felix-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Hasan <ha...@trialox.org>
Subject Re: Please help in enabling security
Date Mon, 24 Nov 2008 13:23:28 GMT
Dear Karl

We have built the framework.security and installed it as a bundle.
Additionally, we have written two bundles: TestBundle and PermissionManager.
The TestBundle is supposed to be able to create a file if the 
PermissionManager
sets the required Permissions.
We use scr to bind the ConditionalPermissionAdmin service in the 
PermissionManager.
However, we already got errors when we install and start PermissionManager.
(the command services in felix listed no service and the command ps in 
felix said
StartLevel service is unavailable).

Could you please advice what we may have done wrong? what we have to do 
before
we may define permissions?

Please find below the contents of PermissionManager and the output of 
felix session.

The contents of PermissionManager:
----------------------------------
package org.example.permmgmt;
import java.io.FilePermission;

import org.osgi.service.component.ComponentContext;
import org.osgi.service.condpermadmin.BundleLocationCondition;
import org.osgi.service.condpermadmin.ConditionInfo;
import org.osgi.service.condpermadmin.ConditionalPermissionAdmin;
import org.osgi.service.permissionadmin.PermissionInfo;

/**
 *
 * @scr.component
 * @scr.reference name="conditionalPermissionAdmin"
 *      cardinality="0..n" policy="dynamic"
 *      
interface="org.osgi.service.condpermadmin.ConditionalPermissionAdmin"
 *
 */
public class PermissionManager {

    private ConditionalPermissionAdmin cpa;

    protected void activate(ComponentContext context) throws Exception {
        System.out.println("Activating PermissionManager");

        if (cpa == null) {
            System.out.println("No ConditionalPermissionAdmin service");
            return;
        }
        cpa.addConditionalPermissionInfo(
                new ConditionInfo[]{
                    new ConditionInfo(
                    BundleLocationCondition.class.getName(),
                    new 
String[]{"file:/home/hasan/workspaces/testbundle1/target/testbundle1-1.0-SNAPSHOT.jar"})
                },
                new PermissionInfo[]{
                    new PermissionInfo(
                    FilePermission.class.getName(), "helloWorld.txt", 
"write")
                });
        System.out.println("cpi added");
    }

    protected void 
bindConditionalPermissionAdmin(ConditionalPermissionAdmin cpa) {
        System.out.println("Binding ConditionalPermissionAdmin");
        this.cpa = cpa;
    }

    protected void 
unbindConditionalPermissionAdmin(ConditionalPermissionAdmin cpa) {
        this.cpa = null;
    }
}



And the output of felix:
------------------------
Welcome to Felix.
=================

-> ps
START LEVEL 1
   ID   State         Level  Name
[   0] [Active     ] [    0] System Bundle (1.4.0)
[   1] [Active     ] [    1] Apache Felix Shell Service (1.0.2)
[   2] [Active     ] [    1] Apache Felix Shell TUI (1.0.2)
[   3] [Active     ] [    1] Apache Felix Bundle Repository (1.2.1)
-> start 
http://mirror.switch.ch/mirror/apache/dist/felix/org.apache.felix.scr-1.0.6.jar
-> start 
file:///home/hasan/workspaces/framework.security/target/org.apache.felix.framework.security-0.9.0-SNAPSHOT.jar
-> ps
START LEVEL 1
   ID   State         Level  Name
[   0] [Active     ] [    0] System Bundle (1.4.0)
[   1] [Active     ] [    1] Apache Felix Shell Service (1.0.2)
[   2] [Active     ] [    1] Apache Felix Shell TUI (1.0.2)
[   3] [Active     ] [    1] Apache Felix Bundle Repository (1.2.1)
[   4] [Active     ] [    1] Apache Felix Declarative Services (1.0.6)
[   5] [Resolved   ] [    1] Apache Felix Security Provider (0.9.0.SNAPSHOT)
-> services

System Bundle (0) provides:
---------------------------
org.osgi.service.startlevel.StartLevel
org.osgi.service.packageadmin.PackageAdmin
org.osgi.service.permissionadmin.PermissionAdmin
org.osgi.service.condpermadmin.ConditionalPermissionAdmin

Apache Felix Shell Service (1) provides:
----------------------------------------
org.apache.felix.shell.ShellService, 
org.ungoverned.osgi.service.shell.ShellService

Apache Felix Bundle Repository (3) provides:
--------------------------------------------
org.osgi.service.obr.RepositoryAdmin

Apache Felix Declarative Services (4) provides:
-----------------------------------------------
org.apache.felix.scr.ScrService
-> start 
file:///home/hasan/workspaces/permmgmtagent/target/permmgmt-1.0-SNAPSHOT.jar
-> Binding ConditionalPermissionAdmin
Activating PermissionManager

-> services
-> ps
StartLevel service is unavailable.
   ID   State        Name
ShellTui: java.security.AccessControlException: access denied 
(org.osgi.framework.AdminPermission (id=0) metadata)
java.security.AccessControlException: access denied 
(org.osgi.framework.AdminPermission (id=0) metadata)
    at 
java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
    at 
java.security.AccessController.checkPermission(AccessController.java:546)
    at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
    at org.apache.felix.framework.Felix.getHeaders(Felix.java:480)
    at org.apache.felix.framework.Felix.getHeaders(Felix.java:471)
    at 
org.apache.felix.shell.impl.PsCommandImpl.execute(PsCommandImpl.java:128)
    at 
org.apache.felix.shell.impl.Activator$ExecutePrivileged.run(Activator.java:365)
    at java.security.AccessController.doPrivileged(Native Method)
    at 
org.apache.felix.shell.impl.Activator$ShellServiceImpl.executeCommand(Activator.java:264)
    at 
org.apache.felix.shell.tui.Activator$ShellTuiRunnable.run(Activator.java:167)
    at java.lang.Thread.run(Thread.java:619)


Thanks and kind regards
Hasan



Hasan wrote:
> Dear Karl, dear Pierre,
>
> Thanks for the prompt reply.
> I will try Karl's suggestion.
>
> Best regards
> Hasan
>
> Karl Pauls wrote:
>> Hello Hasan,
>>
>> the framework needs allpermission. That is what the OSGi specification
>> requires. It might be possible to limit it to specific permissions but
>> it wouldn't be much left. Now, when the framework has allpermissions
>> that doesn't have to imply that bundles have allpermissions as well.
>> However, at the moment that is the case if you use the standard felix
>> only. What you would have to do is to use the PermissionAdmin service
>> or the ConditionalPermissionAdmin service to set the permissions for a
>> bundle.
>>
>> Problem is, we don't have released versions of the two services. We do
>> have some implementations in trunk but they are in an alpha state. In
>> case you want to give it a try: build the framework.security
>> subproject (in trunk/framework.security) and install the resulting
>> artifact as a bundle into felix. That will make the two services
>> available. See the core spec for how to use them.
>>
>> regards,
>>
>> Karl
>>
>> On Mon, Nov 24, 2008 at 10:50 AM, Hasan <hasan@trialox.org> wrote:
>>  
>>> Thanks Pierre,
>>>
>>> My intention is just to give as many permissions as necessary to 
>>> felix, but
>>> not all.
>>> Thus, I assume there must be a way to define permissions for felix 
>>> so that
>>> it can install
>>> a new bundle without throwing exceptions. Since, if I gave felix all
>>> permissions there
>>> is no such exception thrown.
>>>
>>> Kind regards
>>> Hasan
>>>
>>> Pierre Parrend wrote:
>>>    
>>>> Dear Hassan,
>>>>
>>>> with the permissions, you have to define a specific URL Handler for 
>>>> the
>>>> http protocol. See the class org.apache.felix.framework.URLHandlers 
>>>> (from my
>>>> memory, the name may be slighty different) for examples for other 
>>>> protocols.
>>>>
>>>> I have an implementation on another computer, you should manage to 
>>>> adapt
>>>> the code yourself, otherwise I can look for my old code.
>>>>
>>>> best regards,
>>>> Pierre
>>>>
>>>> Hasan wrote:
>>>>      
>>>>> Dear Pierre, dear all
>>>>>
>>>>> Thanks for the file. I use and modify your file (see below). With 
>>>>> this
>>>>> policy file
>>>>> however, I cannot install a new bundle. It throwed
>>>>> java.net.MalformedURLException:
>>>>>
>>>>> Welcome to Felix.
>>>>> =================
>>>>>
>>>>> -> install
>>>>> http://mirror.switch.ch/mirror/apache/dist/felix/org.apache.felix.scr-1.0.6.jar

