[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [equinox-dev] custom OSGI JAAS authorization implementation doesn't work


Hi Erasmo,
By default OSGi's PermissionAdmin adds AllPermissions to all bundles that don't have their own permission files. To specify permission set for a given bundle, add a file OSGI-INF/permissions.perm to it, something along those lines:

(java.util.PropertyPermission "*" "read")
(java.util.PropertyPermission "*" "write")
(javax.security.auth.AuthPermission "*")
(java.lang.RuntimePermission "*")
(org.osgi.framework.ServicePermission "*" "GET")
(java.io.FilePermission "<<ALL FILES>>" "read")
(java.io.FilePermission "<<ALL FILES>>" "write")
(org.osgi.framework.AdminPermission "*" "class")
(org.osgi.framework.AdminPermission "*" "resource")
(org.osgi.framework.ServicePermission "*" "register")

Of course this is just a sample, not meant to be used in any real environment. You'll probably need to add more permissions into it.

Another thing to check is the use of the Java's Policy. I *think* it only applies to the launcher [which needs all permissions], and then OSGi's PermissionAdmin takes over.

Hope this helps.

Sincerely,
Oleg Besedin



Erasmo <einundswanzig@xxxxxxxxx>
Sent by: equinox-dev-bounces@xxxxxxxxxxx

12/14/2008 12:08 AM

Please respond to
Equinox development mailing list <equinox-dev@xxxxxxxxxxx>

To
equinox-dev@xxxxxxxxxxx
cc
Subject
[equinox-dev] custom OSGI JAAS authorization implementation doesn't        work





I have created a beautiful database-driven implementation of jaas based on this book http://www.jaasbook.com/ that includes a custom implementation of:

javax.security.auth.callback.CallbackHandler for input login info
javax.security.auth.login.Configuration for database based loginmodule aggregation
javax.security.auth.spi.LoginModule
java.security.Policy permissions retrieved from database
java.security.BasicPermission for testing

When i start the program (i'm actually using the http service so i'm setting this up in the HttServlet.init function) i setup the config and policy:

Configuration.setConfiguration(new xConfig());
Policy.setPolicy(
new xPolicy());
System.setSecurityManager(
new SecurityManager());


and then try to login:
xHandler handler = new xHandler();
LoginContext context =
new LoginContext("app", handler);

context.login();

Everything works to this point, but when i try to do a test check.
Subject subject = context.getSubject();
Subject.doAsPrivileged(
                subject,
               
new PrivilegedAction() {

                                 
public Object run() {
                 
// Both tested
                 
// java.security.AccessController.checkPermission(new xPermission("xname", "xaction"));

                                    System.getSecurityManager().checkPermission(
new xPermission("xname", "xaction"));
                                   
return null;

                                 
}
               
},
               
null);
Nothing happens, the xPermission implementation ALWAYS returns false from the implies() function but the thing never throws the expected SecurityException/AccessControlException. Doing some debug to the process i got to the Policy.implies(domain, permission) function where i call the Policy.getPermissions(domain) to get the permissions collection and the permissions.implies(permission) to do the actual check, the returned permissions collection contains: 1.- The actual permissions granted to the principals belonging to the authenticated user OR AllPermissions IF the domain passed to the getPermissions function doesnt have a Principal (to allow everything that doesnt have to do with my custom checks). But somehow the Policy.implies function is checking twice the SAME permission using two different domains: one is my bundle domain com.mycompany.mybundle and the other is the org.eclipse.osgi bundle. The problem is that somehow the first attempt with my domain (which everytime returns false) doesnt throw de AccessControlException until the second attempt with the osgi domain. The worst thing is that it looks like that the osgi domain attempt is the only one that counts, because if i probe for the osgi domain and return false then the exception is thrown no matter if the last time a true or false were returned. This appears to happens ONLY in the osgi environment because if i test this in a plain java main programm everything works as expected, any clues? Thanks.
_______________________________________________
equinox-dev mailing list
equinox-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/equinox-dev