Uploaded image for project: 'Felix'
  1. Felix
  2. FELIX-849

checking a "self-defined" permission (extends java.security.Permission) does not work

VotersWatch issueWatchersLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • None
    • None
    • Conditional Permission Admin
    • None

    Description

      I have problems in using Permission derived from java.security.Permission
      with the felix ConditionalPermissionAdmin.

      I have 3 bundles:

      • PermissionManagement: defines MyPermission class and assigns this permission to all bundles
      • Provider: exposes a function f with security check on MyPermission
      • Consumer: try to use function f

      I run these bundles in felix + framework.security + scr and got access denied
      (Consumer is not allowed to use function f although MyPermission is already assigned to all bundles)

      Problems in detail:

      I have a bundle named PermissionManagement which defines a new Permission class
      as follows:

      public class MyPermission extends Permission {
      private String actions;

      public MyPermission(String name, String actions)

      { super(name); this.actions = actions; System.out.println("MyPermission constructor called with params: " + name + ", " + actions); }

      ...

      @Override
      public String getActions()

      { System.out.println("MyPermission getActions method called"); return this.actions; }

      }

      PermissionManagement also defines a class called "PermissionManager" to assign
      MyPermission to all bundles using ConditionalPermissionAdmin as follows:

      cpa.addConditionalPermissionInfo(new ConditionInfo[]

      { null }

      ,
      new PermissionInfo[]

      { new PermissionInfo( MyPermission.class.getName(), "MyName", "MyAction") }

      );

      Provider bundle defines a class DummyProvider which exposes a function F guarded with security check

      public String f() {
      MyPermission myPerm = new MyPermission("MyName", "MyAction");
      SecurityManager security = System.getSecurityManager();
      if (security != null)

      { security.checkPermission(myPerm); }

      return "test";
      }

      Consumer bundle has an Activator as follows:
      public class Activator implements BundleActivator {

      @Override
      public void start(BundleContext arg0) throws Exception

      { DummyProvider dp = new DummyProvider(); System.out.println(dp.f()); }

      ...
      }

      in felix shell
      -> start file:///.../consumer-1.0-SNAPSHOT.jar
      DummyProvider constructor called
      MyPermission constructor called with params: MyName, MyAction
      MyPermission hashCode method called
      MyPermission hashCode method called
      MyPermission hashCode method called
      MyPermission hashCode method called
      MyPermission getActions method called

      java.security.AccessControlException: access denied (testbundles.permissionmanagement.MyPermission MyName MyAction)

      Attachments

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            karlpauls Karl Pauls
            hasan Hasan Hasan
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment