AW: Comprehension question about ProtectionDomain of a Bundle

Mon, 29 Sep 2014 04:49:26 -0700 

I agree with you too. Should I open an issue for that?

The last think what I do not understand is the role of the FakeURLStreamHandler 
itself. The Class comment says it should prevent any unknown protocol errors. 
But why did I get a unknown protocol error for jcrinstall?

Regards,
Dirk

-----Ursprüngliche Nachricht-----
Von: Felix Meschberger [mailto:fmesc...@adobe.com] 
Gesendet: Montag, 29. September 2014 13:34
An: users@felix.apache.org
Betreff: Re: Comprehension question about ProtectionDomain of a Bundle

Hi

Am 29.09.2014 um 13:13 schrieb Karl Pauls <karlpa...@gmail.com>:

> On Mon, Sep 29, 2014 at 12:56 PM, <dirk.rudo...@t-systems.com> wrote:
> 
>> What happens with Bundle-Location: inputstream:bundle-1.0.0.jar. Is a 
>> URLHandler available for this?
> 
> 
> No.
> 
> 
>> So in this case JCE implemtation of OpenJDK will not be supported by 
>> Apache Felix (OSGI in general?) out of the box?
>> 
> 
> If you choose to give a bundle location that doesn't work than yes, 
> you have a problem there.
> 
> I suppose we could re-work the FakeURLStreamhandler to actually serve 
> up the content of the revision. So if the OpenJDK JCE implementation 
> would at least do the right thing with the code source url it might 
> work

I have the impression, that this might work, indeed.

> but I
> wouldn't be surprised if they don't (URLs and how to handle them are a 
> mess in java).

