Hi,
I am new to Java/OSGi security. I want to be able to specify a policy file that
will be able to start up my OSGi container but will only install bundles that I
have signed. Currently, I have downloaded the felix framework, and I have the
framework.security project installed in it.
My current policy file looks like this:
grant codeBase "file:./bin/-" {
permission java.security.AllPermission;
};
grant codeBase "http://felix.extensions:9/"; {
permission java.security.AllPermission;
};
This will let me let the felix.jar start and access file/system permissions,
and the second grant allows the framework.security jar to be installed.
Now what do I have to add to this to force only my signed bundles to be
installed? It seems like right now it lets any bundles install and run. (I
guess it is using the felix.jar AllPermission to run?)
Any ideas?
Also, I noticed that there are Bundle/Package/Service Permissions in felix. How
do I go about using that? (I read the spec, but I'm unsure where
framework.security fits in this?)
Any help would be greatly appreciated.
Roshan Punnoose
rpunno...@proteuseng.com
Proteus Technologies
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@felix.apache.org
For additional commands, e-mail: users-h...@felix.apache.org
