Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
framework-3.2.2
-
None
Description
When I deny getClassloader with conditional permission admin for a specific bundle the bundle throws a securityexception when starting the bundle.
org.osgi.framework.BundleException: Activator start error in bundle HelloBundle [3].
at org.apache.felix.framework.Felix.activateBundle (Felix.java:1908)
at org.apache.felix.framework.Felix.startBundle (Felix.java:1783)
at org.apache.felix.framework.BundleImpl.start (BundleImpl.java:919)
at com.technicolor.osgi.bundle.bm.tasks.StartTask.run (StartTask.java:77)
at com.technicolor.osgi.bundle.bm.TaskQueue$1.run (TaskQueue.java:92)
at java.lang.Thread.run (Unknown Source, bco=16)
Caused by: java.lang.SecurityException: java.security.AccessControlException: permission failure
at org.apache.felix.framework.Felix$1.checkPermission (Felix.java:586)
at java.lang.ClassLoader.getParent (Unknown Source, bco=36)
at org.apache.felix.framework.ModuleImpl.getBootDelegationClassLoader (ModuleImpl.java:1654)
at org.apache.felix.framework.ModuleImpl.findClassOrResourceByDelegation (ModuleImpl.java:697)
at org.apache.felix.framework.ModuleImpl.access$400 (ModuleImpl.java:71)
at org.apache.felix.framework.ModuleImpl$ModuleClassLoader.loadClass (ModuleImpl.java:1768)
at java.lang.ClassLoader.loadClass (Native Method)
at java.lang.ClassLoader.handleLoadClass (Native Method)
at java.lang.ClassLoader.handleLoadClass (Native Method)
at HelloBundle.Activator.<init> (Activator.java:12)
at org.apache.felix.framework.Felix.createBundleActivator (Felix.java:3716)
at org.apache.felix.framework.Felix.activateBundle (Felix.java:1856)
... 5 more
Caused by: java.security.AccessControlException: permission failure
at java.security.AccessControlContext.checkPermission (Unknown Source, bco=47)
at java.security.AccessController.checkPermission (Unknown Source, bco=21)
at java.lang.SecurityManager.checkPermission (Unknown Source, bco=4)
at org.apache.felix.framework.Felix$1.checkPermission (Felix.java:587)
... 16 more
shouldn't "activator = (BundleActivator) clazz.newInstance();" in createBundleActivator happen in doPrivileged ? For example:
try {
activator = (BundleActivator) AccessController.doPrivileged(new PrivilegedExceptionAction() {
public Object run() throws Exception
});
} catch (PrivilegedActionException e)
works.