cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Bosschaert <david.bosscha...@gmail.com>
Subject Re: svn commit: r937947 - in /cxf/dosgi/trunk: discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/ distribution/single-bundle/src/main/resources/OSGI-INF/ dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/hand
Date Mon, 26 Apr 2010 10:26:11 GMT
Thanks Marc!
One comment I have is that there are no CXF-DOSGi unit tests for this
code. I know that it's tested in the OSGi TCK but it would be good to
have some tests for it in the CXF-DOSGi codebase.
Do you think you can add these?

Cheers,

David

On 26 April 2010 08:30,  <mschaaf@apache.org> wrote:
> Author: mschaaf
> Date: Mon Apr 26 07:30:42 2010
> New Revision: 937947
>
> URL: http://svn.apache.org/viewvc?rev=937947&view=rev
> Log:
> - some additions to the zookeeper discovery to be compiant with the TCK
> - some refactoring in the zookeeper discovery
> - added some basic security checks to the DSW to comply with the TCK security tests
>
> Added:
>    cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/
>    cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm
> Modified:
>    cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java
>    cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java
>    cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java
>    cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java
>    cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java
>    cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java
>    cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java
>    cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java
>
> Modified: cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java
> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java?rev=937947&r1=937946&r2=937947&view=diff
> ==============================================================================
> --- cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java
(original)
> +++ cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java
Mon Apr 26 07:30:42 2010
> @@ -71,14 +71,21 @@ public class EndpointListenerTrackerCust
>         for (String key : sref.getPropertyKeys()) {
>             LOG.finest("modifiedService: property: " + key + " => " + sref.getProperty(key));
>         }
> -        String[] scopes = getStringPlusProperty(sref.getProperty(EndpointListener.ENDPOINT_LISTENER_SCOPE));
> -        LOG.fine("trying to discover service for scopes[" + scopes.length + "]:
");
> +
> +        String[] scopes = Util.getScopes(sref);
> +
> +        LOG.info("trying to discover services for scopes[" + scopes.length + "]:
");
>         if(scopes!=null) for (String scope : scopes) {
> -            LOG.fine("Scope: "+scope);
> +            LOG.info("Scope: "+scope);
>         }
>         if (scopes.length > 0) {
>             for (String scope : scopes) {
>                 LOG.fine("***********  Handling scope: " + scope);
> +                if("".equals(scope) || scope == null){
> +                    LOG.warning("skipping empty scope from EndpointListener
from " + sref.getBundle().getSymbolicName());
> +                    continue;
> +                }
> +
>                 String objClass = getObjectClass(scope);
>                 LOG.fine("***********  objectClass: " + objClass);
>
> @@ -100,10 +107,10 @@ public class EndpointListenerTrackerCust
>                             interest.im.close();
>                             interest.im = null;
>                         }
> -
> +
>                         InterfaceMonitor dm = new InterfaceMonitor(zooKeeperDiscovery.getZookeeper(),
>                                                          
         objClass, interest, scope, bctx);
> -                        dm.process();
> +                        dm.start();
>                         interest.im = dm;
>
>                         List<String> handledScopes = handledEndpointlisteners.get(sref);
> @@ -149,34 +156,7 @@ public class EndpointListenerTrackerCust
>
>     }
>
> -    private String[] getStringPlusProperty(Object property) {
> -
> -        if (property instanceof String) {
> -            // System.out.println("String");
> -            String[] ret = new String[1];
> -            ret[0] = (String)property;
> -            return ret;
> -        }
> -
> -        if (property instanceof String[]) {
> -            // System.out.println("String[]");
> -            return (String[])property;
> -        }
> -
> -        if (property instanceof Collection) {
> -            Collection col = (Collection)property;
> -            // System.out.println("Collection: size "+col.size());
> -            String[] ret = new String[col.size()];