>>>>>
>>>>> java.net.MalformedURLException: Unknown protocol: http
>>>>>
>>>>> What must be added to the policy file so that it works? Thanks in 
>>>>> advance
>>>>> for answering.
>>>>>
>>>>> -- BEGIN of my additional policy file used when starting 
>>>>> felix-1.4.0 --
>>>>> grant codeBase "file:${user.home}/sw/felix-1.4.0/-" {
>>>>>   permission java.util.PropertyPermission "*", "read,write";
>>>>>   permission java.io.FilePermission 
>>>>> "${user.home}/sw/felix-1.4.0/conf/*",
>>>>> "read";
>>>>>   permission java.io.FilePermission "${user.home}/sw/felix-1.4.0/-",
>>>>> "read,write,delete";
>>>>>
>>>>> //    permission java.io.FilePermission "${user.home}/-",
>>>>> "read,write,delete";
>>>>>   permission java.io.FilePermission "bundle.lastmodified", "read";
>>>>>   permission java.io.FilePermission "bundle/*", "read";
>>>>>
>>>>>   permission java.io.FilePermission "./felix-cache", "read,write";
>>>>>   permission java.io.FilePermission "./felix-cache/-",
>>>>> "read,write,delete";
>>>>>
>>>>>   permission java.net.NetPermission "specifyStreamHandler";
>>>>> //    permission java.net.SocketPermission "*", "resolve, connect";
>>>>>   permission java.net.SocketPermission "*",
>>>>> "accept,connect,listen,resolve";
>>>>>
>>>>>   permission java.lang.RuntimePermission "createSecurityManager";
>>>>>   permission java.lang.RuntimePermission "getProtectionDomain";
>>>>>   permission java.lang.RuntimePermission "setFactory";
>>>>>   permission java.lang.RuntimePermission "createClassLoader";
>>>>>   permission java.lang.RuntimePermission
>>>>> "accessClassInPackage.sun.reflect";
>>>>>   permission java.lang.RuntimePermission "accessDeclaredMembers";
>>>>>   permission java.lang.RuntimePermission "shutdownHooks";
>>>>>
>>>>>   permission java.lang.reflect.ReflectPermission 
>>>>> "suppressAccessChecks";
>>>>>
>>>>>   permission org.osgi.framework.AdminPermission "*", "lifecycle";
>>>>>   permission org.osgi.framework.AdminPermission "*", "metadata";
>>>>>   permission org.osgi.framework.AdminPermission "*", "listener";
>>>>>   permission org.osgi.framework.AdminPermission "*", "execute";
>>>>>   permission org.osgi.framework.AdminPermission "*", "startlevel";
>>>>>   permission org.osgi.framework.AdminPermission "*",
>>>>> "extensionLifecycle";
>>>>>
>>>>>   permission org.osgi.framework.PackagePermission "*", 
>>>>> "export,import";
>>>>>   permission org.osgi.framework.ServicePermission "*", 
>>>>> "register,get";
>>>>> };
>>>>>
>>>>> -- END of my additional policy file used when starting felix-1.4.0 --
>>>>>
>>>>> Kind regards
>>>>> Hasan
>>>>>
>>>>> Pierre Parrend wrote:
>>>>>        
>>>>>>  Dear Hasan, dear all,
>>>>>>
>>>>>> here is a permission file which I used some times ago. You need 
>>>>>> to adapt
>>>>>> it
>>>>>> to your own configuration, and probably to update it to match the
>>>>>> current
>>>>>> state of the Felix implementation:
>>>>>>
>>>>>> grant codeBase "file:$FELIX_HOME/-" {
>>>>>>
>>>>>>    permission java.util.PropertyPermission "*", "read,write";
>>>>>>    permission java.io.FilePermission "$FELIX_HOME/main/conf/*", 
>>>>>> "read";
>>>>>>
>>>>>>    permission java.io.FilePermission "$USER_HOME/-",
>>>>>> "read,write,delete";
>>>>>>    permission java.io.FilePermission "bundle.lastmodified", "read";
>>>>>>    permission java.io.FilePermission "bundle/*", "read";
>>>>>>
>>>>>>    permission java.net.NetPermission "specifyStreamHandler";
>>>>>>    permission java.net.SocketPermission "*", "resolve, connect";
>>>>>>
>>>>>>    permission java.lang.RuntimePermission "createSecurityManager";
>>>>>>    permission java.lang.RuntimePermission "getProtectionDomain";
>>>>>>    permission java.lang.RuntimePermission "setFactory";
>>>>>>    permission java.lang.RuntimePermission "createClassLoader";
>>>>>>    permission java.lang.RuntimePermission
>>>>>> "accessClassInPackage.sun.reflect";
>>>>>>    permission java.lang.RuntimePermission "accessDeclaredMembers";
>>>>>>    permission java.lang.RuntimePermission "shutdownHooks";
>>>>>>
>>>>>>    permission java.lang.reflect.ReflectPermission
>>>>>> "suppressAccessChecks";
>>>>>>
>>>>>>    permission org.osgi.framework.AdminPermission "*", "lifecycle";
>>>>>>    permission org.osgi.framework.AdminPermission "*", "metadata";
>>>>>>    permission org.osgi.framework.AdminPermission "*", "listener";
>>>>>>    permission org.osgi.framework.AdminPermission "*", "execute";
>>>>>>
>>>>>>    permission org.osgi.framework.PackagePermission "*", "export";
>>>>>>    permission org.osgi.framework.ServicePermission "*", 
>>>>>> "register, get";
>>>>>> };
>>>>>>
>>>>>> When reading the file, I wonder while the PackagePermission is 
>>>>>> set to
>>>>>> 'export' only, and do not include 'import'. If you get errors you

