We renamed the security manager in Equinox 3.5. You can use the eclipse.security property to specify the "type" of security manager instead of specifying the complete class name. For example:
java -Declipse.security=osgi -Djava.security.policy=policy.policy -jar
org.eclipse.osgi_3.5.0.XXX.jar –console
We currently only support the "osgi" type. This will cause the framework
to set the security manager to its internal implementation. You don't need
to know the implementation class this way.:
Tom
|------------>
| From: |
|------------>
>--------------------------------------------------------------------------------------------------------------------------------------------------|
|"David Conde" <dco...@citic.es>
|
>--------------------------------------------------------------------------------------------------------------------------------------------------|
|------------>
| To: |
|------------>
>--------------------------------------------------------------------------------------------------------------------------------------------------|
|"'Equinox development mailing list'" <equinox-dev@eclipse.org>
|
>--------------------------------------------------------------------------------------------------------------------------------------------------|
|------------>
| Date: |
|------------>
>--------------------------------------------------------------------------------------------------------------------------------------------------|
|05/07/2009 04:07 AM
|
>--------------------------------------------------------------------------------------------------------------------------------------------------|
|------------>
| Subject: |
|------------>
>--------------------------------------------------------------------------------------------------------------------------------------------------|
|RE: [equinox-dev] Conditional Permission are not being checked
|
>--------------------------------------------------------------------------------------------------------------------------------------------------|
When I try to launch Equinox v35 in the same way that I did before with
version 34 I am getting an Exception :
Error occurred during initialization of VM java/lang/InternalError: Could
not create SecurityManager:
org.eclipse.osgi.framework.internal.core.FrameworkSecurityManager
Any idea?
Thanks in advance
De: equinox-dev-boun...@eclipse.org [mailto:equinox-dev-boun...@eclipse.org
] En nombre de David Conde
Enviado el: jueves, 07 de mayo de 2009 10:39
Para: 'Equinox development mailing list'
Asunto: RE: [equinox-dev] Conditional Permission are not being checked
I am sorry, I found the new version 3.5 of Equinox in
http://www.eclipse.org/downloads/download.php?file=/equinox/drops/S-3.5M1-200808071402/org.eclipse.osgi_3.5.0.v20080804-1730.jar.
So I will try with this one and I will write back the results.
David
De: equinox-dev-boun...@eclipse.org [mailto:equinox-dev-boun...@eclipse.org
] En nombre de David Conde
Enviado el: jueves, 07 de mayo de 2009 10:26
Para: 'Equinox development mailing list'
Asunto: RE: [equinox-dev] Conditional Permission are not being checked
Hi again, where I can get Equinox 3.5 I tried to get from
http://download.eclipse.org/equinox/drops/R-3.4.2-200902111700/index.php.,
but there is just to version 3.4 to download..
I do not know really the problem and If I am missing something, I have a
Permission Manager, who grant to itself ALLPERMISSION, and in this bundle
we fix a BundleLocationCondition in order that my bundle
file:C:\\equinoxv34\\clientserviceconditional.jar is the only one who can
Get the Service from ServiceConditional. Am I wrong? What option do I have
to write when I launch Equinox in console way?
cpa.addConditionalPermissionInfo(
new ConditionInfo[]{
new ConditionInfo(
BundleLocationCondition.class.getName(),
new
String[]{,"file:C:\\equinoxv34\\clientserviceconditional.jar"})
},
new, PermissionInfo[]{
new PermissionInfo
(ServicePermission.class.getName(),
"dconde.osgi.serviceconditional.ServiceConditional".,"GET")
});
Thank you very much in advance
De: equinox-dev-boun...@eclipse.org [mailto:equinox-dev-boun...@eclipse.org
] En nombre de Thomas Watson
Enviado el: miércoles, 06 de mayo de 2009 18:52
Para: Equinox development mailing list:
Asunto: Re: [equinox-dev] Conditional Permission are not being checked
Can you try this on 3.5? The OSGi R4.2 specification (implemented in
Equinox 3.5) made a clarification about when the default permissions from
PermissionAdmin are used in the presence of the ConditionalPermissionAdmin
service.
