[jira] [Commented] (KARAF-3400) Enabling Java System Security and OSGi security leaves Karaf in unusable state

Wed, 02 Nov 2016 02:27:08 -0700 

    [ 
https://issues.apache.org/jira/browse/KARAF-3400?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15628336#comment-15628336
 ] 

ASF subversion and git services commented on KARAF-3400:
--------------------------------------------------------

Commit 28aa4dd855b47bd96b29ef13f84e46d6f533fdfc in karaf's branch 
refs/heads/master from [~gnt]
[ https://git-wip-us.apache.org/repos/asf?p=karaf.git;h=28aa4dd ]

[KARAF-3400] Add an integration test to verify Karaf can start properly when 
running under a security manager

> Enabling Java System Security and OSGi security leaves Karaf in unusable state
> ------------------------------------------------------------------------------
>
>                 Key: KARAF-3400
>                 URL: https://issues.apache.org/jira/browse/KARAF-3400
>             Project: Karaf
>          Issue Type: Bug
>          Components: karaf-core
>    Affects Versions: 3.0.2, 4.0.0.M1
>            Reporter: Achim Nierbeck
>            Assignee: Guillaume Nodet
>             Fix For: 4.1.0, 4.0.8
>
>
> It seems to boil down to the new functionalities of OSGi, like Bundle Adapt 
> fails with the default security configuration 
> {code}
> java.security.AccessControlException: access denied 
> ("org.osgi.framework.AdaptPermission" 
> "org.osgi.framework.wiring.BundleRevision" "adapt")
>       at 
> java.security.AccessControlContext.checkPermission(AccessControlContext.java:372)
>       at 
> org.eclipse.osgi.internal.permadmin.EquinoxSecurityManager.internalCheckPermission(EquinoxSecurityManager.java:117)
>       at 
> org.eclipse.osgi.internal.permadmin.EquinoxSecurityManager$CheckPermissionAction.run(EquinoxSecurityManager.java:60)
>       at java.security.AccessController.doPrivileged(Native Method)
> {code}
> Just switch framework to equinox and enable the security params in 
> etc/system.properties
> {code}
> #
> # By default, only Karaf shell commands are secured, but additional services 
> can be
> #
> # To enable OSGi security, uncomment the properties below,
> # install the framework-security feature and restart.
> #
> java.security.policy=${karaf.etc}/all.policy
> org.osgi.framework.security=osgi
> org.osgi.framework.trust.repositories=${karaf.etc}/trustStore.ks
> {code}
> This also happens with Felix but needs the additional Felix.Security bundle 
> to be installed. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to