>>>>>> should
>>>>>> add
>>>>>> it simply.
>>>>>>
>>>>>> best regards,
>>>>>> Pierre
>>>>>>
>>>>>> -- 
>>>>>> ==============================================================
>>>>>> Pierre Parrend
>>>>>> Software Engineering (SE)
>>>>>> Tel: +49 721 9654 - 620
>>>>>> Fax: +49 721 9654 - 623
>>>>>> E-Mail: parrend@fzi.de
>>>>>>
>>>>>> ==============================================================
>>>>>>
>>>>>> FZI Forschungszentrum Informatik an der Universität Karlsruhe
>>>>>> Haid-und-Neu-Str. 10-14, 76131 Karlsruhe
>>>>>> Tel.: +49 721 9654 - 0, Fax: +49 721 9654 - 959
>>>>>>
>>>>>> Stiftung des bürgerlichen Rechts
>>>>>> Stiftung Az: 14-0563.1 Regierungspräsidium Karlsruhe
>>>>>>
>>>>>> Vorstand:
>>>>>> Prof. Dr.-Ing. Rüdiger Dillmann
>>>>>> Dipl. Wi.-Ing. Michael Flor
>>>>>> Prof. Dr. Dr.-Ing. Jivka Ovtcharova
>>>>>> Prof. Dr. rer. nat. Rudi Studer
>>>>>>
>>>>>> Vorsitzender des Kuratoriums:
>>>>>> Ministerialdirigent Günther Leßnerkraus
>>>>>>
>>>>>> ==============================================================
>>>>>>
>>>>>>
>>>>>>
>>>>>> -----Original Message-----
>>>>>> From: Hasan [mailto:hasan@trialox.org]
>>>>>> Sent: Wed 11/19/2008 11:36 AM
>>>>>> To: users@felix.apache.org
>>>>>> Subject: Re: Please help in enabling security
>>>>>>  Hi again,
>>>>>>
>>>>>> If I put the following line in all.policy
>>>>>> grant { permission java.security.AllPermission; };
>>>>>>
>>>>>> then I can start felix successfully.
>>>>>> I hope this solve my problem starting felix with security enabled.
>>>>>>
>>>>>> Note, that in the slide set "Building Secure OSGi Applications"
>>>>>> the line reads as follows which I think is wrong:
>>>>>> grant { permission java.lang.AllPermission };
>>>>>>
>>>>>> Regards
>>>>>> Hasan
>>>>>>
>>>>>> Hasan wrote:
>>>>>>
>>>>>>          
>>>>>>> Dear all
>>>>>>>
>>>>>>> We would like to use osgi security mechanism (conditional 
>>>>>>> permission
>>>>>>> admin) and thus
>>>>>>> are trying to enable security when invoking felix (version 
>>>>>>> 1.4.0) as
>>>>>>> follows
>>>>>>>
>>>>>>> $ java -Djava.security.manager -Djava.security.policy=all.policy

>>>>>>> -jar
>>>>>>> bin/felix.jar
>>>>>>>
>>>>>>> There were some AccessControlException which we could fix by

