You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cxf.apache.org by David Bosschaert <da...@gmail.com> on 2010/04/26 12:26:11 UTC
Re: svn commit: r937947 - in /cxf/dosgi/trunk: discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/
distribution/single-bundle/src/main/resources/OSGI-INF/ dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/hand
Thanks Marc!
One comment I have is that there are no CXF-DOSGi unit tests for this
code. I know that it's tested in the OSGi TCK but it would be good to
have some tests for it in the CXF-DOSGi codebase.
Do you think you can add these?
Cheers,
David
On 26 April 2010 08:30, <ms...@apache.org> wrote:
> Author: mschaaf
> Date: Mon Apr 26 07:30:42 2010
> New Revision: 937947
>
> URL: http://svn.apache.org/viewvc?rev=937947&view=rev
> Log:
> - some additions to the zookeeper discovery to be compiant with the TCK
> - some refactoring in the zookeeper discovery
> - added some basic security checks to the DSW to comply with the TCK security tests
>
> Added:
> cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/
> cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm
> Modified:
> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java
> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java
> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java
> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java
> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java
> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java
> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java
> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java
>
> Modified: cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java
> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java?rev=937947&r1=937946&r2=937947&view=diff
> ==============================================================================
> --- cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java (original)
> +++ cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java Mon Apr 26 07:30:42 2010
> @@ -71,14 +71,21 @@ public class EndpointListenerTrackerCust
> for (String key : sref.getPropertyKeys()) {
> LOG.finest("modifiedService: property: " + key + " => " + sref.getProperty(key));
> }
> - String[] scopes = getStringPlusProperty(sref.getProperty(EndpointListener.ENDPOINT_LISTENER_SCOPE));
> - LOG.fine("trying to discover service for scopes[" + scopes.length + "]: ");
> +
> + String[] scopes = Util.getScopes(sref);
> +
> + LOG.info("trying to discover services for scopes[" + scopes.length + "]: ");
> if(scopes!=null) for (String scope : scopes) {
> - LOG.fine("Scope: "+scope);
> + LOG.info("Scope: "+scope);
> }
> if (scopes.length > 0) {
> for (String scope : scopes) {
> LOG.fine("*********** Handling scope: " + scope);
> + if("".equals(scope) || scope == null){
> + LOG.warning("skipping empty scope from EndpointListener from " + sref.getBundle().getSymbolicName());
> + continue;
> + }
> +
> String objClass = getObjectClass(scope);
> LOG.fine("*********** objectClass: " + objClass);
>
> @@ -100,10 +107,10 @@ public class EndpointListenerTrackerCust
> interest.im.close();
> interest.im = null;
> }
> -
> +
> InterfaceMonitor dm = new InterfaceMonitor(zooKeeperDiscovery.getZookeeper(),
> objClass, interest, scope, bctx);
> - dm.process();
> + dm.start();
> interest.im = dm;
>
> List<String> handledScopes = handledEndpointlisteners.get(sref);
> @@ -149,34 +156,7 @@ public class EndpointListenerTrackerCust
>
> }
>
> - private String[] getStringPlusProperty(Object property) {
> -
> - if (property instanceof String) {
> - // System.out.println("String");
> - String[] ret = new String[1];
> - ret[0] = (String)property;
> - return ret;
> - }
> -
> - if (property instanceof String[]) {
> - // System.out.println("String[]");
> - return (String[])property;
> - }
> -
> - if (property instanceof Collection) {
> - Collection col = (Collection)property;
> - // System.out.println("Collection: size "+col.size());
> - String[] ret = new String[col.size()];
> - int x = 0;
> - for (Object s : col) {
> - ret[x] = (String)s;
> - ++x;
> - }
> - return ret;
> - }
> -
> - return new String[0];
> - }
> +
>
> // public void discoveredEndpont(EndpointDescription epd) {
> // LOG.info("Endpoint Discovered: " + epd.getProperties());
>
> Modified: cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java
> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java?rev=937947&r1=937946&r2=937947&view=diff
> ==============================================================================
> --- cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java (original)
> +++ cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java Mon Apr 26 07:30:42 2010
> @@ -19,9 +19,12 @@
> package org.apache.cxf.dosgi.discovery.zookeeper;
>
> import java.io.ByteArrayInputStream;
> +import java.util.Dictionary;
> import java.util.HashMap;
> import java.util.List;
> import java.util.Map;
> +import java.util.Properties;
> +import java.util.Set;
> import java.util.logging.Level;
> import java.util.logging.Logger;
>
> @@ -31,6 +34,8 @@ import org.apache.zookeeper.ZooKeeper;
> import org.apache.zookeeper.data.Stat;
> import org.jdom.Element;
> import org.osgi.framework.BundleContext;
> +import org.osgi.framework.Filter;
> +import org.osgi.framework.FrameworkUtil;
> import org.osgi.framework.ServiceReference;
> import org.osgi.service.remoteserviceadmin.EndpointDescription;
> import org.osgi.service.remoteserviceadmin.EndpointListener;
> @@ -63,6 +68,9 @@ public class InterfaceDataMonitorListene
> discoveredServiceTracker = dst;
> bctx = bc;
> this.scope = scope;
> +
> +
> + LOG.fine("InterfaceDataMonitorListenerImpl is recursive: "+recursive);
> }
>
> public synchronized void change() {
> @@ -94,7 +102,7 @@ public class InterfaceDataMonitorListene
>
> List<String> children;
> try {
> - LOG.fine("Processing " + znode);
> + LOG.info("Processing the children of " + znode);
> children = zookeeper.getChildren(znode, false);
>
