cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From msch...@apache.org
Subject svn commit: r937947 - in /cxf/dosgi/trunk: discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/ distribution/single-bundle/src/main/resources/OSGI-INF/ dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ ...
Date Mon, 26 Apr 2010 07:30:43 GMT
Author: mschaaf
Date: Mon Apr 26 07:30:42 2010
New Revision: 937947

URL: http://svn.apache.org/viewvc?rev=937947&view=rev
Log:
- some additions to the zookeeper discovery to be compiant with the TCK 
- some refactoring in the zookeeper discovery
- added some basic security checks to the DSW to comply with the TCK security tests

Added:
    cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/
    cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm
Modified:
    cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java
    cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java
    cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java
    cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java
    cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java
    cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java
    cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java
    cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java

Modified: cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java?rev=937947&r1=937946&r2=937947&view=diff
==============================================================================
--- cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java
(original)
+++ cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java
Mon Apr 26 07:30:42 2010
@@ -71,14 +71,21 @@ public class EndpointListenerTrackerCust
         for (String key : sref.getPropertyKeys()) {
             LOG.finest("modifiedService: property: " + key + " => " + sref.getProperty(key));
         }
-        String[] scopes = getStringPlusProperty(sref.getProperty(EndpointListener.ENDPOINT_LISTENER_SCOPE));
-        LOG.fine("trying to discover service for scopes[" + scopes.length + "]: ");
+
+        String[] scopes = Util.getScopes(sref);
+        
+        LOG.info("trying to discover services for scopes[" + scopes.length + "]: ");
         if(scopes!=null) for (String scope : scopes) {
-            LOG.fine("Scope: "+scope);
+            LOG.info("Scope: "+scope);
         }
         if (scopes.length > 0) {
             for (String scope : scopes) {
                 LOG.fine("***********  Handling scope: " + scope);
+                if("".equals(scope) || scope == null){
+                    LOG.warning("skipping empty scope from EndpointListener from " + sref.getBundle().getSymbolicName());
+                    continue;
+                }
+                
                 String objClass = getObjectClass(scope);
                 LOG.fine("***********  objectClass: " + objClass);
 
@@ -100,10 +107,10 @@ public class EndpointListenerTrackerCust
                             interest.im.close();
                             interest.im = null;
                         }
-
+                        
                         InterfaceMonitor dm = new InterfaceMonitor(zooKeeperDiscovery.getZookeeper(),
                                                                    objClass, interest, scope,
bctx);
-                        dm.process();
+                        dm.start();
                         interest.im = dm;
 
                         List<String> handledScopes = handledEndpointlisteners.get(sref);
@@ -149,34 +156,7 @@ public class EndpointListenerTrackerCust
 
     }
 
-    private String[] getStringPlusProperty(Object property) {
-
-        if (property instanceof String) {
-            // System.out.println("String");
-            String[] ret = new String[1];
-            ret[0] = (String)property;
-            return ret;
-        }
-
-        if (property instanceof String[]) {
-            // System.out.println("String[]");
-            return (String[])property;
-        }
-
-        if (property instanceof Collection) {
-            Collection col = (Collection)property;
-            // System.out.println("Collection: size "+col.size());
-            String[] ret = new String[col.size()];
-            int x = 0;
-            for (Object s : col) {
-                ret[x] = (String)s;
-                ++x;
-            }
-            return ret;
-        }
-
-        return new String[0];
-    }
+    
 
 //    public void discoveredEndpont(EndpointDescription epd) {
 //        LOG.info("Endpoint Discovered: " + epd.getProperties());

Modified: cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java?rev=937947&r1=937946&r2=937947&view=diff
==============================================================================
--- cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java
(original)
+++ cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java
Mon Apr 26 07:30:42 2010
@@ -19,9 +19,12 @@
 package org.apache.cxf.dosgi.discovery.zookeeper;
 
 import java.io.ByteArrayInputStream;
+import java.util.Dictionary;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.Properties;
+import java.util.Set;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
@@ -31,6 +34,8 @@ import org.apache.zookeeper.ZooKeeper;
 import org.apache.zookeeper.data.Stat;
 import org.jdom.Element;
 import org.osgi.framework.BundleContext;
+import org.osgi.framework.Filter;
+import org.osgi.framework.FrameworkUtil;
 import org.osgi.framework.ServiceReference;
 import org.osgi.service.remoteserviceadmin.EndpointDescription;
 import org.osgi.service.remoteserviceadmin.EndpointListener;
@@ -63,6 +68,9 @@ public class InterfaceDataMonitorListene
         discoveredServiceTracker = dst;
         bctx = bc;
         this.scope = scope;
+        
+        
+        LOG.fine("InterfaceDataMonitorListenerImpl is recursive: "+recursive);
     }
 
     public synchronized void change() {
@@ -94,7 +102,7 @@ public class InterfaceDataMonitorListene
 
