felix-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Karl Pauls <karlpa...@gmail.com>
Subject Re: Is instance based security possible?
Date Fri, 05 Feb 2016 11:28:09 GMT
Out of the box, no - I don't think this is possible.

You might be able to make something work but it would depend a lot on your
specific set-up and you'd need to be able to make the instances cooperate
somehow (i.e., a generic solution probably is not possible - the only thing
you might get to work generically is to make it based on Threads an follow
a JAAS like approach but it doesn't sound like this is what you are looking
for).

regards,

Karl

On Fri, Feb 5, 2016 at 11:51 AM, Simon <simon-pobox1@outlook.com> wrote:

> From my understanding OSGi security
>
> i.e. tow instance of the same class MyClass which is part of bundle
> MyBundle
> share the same security conditions defined for bundle MyBundle. So if I
> have
> the following:
>
> [code]
> MyClass a = new MyClass("dirA");
> MyClass b = new MyClass("dirB");
> [/code]
>
> These two classes will share the same security permission when for example
> using this:
>
> [code]
> ALLOW {
>   [org.osgi.service.condpermadmin.BundleLocationCondition "MyBundle.jar"]
>   ( java.io.FilePermission "dirA" "read,write" )
>   ( java.io.FilePermission "dirB" "read,write" )
> } "MyCheck"
> [/code]
>
> However what if I want to make sure that MyClass instance "A" never access
> "dirB" and instance "B" never access "dirA".
>
> Is there a way how this is possible without actually packaging MyClass in
> two different bundles? (obviously using different symbolic names, etc for
> each bundle)?
>
>
>
> --
> View this message in context:
> http://apache-felix.18485.x6.nabble.com/Is-instance-based-security-possible-tp5016405.html
> Sent from the Apache Felix - Users mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
> For additional commands, e-mail: users-help@felix.apache.org
>
>


-- 
Karl Pauls
karlpauls@gmail.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message