> for (String child : children) {
> @@ -125,7 +133,7 @@ public class InterfaceDataMonitorListene
> try {
> Stat s = zookeeper.exists(node, false);
> if (s.getDataLength() <= 0) {
> - LOG.fine(node + " does not contain any discovery data");
> + //LOG.info(node + " does not contain any discovery data");
> return null;
> }
> byte[] data = zookeeper.getData(node, false, null);
> @@ -149,10 +157,27 @@ public class InterfaceDataMonitorListene
> if (bctx.getService(sref) instanceof EndpointListener) {
> EndpointListener epl = (EndpointListener)bctx.getService(sref);
>
> - LOG.info("calling EndpointListener; " + epl + "from bundle "
> - + sref.getBundle().getSymbolicName());
> -
> - epl.endpointAdded(epd, scope);
> + // return the >first< matching scope of the listener
> + String[] scopes = Util.getScopes(sref);
> + for (String currentScope : scopes) {
> + LOG.fine("matching " + epd + " against "+currentScope);
> + Filter f = FrameworkUtil.createFilter(currentScope);
> +
> + Dictionary d = new Properties();
> + Map<String, Object> props = epd.getProperties();
> + Set<Map.Entry<String, Object>> entries = props.entrySet();
> + for (Map.Entry<String, Object> entry : entries) {
> + d.put(entry.getKey(), entry.getValue());
> + }
> +
> + if(f.match(d)){
> + LOG.fine("MATCHED " + epd + "against "+currentScope);
> + LOG.info("calling EndpointListener; " + epl + " from bundle "
> + + sref.getBundle().getSymbolicName() + " based on scope ["+currentScope+"]");
> + epl.endpointAdded(epd, currentScope);
> + break;
> + }
> + }
> }
> }
> } else if (!prevVal.equals(epd.getProperties())) {
>
> Modified: cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java
> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java?rev=937947&r1=937946&r2=937947&view=diff
> ==============================================================================
> --- cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java (original)
> +++ cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java Mon Apr 26 07:30:42 2010
> @@ -40,12 +40,17 @@ public class InterfaceMonitor implements
> private boolean closed = false;
>
> public InterfaceMonitor(ZooKeeper zk, String intf, EndpointListenerTrackerCustomizer.Interest zkd, String scope, BundleContext bctx) {
> + LOG.fine("Creating new InterfaceMonitor for scope ["+scope+"] and objectClass ["+intf+"] ");
> listener = new InterfaceDataMonitorListenerImpl(zk, intf, zkd,scope,bctx);
> zookeeper = zk;
> znode = Util.getZooKeeperPath(intf);
> }
>
> - public void process() {
> + public void start() {
> + process();
> + }
> +
> + private void process() {
> LOG.finest("Kicking off a zookeeper.exists() on node: " + znode);
> zookeeper.exists(znode, this, this, null);
> }
>
> Modified: cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java
> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java?rev=937947&r1=937946&r2=937947&view=diff
> ==============================================================================
> --- cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java (original)
> +++ cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java Mon Apr 26 07:30:42 2010
> @@ -18,10 +18,14 @@
> */
> package org.apache.cxf.dosgi.discovery.zookeeper;
>
> +import java.util.ArrayList;
> import java.util.Arrays;
> import java.util.Collection;
> import java.util.Collections;
>
> +import org.osgi.framework.ServiceReference;
> +import org.osgi.service.remoteserviceadmin.EndpointListener;
> +
> public class Util {
> static final String PATH_PREFIX = "/osgi/service_registry";
>
> @@ -43,4 +47,44 @@ public class Util {
> return PATH_PREFIX + '/' + name.replace('.', '/');
> }
>
> +
> + static String[] getStringPlusProperty(Object property) {
> +
> + if (property instanceof String) {
> + // System.out.println("String");
> + String[] ret = new String[1];
> + ret[0] = (String)property;
> + return ret;
> + }
> +
> + if (property instanceof String[]) {
> + // System.out.println("String[]");
> + return (String[])property;
> + }
> +
> + if (property instanceof Collection) {
> + Collection col = (Collection)property;
> + // System.out.println("Collection: size "+col.size());
> + String[] ret = new String[col.size()];
> + int x = 0;
> + for (Object s : col) {
> + ret[x] = (String)s;
> + ++x;
> + }
> + return ret;
> + }
> +
> + return new String[0];
> + }
> +
> + public static String[] getScopes(ServiceReference sref) {
> + String[] scopes = Util.getStringPlusProperty(sref.getProperty(EndpointListener.ENDPOINT_LISTENER_SCOPE));
> + ArrayList<String> normalizedScopes = new ArrayList<String>(scopes.length);
> + for (String scope : scopes) {
> + if(scope!=null || "".equals(scope))
> + normalizedScopes.add(scope);
> + }
> + return normalizedScopes.toArray(new String[normalizedScopes.size()]);
> + }
> +
> }
>
> Added: cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm
> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm?rev=937947&view=auto
> ==============================================================================
> --- cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm (added)
> +++ cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm Mon Apr 26 07:30:42 2010
> @@ -0,0 +1,29 @@
> +#
> +# Licensed to the Apache Software Foundation (ASF) under one
> +# or more contributor license agreements. See the NOTICE file
> +# distributed with this work for additional information
> +# regarding copyright ownership. The ASF licenses this file
> +# to you under the Apache License, Version 2.0 (the
> +# "License"); you may not use this file except in compliance
> +# with the License. You may obtain a copy of the License at
> +#
> +# http://www.apache.org/licenses/LICENSE-2.0
> +#
> +# Unless required by applicable law or agreed to in writing,
> +# software distributed under the License is distributed on an
> +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> +# KIND, either express or implied. See the License for the
> +# specific language governing permissions and limitations
> +# under the License.