         List<String> children;
         try {
-            LOG.fine("Processing " + znode);
+            LOG.info("Processing the children of " + znode);
             children = zookeeper.getChildren(znode, false);
 
             for (String child : children) {
@@ -125,7 +133,7 @@ public class InterfaceDataMonitorListene
         try {
             Stat s = zookeeper.exists(node, false);
             if (s.getDataLength() <= 0) {
-                LOG.fine(node + " does not contain any discovery data");
+                //LOG.info(node + " does not contain any discovery data");
                 return null;
             }
             byte[] data = zookeeper.getData(node, false, null);
@@ -149,10 +157,27 @@ public class InterfaceDataMonitorListene
                     if (bctx.getService(sref) instanceof EndpointListener) {
                         EndpointListener epl = (EndpointListener)bctx.getService(sref);
 
-                        LOG.info("calling EndpointListener; " + epl + "from bundle "
-                                 + sref.getBundle().getSymbolicName());
-
-                        epl.endpointAdded(epd, scope);
+                        // return the >first< matching scope of the listener
+                        String[] scopes = Util.getScopes(sref);
+                        for (String currentScope : scopes) {
+                            LOG.fine("matching " + epd + " against "+currentScope);
+                            Filter f = FrameworkUtil.createFilter(currentScope);
+                            
+                            Dictionary d = new Properties(); 
+                            Map<String, Object> props = epd.getProperties();
+                            Set<Map.Entry<String, Object>> entries = props.entrySet();
+                            for (Map.Entry<String, Object> entry : entries) {
+                                d.put(entry.getKey(), entry.getValue());
+                            }
+                            
+                            if(f.match(d)){
+                                LOG.fine("MATCHED " + epd + "against "+currentScope);   

+                                LOG.info("calling EndpointListener; " + epl + "  from bundle
 "
+                                         + sref.getBundle().getSymbolicName() + " based on
scope ["+currentScope+"]");
+                                epl.endpointAdded(epd, currentScope);
+                                break;
+                            }
+                        }
                     }
                 }
             } else if (!prevVal.equals(epd.getProperties())) {

Modified: cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java?rev=937947&r1=937946&r2=937947&view=diff
==============================================================================
--- cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java
(original)
+++ cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java
Mon Apr 26 07:30:42 2010
@@ -40,12 +40,17 @@ public class InterfaceMonitor implements
     private boolean closed = false;
 
     public InterfaceMonitor(ZooKeeper zk, String intf, EndpointListenerTrackerCustomizer.Interest
zkd, String scope, BundleContext bctx) {
+        LOG.fine("Creating new InterfaceMonitor for scope ["+scope+"] and objectClass ["+intf+"]
");
         listener = new InterfaceDataMonitorListenerImpl(zk, intf, zkd,scope,bctx);
         zookeeper = zk;
         znode = Util.getZooKeeperPath(intf);
     }
     
-    public void process() {
+    public void start() {
+        process();
+    }
+    
+    private void process() {
         LOG.finest("Kicking off a zookeeper.exists() on node: " + znode);
         zookeeper.exists(znode, this, this, null);
     }

Modified: cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java?rev=937947&r1=937946&r2=937947&view=diff
==============================================================================
--- cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java
(original)
+++ cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java
Mon Apr 26 07:30:42 2010
@@ -18,10 +18,14 @@
  */
 package org.apache.cxf.dosgi.discovery.zookeeper;
 
+import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collection;
 import java.util.Collections;
 
+import org.osgi.framework.ServiceReference;
+import org.osgi.service.remoteserviceadmin.EndpointListener;
+
 public class Util {
     static final String PATH_PREFIX = "/osgi/service_registry";
 
