I'm using Apache Felix 2.0.8
I've implemented a custom Permission that extends BasicPermission, activated the security manager (-Djava.s开发者_运维问答ecurity.manager) and specified my own policy file (-Djava.security.file="file:c:\blabla\myfile.policy")
From simple standalone test (a simple main method outside OSGi) I've asserted that my permission behaves correctly when I change my policy file. Everything is fine.
public static void main(String[] args) { try { AccessController.checkPermission(new MyPermission("foo")); System.out.println("OK"); } catch (SecurityException e) { System.out.println("NOK"); } }
In my OSGi bundle, I've noticed that the same code sample is fine when executed in both the main thread (in the callback of my activator) and some other thread started by me. However, as soon as it is executed from the AWT-EventQueue thread, that very same permission is always allowed.
Except the executing thread, I don't see any difference...
Has anyone ever experienced something similar?
In OSGi, the framework does not consult the policy file for the permissions of bundles. The permissions of bundles are set via the ConditionalPermissionAdmin (and the older PermissionAdmin) service. As a bootstrap, all bundles are granted AllPermission until some bundle "asserts" control and sets permissions for bundles. So, until you set permission information via ConditionalPermissionAdmin, all the bundles are running with AllPermission.
精彩评论