> +#
> +
> +(java.security.AllPermission )
> +
> +(org.osgi.framework.PackagePermission "*" "import")
> +(org.osgi.framework.PackagePermission "*" "export")
> +
> +(org.osgi.framework.ServicePermission "*" "register")
> +(org.osgi.framework.ServicePermission "*" "get")
> +
> +(org.osgi.framework.AdminPermission "*" "metadata")
> +(org.osgi.framework.AdminPermission "*" "listen")
>
> Modified: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java
> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java?rev=937947&r1=937946&r2=937947&view=diff
> ==============================================================================
> --- cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java (original)
> +++ cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java Mon Apr 26 07:30:42 2010
> @@ -18,6 +18,9 @@
> */
> package org.apache.cxf.dosgi.dsw.handlers;
>
> +import java.security.AccessController;
> +import java.security.PrivilegedAction;
> +import java.util.List;
> import java.util.logging.Level;
> import java.util.logging.Logger;
>
> @@ -51,14 +54,20 @@ public class ClientServiceFactory implem
> importRegistartion = ir;
> }
>
> - public Object getService(Bundle requestingBundle, ServiceRegistration sreg) {
> + public Object getService(final Bundle requestingBundle, final ServiceRegistration sreg) {
> String interfaceName = sd.getInterfaces() != null && sd.getInterfaces().size() > 0 ? (String)sd
> .getInterfaces().toArray()[0] : null;
> +
> LOG.info("************ getService() from serviceFactory for " + interfaceName);
>
> try {
> - Object proxy = handler.createProxy(sreg.getReference(), dswContext, requestingBundle
> - .getBundleContext(), iClass, sd);
> + Object proxy = AccessController.doPrivileged(new PrivilegedAction<Object>() {
> + public Object run() {
> + return handler.createProxy(sreg.getReference(), dswContext, requestingBundle
> + .getBundleContext(), iClass, sd);
> + }
> + });
> +
> synchronized (this) {
> ++serviceCounter;
> }
>
> Modified: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java
> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java?rev=937947&r1=937946&r2=937947&view=diff
> ==============================================================================
> --- cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java (original)
> +++ cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java Mon Apr 26 07:30:42 2010
> @@ -22,6 +22,9 @@ import java.lang.reflect.InvocationHandl
> import java.lang.reflect.InvocationTargetException;
> import java.lang.reflect.Method;
> import java.lang.reflect.Proxy;
> +import java.security.AccessController;
> +import java.security.PrivilegedAction;
> +import java.security.PrivilegedExceptionAction;
> import java.util.ArrayList;
> import java.util.Arrays;
> import java.util.Collection;
> @@ -45,7 +48,7 @@ public class ServiceInvocationHandler im
> introspectType(iType);
> }
>
> - public Object invoke(Object proxy, Method m, Object[] params) throws Throwable {
> + public Object invoke(Object proxy, final Method m, Object[] params) throws Throwable {
> if (OBJECT_METHODS.contains(m)) {
> if (m.getName().equals("equals")) {
> params = new Object[] {Proxy.getInvocationHandler(params[0])};
> @@ -56,7 +59,12 @@ public class ServiceInvocationHandler im
> ClassLoader oldCl = Thread.currentThread().getContextClassLoader();
> try {
> Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
> - return m.invoke(serviceObject, params);
> + final Object[] paramsFinal = params;
> + return AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
> + public Object run() throws Exception {
> + return m.invoke(serviceObject, paramsFinal);
> + }
> + });
> } catch (Throwable ex) {
> Throwable theCause = ex.getCause() == null ? ex : ex.getCause();
>
>
> Modified: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java
> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java?rev=937947&r1=937946&r2=937947&view=diff
> ==============================================================================
> --- cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java (original)
> +++ cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java Mon Apr 26 07:30:42 2010
> @@ -22,16 +22,12 @@ import java.util.ArrayList;
> import java.util.Collection;
> import java.util.Collections;
> import java.util.Dictionary;
> -import java.util.Enumeration;
> import java.util.HashMap;
> -import java.util.HashSet;
> import java.util.Hashtable;
> -import java.util.Iterator;
> import java.util.LinkedHashMap;
> import java.util.List;
> import java.util.Map;
> import java.util.Properties;
> -import java.util.Set;
> import java.util.logging.Logger;
>
> import org.apache.cxf.dosgi.dsw.ClassUtils;
> @@ -337,8 +333,8 @@ public class RemoteServiceAdminCore impl
> /**
> * Importing form here ....
> */
> - public ImportRegistration importService(EndpointDescription endpoint) {
> -
> + public ImportRegistration importService(EndpointDescription endpoint) {
> +
> LOG.info("importService() Endpoint: " + endpoint.getProperties());
>
> synchronized (importedServices) {
>
> Modified: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java
> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java?rev=937947&r1=937946&r2=937947&view=diff
> ==============================================================================
> --- cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java (original)
> +++ cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java Mon Apr 26 07:30:42 2010
> @@ -1,23 +1,26 @@
> /**
> - * Licensed to the Apache Software Foundation (ASF) under one
> - * or more contributor license agreements. See the NOTICE file
> - * distributed with this work for additional information
> - * regarding copyright ownership. The ASF licenses this file
> - * to you under the Apache License, Version 2.0 (the
> - * "License"); you may not use this file except in compliance
> - * with the License. You may obtain a copy of the License at
> - *
> - * http://www.apache.org/licenses/LICENSE-2.0
> - *
> - * Unless required by applicable law or agreed to in writing,
> - * software distributed under the License is distributed on an
> - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> - * KIND, either express or implied. See the License for the
> - * specific language governing permissions and limitations
> - * under the License.
> - */
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations
> + * under the License.
> + */
> package org.apache.cxf.dosgi.dsw.service;
>
> +import java.security.AccessControlContext;
> +import java.security.AccessController;
> +import java.security.PrivilegedAction;
> import java.util.ArrayList;
> import java.util.Collection;
> import java.util.Collections;
> @@ -25,17 +28,18 @@ import java.util.List;
> import java.util.Map;
> import java.util.logging.Logger;
>
> +import org.apache.cxf.dosgi.dsw.OsgiUtils;
> import org.osgi.framework.BundleContext;
> import org.osgi.framework.ServiceReference;
> import org.osgi.service.remoteserviceadmin.EndpointDescription;
> +import org.osgi.service.remoteserviceadmin.EndpointPermission;
> import org.osgi.service.remoteserviceadmin.ExportRegistration;
> import org.osgi.service.remoteserviceadmin.ImportRegistration;
> import org.osgi.service.remoteserviceadmin.RemoteServiceAdmin;
>
> -
> public class RemoteServiceAdminInstance implements RemoteServiceAdmin {
> Logger LOG = Logger.getLogger(RemoteServiceAdminInstance.class.getName());
> -
> +
> private BundleContext bctx;
> private RemoteServiceAdminCore rsaCore;
>
> @@ -51,38 +55,86 @@ public class RemoteServiceAdminInstance
>
> public List /* ExportRegistration */exportService(ServiceReference ref, Map properties)
> throws IllegalArgumentException, UnsupportedOperationException {
> - if (closed)
> - return Collections.EMPTY_LIST;
>
> - synchronized (exportedServices) {
> - List er = rsaCore.exportService(ref, properties);
> - if(er!=null)
> - exportedServices.addAll(er);
> - return er;
> + SecurityManager sm = System.getSecurityManager();
> + EndpointPermission epp = new EndpointPermission("*", EndpointPermission.EXPORT);
> +
> +
> + if (sm != null) {
> + sm.checkPermission(epp);
> }
> +
> +
> + final ServiceReference refFinal = ref;
> + final Map propertiesFinal = properties;
> +
> + return AccessController.doPrivileged(new PrivilegedAction<List>() {
> + public List run() {
> +
> + if (closed)
> + return Collections.EMPTY_LIST;
> +
> + synchronized (exportedServices) {
> + List er = rsaCore.exportService(refFinal, propertiesFinal);
> + if (er != null)
> + exportedServices.addAll(er);
> + return er;
> + }
> + }
> + });
> }
>
> public Collection getExportedServices() {
> +
> + SecurityManager sm = System.getSecurityManager();
> + EndpointPermission epp = new EndpointPermission("*", EndpointPermission.READ);
> + if (sm != null) {
> + sm.checkPermission(epp);
> + }
> +
> if (closed)
> return null;
> return rsaCore.getExportedServices();
> }
>
> public Collection getImportedEndpoints() {
> +
> + SecurityManager sm = System.getSecurityManager();
> + EndpointPermission epp = new EndpointPermission("*", EndpointPermission.READ);
> + if (sm != null) {
> + sm.checkPermission(epp);
> + }
> +
> if (closed)
> return null;
> return rsaCore.getImportedEndpoints();
> }
>
> public ImportRegistration importService(EndpointDescription endpoint) {
> - if (closed)
> - return null;
> - synchronized (importedServices) {
> - ImportRegistration ir = rsaCore.importService(endpoint);
> - if(ir!=null)
> - importedServices.add(ir);
> - return ir;
> +
> + final EndpointDescription epd = endpoint;
> +
> + SecurityManager sm = System.getSecurityManager();
> + EndpointPermission epp = new EndpointPermission(epd, OsgiUtils.getUUID(bctx),
> + EndpointPermission.IMPORT);
> + if (sm != null) {
> + sm.checkPermission(epp);
> }
> +
> + return AccessController.doPrivileged(new PrivilegedAction<ImportRegistration>() {
> + public ImportRegistration run() {
> +
> + if (closed)
> + return null;
> +
> + synchronized (importedServices) {
> + ImportRegistration ir = rsaCore.importService(epd);
> + if (ir != null)
> + importedServices.add(ir);
> + return ir;
> + }
> + }
> + });
> }
>
> public void close() {
> @@ -91,14 +143,14 @@ public class RemoteServiceAdminInstance
> synchronized (importedServices) {
> LOG.info("Removing all services imported by this RSA instance");
> for (ImportRegistration ir : importedServices) {
> - LOG.finest("Closing ImportRegistration "+ir);
> + LOG.finest("Closing ImportRegistration " + ir);
> ir.close();
> }
> }
> synchronized (exportedServices) {
> LOG.info("Removing all services exported by this RSA instance");
> for (ExportRegistration er : exportedServices) {
> - LOG.finest("Closing ExportRegistration "+er);
> + LOG.finest("Closing ExportRegistration " + er);
> er.close();
> }
> }
>
>
>
Re: svn commit: r937947 - in /cxf/dosgi/trunk: discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/
distribution/single-bundle/src/main/resources/OSGI-INF/ dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/hand
Posted by Marc Schaaf <ma...@marc-schaaf.de>.
Hi David,
I'm sorry but I currently don't have the time to implement the test
cases. I will add them as soon as possible, probably in two weeks from
now when I will have some more time on my hands.
Cheers,
Marc
David Bosschaert wrote:
> Thanks Marc!
> One comment I have is that there are no CXF-DOSGi unit tests for this
> code. I know that it's tested in the OSGi TCK but it would be good to
> have some tests for it in the CXF-DOSGi codebase.
> Do you think you can add these?
