karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Achim Nierbeck (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (KARAF-3400) Enabling Java System Security and OSGi security leaves Karaf in unusable state
Date Fri, 18 Dec 2015 11:46:46 GMT

    [ https://issues.apache.org/jira/browse/KARAF-3400?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15063869#comment-15063869
] 

Achim Nierbeck commented on KARAF-3400:
---------------------------------------

[~olli] ... it's all in the description. 
Since the creation of this bug, I never had time to work on it. 

> Enabling Java System Security and OSGi security leaves Karaf in unusable state
> ------------------------------------------------------------------------------
>
>                 Key: KARAF-3400
>                 URL: https://issues.apache.org/jira/browse/KARAF-3400
>             Project: Karaf
>          Issue Type: Bug
>          Components: karaf-core
>    Affects Versions: 3.0.2, 4.0.0.M1
>            Reporter: Achim Nierbeck
>            Assignee: Jean-Baptiste Onofré
>
> It seems to boil down to the new functionalities of OSGi, like Bundle Adapt fails with
the default security configuration 
> {code}
> java.security.AccessControlException: access denied ("org.osgi.framework.AdaptPermission"
"org.osgi.framework.wiring.BundleRevision" "adapt")
> 	at java.security.AccessControlContext.checkPermission(AccessControlContext.java:372)
> 	at org.eclipse.osgi.internal.permadmin.EquinoxSecurityManager.internalCheckPermission(EquinoxSecurityManager.java:117)
> 	at org.eclipse.osgi.internal.permadmin.EquinoxSecurityManager$CheckPermissionAction.run(EquinoxSecurityManager.java:60)
> 	at java.security.AccessController.doPrivileged(Native Method)
> {code}
> Just switch framework to equinox and enable the security params in etc/system.properties
> {code}
> #
> # By default, only Karaf shell commands are secured, but additional services can be
> #
> # To enable OSGi security, uncomment the properties below,
> # install the framework-security feature and restart.
> #
> java.security.policy=${karaf.etc}/all.policy
> org.osgi.framework.security=osgi
> org.osgi.framework.trust.repositories=${karaf.etc}/trustStore.ks
> {code}
> This also happens with Felix but needs the additional Felix.Security bundle to be installed.




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message