From user-return-16207-apmail-geronimo-user-archive=geronimo.apache.org@geronimo.apache.org Thu Aug 30 00:27:02 2012 Return-Path: X-Original-To: apmail-geronimo-user-archive@www.apache.org Delivered-To: apmail-geronimo-user-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 00A5FD9F0 for ; Thu, 30 Aug 2012 00:27:02 +0000 (UTC) Received: (qmail 1756 invoked by uid 500); 30 Aug 2012 00:27:01 -0000 Delivered-To: apmail-geronimo-user-archive@geronimo.apache.org Received: (qmail 1732 invoked by uid 500); 30 Aug 2012 00:27:01 -0000 Mailing-List: contact user-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: user@geronimo.apache.org List-Id: Delivered-To: mailing list user@geronimo.apache.org Received: (qmail 1724 invoked by uid 99); 30 Aug 2012 00:27:01 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 30 Aug 2012 00:27:01 +0000 X-ASF-Spam-Status: No, hits=-2.8 required=5.0 tests=FSL_RCVD_USER,HTML_MESSAGE,RCVD_IN_DNSWL_HI,SPF_HELO_PASS,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: local policy) Received: from [203.254.224.34] (HELO mailout4.samsung.com) (203.254.224.34) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 30 Aug 2012 00:26:50 +0000 Received: from epcpsbgm1.samsung.com (epcpsbgm1 [203.254.230.26]) by mailout4.samsung.com (Oracle Communications Messaging Server 7u4-24.01(7.0.4.24.0) 64bit (built Nov 17 2011)) with ESMTP id <0M9J001MFL7VDPF0@mailout4.samsung.com> for user@geronimo.apache.org; Thu, 30 Aug 2012 09:26:27 +0900 (KST) Received: from epcpsbgm1.samsung.com ( [172.20.52.118]) by epcpsbgm1.samsung.com (EPCPMTA) with SMTP id ED.33.17335.333BE305; Thu, 30 Aug 2012 09:26:27 +0900 (KST) X-AuditID: cbfee61a-b7fc66d0000043b7-5f-503eb3331a44 Received: from epmmp2 ( [203.254.227.17]) by epcpsbgm1.samsung.com (EPCPMTA) with SMTP id 8D.33.17335.333BE305; Thu, 30 Aug 2012 09:26:27 +0900 (KST) Received: from JBPC ([70.8.51.82]) by mmp2.samsung.com (Oracle Communications Messaging Server 7u4-24.01 (7.0.4.24.0) 64bit (built Nov 17 2011)) with ESMTPA id <0M9J00JYPL7Y8V90@mmp2.samsung.com> for user@geronimo.apache.org; Thu, 30 Aug 2012 09:26:27 +0900 (KST) From: JAEBOO JUNG To: user@geronimo.apache.org Subject: OSGi Bundle Permissions on Geronimo Date: Thu, 30 Aug 2012 09:27:24 +0900 Message-id: <000a01cd8646$3d0e6a40$b72b3ec0$@samsung.com> MIME-version: 1.0 Content-type: multipart/alternative; boundary="----=_NextPart_000_000B_01CD8691.ACF798E0" X-Mailer: Microsoft Outlook 14.0 Thread-index: Ac2GRhv8LA+bhf0JSTaui0w3J4fRaA== Content-language: ko DLP-Filter: Pass X-MTR: 20000000000000000@CPGS X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrIIsWRmVeSWpSXmKPExsWyRsSkTNd4s12AwZsVOhbtz0scGD2m7XzA GsAYxWWTkpqTWZZapG+XwJWx9tZqtoKrOhVHF+5iamDsVeti5OSQEDCReH7rCguELSZx4d56 ti5GLg4hgaWMEpPunmOHKbqx4DY7RGI6o8TZlfOhnH4mifsPTjB3MXJwsAloSRzYLgfSICIg I9HRvhWsWVhAR+LJzxmsIDaLgKrE7p/dYDavgKXElp3TGSFsQYkfk++BXcEsEC3R/OYsK8Ri BYkdZ18zQszUkzjX9YYRokZEYt+Ld4wQMwUkvk0+xAJygoSArMSmA8wgp0kITGaXWL6kG+oz SYmDK26wTGAUmYVk3Swk62YhGTsLaBQz0Lq2jYwQYXmJ7W/nMEPYuhL/n8PY2hLLFr5mXsDI vopRNLUguaA4KT3XUK84Mbe4NC9dLzk/dxMjMIJO/3smtYNxZYPFIUYBDkYlHl6OTLsAIdbE suLK3EOMEhzMSiK8n1YChXhTEiurUovy44tKc1KLDzEmAz03kVlKNDkfGN15JfGGxsYmZiam lhZGJubGpAkrifPy9xkGCAmkJ5akZqemFqQWwWxh4uCUamBUrpS7FcDTrT/z4fl6w89Xsv6n BHoltl5PXpgqsfOwT1LyNA3e6FfS/KsLX7z/V36Cv3uV5eHkNYqs3kkyBxndpol9YXR3D628 kLcwbcqEjtrF7TvM4+S37538L+nLv9WCPf6/zv/dtnSBiNt6z81Hgl/+22J/vc5e2OnLaRH1 Ty4ni/cfOOOlxFKckWioxVxUnAgA70WZq+QCAAA= X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmpgleLIzCtJLcpLzFFi42I5/e+xoK7xZrsAg84HKhbtz0scGD2m7XzA GsAY1cBok5GamJJapJCal5yfkpmXbqvkHRzvHG9qZmCoa2hpYa6kkJeYm2qr5OIToOuWmQM0 VUmhLDGnFCgUkFhcrKRvh2lCaIibrgVMY4Sub0gQXI+RARpIWMOYsfbWaraCqzoVRxfuYmpg 7FXrYuTkkBAwkbix4DY7hC0mceHeerYuRi4OIYHpjBJnV85nh3D6mSTuPzjB3MXIwcEmoCVx YLscSIOIgIxER/tWsGZhAR2JJz9nsILYLAKqErt/doPZvAKWElt2TmeEsAUlfky+xwJiMwtE SzS/OcsKsVhBYsfZ14wQM/UkznW9YYSoEZHY9+Id4wRGvllI2mchaZ+FpGwW0HXMQO1tGxkh wvIS29/OYYawdSX+P4extSWWLXzNvICRfRWjaGpBckFxUnquoV5xYm5xaV66XnJ+7iZGcHw+ k9rBuLLB4hCjAAejEg8vR6ZdgBBrYllxZe4hRgkOZiUR3k8rgUK8KYmVValF+fFFpTmpxYcY k4EBMJFZSjQ5H5g68kriDY2NTcxMzAyMjAwsjEkTVhLn5e8zDBASSE8sSc1OTS1ILYLZwsTB KdXAmFlWPSVPmaH9wluZw3Fz/RaE9iY9+irow9n6aU7mu65u3o0Zkm5phnNyFV/uuVq8cMmv so2TLjBfrJj0zsUjWGZ6M5d3+x42y+V7ti7fV7FjlVOba1v/pfflEToCApucVgearQp5ZsHH dPFYksZ3+/cuRgX3P0suu6jrGam5quWP64+a1IATSizFGYmGWsxFxYkAlqkMcBMDAAA= X-CFilter-Loop: Reflected This is a multipart message in MIME format. ------=_NextPart_000_000B_01CD8691.ACF798E0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit I am about to make a enterprise cloud OSGi web-service by using Apache Geronimo V3.0. The final goal is to make custom BundleManager(maybe it is a bundle too) that can do simple bundle action like install/uninstall/start/stop the other bundles from any users. Each bundle is WAB(web application bundle) and will be added in some Application Bundle. But I encounter some critical problems which can cause security issues. 1. Although only BundleManager I want to make can manage the bundle's lifecycle by using BundleContext , but any bundles made by some users can use BundleContext in Activator or any servlet in their bundles. So, for example, Bundle A(from user1) can get Bundle B(from user2) from BundleContext and Bundle A can stop or uninstall Bundle B with no permission though Bundle A is not BundleManager.. 2. I used to run java security manager and manipulate its(Bundle A) permission. but it didn't properly work. Besides I can access Geronimo Web Admin console with no login process . I think that allpermission in the policy file cause this situation. How can I achieve my goal. I heard that Composite bundle can isolate bundles, but Geronimo didn't support Composite Bundle(CBA). I really wait and appreciate all ideas. Thanks for all your help in advance :) ------=_NextPart_000_000B_01CD8691.ACF798E0 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

I am about to make a enterprise cloud OSGi web-service by = using Apache Geronimo V3.0.

The final goal is to make custom = BundleManager(maybe it is a bundle too) that can do simple bundle action = like install/uninstall/start/stop the other bundles from any = users.

Each = bundle is WAB(web application bundle) and will be added in some = Application Bundle.

But I encounter some critical problems which can cause = security issues.

 

1. Although only BundleManager I want to make can manage = the bundle's lifecycle by using BundleContext , but any bundles made by = some users can use BundleContext in Activator or any  servlet in = their bundles. So, for example, Bundle A(from user1) can get Bundle = B(from user2) from BundleContext and Bundle A can stop or uninstall = Bundle B with no permission though Bundle A is not = BundleManager..

 

2. I used to run java security manager and manipulate = its(Bundle A) permission. but it didn't properly work. Besides I can = access Geronimo Web Admin console with no login process . I think that = allpermission in the policy file cause this = situation.

 

How can I achieve my goal. I heard that Composite bundle = can isolate bundles, but Geronimo didn't support Composite Bundle(CBA). = I really wait and appreciate all ideas. Thanks for all your help in = advance :)

------=_NextPart_000_000B_01CD8691.ACF798E0--