> -            int x = 0;
> -            for (Object s : col) {
> -                ret[x] = (String)s;
> -                ++x;
> -            }
> -            return ret;
> -        }
> -
> -        return new String[0];
> -    }
> +
>
>  //    public void discoveredEndpont(EndpointDescription epd) {
>  //        LOG.info("Endpoint Discovered: " + epd.getProperties());
>
> Modified: cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java
> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java?rev=937947&r1=937946&r2=937947&view=diff
> ==============================================================================
> --- cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java
(original)
> +++ cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java
Mon Apr 26 07:30:42 2010
> @@ -19,9 +19,12 @@
>  package org.apache.cxf.dosgi.discovery.zookeeper;
>
>  import java.io.ByteArrayInputStream;
> +import java.util.Dictionary;
>  import java.util.HashMap;
>  import java.util.List;
>  import java.util.Map;
> +import java.util.Properties;
> +import java.util.Set;
>  import java.util.logging.Level;
>  import java.util.logging.Logger;
>
> @@ -31,6 +34,8 @@ import org.apache.zookeeper.ZooKeeper;
>  import org.apache.zookeeper.data.Stat;
>  import org.jdom.Element;
>  import org.osgi.framework.BundleContext;
> +import org.osgi.framework.Filter;
> +import org.osgi.framework.FrameworkUtil;
>  import org.osgi.framework.ServiceReference;
>  import org.osgi.service.remoteserviceadmin.EndpointDescription;
>  import org.osgi.service.remoteserviceadmin.EndpointListener;
> @@ -63,6 +68,9 @@ public class InterfaceDataMonitorListene
>         discoveredServiceTracker = dst;
>         bctx = bc;
>         this.scope = scope;
> +
> +
> +        LOG.fine("InterfaceDataMonitorListenerImpl is recursive: "+recursive);
>     }
>
>     public synchronized void change() {
> @@ -94,7 +102,7 @@ public class InterfaceDataMonitorListene
>
>         List<String> children;
>         try {
> -            LOG.fine("Processing " + znode);
> +            LOG.info("Processing the children of " + znode);
>             children = zookeeper.getChildren(znode, false);
>
>             for (String child : children) {
> @@ -125,7 +133,7 @@ public class InterfaceDataMonitorListene
>         try {
>             Stat s = zookeeper.exists(node, false);
>             if (s.getDataLength() <= 0) {
> -                LOG.fine(node + " does not contain any discovery data");
> +                //LOG.info(node + " does not contain any discovery data");
>                 return null;
>             }
>             byte[] data = zookeeper.getData(node, false, null);
> @@ -149,10 +157,27 @@ public class InterfaceDataMonitorListene
>                     if (bctx.getService(sref) instanceof EndpointListener)
{
>                         EndpointListener epl = (EndpointListener)bctx.getService(sref);
>
> -                        LOG.info("calling EndpointListener; " + epl + "from
bundle "
> -                                 + sref.getBundle().getSymbolicName());
> -
> -                        epl.endpointAdded(epd, scope);
> +                        // return the >first< matching scope of the
listener
> +                        String[] scopes = Util.getScopes(sref);
> +                        for (String currentScope : scopes) {
> +                            LOG.fine("matching " + epd + " against "+currentScope);
> +                            Filter f = FrameworkUtil.createFilter(currentScope);
> +
> +                            Dictionary d = new Properties();
> +                            Map<String, Object> props = epd.getProperties();
> +                            Set<Map.Entry<String, Object>>
entries = props.entrySet();
> +                            for (Map.Entry<String, Object> entry
: entries) {
> +                                d.put(entry.getKey(), entry.getValue());
> +                            }
> +
> +                            if(f.match(d)){
> +                                LOG.fine("MATCHED " + epd + "against
"+currentScope);
> +                                LOG.info("calling EndpointListener;
" + epl + "  from bundle  "
> +                                         + sref.getBundle().getSymbolicName()
+ " based on scope ["+currentScope+"]");
> +                                epl.endpointAdded(epd, currentScope);
> +                                break;
> +                            }
> +                        }
>                     }
>                 }
>             } else if (!prevVal.equals(epd.getProperties())) {
>
> Modified: cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java
> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java?rev=937947&r1=937946&r2=937947&view=diff
> ==============================================================================
> --- cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java
(original)
> +++ cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java
Mon Apr 26 07:30:42 2010
> @@ -40,12 +40,17 @@ public class InterfaceMonitor implements
>     private boolean closed = false;
>
>     public InterfaceMonitor(ZooKeeper zk, String intf, EndpointListenerTrackerCustomizer.Interest
zkd, String scope, BundleContext bctx) {
> +        LOG.fine("Creating new InterfaceMonitor for scope ["+scope+"] and objectClass
["+intf+"] ");
>         listener = new InterfaceDataMonitorListenerImpl(zk, intf, zkd,scope,bctx);
>         zookeeper = zk;
>         znode = Util.getZooKeeperPath(intf);
>     }
>
> -    public void process() {
> +    public void start() {
> +        process();
> +    }
> +
> +    private void process() {
>         LOG.finest("Kicking off a zookeeper.exists() on node: " + znode);
>         zookeeper.exists(znode, this, this, null);
>     }
>
> Modified: cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java
> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java?rev=937947&r1=937946&r2=937947&view=diff
> ==============================================================================
> --- cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java
(original)
> +++ cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java
Mon Apr 26 07:30:42 2010
> @@ -18,10 +18,14 @@
>  */
>  package org.apache.cxf.dosgi.discovery.zookeeper;
>
> +import java.util.ArrayList;
>  import java.util.Arrays;
>  import java.util.Collection;
>  import java.util.Collections;
>
> +import org.osgi.framework.ServiceReference;
> +import org.osgi.service.remoteserviceadmin.EndpointListener;
> +
>  public class Util {
>     static final String PATH_PREFIX = "/osgi/service_registry";
>
> @@ -43,4 +47,44 @@ public class Util {
>         return PATH_PREFIX + '/' + name.replace('.', '/');
>     }
>
> +
> +    static String[] getStringPlusProperty(Object property) {
> +
> +        if (property instanceof String) {
> +            // System.out.println("String");
> +            String[] ret = new String[1];
> +            ret[0] = (String)property;
> +            return ret;
> +        }
> +
> +        if (property instanceof String[]) {
> +            // System.out.println("String[]");
> +            return (String[])property;
> +        }
> +
> +        if (property instanceof Collection) {
> +            Collection col = (Collection)property;
> +            // System.out.println("Collection: size "+col.size());
> +            String[] ret = new String[col.size()];
> +            int x = 0;
> +            for (Object s : col) {
> +                ret[x] = (String)s;
> +                ++x;
> +            }
> +            return ret;
> +        }
> +
> +        return new String[0];
> +    }
> +
> +    public static String[] getScopes(ServiceReference sref) {
> +        String[] scopes = Util.getStringPlusProperty(sref.getProperty(EndpointListener.ENDPOINT_LISTENER_SCOPE));
> +        ArrayList<String> normalizedScopes = new ArrayList<String>(scopes.length);
> +        for (String scope : scopes) {
> +            if(scope!=null || "".equals(scope))
> +                normalizedScopes.add(scope);
> +        }
> +        return normalizedScopes.toArray(new String[normalizedScopes.size()]);
> +    }
> +
>  }
>
> Added: cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm
> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm?rev=937947&view=auto
> ==============================================================================
> --- cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm
(added)
> +++ cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm
Mon Apr 26 07:30:42 2010
> @@ -0,0 +1,29 @@
> +#
> +#  Licensed to the Apache Software Foundation (ASF) under one
> +#  or more contributor license agreements. See the NOTICE file
> +#  distributed with this work for additional information
> +#  regarding copyright ownership. The ASF licenses this file
> +#  to you under the Apache License, Version 2.0 (the
> +#  "License"); you may not use this file except in compliance
> +#  with the License. You may obtain a copy of the License at
> +#
> +#  http://www.apache.org/licenses/LICENSE-2.0
> +#
> +#  Unless required by applicable law or agreed to in writing,
> +#  software distributed under the License is distributed on an
> +#  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> +#  KIND, either express or implied. See the License for the
> +#  specific language governing permissions and limitations
> +#  under the License.
