[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[equinox-dev] Bundle-Verification, Security, Permissions and Hooks

Hi devs,

I'm currently working on the protection of an equinox based-application.
I have successfully activated the FrameworkSecurityManager and being
able to
set permissions via the ConditionalPermissionAdmin. In addition, I have
integrated
a bundle verification mechanismn, only allowing signed bundles to be
started
(my mechanism is more strict than the standard-mechanism, which accepts
non-signed bundles, too).

However, I don't want to hardcode the permissions, so I use a text-file
to
configure the concrete permissions as proposed in the OSGi-Spec chapter
9.6.

Both, the permissions handling and the bundle verification process, is
currently done in
a framework-hook, which implements AdaptorHook and a BundleListener.

Now my question:
How can I make sure, that my framework-hook is recognized by the
framework and the framework
only starts, when this hook is available? Or is there another
possibility where to execute these operations?

Thanks in advance for your advise.

Florian Pepping

-- 
WINCOR NIXDORF International GmbH 
Sitz der Gesellschaft: Paderborn 
Registergericht Paderborn HRB 3507
Geschäftsführer: Eckard Heidloff (Vorsitzender), Stefan Auerbach, Dr. Jürgen Wunram
Vorsitzender des Aufsichtsrats: Karl-Heinz Stiller 
Steuernummer: 339/5884/0020 - Ust-ID Nr.: DE812927716 - WEEE-Reg.-Nr. DE44477193

Diese E-Mail enthält vertrauliche Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese E-Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser E-Mail ist nicht gestattet.

This e-mail may contain confidential information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden.