You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@felix.apache.org by "Hasan (JIRA)" <ji...@apache.org> on 2008/12/16 15:34:44 UTC

[jira] Updated: (FELIX-849) checking a "self-defined" permission (extends java.security.Permission) does not work

     [ https://issues.apache.org/jira/browse/FELIX-849?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Hasan updated FELIX-849:
------------------------

    Attachment: felix_security_issue.tgz

> checking a "self-defined" permission (extends java.security.Permission) does not work
> -------------------------------------------------------------------------------------
>
>                 Key: FELIX-849
>                 URL: https://issues.apache.org/jira/browse/FELIX-849
>             Project: Felix
>          Issue Type: Bug
>          Components: Conditional Permission Admin
>            Reporter: Hasan
>            Priority: Minor
>         Attachments: felix_security_issue.tgz
>
>
> I have problems in using Permission derived from java.security.Permission
> with the felix ConditionalPermissionAdmin.
> I have 3 bundles:
> - PermissionManagement: defines MyPermission class and assigns this permission to all bundles
> - Provider: exposes a function f with security check on MyPermission
> - Consumer: try to use function f
> I run these bundles in felix + framework.security + scr and got access denied
> (Consumer is not allowed to use function f although MyPermission is already assigned to all bundles)
> Problems in detail:
> I have a bundle named PermissionManagement which defines a new Permission class
> as follows:
> public class MyPermission extends Permission {
>    private String actions;
>    public MyPermission(String name, String actions) {
>        super(name);
>        this.actions = actions;
>        System.out.println("MyPermission constructor called with params: " +
>            name + ", " + actions);
>    }
>    ...
>    @Override
>    public String getActions() {
>        System.out.println("MyPermission getActions method called");
>        return this.actions;
>    }
> }
> PermissionManagement also defines a class called "PermissionManager" to assign
> MyPermission to all bundles using ConditionalPermissionAdmin as follows:
>    cpa.addConditionalPermissionInfo(new ConditionInfo[]{
>        null
>    },
>    new PermissionInfo[]{
>        new PermissionInfo(
>        MyPermission.class.getName(), "MyName", "MyAction")
>    });
> Provider bundle defines a class DummyProvider which exposes a function F guarded with security check
>    public String f() {
>        MyPermission myPerm = new MyPermission("MyName", "MyAction");
>        SecurityManager security = System.getSecurityManager();
>        if (security != null) {
>            security.checkPermission(myPerm);
>        }
>        return "test";
>    }
> Consumer bundle has an Activator as follows:
> public class Activator implements BundleActivator {
>    @Override
>    public void start(BundleContext arg0) throws Exception {
>        DummyProvider dp = new DummyProvider();
>        System.out.println(dp.f());
>    }
>    ...
> }
> in felix shell
> -> start file:///.../consumer-1.0-SNAPSHOT.jar
> DummyProvider constructor called
> MyPermission constructor called with params: MyName, MyAction
> MyPermission hashCode method called
> MyPermission hashCode method called
> MyPermission hashCode method called
> MyPermission hashCode method called
> MyPermission getActions method called
> java.security.AccessControlException: access denied (testbundles.permissionmanagement.MyPermission MyName MyAction) 

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.