Gitiles
Code Review Sign In
gerrit.onosproject.org / onos-felix / bbd8a9765ae282c5dbf414698d2fb5a93e3652d2^! / .
commitbbd8a9765ae282c5dbf414698d2fb5a93e3652d2[log] [tgz]
authorChanghoon Yoon <chyoon87@kaist.ac.kr>Wed May 20 14:31:49 2015 -0700
committerBrian O'Connor <bocon@onlab.us>Wed May 20 14:39:28 2015 -0700
treefd9ce12717aea8f615c4fd593e1f6cafde6ae9ce
parent2308372a636fa53e44200567e1354c00dee82223 [diff]
ONOS-1858 Modifying Felix framework security to support Security-Mode ONOS

Change-Id: Iaaa07102d55407818dd208a9a874fd532dc778bd

diff --git a/framework.security/src/main/java/org/apache/felix/framework/SecurityActivator.java b/framework.security/src/main/java/org/apache/felix/framework/SecurityActivator.java
index 1106423..8282c05 100644
--- a/framework.security/src/main/java/org/apache/felix/framework/SecurityActivator.java
+++ b/framework.security/src/main/java/org/apache/felix/framework/SecurityActivator.java

@@ -202,7 +202,7 @@
             }
 
             SecurityProvider provider = new SecurityProviderImpl(crlList,
-                typeList, passwdList, storeList, pai, cpai, action, ((Felix) context.getBundle(0)).getLogger());
+                typeList, passwdList, storeList, pai, cpai, action, ((Felix) context.getBundle(0)).getLogger(), context);
 
             ((Felix) context.getBundle(0)).setSecurityProvider(provider);
         }

diff --git a/framework.security/src/main/java/org/apache/felix/framework/SecurityProviderImpl.java b/framework.security/src/main/java/org/apache/felix/framework/SecurityProviderImpl.java
index 405f909..f2fde79 100644
--- a/framework.security/src/main/java/org/apache/felix/framework/SecurityProviderImpl.java
+++ b/framework.security/src/main/java/org/apache/felix/framework/SecurityProviderImpl.java

@@ -18,6 +18,7 @@
  */
 package org.apache.felix.framework;
 
+import java.security.AccessControlException;
 import java.security.Permission;
 import java.security.ProtectionDomain;
 
@@ -29,8 +30,11 @@
 import org.apache.felix.framework.security.verifier.BundleDNParser;
 import org.apache.felix.framework.util.SecureAction;
 import org.osgi.framework.Bundle;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.FrameworkEvent;
 import org.osgi.framework.wiring.BundleRevision;
 
+
 /**
  * This class is the entry point to the security. It is used to determine
  * whether a given bundle is signed correctely and has permissions based on
@@ -42,16 +46,18 @@
     private final PermissionAdminImpl m_pai;
     private final ConditionalPermissionAdminImpl m_cpai;
     private final SecureAction m_action;
+    private final BundleContext m_context;
 
     SecurityProviderImpl(String crlList, String typeList, String passwdList,
         String storeList, PermissionAdminImpl pai,
-        ConditionalPermissionAdminImpl cpai, SecureAction action, Logger logger)
+        ConditionalPermissionAdminImpl cpai, SecureAction action, Logger logger, BundleContext context)
     {
         m_pai = pai;
         m_cpai = cpai;
         m_action = action;
         m_parser = new BundleDNParser(new TrustManager(crlList, typeList,
             passwdList, storeList, m_action), logger);
+        m_context = context;
     }
 
     /**
@@ -103,6 +109,10 @@
 
         if (result != null)
         {
+            if (!result.booleanValue()) {
+                ((Felix)m_context.getBundle(0)).fireFrameworkEvent(FrameworkEvent.ERROR, bundle,
+                        new AccessControlException("SM-ONOS", permission));
+            }
             if ((m_cpai != null) && !direct)
             {
                 boolean allow = result.booleanValue();