Example 1 with EquinoxSecurityManager
use of org.eclipse.osgi.internal.permadmin.EquinoxSecurityManager in project rt.equinox.framework by eclipse.
the class SystemBundleActivator method installSecurityManager.
private void installSecurityManager(EquinoxConfiguration configuration) throws BundleException {
String securityManager = configuration.getConfiguration(Constants.FRAMEWORK_SECURITY);
if (System.getSecurityManager() != null && securityManager != null) {
// $NON-NLS-1$ //$NON-NLS-2$
throw new BundleException("Cannot specify the \"" + Constants.FRAMEWORK_SECURITY + "\" configuration property when a security manager is already installed.");
}
if (securityManager == null) {
// $NON-NLS-1$
securityManager = configuration.getConfiguration(EquinoxConfiguration.PROP_EQUINOX_SECURITY, configuration.getProperty("java.security.manager"));
}
if (securityManager != null) {
SecurityManager sm = System.getSecurityManager();
if (sm == null) {
if (securityManager.length() == 0)
// use the default one from java
sm = new SecurityManager();
else if (securityManager.equals(Constants.FRAMEWORK_SECURITY_OSGI))
// use an OSGi enabled manager that understands postponed conditions
sm = new EquinoxSecurityManager();
else {
// try to use a specific classloader by classname
try {
Class<?> clazz = Class.forName(securityManager);
sm = (SecurityManager) clazz.newInstance();
} catch (ClassNotFoundException e) {
// do nothing
} catch (ClassCastException e) {
// do nothing
} catch (InstantiationException e) {
// do nothing
} catch (IllegalAccessException e) {
// do nothing
}
}
if (sm == null)
throw new NoClassDefFoundError(securityManager);
if (configuration.getDebug().DEBUG_SECURITY)
// $NON-NLS-1$
Debug.println("Setting SecurityManager to: " + sm);
System.setSecurityManager(sm);
setSecurityManagner = sm;
return;
}
}
}
Also used :
EquinoxSecurityManager(org.eclipse.osgi.internal.permadmin.EquinoxSecurityManager)
EquinoxSecurityManager(org.eclipse.osgi.internal.permadmin.EquinoxSecurityManager)
Example 2 with EquinoxSecurityManager
use of org.eclipse.osgi.internal.permadmin.EquinoxSecurityManager in project rt.equinox.framework by eclipse.
the class EquinoxBundle method hasPermission.
@Override
public boolean hasPermission(Object permission) {
Generation current = (Generation) module.getCurrentRevision().getRevisionInfo();
ProtectionDomain domain = current.getDomain();
if (domain != null) {
if (permission instanceof Permission) {
SecurityManager sm = System.getSecurityManager();
if (sm instanceof EquinoxSecurityManager) {
/*
* If the FrameworkSecurityManager is active, we need to do checks the "right" way.
* We can exploit our knowledge that the security context of FrameworkSecurityManager
* is an AccessControlContext to invoke it properly with the ProtectionDomain.
*/
AccessControlContext acc = new AccessControlContext(new ProtectionDomain[] { domain });
try {
sm.checkPermission((Permission) permission, acc);
return true;
} catch (Exception e) {
return false;
}
}
return domain.implies((Permission) permission);
}
return false;
}
return true;
}
Also used :
ProtectionDomain(java.security.ProtectionDomain)
Generation(org.eclipse.osgi.storage.BundleInfo.Generation)
EquinoxSecurityManager(org.eclipse.osgi.internal.permadmin.EquinoxSecurityManager)
AccessControlContext(java.security.AccessControlContext)
Permission(java.security.Permission)
AdminPermission(org.osgi.framework.AdminPermission)
AdaptPermission(org.osgi.framework.AdaptPermission)
EquinoxSecurityManager(org.eclipse.osgi.internal.permadmin.EquinoxSecurityManager)
BundleException(org.osgi.framework.BundleException)
IOException(java.io.IOException)
Aggregations
EquinoxSecurityManager (org.eclipse.osgi.internal.permadmin.EquinoxSecurityManager)2
IOException (java.io.IOException)1
AccessControlContext (java.security.AccessControlContext)1
Permission (java.security.Permission)1
ProtectionDomain (java.security.ProtectionDomain)1
Generation (org.eclipse.osgi.storage.BundleInfo.Generation)1
AdaptPermission (org.osgi.framework.AdaptPermission)1
AdminPermission (org.osgi.framework.AdminPermission)1
BundleException (org.osgi.framework.BundleException)1