>>>>>>> adapting
>>>>>>> java.policy file
>>>>>>> In the end however, we got a NullPointerException as shown below.
>>>>>>>
>>>>>>> -- BEGIN OF FELIX ERROR MESSAGE --
>>>>>>> Welcome to Felix.
>>>>>>> =================
>>>>>>>
>>>>>>> ERROR: Unable to start system bundle. 
>>>>>>> (java.lang.NullPointerException:
>>>>>>> Specified service reference cannot be null.)
>>>>>>> java.lang.NullPointerException: Specified service reference 
>>>>>>> cannot be
>>>>>>> null.
>>>>>>>   at
>>>>>>>
>>>>>>>             
>>>>>> org.apache.felix.framework.BundleContextImpl.getService(BundleContextImpl.ja

>>>>>>
>>>>>> va:320)
>>>>>>          
>>>>>>>   at
>>>>>>>
>>>>>>>             
>>>>>> org.apache.felix.main.AutoActivator.processAutoProperties(AutoActivator.java

>>>>>>
>>>>>> :77)
>>>>>>          
>>>>>>>   at 
>>>>>>> org.apache.felix.main.AutoActivator.start(AutoActivator.java:55)
>>>>>>>   at
>>>>>>>
>>>>>>>             
>>>>>> org.apache.felix.framework.util.SecureAction$Actions.run(SecureAction.java:1

>>>>>>
>>>>>> 071)
>>>>>>          
>>>>>>>   at java.security.AccessController.doPrivileged(Native Method)
>>>>>>>   at
>>>>>>>
>>>>>>>             
>>>>>> org.apache.felix.framework.util.SecureAction.startActivator(SecureAction.jav

>>>>>>
>>>>>> a:580)
>>>>>>          
>>>>>>>   at
>>>>>>>
>>>>>>>             
>>>>>> org.apache.felix.framework.Felix$SystemBundleActivator.start(Felix.java:3761

>>>>>>
>>>>>> )
>>>>>>          
>>>>>>>   at
>>>>>>>
>>>>>>>             
>>>>>> org.apache.felix.framework.util.SecureAction$Actions.run(SecureAction.java:1

>>>>>>
>>>>>> 071)
>>>>>>          
>>>>>>>   at java.security.AccessController.doPrivileged(Native Method)
>>>>>>>   at
>>>>>>>
>>>>>>>             
>>>>>> org.apache.felix.framework.util.SecureAction.startActivator(SecureAction.jav

>>>>>>
>>>>>> a:580)
>>>>>>          
>>>>>>>   at org.apache.felix.framework.Felix.init(Felix.java:849)
>>>>>>>   at org.apache.felix.framework.Felix.start(Felix.java:881)
>>>>>>>   at org.apache.felix.main.Main.main(Main.java:213)
>>>>>>> Could not create framework: java.lang.RuntimeException: Unable

>>>>>>> to start
>>>>>>> system bundle.
>>>>>>> java.lang.RuntimeException: Unable to start system bundle.
>>>>>>>   at org.apache.felix.framework.Felix.init(Felix.java:857)
>>>>>>>   at org.apache.felix.framework.Felix.start(Felix.java:881)
>>>>>>>   at org.apache.felix.main.Main.main(Main.java:213)
>>>>>>>
>>>>>>> -- END OF FELIX ERROR MESSAGE --
>>>>>>>
>>>>>>> Any help and tips to enable security and solve this problem is

>>>>>>> highly
>>>>>>> appreciated.
>>>>>>>
>>>>>>> Kind regards
>>>>>>> Hasan
>>>>>>>
>>>>>>>
>>>>>>>             
>>>>>>           
>>> -- 
>>> --trialox ag--------------------------------------
>>>
>>>  Hasan Hasan
>>>  Binzmühlestrasse 14
>>>  CH-8050 Zürich
>>>  Tel: 0041-44-63 57577
>>>  Fax: 0041-44-63 57574
>>>  URL: http://www.trialox.ch
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
>>> For additional commands, e-mail: users-help@felix.apache.org
>>>
>>>
>>>     
>>
>>
>>
>>   
>

-- 
--trialox ag--------------------------------------

  Hasan Hasan
  Binzmühlestrasse 14
  CH-8050 Zürich
  Tel: 0041-44-63 57577
  Fax: 0041-44-63 57574
  URL: http://www.trialox.ch


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
For additional commands, e-mail: users-help@felix.apache.org


Mime
View raw message