| Re: [equinox-dev] Granting permissions for usage of Bundle |
Thanks for your prompt reply. So the best practice is to have a management agent set of bundles maintaining policy information and responsible for managing the other bundles, which is great.!
Regarding the other question, pardon me but I am not able to understand the term "super user" . Are you referring to the management bundle here.? Also let us say I export a service instead of a package, then is it possible for a separate management agent to enforce that only a particular bundle B can consume my service. Are the security conditions and permissions different for a service and package.
Thanks,
Srijith.
>>> BJ Hargrave <hargrave@xxxxxxxxxx> 04/15/08 7:34 PM >>>
In general, the management of permission is best done by a management agent: a bundle (or set of bundles) tasked with managing the set of installed bundles including the security policy. Enforcing permissions of course means that a SecurityManager is installed.
In order to modify the permissions on CPA, the caller must have AllPermission. So, in your example, bundle A would need AllPermission to modify the permissions so that only bundle B can import a specific package. Bundle A is then a "super user" which seems wrong.
--
|
BJ Hargrave |
|
|
From: |
"Srijith Kochunni" <ksrijith@xxxxxxxxxx> |
|
To: |
<equinox-dev@xxxxxxxxxxx> |
|
Date: |
2008/04/15 07:03 AM |
|
Subject: |
[equinox-dev] Granting permissions for usage of Bundle |
Again I do not want to use a separate Management Agent bundle to enforce this scenario, unless there is no other option. It would be better if I could achieve this by writing code in my consumed bundle alone. Any links to examples for using Permission Admin Service / Conditional Permission Service would also be helpful.
Thanks,
Srijith. _______________________________________________
equinox-dev mailing list
equinox-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/equinox-dev