Hi, I am new to Java/OSGi security. I want to be able to specify a policy file that will be able to start up my OSGi container but will only install bundles that I have signed. Currently, I have downloaded the felix framework, and I have the framework.security project installed in it.
My current policy file looks like this: grant codeBase "file:./bin/-" { permission java.security.AllPermission; }; grant codeBase "http://felix.extensions:9/" { permission java.security.AllPermission; }; This will let me let the felix.jar start and access file/system permissions, and the second grant allows the framework.security jar to be installed. Now what do I have to add to this to force only my signed bundles to be installed? It seems like right now it lets any bundles install and run. (I guess it is using the felix.jar AllPermission to run?) Any ideas? Also, I noticed that there are Bundle/Package/Service Permissions in felix. How do I go about using that? (I read the spec, but I'm unsure where framework.security fits in this?) Any help would be greatly appreciated. Roshan Punnoose rpunno...@proteuseng.com Proteus Technologies --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@felix.apache.org For additional commands, e-mail: users-h...@felix.apache.org