Java Reference
In-Depth Information
Here you check whether you've already asked the user by looking at the
m_alreadyAsked
flag, which is only necessary to avoid a race condition if multiple
threads are trying to set the initial value; after that, the framework will cache the result
because the condition is immutable. If the user hasn't already been asked, you create
a new
AskTheUser
object with your question
C
and call its
ask()
method. When you
get the result, you set the
alreadyAsked
flag to
true
D
to make sure that the user is
asked only one time for the given bundle. Finally, you return the result or invert the
result if
“!”
was specified in the
ConditionInfo
.
A slightly complicated part of this example is that you need to perform the call to
the
ask()
method using
AccessController.doPrivileged()
B
. This is because the
use of Swing will result in a lot of additional permission checks, so you must limit the
protection domains involved to the protection domain of the condition itself. Because
the condition must be on the class path, it'll have the protection domain of the frame-
work, which needs to have
AllPermission
. If, for whatever reason, you get an excep-
tion, you return
false
.
This completes the
AskTheUserCondition
implementation. If you package it as an
extension bundle or add it to the framework class path, you can use it to let the user
make security decisions by including it in your policy file like this:
ACCEPT {
[ org.foo.AskTheUserCondition "Do you want to allow $symbolic-name to
provide a shape?" ]
( org.osgi.framework.ServicePermission "org.foo.shape.SimpleShape"
"register")
}
We've covered a lot of ground in this chapter, so you should be commended for mak-
ing it this far. To wrap up the discussion on security, we'll look at an example that pulls
everything together.
14.8
Bringing it all back home
What's left is to show you how to start a framework with security enabled. You need to
make sure a security manager is installed in the system and tell the framework where it
can find the trusted root certificates. You can either set a custom security manager or
have the framework install its own security manager. Typically, you need to set the fol-
lowing two framework-configuration properties:
■
org.osgi.framework.security
—Tells the framework to set the security manager
■
org.osgi.framework.trust.repositories
—As mentioned earlier, specifies
the repositories of trusted certificates
The
org.osgi.framework.security
property value can be either an empty string or
osgi
. In either case, the framework sets the
JVM
security manager to an implementa-
tion-specific one when started. If the property isn't specified, the framework doesn't
set the security manager; security will still work if a security manager is already set, but
not all features of
OSG
i security may work. In particular, if the existing security man-
ager uses
AccessController
, postponed conditions won't work.