@@ -43,4 +47,44 @@ public class Util {
         return PATH_PREFIX + '/' + name.replace('.', '/');
     }
 
+    
+    static String[] getStringPlusProperty(Object property) {
+
+        if (property instanceof String) {
+            // System.out.println("String");
+            String[] ret = new String[1];
+            ret[0] = (String)property;
+            return ret;
+        }
+
+        if (property instanceof String[]) {
+            // System.out.println("String[]");
+            return (String[])property;
+        }
+
+        if (property instanceof Collection) {
+            Collection col = (Collection)property;
+            // System.out.println("Collection: size "+col.size());
+            String[] ret = new String[col.size()];
+            int x = 0;
+            for (Object s : col) {
+                ret[x] = (String)s;
+                ++x;
+            }
+            return ret;
+        }
+
+        return new String[0];
+    }
+
+    public static String[] getScopes(ServiceReference sref) {
+        String[] scopes = Util.getStringPlusProperty(sref.getProperty(EndpointListener.ENDPOINT_LISTENER_SCOPE));
+        ArrayList<String> normalizedScopes = new ArrayList<String>(scopes.length);
+        for (String scope : scopes) {
+            if(scope!=null || "".equals(scope))
+                normalizedScopes.add(scope);
+        }
+        return normalizedScopes.toArray(new String[normalizedScopes.size()]);
+    }
+    
 }

Added: cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm?rev=937947&view=auto
==============================================================================
--- cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm
(added)
+++ cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm
Mon Apr 26 07:30:42 2010
@@ -0,0 +1,29 @@
+# 
+#  Licensed to the Apache Software Foundation (ASF) under one 
+#  or more contributor license agreements. See the NOTICE file 
+#  distributed with this work for additional information 
+#  regarding copyright ownership. The ASF licenses this file 
+#  to you under the Apache License, Version 2.0 (the 
+#  "License"); you may not use this file except in compliance 
+#  with the License. You may obtain a copy of the License at 
+#  
+#  http://www.apache.org/licenses/LICENSE-2.0 
+#  
+#  Unless required by applicable law or agreed to in writing, 
+#  software distributed under the License is distributed on an 
+#  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 
+#  KIND, either express or implied. See the License for the 
+#  specific language governing permissions and limitations 
+#  under the License. 
+# 
+
+(java.security.AllPermission )
+
+(org.osgi.framework.PackagePermission "*" "import")
+(org.osgi.framework.PackagePermission "*" "export")
+
+(org.osgi.framework.ServicePermission "*" "register")
+(org.osgi.framework.ServicePermission "*" "get")
+
+(org.osgi.framework.AdminPermission "*" "metadata")
+(org.osgi.framework.AdminPermission "*" "listen")

Modified: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java?rev=937947&r1=937946&r2=937947&view=diff
==============================================================================
--- cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java
(original)
+++ cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java
Mon Apr 26 07:30:42 2010
@@ -18,6 +18,9 @@
  */
 package org.apache.cxf.dosgi.dsw.handlers;
 
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.util.List;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
@@ -51,14 +54,20 @@ public class ClientServiceFactory implem
         importRegistartion = ir;
     }
 
-    public Object getService(Bundle requestingBundle, ServiceRegistration sreg) {
+    public Object getService(final Bundle requestingBundle, final ServiceRegistration sreg)
{
         String interfaceName = sd.getInterfaces() != null && sd.getInterfaces().size()
> 0 ? (String)sd
             .getInterfaces().toArray()[0] : null;
+            
         LOG.info("************ getService() from serviceFactory for " + interfaceName);
 
         try {
-            Object proxy = handler.createProxy(sreg.getReference(), dswContext, requestingBundle
-                .getBundleContext(), iClass, sd);
+            Object proxy = AccessController.doPrivileged(new PrivilegedAction<Object>()
{
+                public Object run() {                
+                     return handler.createProxy(sreg.getReference(), dswContext, requestingBundle
+                                                       .getBundleContext(), iClass, sd);
+                }
+            });
+            
             synchronized (this) {
                 ++serviceCounter;
             }

Modified: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java?rev=937947&r1=937946&r2=937947&view=diff
==============================================================================
--- cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java
(original)
+++ cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java
Mon Apr 26 07:30:42 2010
@@ -22,6 +22,9 @@ import java.lang.reflect.InvocationHandl
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
 import java.lang.reflect.Proxy;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedExceptionAction;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collection;
@@ -45,7 +48,7 @@ public class ServiceInvocationHandler im
         introspectType(iType);
     }
     
