aries-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dav...@apache.org
Subject svn commit: r1398848 - in /aries/trunk/spi-fly/spi-fly-core/src/main/java/org/apache/aries/spifly: ProviderBundleTrackerCustomizer.java Util.java
Date Tue, 16 Oct 2012 15:32:30 GMT
Author: davidb
Date: Tue Oct 16 15:32:29 2012
New Revision: 1398848

URL: http://svn.apache.org/viewvc?rev=1398848&view=rev
Log:
Initial code to support the Security requirements from the spec.

This code is tested as part of the TCK.

Modified:
    aries/trunk/spi-fly/spi-fly-core/src/main/java/org/apache/aries/spifly/ProviderBundleTrackerCustomizer.java
    aries/trunk/spi-fly/spi-fly-core/src/main/java/org/apache/aries/spifly/Util.java

Modified: aries/trunk/spi-fly/spi-fly-core/src/main/java/org/apache/aries/spifly/ProviderBundleTrackerCustomizer.java
URL: http://svn.apache.org/viewvc/aries/trunk/spi-fly/spi-fly-core/src/main/java/org/apache/aries/spifly/ProviderBundleTrackerCustomizer.java?rev=1398848&r1=1398847&r2=1398848&view=diff
==============================================================================
--- aries/trunk/spi-fly/spi-fly-core/src/main/java/org/apache/aries/spifly/ProviderBundleTrackerCustomizer.java
(original)
+++ aries/trunk/spi-fly/spi-fly-core/src/main/java/org/apache/aries/spifly/ProviderBundleTrackerCustomizer.java
Tue Oct 16 15:32:29 2012
@@ -43,6 +43,7 @@ import org.osgi.framework.Constants;
 import org.osgi.framework.Filter;
 import org.osgi.framework.FrameworkUtil;
 import org.osgi.framework.InvalidSyntaxException;
+import org.osgi.framework.ServicePermission;
 import org.osgi.framework.ServiceRegistration;
 import org.osgi.service.log.LogService;
 import org.osgi.util.tracker.BundleTrackerCustomizer;
@@ -61,7 +62,7 @@ public class ProviderBundleTrackerCustom
         this.spiBundle = spiBundle;
     }
 
-    public List<ServiceRegistration> addingBundle(Bundle bundle, BundleEvent event)
{
+    public List<ServiceRegistration> addingBundle(final Bundle bundle, BundleEvent
event) {
         log(LogService.LOG_INFO, "Bundle Considered for SPI providers: "
                 + bundle.getSymbolicName());
 
@@ -131,7 +132,7 @@ public class ProviderBundleTrackerCustom
             }
         }
 
-        List<ServiceRegistration> registrations = new ArrayList<ServiceRegistration>();
+        final List<ServiceRegistration> registrations = new ArrayList<ServiceRegistration>();
         for (URL serviceFileURL : serviceFileURLs) {
             log(LogService.LOG_INFO, "Found SPI resource: " + serviceFileURL);
 
@@ -155,13 +156,14 @@ public class ProviderBundleTrackerCustom
                         if (serviceFile.length() > idx) {
                             registrationClassName = serviceFile.substring(idx + 1);
                         }
+
                         if (providedServices.size() > 0 && !providedServices.contains(registrationClassName))
                             continue;
 
-                        Class<?> cls = bundle.loadClass(className);
+                        final Class<?> cls = bundle.loadClass(className);
                         log(LogService.LOG_INFO, "Loaded SPI provider: " + cls);
 
-                        Hashtable<String, Object> properties;
+                        final Hashtable<String, Object> properties;
                         if (fromSPIProviderHeader)
                             properties = new Hashtable<String, Object>();
                         else
@@ -170,10 +172,27 @@ public class ProviderBundleTrackerCustom
                         if (properties != null) {
                             properties.put(SpiFlyConstants.SERVICELOADER_MEDIATOR_PROPERTY,
spiBundle.getBundleId());
                             properties.put(SpiFlyConstants.PROVIDER_IMPLCLASS_PROPERTY, cls.getName());
-                            ServiceRegistration reg = bundle.getBundleContext().registerService(
-                                registrationClassName, new ProviderServiceFactory(cls), properties);
-                            registrations.add(reg);
-                            log(LogService.LOG_INFO, "Registered service: " + reg);
+
+                            ServiceRegistration reg = null;
+                            SecurityManager sm = System.getSecurityManager();
+                            if (sm != null) {
+                                if (bundle.hasPermission(new ServicePermission(registrationClassName,
ServicePermission.REGISTER))) {
+                                    System.err.println("*** Found security manager and bundle
has permission to register: " + bundle);
+                                    reg = bundle.getBundleContext().registerService(
+                                            registrationClassName, new ProviderServiceFactory(cls),
properties);
+                                } else {
+                                    System.err.println("*** Found security manager and bundle
has NO permission to register: " + bundle);
+                                    log(LogService.LOG_INFO, "Bundle " + bundle + " does
not have the permission to register services of type: " + registrationClassName);
+                                }
+                            } else {
+                                reg = bundle.getBundleContext().registerService(
+                                        registrationClassName, new ProviderServiceFactory(cls),
properties);
+                            }
+
+                            if (reg != null) {
+                                registrations.add(reg);
+                                log(LogService.LOG_INFO, "Registered service: " + reg);
+                            }
                         }
 
                         activator.registerProviderBundle(registrationClassName, bundle, customAttributes);

Modified: aries/trunk/spi-fly/spi-fly-core/src/main/java/org/apache/aries/spifly/Util.java
URL: http://svn.apache.org/viewvc/aries/trunk/spi-fly/spi-fly-core/src/main/java/org/apache/aries/spifly/Util.java?rev=1398848&r1=1398847&r2=1398848&view=diff
==============================================================================
--- aries/trunk/spi-fly/spi-fly-core/src/main/java/org/apache/aries/spifly/Util.java (original)
+++ aries/trunk/spi-fly/spi-fly-core/src/main/java/org/apache/aries/spifly/Util.java Tue Oct
16 15:32:29 2012
@@ -21,6 +21,7 @@ package org.apache.aries.spifly;
 import java.io.IOException;
 import java.lang.reflect.Method;
 import java.net.URL;
+import java.security.AccessControlException;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Enumeration;
@@ -35,6 +36,7 @@ import java.util.jar.JarInputStream;
 import org.osgi.framework.Bundle;
 import org.osgi.framework.BundleReference;
 import org.osgi.framework.Constants;
+import org.osgi.framework.ServicePermission;
 import org.osgi.service.log.LogService;
 
 /**
@@ -80,7 +82,18 @@ public class Util {
         if (ServiceLoader.class.getName().equals(className) && "load".equals(methodName))
{
             requestedClass = clsArg.getName();
             args = new HashMap<Pair<Integer,String>, String>();
-            args.put(new Pair<Integer, String>(0, Class.class.getName()), clsArg.getName());
+            args.put(new Pair<Integer, String>(0, Class.class.getName()), requestedClass);
+
+            SecurityManager sm = System.getSecurityManager();
+            if (sm != null) {
+                try {
+                    sm.checkPermission(new ServicePermission(requestedClass, ServicePermission.GET));
+                } catch (AccessControlException ace) {
+                    // access denied
+                    activator.log(LogService.LOG_INFO, "No permission to obtain service of
type: " + requestedClass);
+                    return null;
+                }
+            }
         } else {
             requestedClass = className;
             args = null; // only supported on ServiceLoader.load() at the moment



Mime
View raw message