> +#
> +
> +(java.security.AllPermission )
> +
> +(org.osgi.framework.PackagePermission "*" "import")
> +(org.osgi.framework.PackagePermission "*" "export")
> +
> +(org.osgi.framework.ServicePermission "*" "register")
> +(org.osgi.framework.ServicePermission "*" "get")
> +
> +(org.osgi.framework.AdminPermission "*" "metadata")
> +(org.osgi.framework.AdminPermission "*" "listen")
>
> Modified: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java
> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java?rev=937947&r1=937946&r2=937947&view=diff
> ==============================================================================
> --- cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java
(original)
> +++ cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java
Mon Apr 26 07:30:42 2010
> @@ -18,6 +18,9 @@
>  */
>  package org.apache.cxf.dosgi.dsw.handlers;
>
> +import java.security.AccessController;
> +import java.security.PrivilegedAction;
> +import java.util.List;
>  import java.util.logging.Level;
>  import java.util.logging.Logger;
>
> @@ -51,14 +54,20 @@ public class ClientServiceFactory implem
>         importRegistartion = ir;
>     }
>
> -    public Object getService(Bundle requestingBundle, ServiceRegistration sreg) {
> +    public Object getService(final Bundle requestingBundle, final ServiceRegistration
sreg) {
>         String interfaceName = sd.getInterfaces() != null && sd.getInterfaces().size()
> 0 ? (String)sd
>             .getInterfaces().toArray()[0] : null;
> +
>         LOG.info("************ getService() from serviceFactory for " + interfaceName);
>
>         try {
> -            Object proxy = handler.createProxy(sreg.getReference(), dswContext,
requestingBundle
> -                .getBundleContext(), iClass, sd);
> +            Object proxy = AccessController.doPrivileged(new PrivilegedAction<Object>()
{
> +                public Object run() {
> +                     return handler.createProxy(sreg.getReference(), dswContext,
requestingBundle
> +                                                       .getBundleContext(),
iClass, sd);
> +                }
> +            });
> +
>             synchronized (this) {
>                 ++serviceCounter;
>             }
>
> Modified: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java
> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java?rev=937947&r1=937946&r2=937947&view=diff
> ==============================================================================
> --- cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java
(original)
> +++ cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java
Mon Apr 26 07:30:42 2010
> @@ -22,6 +22,9 @@ import java.lang.reflect.InvocationHandl
>  import java.lang.reflect.InvocationTargetException;
>  import java.lang.reflect.Method;
>  import java.lang.reflect.Proxy;
> +import java.security.AccessController;
> +import java.security.PrivilegedAction;
> +import java.security.PrivilegedExceptionAction;
>  import java.util.ArrayList;
>  import java.util.Arrays;
>  import java.util.Collection;
> @@ -45,7 +48,7 @@ public class ServiceInvocationHandler im
>         introspectType(iType);
>     }
>
> -    public Object invoke(Object proxy, Method m, Object[] params) throws Throwable
{
> +    public Object invoke(Object proxy, final Method m, Object[] params) throws Throwable
{
>         if (OBJECT_METHODS.contains(m)) {
>             if (m.getName().equals("equals")) {
>                 params = new Object[] {Proxy.getInvocationHandler(params[0])};
> @@ -56,7 +59,12 @@ public class ServiceInvocationHandler im
>         ClassLoader oldCl = Thread.currentThread().getContextClassLoader();
>         try {
>             Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
> -            return m.invoke(serviceObject, params);
> +            final Object[] paramsFinal = params;
> +            return AccessController.doPrivileged(new PrivilegedExceptionAction<Object>()
{
> +                public Object run() throws Exception {
> +                    return m.invoke(serviceObject, paramsFinal);
> +                }
> +            });
>         } catch (Throwable ex) {