+100

Regards
Felix

> 
> regards,
> 
> Karl
> 
> 
>> Regards,
>> Dirk
>> 
>> -----Ursprüngliche Nachricht-----
>> Von: Karl Pauls [mailto:karlpa...@gmail.com]
>> Gesendet: Montag, 29. September 2014 12:47
>> An: users@felix.apache.org
>> Betreff: Re: Comprehension question about ProtectionDomain of a 
>> Bundle
>> 
>> In the current Felix setup, though, this URL basically just is an 
>> immutable
>>> key referring to the abstract Bundle not to the concrete contents of 
>>> the Bundle. If we expect the CodeSource URL to actually refer to the 
>>> location from where classes are loaded, then the 
>>> BundleProtectionDomain should probably take the Content from the 
>>> BundleRevisionImpl to use as the basis for the CodeSource URL. In 
>>> this case, though, it is not relevant any longer what the string for 
>>> the
>> bundle location actually is.
>>> 
>> 
>> The BundleProtectionDomain does the correct thing.
>> 
>> The problem is purely that some library assumes it can get the code 
>> source of a protection domain and access it. That is wrong and a bad 
>> hack at best but nothing we can paper over.
>> Setting the bundle location as the code source is the correct thing to do.
>> If you want to work with that library (or others that do make the 
>> same bad
>> assumption) you can use a URLHandlers to make it work with your own 
>> namespace and you are good. This would only be a problem if you would 
>> reuse bundle locations for bundles that are not identically which you 
>> shouldn't do in the first place.
>> 
>> regards,
>> 
>> Karl
>> 
>> 
>> WDYT ?
>>> 
>>> Regards
>>> Felix
>>> 
>>> Am 29.09.2014 um 11:27 schrieb <dirk.rudo...@t-systems.com> <
>>> dirk.rudo...@t-systems.com>:
>>> 
>>>> Thanks so far for your explanations.
>>>> 
>>>> So Am I right that each provider that installs bundles in Felix 
>>>> using a
>>> custom bundle location (as Sling OSGI installer does) has to provide 
>>> a URL handler that is able to resolve to the proper jar file?
>>>> 
>>>> Think about the following cases:
>>>> 
>>>> - Install a bundle using OSGI installer, the Bundle-Location will 
>>>> be
>>> jcrinstall:/apps/path/install/bundle-1.0.0.jar for example
>>>> - Update the bundle with the same symbolic name but another version
>>> using the webconsole, the Bundle-Location will be the same
>>>> 
>>>> or
>>>> 
>>>> - Install a bundle using OSGI installer, the Bundle-Location will 
>>>> be
>>> jcrinstall:/apps/path/install/bundle-1.0.0.jar for example
>>>> - Update the bundle with the same symbolic name by removing
>>> /apps/path/install/bundle-1.0.0.jar  and uploading the new version 
>>> to /apps/path/install/bundle-1.1.0.jar, the Bundle-Location will 
>>> also be the same
>>>> 
>>>> Due to this the I think the location of the CodeSource should 
>>>> always
>>> point to the cache jar (the one the actual class is loaded from, 
>>> think about embedded dependency). Otherwise it would be hard to 
>>> implement a proper URLStreamHandlerService.
>>>> 
>>>> For the JarURLConnection: Is the cached file transient?
>>>> 
>>>> Cheers,
>>>> Dirk
>>>> 
>>>> -----Ursprüngliche Nachricht-----
>>>> Von: Karl Pauls [mailto:karlpa...@gmail.com]
>>>> Gesendet: Montag, 29. September 2014 10:23
>>>> An: users@felix.apache.org
>>>> Betreff: Re: Comprehension question about ProtectionDomain of a 
>>>> Bundle
>>>> 
>>>> Hi Dirk,
>>>> 
>>>> we are using bouncycastle as jce provider in our application setup 
>>>> based
>>> on
>>>>> AEM (Apache Sling) and I got an error during jar verification.
>>>>> (Something with MalformedURLException).
>>>>> 
>>>> 
>>>> Yeah, irrc they do assume that the code source of a protection 
>>>> domain is
>>> a valid url which isn't necessarily the case for OSGi bundles (I'd 
>>> argue they shouldn't but oh well).
>>>> 
>>>> 
>>>>> For my use case I fixed the issue by implementing a 
>>>>> URLStreamHandlerService providing a URLConnection to the bundle 
>>>>> location but during my work on this I thought about the topic more 
>>>>> in
>>> general.
>>>>> 
>>>> 
>>>> I guess that it is probably ok to handle the situation like this
>>> assuming you can provide the handler.
>>>> 
>>>> 
>>>>> As the comment in BundleProtectionDomain.java:38 says the 
>>>>> CodeSource of a BundleProtectionDomain should be based on the 
>>>>> revision of the bundle not the bundle itself. (for me the bundle 
>>>>> location is
>>>>> "jcrinstall:/a/path/to/the/bundle.jar")
>>>>> 
>>>> 
>>>> You should be able to ignore this comment. The 
>>>> BundleProtectionDomain
>>> does indeed provide the bundle revision. It just does get the 
>>> revision in a stupid way - hence, the comment to remind me that I 
>>> should figure out a better (i.e., less indirect) way to provide the 
>>> revision to it.
>>>> 
>>>> 
>>>>> Is there any reason why the bundle location is used here and not 
>>>>> the file:///<file:///\\> URL of the revision located in the cache
>> instead?
>>>>> 
>>>> 
>>>> Well, the idea is that you base your security policies on the code
>>> source url. That concept would be pretty much meaningless if the 
>>> code source would be the cached jar. Regardless, the cache 
>>> implementation (and its layout) is mostly undefined by the spec - 
>>> the code source is the Bundle-Location URL (consider, for example, 
>>> the JarURLConnection of the
>>> ire: it will cache the jar file on disc as a JarFile but the url 
>>> will still be the one of the source for the code source).
>>>> 
>>>> 
>>>>> I mentioned that unfortunatly the JceSecurity implementation has a 
>>>>> WeakHashMap<Class,URL> that holds the URL to the location of the 
>>>>> CodeSource. So I assume that it might be possible that the worng 
>>>>> CodeSource location can be returned there when the cache points to 
>>>>> a old revision location after a bundle update without garbage 
>>>>> collection of the old revision. Am I right?
>>>>> 
>>>> 
>>>> No. The Class object is unique based on its class loader so you 
>>>> will get
>>> the code source URL that was associated with the bundle revision 
>>> that this class has been loaded from. As long as they key the map by 
>>> an actual Class object and get the URL from the code source of the 
>>> BundleProtectionDomain of that class object you should be good.
>>>> 
>>>> 
>>>> regards,
>>>> 
>>>> Karl
>>>> 
>>>> 
>>>>> Kind Regards,
>>>>> 
>>>>> Dirk Rudolph
>>>>> 
>>>>> 
>>>>> T-Systems Multimedia Solutions GmbH Organisationseinheit CCS Dirk 
>>>>> Rudolph Software-Entwicklung, OCJP
>>>>> Hausanschrift: Riesaer Straße 5, 01129 Dresden
>>>>> Postanschrift: Postfach 10 02 24, 01072 Dresden
>>>>> +49 351 2820-5363       (Tel)
>>>>> E-Mail:
>>>>> dirk.rudo...@t-systems.com<mailto:mdirk.rudo...@t-systems-mms.com>
>>>>> Internet:
>>>>> http://www.t-systems-mms.com<http://www.t-systems-mms.de/>
>>>>> 
>>>>> T-Systems Multimedia Solutions GmbH
>>>>> Aufsichtsrat: Thilo Kusch (Vorsitzender)
>>>>> Geschäftsführung: Peter Klingenburg, Susanne Heger, Dr. Rolf 
>>>>> Werner
>>>>> Handelsregister: Amtsgericht Dresden HRB 11433 Sitz der Gesellschaft:
>>>>> Dresden
>>>>> Ust-IdNr.: DE 811 807 949
>>>>> 
>>>>> 
>>>>> 
>>>> 
>>>> 
>>>> --
>>>> Karl Pauls
>>>> karlpa...@gmail.com
>>>> http://twitter.com/karlpauls
>>>> http://www.linkedin.com/in/karlpauls
>>>> https://profiles.google.com/karlpauls
>>>> 
>>> B KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK
>>> CB    [  X  ܚX K  K[XZ[   \ \  ][  X  ܚX P  [ ^  \ X  K ܙ B  ܈ Y  ] [ۘ[
>>  [X[
>>>   K[XZ[   \ \  Z [    [ ^  \ X  K ܙ B
>>> 
>>> 
>> 
>> 
>> --
>> Karl Pauls
>> karlpa...@gmail.com
>> http://twitter.com/karlpauls
>> http://www.linkedin.com/in/karlpauls
>> https://profiles.google.com/karlpauls
>> 
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscr...@felix.apache.org
>> For additional commands, e-mail: users-h...@felix.apache.org
>> 
> 
> 
> 
> --
> Karl Pauls
> karlpa...@gmail.com
> http://twitter.com/karlpauls
> http://www.linkedin.com/in/karlpauls
> https://profiles.google.com/karlpauls

B KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKCB  [  
X  ܚX KK[XZ[
 \ \  ][  X  ܚX P [^
 \X K ܙ B  ܈Y][ۘ[  [X[  K[XZ[
 \ \  Z[ [^
 \X K ܙ B

Reply via email to