-    public Object invoke(Object proxy, Method m, Object[] params) throws Throwable {
+    public Object invoke(Object proxy, final Method m, Object[] params) throws Throwable
{
         if (OBJECT_METHODS.contains(m)) {
             if (m.getName().equals("equals")) {
                 params = new Object[] {Proxy.getInvocationHandler(params[0])};
@@ -56,7 +59,12 @@ public class ServiceInvocationHandler im
         ClassLoader oldCl = Thread.currentThread().getContextClassLoader();
         try {            
             Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
-            return m.invoke(serviceObject, params); 
+            final Object[] paramsFinal = params;
+            return AccessController.doPrivileged(new PrivilegedExceptionAction<Object>()
{
+                public Object run() throws Exception {
+                    return m.invoke(serviceObject, paramsFinal);
+                }
+            }); 
         } catch (Throwable ex) {
             Throwable theCause = ex.getCause() == null ? ex : ex.getCause();
             

Modified: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java?rev=937947&r1=937946&r2=937947&view=diff
==============================================================================
--- cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java
(original)
+++ cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java
Mon Apr 26 07:30:42 2010
@@ -22,16 +22,12 @@ import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.Dictionary;
-import java.util.Enumeration;
 import java.util.HashMap;
-import java.util.HashSet;
 import java.util.Hashtable;
-import java.util.Iterator;
 import java.util.LinkedHashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.Properties;
-import java.util.Set;
 import java.util.logging.Logger;
 
 import org.apache.cxf.dosgi.dsw.ClassUtils;
@@ -337,8 +333,8 @@ public class RemoteServiceAdminCore impl
     /**
      * Importing form here ....
      */
-    public ImportRegistration importService(EndpointDescription endpoint) {
-
+    public ImportRegistration importService(EndpointDescription endpoint) {    
+        
         LOG.info("importService() Endpoint: " + endpoint.getProperties());
 
         synchronized (importedServices) {

Modified: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java?rev=937947&r1=937946&r2=937947&view=diff
==============================================================================
--- cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java
(original)
+++ cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java
Mon Apr 26 07:30:42 2010
@@ -1,23 +1,26 @@
 /** 
-  * Licensed to the Apache Software Foundation (ASF) under one 
-  * or more contributor license agreements. See the NOTICE file 
-  * distributed with this work for additional information 
-  * regarding copyright ownership. The ASF licenses this file 
-  * to you under the Apache License, Version 2.0 (the 
-  * "License"); you may not use this file except in compliance 
-  * with the License. You may obtain a copy of the License at 
-  * 
-  * http://www.apache.org/licenses/LICENSE-2.0 
-  * 
-  * Unless required by applicable law or agreed to in writing, 
-  * software distributed under the License is distributed on an 
-  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 
-  * KIND, either express or implied. See the License for the 
-  * specific language governing permissions and limitations 
-  * under the License. 
-  */
+ * Licensed to the Apache Software Foundation (ASF) under one 
+ * or more contributor license agreements. See the NOTICE file 
+ * distributed with this work for additional information 
+ * regarding copyright ownership. The ASF licenses this file 
+ * to you under the Apache License, Version 2.0 (the 
+ * "License"); you may not use this file except in compliance 
+ * with the License. You may obtain a copy of the License at 
+ * 
+ * http://www.apache.org/licenses/LICENSE-2.0 
+ * 
+ * Unless required by applicable law or agreed to in writing, 
+ * software distributed under the License is distributed on an 
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 
+ * KIND, either express or implied. See the License for the 
+ * specific language governing permissions and limitations 
+ * under the License. 
+ */
 package org.apache.cxf.dosgi.dsw.service;
 
+import java.security.AccessControlContext;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
@@ -25,17 +28,18 @@ import java.util.List;
 import java.util.Map;
 import java.util.logging.Logger;
 