The default default permissions for PermissionAdmin is AllPermissions. In
Equinox 3.4 we would fall back to the PermissionAdmin default permissions
if none of the conditions from the ConditionalPermissionAdmin table were
satisfied for a particular bundle. The OSGi R4.2 specification has been
clarified such that the PermissionAdmin default permissions are ONLY used
if the condition table is COMPLETELY empty. Once you add a single condition
to the table then bundles must not be granted the PermissionAdmin default
permissions.
In 3.4 you should set the PermissionAdmin default permissions to a
restricted set of permissions or you could set another condition with
ConditionalPermissionAdmin which restricts the permissions for all bundle
locations.
Tom
Inactive hide details for "David Conde" ---05/06/2009 11:08:03 AM---Hi,
"David Conde" ---05/06/2009 11:08:03 AM---Hi,
From: "David Conde" <dco...@citic.es>
To: <equinox-dev@eclipse.org>
Date: 05/06/2009 11:08 AM
Subject: [equinox-dev] Conditional Permission are not being
checked
Hi,
I am trying to check Conditional Permssion Admin SErvice in Equinox. For
this reason, I create a Bundle consumer, another one called service and
another called PermissionManager who will implement the Conditional
Permissions for the consumer.
The problem is that I do not get any exception when I try to get the
service from another location different from my allowed one.
My PermissionManager implements BundleActivator and get the service
ConditionalPermissionAdmin from the framework in the start method, finally
is shown below:
private ConditionalPermissionAdmin cpa;
condPermRef = context.getServiceReference(ConditionalPermissionAdmin.class
.getName());
cpa =(ConditionalPermissionAdmin) context.getService(condPermRef);
AccessController.doPrivileged(new PrivilegedAction() {
public Object run() {
cpa.addConditionalPermissionInfo(new ConditionInfo[]{
new ConditionInfo(BundleLocationCondition.class.getName(),
new
String[]{context.getBundle().getLocation()})
},
new PermissionInfo[]{
new PermissionInfo(
AllPermission.class.getName(), "", "")
});
cpa;.addConditionalPermissionInfo(.
new ConditionInfo[]{
new ConditionInfo(
BundleLocationCondition.class.getName(),
new
String[]{,"file:C:\\equinoxv34\\clientserviceconditional.jar"})
},
new, PermissionInfo[]{
new PermissionInfo
(ServicePermission.class.getName(),
"dconde.osgi.serviceconditional.ServiceConditional".,"GET")
});
// Add other permissions
return null; // nothing to return
}
});
If I try to get the Service from another consumer in another location no
exception is thrown, and I do not really know what I am missing. What do I
need to apply Conditional Permission?
I am not applying as the same time Local Permission with permissions.perm,
Does this have something to do with my results?
I am launching Equinox in this way:
java
-Djava.security.manager=org.eclipse.osgi.framework.internal.core.FrameworkSecurityManager
-Djava.security.policy=policy.policy -jar
org.eclipse.osgi_3.4.3.R34x_v20081215-1030.jar –console
Any advice will be helpful
Thanks in advance
David
_______________________________________________
equinox-dev mailing list
equinox-dev@eclipse.org
https://dev.eclipse.org/mailman/listinfo/equinox-dev
_______________________________________________
equinox-dev mailing list
equinox-dev@eclipse.org
https://dev.eclipse.org/mailman/listinfo/equinox-dev
<<inline: graycol.gif>>
<<inline: ecblank.gif>>
<<inline: 21536782.jpg>>
<<inline: 21808520.jpg>>
_______________________________________________ equinox-dev mailing list equinox-dev@eclipse.org https://dev.eclipse.org/mailman/listinfo/equinox-dev
