felix-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stephen Higgs <shi...@redhat.com>
Subject Re: felix bundle security
Date Wed, 18 May 2016 17:12:56 GMT
Thanks!

----- Original Message -----
From: "Karl Pauls" <karlpauls@gmail.com>
To: users@felix.apache.org
Sent: Wednesday, May 18, 2016 10:45:48 AM
Subject: Re: felix bundle security

Yes, that should be possible. If you create a custom condition it will get
passed in the Bundle object in question for evaluation. That is when you
could inspect the bundle. Next, all you need to do is to basically start
with a security policy that only grant permissions to bundles that pass
your custom condition.

You can have a look at this example for a custom condition and how to use
it:
https://github.com/mcculls/osgi-in-action/tree/master/chapter14/combined-example

regards,

Karl

On Wed, May 18, 2016 at 4:37 PM, Stephen Higgs <shiggs@redhat.com> wrote:

> So I could write my own logic that checks the bundle via a "custom
> condition"?  That would be perfect - is there a resource that you would
> recommend that shows how to implement a custom condition?
>
> Thanks!
>
> --Stephen
>
> ----- Original Message -----
> From: "Karl Pauls" <karlpauls@gmail.com>
> To: users@felix.apache.org
> Sent: Wednesday, May 18, 2016 9:34:28 AM
> Subject: Re: felix bundle security
>
> Hm, I guess you could do that, yes. However, are you sure you want to
> implement your own provider? If you are running with security enabled, why
> not just use the existing provider and write your own custom condition that
> checks the bundle?
>
> regards,
>
> Karl
>
> On Wed, May 18, 2016 at 2:54 PM, Stephen Higgs <shiggs@redhat.com> wrote:
>
> > [Note - Originally Sent to Karaf users list, but may be more appropriate
> > for the felix users list]
> >
> > Hi all,
> >
> > If I wanted to implement custom logic to examine bundles that are
> > installed for security purposes, would the following be appropriate?
> >
> > 1) set org.osgi.framework.security=osgi
> > 2) create an implementation of
> > org.apache.felix.framework.ext.SecurityProvider
> > 3) add the new security provider to startup.properties
> >
> > Would this achieve the desired ability to checkBundle() for all bundles
> > during startup and thereafter?
> >
> > Thank you,
> >
> > Stephen Higgs
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
> > For additional commands, e-mail: users-help@felix.apache.org
> >
> >
>
>
> --
> Karl Pauls
> karlpauls@gmail.com
> http://twitter.com/karlpauls
> http://www.linkedin.com/in/karlpauls
> https://profiles.google.com/karlpauls
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
> For additional commands, e-mail: users-help@felix.apache.org
>
>


-- 
Karl Pauls
karlpauls@gmail.com
http://twitter.com/karlpauls
http://www.linkedin.com/in/karlpauls
https://profiles.google.com/karlpauls

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
For additional commands, e-mail: users-help@felix.apache.org


Mime
View raw message