[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [equinox-dev] Problem with custom local permissions

Hi again,

Maybe what I am trying to do which was explained in my previous thread is
not possible. I would like to know if it is possible to specify custom
permissions as local permission setting them in permission.perm file or do
I have to specify them by program in the same way as conditional
permissions?

I have created a custom permission class called MyPermission class which
extends from java.security.Permission and I have tried set them in a
permissions.perm file as local permissions, is this possible?

Thank you in advance




> Hi,
>
> I did not write any bundle which neither reads the permissions nor parses
> the text into PermissionInfo. I supposed that I could work in the same way
> that I worked with other permissions different to custom permissions, I
> mean , I created a policy.policy file where I set ALLPermissions
>
> grant {
> permission java.security.AllPermission;
> };
>
> then I launched Equinox with SecurityManager in the command line
>
>
> -Djava.security.manager=org.eclipse.osgi.framework.internal.core.FrameworkSe
> curityManager
> -Djava.security.policy=policy
>
> and placed the OSGI-INF folder with permissions.perm file into the bundle
> directory, what I do not understand is why I have to do what you explained
> me if I did not do when I did not use custom permissions. I mean, are
> custom permission dealed in different way as ServicePermission or
> FilePermission?
>
>
> I have done some tests with local permissions without using custom
> permissions and I did not have to create any bundle which read the
> permissions.perm file nor parse the text into PermissionInfo.
>
> Is there some example about how I have to do this?
>
> Thank you in advance
>
>
>> Have you written (or installed) a bundle which reads the
>> permissions.perm
>> file, parses the text into PermissionInfos and calls either
>> PermissionAdmin or ConditionalPermissionAdmin to set the permissions of
>> the bundle?
>>
>> permissions.perm files are not read by the framework. You need s
>> security
>> policy bundle installed (for example, as I describe above) to set bundle
>> permissions. The framework is policy free.
>> --
>>
>> BJ Hargrave
>> Senior Technical Staff Member, IBM
>> OSGi Fellow and CTO of the OSGi Alliance
>> hargrave@xxxxxxxxxx
>>
>> office: +1 386 848 1781
>> mobile: +1 386 848 3788
>>
>>
>>
>>
>> From:
>> "David Conde" <dconde@xxxxxxxx>
>> To:
>> "'Equinox development mailing list'" <equinox-dev@xxxxxxxxxxx>
>> Date:
>> 2009/09/04 07:59
>> Subject:
>> [equinox-dev] Problem with custom local permissions
>> Sent by:
>> equinox-dev-bounces@xxxxxxxxxxx
>>
>>
>>
>> Hi,
>>
>> I have the next scenario:
>> Bundle Service which has a method called addVALUE as  shown:
>>
>> public boolean addValue(String key, Object value) {
>>
>>             SecurityManager security = System.getSecurityManager();
>>           if (security != null) {
>>             security.checkPermission(new
>> PlatformConfigurationPermission(
>>                     PlatformConfigurationPermission.WRITE_VALUE));
>>           }
>>
>> }
>>
>> The problem is that other  bundle  called consumer which has the next
>> permissions.perm file, tries to call this method getting the Security
>> Exception shown below:
>>
>> #TestPlatformConfiguration Permissions File
>> (java.io.FilePermission "C:\TestingLog3.log" "write")
>> (es.citic.osgi.system.platformConfiguration.PlatformConfigurationPermission
>> "PlatformConfigurationPermission" "writeValue")
>>
>>
>> The Exception which was got is:
>> Java.security.AccessControlException: Access denied
>> (es.citic.osgi.system.platformConfiguration.PlatoformConfigurationPermission
>> PlatformConfigurationPermission writeValue)
>>
>>
>> My PlatformConfigurationPermission class extends from Permission.
>>
>> What am I missing in this implementation?
>>
>> It looks like as does not recognice what I am writing in the
>> permission.perm file.
>>
>> Any idea
>>
>> Thank you in advance
>>
>> David_______________________________________________
>> equinox-dev mailing list
>> equinox-dev@xxxxxxxxxxx
>> https://dev.eclipse.org/mailman/listinfo/equinox-dev
>>
>> _______________________________________________
>> equinox-dev mailing list
>> equinox-dev@xxxxxxxxxxx
>> https://dev.eclipse.org/mailman/listinfo/equinox-dev
>>
>
>
> _______________________________________________
> equinox-dev mailing list
> equinox-dev@xxxxxxxxxxx
> https://dev.eclipse.org/mailman/listinfo/equinox-dev
>
>