>
> Cheers,
>
> David
>
> On 26 April 2010 08:30, <ms...@apache.org> wrote:
>> Author: mschaaf
>> Date: Mon Apr 26 07:30:42 2010
>> New Revision: 937947
>>
>> URL: http://svn.apache.org/viewvc?rev=937947&view=rev
>> Log:
>> - some additions to the zookeeper discovery to be compiant with the TCK
>> - some refactoring in the zookeeper discovery
>> - added some basic security checks to the DSW to comply with the TCK security tests
>>
>> Added:
>> cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/
>> cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm
>> Modified:
>> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java
>> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java
>> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java
>> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java
>> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java
>> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java
>> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java
>> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java
>>
>> Modified: cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java
>> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java?rev=937947&r1=937946&r2=937947&view=diff
>> ==============================================================================
>> --- cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java (original)
>> +++ cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java Mon Apr 26 07:30:42 2010
>> @@ -71,14 +71,21 @@ public class EndpointListenerTrackerCust
>> for (String key : sref.getPropertyKeys()) {
>> LOG.finest("modifiedService: property: " + key + " => " + sref.getProperty(key));
>> }
>> - String[] scopes = getStringPlusProperty(sref.getProperty(EndpointListener.ENDPOINT_LISTENER_SCOPE));
>> - LOG.fine("trying to discover service for scopes[" + scopes.length + "]: ");
>> +
>> + String[] scopes = Util.getScopes(sref);
>> +
>> + LOG.info("trying to discover services for scopes[" + scopes.length + "]: ");
>> if(scopes!=null) for (String scope : scopes) {
>> - LOG.fine("Scope: "+scope);
>> + LOG.info("Scope: "+scope);
>> }
>> if (scopes.length > 0) {
>> for (String scope : scopes) {
>> LOG.fine("*********** Handling scope: " + scope);
>> + if("".equals(scope) || scope == null){
>> + LOG.warning("skipping empty scope from EndpointListener from " + sref.getBundle().getSymbolicName());
>> + continue;
>> + }
>> +
>> String objClass = getObjectClass(scope);
>> LOG.fine("*********** objectClass: " + objClass);
>>
>> @@ -100,10 +107,10 @@ public class EndpointListenerTrackerCust
>> interest.im.close();
>> interest.im = null;
>> }
>> -
>> +
>> InterfaceMonitor dm = new InterfaceMonitor(zooKeeperDiscovery.getZookeeper(),
>> objClass, interest, scope, bctx);
>> - dm.process();
>> + dm.start();
>> interest.im = dm;
>>
>> List<String> handledScopes = handledEndpointlisteners.get(sref);
>> @@ -149,34 +156,7 @@ public class EndpointListenerTrackerCust
>>
>> }
>>
>> - private String[] getStringPlusProperty(Object property) {
>> -
>> - if (property instanceof String) {
>> - // System.out.println("String");
>> - String[] ret = new String[1];
>> - ret[0] = (String)property;
>> - return ret;
>> - }
>> -
>> - if (property instanceof String[]) {
>> - // System.out.println("String[]");
>> - return (String[])property;
>> - }
>> -
>> - if (property instanceof Collection) {
>> - Collection col = (Collection)property;
>> - // System.out.println("Collection: size "+col.size());
>> - String[] ret = new String[col.size()];
>> - int x = 0;
>> - for (Object s : col) {
>> - ret[x] = (String)s;
>> - ++x;
>> - }
>> - return ret;
>> - }
>> -
>> - return new String[0];
>> - }
>> +
>>
>> // public void discoveredEndpont(EndpointDescription epd) {
>> // LOG.info("Endpoint Discovered: " + epd.getProperties());
>>
>> Modified: cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java
>> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java?rev=937947&r1=937946&r2=937947&view=diff
>> ==============================================================================
>> --- cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java (original)
>> +++ cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java Mon Apr 26 07:30:42 2010
>> @@ -19,9 +19,12 @@
>> package org.apache.cxf.dosgi.discovery.zookeeper;
>>
>> import java.io.ByteArrayInputStream;
>> +import java.util.Dictionary;
>> import java.util.HashMap;
>> import java.util.List;
>> import java.util.Map;
>> +import java.util.Properties;
>> +import java.util.Set;
>> import java.util.logging.Level;
>> import java.util.logging.Logger;
>>
>> @@ -31,6 +34,8 @@ import org.apache.zookeeper.ZooKeeper;
>> import org.apache.zookeeper.data.Stat;
>> import org.jdom.Element;
>> import org.osgi.framework.BundleContext;
>> +import org.osgi.framework.Filter;
>> +import org.osgi.framework.FrameworkUtil;
>> import org.osgi.framework.ServiceReference;
>> import org.osgi.service.remoteserviceadmin.EndpointDescription;
>> import org.osgi.service.remoteserviceadmin.EndpointListener;
>> @@ -63,6 +68,9 @@ public class InterfaceDataMonitorListene
>> discoveredServiceTracker = dst;
>> bctx = bc;
>> this.scope = scope;
>> +
>> +
>> + LOG.fine("InterfaceDataMonitorListenerImpl is recursive: "+recursive);
>> }
>>
>> public synchronized void change() {
>> @@ -94,7 +102,7 @@ public class InterfaceDataMonitorListene
>>
>> List<String> children;
>> try {
>> - LOG.fine("Processing " + znode);
>> + LOG.info("Processing the children of " + znode);
>> children = zookeeper.getChildren(znode, false);
>>
>> for (String child : children) {
>> @@ -125,7 +133,7 @@ public class InterfaceDataMonitorListene
>> try {
>> Stat s = zookeeper.exists(node, false);
>> if (s.getDataLength() <= 0) {
>> - LOG.fine(node + " does not contain any discovery data");
>> + //LOG.info(node + " does not contain any discovery data");
>> return null;
>> }
>> byte[] data = zookeeper.getData(node, false, null);
>> @@ -149,10 +157,27 @@ public class InterfaceDataMonitorListene
>> if (bctx.getService(sref) instanceof EndpointListener) {
>> EndpointListener epl = (EndpointListener)bctx.getService(sref);
>>
>> - LOG.info("calling EndpointListener; " + epl + "from bundle "
>> - + sref.getBundle().getSymbolicName());
>> -
>> - epl.endpointAdded(epd, scope);
>> + // return the >first< matching scope of the listener
>> + String[] scopes = Util.getScopes(sref);
>> + for (String currentScope : scopes) {
>> + LOG.fine("matching " + epd + " against "+currentScope);
>> + Filter f = FrameworkUtil.createFilter(currentScope);
>> +
>> + Dictionary d = new Properties();
>> + Map<String, Object> props = epd.getProperties();
>> + Set<Map.Entry<String, Object>> entries = props.entrySet();
>> + for (Map.Entry<String, Object> entry : entries) {
>> + d.put(entry.getKey(), entry.getValue());
>> + }
>> +
>> + if(f.match(d)){
>> + LOG.fine("MATCHED " + epd + "against "+currentScope);
>> + LOG.info("calling EndpointListener; " + epl + " from bundle "
>> + + sref.getBundle().getSymbolicName() + " based on scope ["+currentScope+"]");
>> + epl.endpointAdded(epd, currentScope);
>> + break;
>> + }
>> + }
>> }
>> }
>> } else if (!prevVal.equals(epd.getProperties())) {
>>
>> Modified: cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java
>> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java?rev=937947&r1=937946&r2=937947&view=diff
>> ==============================================================================
>> --- cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java (original)
>> +++ cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java Mon Apr 26 07:30:42 2010
>> @@ -40,12 +40,17 @@ public class InterfaceMonitor implements
>> private boolean closed = false;
>>
>> public InterfaceMonitor(ZooKeeper zk, String intf, EndpointListenerTrackerCustomizer.Interest zkd, String scope, BundleContext bctx) {
>> + LOG.fine("Creating new InterfaceMonitor for scope ["+scope+"] and objectClass ["+intf+"] ");
>> listener = new InterfaceDataMonitorListenerImpl(zk, intf, zkd,scope,bctx);
>> zookeeper = zk;
>> znode = Util.getZooKeeperPath(intf);
>> }
>>
>> - public void process() {
>> + public void start() {
>> + process();
>> + }
>> +
>> + private void process() {
>> LOG.finest("Kicking off a zookeeper.exists() on node: " + znode);
>> zookeeper.exists(znode, this, this, null);
>> }
>>
>> Modified: cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java
>> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java?rev=937947&r1=937946&r2=937947&view=diff
>> ==============================================================================
>> --- cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java (original)
>> +++ cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java Mon Apr 26 07:30:42 2010
>> @@ -18,10 +18,14 @@
>> */
>> package org.apache.cxf.dosgi.discovery.zookeeper;
>>
>> +import java.util.ArrayList;
>> import java.util.Arrays;
>> import java.util.Collection;
>> import java.util.Collections;
>>
>> +import org.osgi.framework.ServiceReference;
>> +import org.osgi.service.remoteserviceadmin.EndpointListener;
>> +
>> public class Util {
>> static final String PATH_PREFIX = "/osgi/service_registry";
>>
>> @@ -43,4 +47,44 @@ public class Util {
>> return PATH_PREFIX + '/' + name.replace('.', '/');
>> }
>>
>> +
>> + static String[] getStringPlusProperty(Object property) {
>> +
>> + if (property instanceof String) {
>> + // System.out.println("String");
>> + String[] ret = new String[1];
>> + ret[0] = (String)property;
>> + return ret;
>> + }
>> +
>> + if (property instanceof String[]) {
>> + // System.out.println("String[]");
>> + return (String[])property;
>> + }
>> +
>> + if (property instanceof Collection) {
>> + Collection col = (Collection)property;
>> + // System.out.println("Collection: size "+col.size());
>> + String[] ret = new String[col.size()];
>> + int x = 0;
>> + for (Object s : col) {
>> + ret[x] = (String)s;
>> + ++x;
>> + }
>> + return ret;
>> + }
>> +
>> + return new String[0];
>> + }
>> +
>> + public static String[] getScopes(ServiceReference sref) {
>> + String[] scopes = Util.getStringPlusProperty(sref.getProperty(EndpointListener.ENDPOINT_LISTENER_SCOPE));
>> + ArrayList<String> normalizedScopes = new ArrayList<String>(scopes.length);
>> + for (String scope : scopes) {
>> + if(scope!=null || "".equals(scope))
>> + normalizedScopes.add(scope);
>> + }
>> + return normalizedScopes.toArray(new String[normalizedScopes.size()]);
>> + }
>> +
>> }
>>
>> Added: cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm
>> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm?rev=937947&view=auto
>> ==============================================================================
>> --- cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm (added)
>> +++ cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm Mon Apr 26 07:30:42 2010
>> @@ -0,0 +1,29 @@
>> +#
>> +# Licensed to the Apache Software Foundation (ASF) under one
>> +# or more contributor license agreements. See the NOTICE file
>> +# distributed with this work for additional information
>> +# regarding copyright ownership. The ASF licenses this file
>> +# to you under the Apache License, Version 2.0 (the
>> +# "License"); you may not use this file except in compliance
>> +# with the License. You may obtain a copy of the License at
>> +#
>> +# http://www.apache.org/licenses/LICENSE-2.0
>> +#
>> +# Unless required by applicable law or agreed to in writing,
>> +# software distributed under the License is distributed on an
>> +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>> +# KIND, either express or implied. See the License for the
>> +# specific language governing permissions and limitations
>> +# under the License.
