[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
[equinox-dev] Don't get BundleSignerCondition to work
|
Hi all,
I want to use a BundleSignerCondition to configure permissions for
bundles. I'm using Equinox 3.5.1R35x_v20090827 (if this matters in any
case).
I've created a free trial certificate from VeriSign and imported it
into my keystore.
I'm starting Equinox, a "permission manager" bundle and a testing
bundle which is trying to write to a file located in /tmp.
The "permission manager" bundle is providing AllPermission for the
system bundle and the "permission manager" bundle itself. It then
reads a file to provide any other security policy.
That file consists of:
ALLOW {
# [ org.osgi.service.condpermadmin.BundleSignerCondition "cn=*,
o='VeriSign, Inc.'" ]
[org.osgi.service.condpermadmin.BundleLocationCondition
"*permTest-1.0.0.jar/"]
(org.osgi.framework.ServicePermission "*" "get, register")
(java.io.FilePermission "/tmp/*" "write")
(org.osgi.framework.PackagePermission "*" "*")
(java.security.AllPermission "*" "*")
} "x"
Using BundleLocationCondition (as shown) works as intended,
BundleSignerCondition isn't working :(.
Equinox is started with the following parameters:
java -Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=8000 \
-Declipse.security=osgi \
-Djava.security.policy=all.policy \
-Dosgi.signedcontent.support=all \
-Dosgi.framework.keystore=file:///~/devel/permissiontests/myKeystore.ks \
-Dcom.openmatics.box.policy.file=permissions.policy \
-Djava.security.debug=access:failure \
-jar org.eclipse.osgi-3.5.1.R35x_v20090827.jar -configuration $PWD -console
Any help to get BundleSignerCondition working will be appreciated!
Thanks in advance,
Ingo