+import org.apache.cxf.dosgi.dsw.OsgiUtils;
 import org.osgi.framework.BundleContext;
 import org.osgi.framework.ServiceReference;
 import org.osgi.service.remoteserviceadmin.EndpointDescription;
+import org.osgi.service.remoteserviceadmin.EndpointPermission;
 import org.osgi.service.remoteserviceadmin.ExportRegistration;
 import org.osgi.service.remoteserviceadmin.ImportRegistration;
 import org.osgi.service.remoteserviceadmin.RemoteServiceAdmin;
 
-
 public class RemoteServiceAdminInstance implements RemoteServiceAdmin {
     Logger LOG = Logger.getLogger(RemoteServiceAdminInstance.class.getName());
-    
+
     private BundleContext bctx;
     private RemoteServiceAdminCore rsaCore;
 
@@ -51,38 +55,86 @@ public class RemoteServiceAdminInstance 
 
     public List /* ExportRegistration */exportService(ServiceReference ref, Map properties)
         throws IllegalArgumentException, UnsupportedOperationException {
-        if (closed)
-            return Collections.EMPTY_LIST;
 
-        synchronized (exportedServices) {
-            List er = rsaCore.exportService(ref, properties);
-            if(er!=null)
-                exportedServices.addAll(er);
-            return er;
+        SecurityManager sm = System.getSecurityManager();
+        EndpointPermission epp = new EndpointPermission("*", EndpointPermission.EXPORT);
+        
+        
+        if (sm != null) {
+            sm.checkPermission(epp);
         }
+        
+        
+        final ServiceReference refFinal = ref;
+        final Map propertiesFinal = properties;
+        
+        return AccessController.doPrivileged(new PrivilegedAction<List>() {
+            public List run() {
+
+                if (closed)
+                    return Collections.EMPTY_LIST;
+
+                synchronized (exportedServices) {
+                    List er = rsaCore.exportService(refFinal, propertiesFinal);
+                    if (er != null)
+                        exportedServices.addAll(er);
+                    return er;
+                }
+            }
+        });
     }
 
     public Collection getExportedServices() {
+        
+        SecurityManager sm = System.getSecurityManager();
+        EndpointPermission epp = new EndpointPermission("*", EndpointPermission.READ);
+        if (sm != null) {
+            sm.checkPermission(epp);
+        }
+        
         if (closed)
             return null;
         return rsaCore.getExportedServices();
     }
 
     public Collection getImportedEndpoints() {
+        
+        SecurityManager sm = System.getSecurityManager();
+        EndpointPermission epp = new EndpointPermission("*", EndpointPermission.READ);
+        if (sm != null) {
+            sm.checkPermission(epp);
+        }
+        
         if (closed)
             return null;
         return rsaCore.getImportedEndpoints();
     }
 
     public ImportRegistration importService(EndpointDescription endpoint) {
-        if (closed)
-            return null;
-        synchronized (importedServices) {
-            ImportRegistration ir = rsaCore.importService(endpoint);
-            if(ir!=null)
-                importedServices.add(ir);
-            return ir;
+
+        final EndpointDescription epd = endpoint;
+
+        SecurityManager sm = System.getSecurityManager();
+        EndpointPermission epp = new EndpointPermission(epd, OsgiUtils.getUUID(bctx),
+                                                        EndpointPermission.IMPORT);
+        if (sm != null) {
+            sm.checkPermission(epp);
         }
+
+        return AccessController.doPrivileged(new PrivilegedAction<ImportRegistration>()
{
+            public ImportRegistration run() {
+
+                if (closed)
+                    return null;
+
+                synchronized (importedServices) {
+                    ImportRegistration ir = rsaCore.importService(epd);
+                    if (ir != null)
+                        importedServices.add(ir);
+                    return ir;
+                }
+            }
+        });
     }
 
     public void close() {
@@ -91,14 +143,14 @@ public class RemoteServiceAdminInstance 
         synchronized (importedServices) {
             LOG.info("Removing all services imported by this RSA instance");
             for (ImportRegistration ir : importedServices) {
-                LOG.finest("Closing ImportRegistration "+ir);
+                LOG.finest("Closing ImportRegistration " + ir);
                 ir.close();
             }
         }
         synchronized (exportedServices) {
             LOG.info("Removing all services exported by this RSA instance");
             for (ExportRegistration er : exportedServices) {
-                LOG.finest("Closing ExportRegistration "+er);
+                LOG.finest("Closing ExportRegistration " + er);
                 er.close();
             }
         }



Mime
View raw message