Hi, Any of the tutorial/slideshare/examples etc. I could find are very old. >
there are some examples that should still work here: https://github.com/mcculls/osgi-in-action/tree/master/chapter14/combined-example > Is OSGi security being used currently or is there a new preferred approach? > It is used but not too much. > When attempting to use the felix framework security bundle it is unclear > what happens with the jvm security manager. > It is not unclear if you look at the Spec :-) > From > http://felix.apache.org/documentation/subprojects/apache-felix-framework-security.html > it seems that a securitymanager is not necessary. > It is, however, -Dorg.osgi.framework.security="osgi" will set a default security manager automagically (as per the spec). > If the felix bundle is used without setting a security manager > System.getSecurityManager() returns null. Well, yes - if there is no SecurityManager there is no SecurityManager. Again, if the framework is started with -Dorg.osgi.framework.security="osgi" it will set a default one. As a special Felix feature, you can specify your own SecurityManager by either setting it the normal Java way (in which case you have to _not_ specific -Dorg.osgi.framework.security="osgi") or iirc, set -Dorg.osgi.framework.security="<security-manager-classname-in-the-framework-classpath". > Is it intended that the felix bundle needs a security manager set? > The felix.framework.security bundle doesn't need a security manager as such (iirc). However, the framework itself will not instigate permission checks unless there is a SecurityManager set (hence, having the security bundle around is rather pointless in that case). > Any assistance in this area, which seems to be bypassed by many OSGi > developers, would be most appreciated. > Yeah, it is not used that much - I guess part of the problem is a bit of a catch-22 but although, it probably only makes sense if you really need it (as security in Java in general is a bit of a PITA). Probably your best bet on material is the spec itself and the examples/book above. Feel free to ask questions on this list as well - I'll try to answer them... regards, Karl > Regards > Paul Fraser > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > -- Karl Pauls [email protected] http://twitter.com/karlpauls http://www.linkedin.com/in/karlpauls https://profiles.google.com/karlpauls