>> +#
>> +
>> +(java.security.AllPermission )
>> +
>> +(org.osgi.framework.PackagePermission "*" "import")
>> +(org.osgi.framework.PackagePermission "*" "export")
>> +
>> +(org.osgi.framework.ServicePermission "*" "register")
>> +(org.osgi.framework.ServicePermission "*" "get")
>> +
>> +(org.osgi.framework.AdminPermission "*" "metadata")
>> +(org.osgi.framework.AdminPermission "*" "listen")
>>
>> Modified: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java
>> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java?rev=937947&r1=937946&r2=937947&view=diff
>> ==============================================================================
>> --- cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java (original)
>> +++ cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java Mon Apr 26 07:30:42 2010
>> @@ -18,6 +18,9 @@
>> */
>> package org.apache.cxf.dosgi.dsw.handlers;
>>
>> +import java.security.AccessController;
>> +import java.security.PrivilegedAction;
>> +import java.util.List;
>> import java.util.logging.Level;
>> import java.util.logging.Logger;
>>
>> @@ -51,14 +54,20 @@ public class ClientServiceFactory implem
>> importRegistartion = ir;
>> }
>>
>> - public Object getService(Bundle requestingBundle, ServiceRegistration sreg) {
>> + public Object getService(final Bundle requestingBundle, final ServiceRegistration sreg) {
>> String interfaceName = sd.getInterfaces() != null && sd.getInterfaces().size() > 0 ? (String)sd
>> .getInterfaces().toArray()[0] : null;
>> +
>> LOG.info("************ getService() from serviceFactory for " + interfaceName);
>>
>> try {
>> - Object proxy = handler.createProxy(sreg.getReference(), dswContext, requestingBundle
>> - .getBundleContext(), iClass, sd);
>> + Object proxy = AccessController.doPrivileged(new PrivilegedAction<Object>() {
>> + public Object run() {
>> + return handler.createProxy(sreg.getReference(), dswContext, requestingBundle
>> + .getBundleContext(), iClass, sd);
>> + }
>> + });
>> +
>> synchronized (this) {
>> ++serviceCounter;
>> }
>>
>> Modified: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java
>> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java?rev=937947&r1=937946&r2=937947&view=diff
>> ==============================================================================
>> --- cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java (original)
>> +++ cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java Mon Apr 26 07:30:42 2010
>> @@ -22,6 +22,9 @@ import java.lang.reflect.InvocationHandl
>> import java.lang.reflect.InvocationTargetException;
>> import java.lang.reflect.Method;
>> import java.lang.reflect.Proxy;
>> +import java.security.AccessController;
>> +import java.security.PrivilegedAction;
>> +import java.security.PrivilegedExceptionAction;
>> import java.util.ArrayList;
>> import java.util.Arrays;
>> import java.util.Collection;
>> @@ -45,7 +48,7 @@ public class ServiceInvocationHandler im
>> introspectType(iType);
>> }
>>
>> - public Object invoke(Object proxy, Method m, Object[] params) throws Throwable {
>> + public Object invoke(Object proxy, final Method m, Object[] params) throws Throwable {
>> if (OBJECT_METHODS.contains(m)) {
>> if (m.getName().equals("equals")) {
>> params = new Object[] {Proxy.getInvocationHandler(params[0])};
>> @@ -56,7 +59,12 @@ public class ServiceInvocationHandler im
>> ClassLoader oldCl = Thread.currentThread().getContextClassLoader();
>> try {
>> Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
>> - return m.invoke(serviceObject, params);
>> + final Object[] paramsFinal = params;
>> + return AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
>> + public Object run() throws Exception {
>> + return m.invoke(serviceObject, paramsFinal);
>> + }
>> + });
>> } catch (Throwable ex) {
>> Throwable theCause = ex.getCause() == null ? ex : ex.getCause();
>>
>>
>> Modified: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java
>> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java?rev=937947&r1=937946&r2=937947&view=diff
>> ==============================================================================
>> --- cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java (original)
>> +++ cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java Mon Apr 26 07:30:42 2010
>> @@ -22,16 +22,12 @@ import java.util.ArrayList;
>> import java.util.Collection;
>> import java.util.Collections;
>> import java.util.Dictionary;
>> -import java.util.Enumeration;
>> import java.util.HashMap;
>> -import java.util.HashSet;
>> import java.util.Hashtable;
>> -import java.util.Iterator;
>> import java.util.LinkedHashMap;
>> import java.util.List;
>> import java.util.Map;
>> import java.util.Properties;
>> -import java.util.Set;
>> import java.util.logging.Logger;
>>
>> import org.apache.cxf.dosgi.dsw.ClassUtils;
>> @@ -337,8 +333,8 @@ public class RemoteServiceAdminCore impl
>> /**
>> * Importing form here ....
>> */
>> - public ImportRegistration importService(EndpointDescription endpoint) {
>> -
>> + public ImportRegistration importService(EndpointDescription endpoint) {
>> +
>> LOG.info("importService() Endpoint: " + endpoint.getProperties());
>>
>> synchronized (importedServices) {
>>
>> Modified: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java
>> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java?rev=937947&r1=937946&r2=937947&view=diff
>> ==============================================================================
>> --- cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java (original)
>> +++ cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java Mon Apr 26 07:30:42 2010
>> @@ -1,23 +1,26 @@
>> /**
>> - * Licensed to the Apache Software Foundation (ASF) under one
>> - * or more contributor license agreements. See the NOTICE file
>> - * distributed with this work for additional information
>> - * regarding copyright ownership. The ASF licenses this file
>> - * to you under the Apache License, Version 2.0 (the
>> - * "License"); you may not use this file except in compliance
>> - * with the License. You may obtain a copy of the License at
>> - *
>> - * http://www.apache.org/licenses/LICENSE-2.0
>> - *
>> - * Unless required by applicable law or agreed to in writing,
>> - * software distributed under the License is distributed on an
>> - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>> - * KIND, either express or implied. See the License for the
>> - * specific language governing permissions and limitations
>> - * under the License.
>> - */
>> + * Licensed to the Apache Software Foundation (ASF) under one
>> + * or more contributor license agreements. See the NOTICE file
>> + * distributed with this work for additional information
>> + * regarding copyright ownership. The ASF licenses this file
>> + * to you under the Apache License, Version 2.0 (the
>> + * "License"); you may not use this file except in compliance
>> + * with the License. You may obtain a copy of the License at
>> + *
>> + * http://www.apache.org/licenses/LICENSE-2.0
>> + *
>> + * Unless required by applicable law or agreed to in writing,
>> + * software distributed under the License is distributed on an
>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>> + * KIND, either express or implied. See the License for the
>> + * specific language governing permissions and limitations
>> + * under the License.
>> + */
>> package org.apache.cxf.dosgi.dsw.service;
>>
>> +import java.security.AccessControlContext;
>> +import java.security.AccessController;
>> +import java.security.PrivilegedAction;
>> import java.util.ArrayList;
>> import java.util.Collection;
>> import java.util.Collections;
>> @@ -25,17 +28,18 @@ import java.util.List;
>> import java.util.Map;
>> import java.util.logging.Logger;
>>
>> +import org.apache.cxf.dosgi.dsw.OsgiUtils;
>> import org.osgi.framework.BundleContext;
>> import org.osgi.framework.ServiceReference;
>> import org.osgi.service.remoteserviceadmin.EndpointDescription;
>> +import org.osgi.service.remoteserviceadmin.EndpointPermission;
>> import org.osgi.service.remoteserviceadmin.ExportRegistration;
>> import org.osgi.service.remoteserviceadmin.ImportRegistration;
>> import org.osgi.service.remoteserviceadmin.RemoteServiceAdmin;
>>
>> -
>> public class RemoteServiceAdminInstance implements RemoteServiceAdmin {
>> Logger LOG = Logger.getLogger(RemoteServiceAdminInstance.class.getName());
>> -
>> +
>> private BundleContext bctx;
>> private RemoteServiceAdminCore rsaCore;
>>
>> @@ -51,38 +55,86 @@ public class RemoteServiceAdminInstance
>>
>> public List /* ExportRegistration */exportService(ServiceReference ref, Map properties)
>> throws IllegalArgumentException, UnsupportedOperationException {
>> - if (closed)
>> - return Collections.EMPTY_LIST;
>>
>> - synchronized (exportedServices) {
>> - List er = rsaCore.exportService(ref, properties);
>> - if(er!=null)
>> - exportedServices.addAll(er);
>> - return er;
>> + SecurityManager sm = System.getSecurityManager();
>> + EndpointPermission epp = new EndpointPermission("*", EndpointPermission.EXPORT);
>> +
>> +
>> + if (sm != null) {
>> + sm.checkPermission(epp);
>> }
>> +
>> +
>> + final ServiceReference refFinal = ref;
>> + final Map propertiesFinal = properties;
>> +
>> + return AccessController.doPrivileged(new PrivilegedAction<List>() {
>> + public List run() {
>> +
>> + if (closed)
>> + return Collections.EMPTY_LIST;
>> +
>> + synchronized (exportedServices) {
>> + List er = rsaCore.exportService(refFinal, propertiesFinal);
>> + if (er != null)
>> + exportedServices.addAll(er);
>> + return er;
>> + }
>> + }
>> + });
>> }
>>
>> public Collection getExportedServices() {
>> +
>> + SecurityManager sm = System.getSecurityManager();
>> + EndpointPermission epp = new EndpointPermission("*", EndpointPermission.READ);
>> + if (sm != null) {
>> + sm.checkPermission(epp);
>> + }
>> +
>> if (closed)
>> return null;
>> return rsaCore.getExportedServices();
>> }
>>
>> public Collection getImportedEndpoints() {
>> +
>> + SecurityManager sm = System.getSecurityManager();
>> + EndpointPermission epp = new EndpointPermission("*", EndpointPermission.READ);
>> + if (sm != null) {
>> + sm.checkPermission(epp);
>> + }
>> +
>> if (closed)
>> return null;
>> return rsaCore.getImportedEndpoints();
>> }
>>
>> public ImportRegistration importService(EndpointDescription endpoint) {
>> - if (closed)
>> - return null;
>> - synchronized (importedServices) {
>> - ImportRegistration ir = rsaCore.importService(endpoint);
>> - if(ir!=null)
>> - importedServices.add(ir);
>> - return ir;
>> +
>> + final EndpointDescription epd = endpoint;
>> +
>> + SecurityManager sm = System.getSecurityManager();
>> + EndpointPermission epp = new EndpointPermission(epd, OsgiUtils.getUUID(bctx),
>> + EndpointPermission.IMPORT);
>> + if (sm != null) {
>> + sm.checkPermission(epp);
>> }
>> +
>> + return AccessController.doPrivileged(new PrivilegedAction<ImportRegistration>() {
>> + public ImportRegistration run() {
>> +
>> + if (closed)
>> + return null;
>> +
>> + synchronized (importedServices) {
>> + ImportRegistration ir = rsaCore.importService(epd);
>> + if (ir != null)
>> + importedServices.add(ir);
>> + return ir;
>> + }
>> + }
>> + });
>> }
>>
>> public void close() {
>> @@ -91,14 +143,14 @@ public class RemoteServiceAdminInstance
>> synchronized (importedServices) {
>> LOG.info("Removing all services imported by this RSA instance");
>> for (ImportRegistration ir : importedServices) {
>> - LOG.finest("Closing ImportRegistration "+ir);
>> + LOG.finest("Closing ImportRegistration " + ir);
>> ir.close();
>> }
>> }
>> synchronized (exportedServices) {
>> LOG.info("Removing all services exported by this RSA instance");
>> for (ExportRegistration er : exportedServices) {
>> - LOG.finest("Closing ExportRegistration "+er);
>> + LOG.finest("Closing ExportRegistration " + er);
>> er.close();
>> }
>> }
>>
>>
>>