>             Throwable theCause = ex.getCause() == null ? ex : ex.getCause();
>
>
> Modified: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java
> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java?rev=937947&r1=937946&r2=937947&view=diff
> ==============================================================================
> --- cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java
(original)
> +++ cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java
Mon Apr 26 07:30:42 2010
> @@ -22,16 +22,12 @@ import java.util.ArrayList;
>  import java.util.Collection;
>  import java.util.Collections;
>  import java.util.Dictionary;
> -import java.util.Enumeration;
>  import java.util.HashMap;
> -import java.util.HashSet;
>  import java.util.Hashtable;
> -import java.util.Iterator;
>  import java.util.LinkedHashMap;
>  import java.util.List;
>  import java.util.Map;
>  import java.util.Properties;
> -import java.util.Set;
>  import java.util.logging.Logger;
>
>  import org.apache.cxf.dosgi.dsw.ClassUtils;
> @@ -337,8 +333,8 @@ public class RemoteServiceAdminCore impl
>     /**
>      * Importing form here ....
>      */
> -    public ImportRegistration importService(EndpointDescription endpoint) {
> -
> +    public ImportRegistration importService(EndpointDescription endpoint) {
> +
>         LOG.info("importService() Endpoint: " + endpoint.getProperties());
>
>         synchronized (importedServices) {
>
> Modified: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java
> URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java?rev=937947&r1=937946&r2=937947&view=diff
> ==============================================================================
> --- cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java
(original)
> +++ cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java
Mon Apr 26 07:30:42 2010
> @@ -1,23 +1,26 @@
>  /**
> -  * Licensed to the Apache Software Foundation (ASF) under one
> -  * or more contributor license agreements. See the NOTICE file
> -  * distributed with this work for additional information
> -  * regarding copyright ownership. The ASF licenses this file
> -  * to you under the Apache License, Version 2.0 (the
> -  * "License"); you may not use this file except in compliance
> -  * with the License. You may obtain a copy of the License at
> -  *
> -  * http://www.apache.org/licenses/LICENSE-2.0
> -  *
> -  * Unless required by applicable law or agreed to in writing,
> -  * software distributed under the License is distributed on an
> -  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> -  * KIND, either express or implied. See the License for the
> -  * specific language governing permissions and limitations
> -  * under the License.
> -  */
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations
> + * under the License.
> + */
>  package org.apache.cxf.dosgi.dsw.service;
>
> +import java.security.AccessControlContext;
> +import java.security.AccessController;
> +import java.security.PrivilegedAction;
>  import java.util.ArrayList;
>  import java.util.Collection;
>  import java.util.Collections;
> @@ -25,17 +28,18 @@ import java.util.List;
>  import java.util.Map;
>  import java.util.logging.Logger;
>
> +import org.apache.cxf.dosgi.dsw.OsgiUtils;
>  import org.osgi.framework.BundleContext;
>  import org.osgi.framework.ServiceReference;
>  import org.osgi.service.remoteserviceadmin.EndpointDescription;
> +import org.osgi.service.remoteserviceadmin.EndpointPermission;
>  import org.osgi.service.remoteserviceadmin.ExportRegistration;
>  import org.osgi.service.remoteserviceadmin.ImportRegistration;
>  import org.osgi.service.remoteserviceadmin.RemoteServiceAdmin;
>
> -
>  public class RemoteServiceAdminInstance implements RemoteServiceAdmin {
>     Logger LOG = Logger.getLogger(RemoteServiceAdminInstance.class.getName());
> -
> +
>     private BundleContext bctx;
>     private RemoteServiceAdminCore rsaCore;
>
> @@ -51,38 +55,86 @@ public class RemoteServiceAdminInstance
>
>     public List /* ExportRegistration */exportService(ServiceReference ref, Map properties)
