Hello, I'm looking into domain security in OSGI. I've assembled a fairly complete picture of what this would involve, but I have a question which I would appreciate your thoughts on. It would also be useful to me to check that I have correctly understood so far.
To reiterate what I think I know (please correct if wrong!): -I understand that setting permissions for the OSGI framework is something that must be done programatically using the ConditionalPermissionAdmin service. This is installed into Felix by an extension bundle. -A file format is specified for defining permissions declaratively, but no facility exists to automatically read a file in this format and bootstrap the policy into the framework during startup (as you can with standard Java security policies using a -D argument). -You can implement your own service for reading in such a file and passing the instructions to the ConditionalPermissionAdmin. Example code for this is given in the "OSGI in Action" book, which I have seen. Now here's my question! As noted in both in OSGI in Action and in this post -- http://apache-felix.18485.x6.nabble.com/Felix-security-td4837010.html -- the first bundle to "get" the ConditionalPermissionAdmin service effectively controls the security for the entire framework, as it can change the permissions to prevent others from changing permissions. Obviously this is undesirable. The developer trying to secure the runtime environment will want to ensure that the correct policy is applied without the possibility of interference. Furthermore, timing seems important. Surely, if a developer is trying to prevent certain bundles from being installed, it would be no good if Felix had already installed those bundles before the "security policy reader" service had completed? Therefore my question is this: Is it possible for a developer to guarantee that their security policy is applied and is being enforced before the framework starts "proper"? To put that another way: If I implemented a bundle that read in an OSGI security policy file and applied these settings to the framework (and then locked it down preventing any further changes), how would I make sure that this bundle ran "first"? Ideally, initialization of the rest of the framework would be postponed until after this bundle had finished its work. Any help hugely appreciated -- it feels like I'm just missing some small step here! Cheers, Andy. -- View this message in context: http://apache-felix.18485.x6.nabble.com/OSGI-Security-in-Felix-tp5010083.html Sent from the Apache Felix - Users mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@felix.apache.org For additional commands, e-mail: users-h...@felix.apache.org