start, is not starting. The org.apache.felix.framework.security bundle is
listed as "Resolved" but not "Active". The service reference is returning
null.
I think the problem may lie in the fact that
org.apache.felix.framework.security is an "extension£ bundle, not a
"service" bundle. I can find some information about extension bundles in
the OSGI specs but what I can't find are instructions as to how to start a
service in an extension bundle in Felix.
Can anyone help?
Thanks
Robert