>         throws IllegalArgumentException, UnsupportedOperationException {
> -        if (closed)
> -            return Collections.EMPTY_LIST;
>
> -        synchronized (exportedServices) {
> -            List er = rsaCore.exportService(ref, properties);
> -            if(er!=null)
> -                exportedServices.addAll(er);
> -            return er;
> +        SecurityManager sm = System.getSecurityManager();
> +        EndpointPermission epp = new EndpointPermission("*", EndpointPermission.EXPORT);
> +
> +
> +        if (sm != null) {
> +            sm.checkPermission(epp);
>         }
> +
> +
> +        final ServiceReference refFinal = ref;
> +        final Map propertiesFinal = properties;
> +
> +        return AccessController.doPrivileged(new PrivilegedAction<List>()
{
> +            public List run() {
> +
> +                if (closed)
> +                    return Collections.EMPTY_LIST;
> +
> +                synchronized (exportedServices) {
> +                    List er = rsaCore.exportService(refFinal, propertiesFinal);
> +                    if (er != null)
> +                        exportedServices.addAll(er);
> +                    return er;
> +                }
> +            }
> +        });
>     }
>
>     public Collection getExportedServices() {
> +
> +        SecurityManager sm = System.getSecurityManager();
> +        EndpointPermission epp = new EndpointPermission("*", EndpointPermission.READ);
> +        if (sm != null) {
> +            sm.checkPermission(epp);
> +        }
> +
>         if (closed)
>             return null;
>         return rsaCore.getExportedServices();
>     }
>
>     public Collection getImportedEndpoints() {
> +
> +        SecurityManager sm = System.getSecurityManager();
> +        EndpointPermission epp = new EndpointPermission("*", EndpointPermission.READ);
> +        if (sm != null) {
> +            sm.checkPermission(epp);
> +        }
> +
>         if (closed)
>             return null;
>         return rsaCore.getImportedEndpoints();
>     }
>
>     public ImportRegistration importService(EndpointDescription endpoint) {
> -        if (closed)
> -            return null;
> -        synchronized (importedServices) {
> -            ImportRegistration ir = rsaCore.importService(endpoint);
> -            if(ir!=null)
> -                importedServices.add(ir);
> -            return ir;
> +
> +        final EndpointDescription epd = endpoint;
> +
> +        SecurityManager sm = System.getSecurityManager();
> +        EndpointPermission epp = new EndpointPermission(epd, OsgiUtils.getUUID(bctx),
> +                                                        EndpointPermission.IMPORT);
> +        if (sm != null) {
> +            sm.checkPermission(epp);
>         }
> +
> +        return AccessController.doPrivileged(new PrivilegedAction<ImportRegistration>()
{
> +            public ImportRegistration run() {
> +
> +                if (closed)
> +                    return null;
> +
> +                synchronized (importedServices) {
> +                    ImportRegistration ir = rsaCore.importService(epd);
> +                    if (ir != null)
> +                        importedServices.add(ir);
> +                    return ir;
> +                }
> +            }
> +        });
>     }
>
>     public void close() {
> @@ -91,14 +143,14 @@ public class RemoteServiceAdminInstance
>         synchronized (importedServices) {
>             LOG.info("Removing all services imported by this RSA instance");
>             for (ImportRegistration ir : importedServices) {
> -                LOG.finest("Closing ImportRegistration "+ir);
> +                LOG.finest("Closing ImportRegistration " + ir);
>                 ir.close();
>             }
>         }
>         synchronized (exportedServices) {
>             LOG.info("Removing all services exported by this RSA instance");
>             for (ExportRegistration er : exportedServices) {
> -                LOG.finest("Closing ExportRegistration "+er);
> +                LOG.finest("Closing ExportRegistration " + er);
>                 er.close();
>             }
>         }
>
>
>

Mime
View raw message