Subject.doAs is not considered by the spec and doesn't work well with the current approach we have inside the framework. This commit makes it work based on the current security policy installed. Furthermore, it is now possible (and needed) to assign permissions to bundles via the security policy (based on the bundle location - not certificates). In other words, as of now, correct permissions have to be assigned to the framework and bundles using the java security policy based on either the codesource or the subject, if subject.doAs is used. This is possible because bundles do have a codesource now and the bundle protection domain asks the installed policy for permissions in case no security provider is installed. (FELIX-654)

git-svn-id: https://svn.apache.org/repos/asf/felix/trunk@683310 13f79535-47bb-0310-9956-ffa450edef68
2 files changed