[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [equinox-dev] Equinox with OSGi security?

Hello Thomas,

Thanks a lot, now it works!

Greetings, Marcel

On Jan 24, 2008, at 19:09 , Thomas Watson wrote:
The eclipse.security is only used by the org.eclipse.equinox.launcher jar. The eclipse.security option is used by the launcher bootstrap code to indicate that it should setup a policy which grants itself and the framework ALLPermissions. Then it sets the java.security.manager to the value of eclipse.security. Later when the Framework launches it actually will install the SecurityManager to enable security.

When running without the launcher you need to do a bit more work to setup your policy file. You can use a very simple policy which grants AllPermissions to everything like this ...

###### BEGIN POLICY FILE ##########
grant {
permission java.security.AllPermission;
};
###### END POLICY FILE ##########

You would then launch equinox with the following command:

java - Djava .security .manager =org.eclipse.osgi.framework.internal.core.FrameworkSecurityManager - Djava.security.policy=policy -jar org.eclipse.osgi_3.4.0.v20080107.jar -console

The java.security.manager property tells the VM what security manager to load. The java.security.policy property tells the VM what policy to load to grant permissions. Note that the permissions granted to the bundles installed into the framework are controled by the PermissionAdmin and ConditionalPermissionAdmin services. By default these services will grant all bundles AllPermissions.