package org.argeo.cms.internal.kernel;
+import java.awt.image.Kernel;
import java.io.IOException;
import java.net.URL;
import java.nio.file.Files;
import java.nio.file.Path;
+import java.security.AllPermission;
import java.util.Dictionary;
import java.util.List;
import java.util.Locale;
+import javax.security.auth.login.Configuration;
+
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.argeo.cms.CmsException;
-import org.argeo.node.ArgeoLogger;
import org.argeo.node.NodeConstants;
import org.argeo.node.NodeDeployment;
import org.argeo.node.NodeInstance;
import org.argeo.node.NodeState;
import org.argeo.util.LangUtils;
+import org.ietf.jgss.GSSCredential;
import org.osgi.framework.BundleActivator;
import org.osgi.framework.BundleContext;
import org.osgi.framework.Constants;
import org.osgi.framework.ServiceReference;
+import org.osgi.service.condpermadmin.BundleLocationCondition;
+import org.osgi.service.condpermadmin.ConditionInfo;
import org.osgi.service.condpermadmin.ConditionalPermissionAdmin;
+import org.osgi.service.condpermadmin.ConditionalPermissionInfo;
+import org.osgi.service.condpermadmin.ConditionalPermissionUpdate;
import org.osgi.service.log.LogReaderService;
+import org.osgi.service.permissionadmin.PermissionInfo;
+import org.osgi.service.useradmin.UserAdmin;
/**
* Activates the {@link Kernel} from the provided {@link BundleContext}. Gives
* access to kernel information for the rest of the bundle (and only it)
*/
public class Activator implements BundleActivator {
- private final Log log = LogFactory.getLog(Activator.class);
+ private final static Log log = LogFactory.getLog(Activator.class);
private static Activator instance;
private BundleContext bc;
- private ConditionalPermissionAdmin permissionAdmin;
+ // private CmsSecurity nodeSecurity;
private LogReaderService logReaderService;
// private ConfigurationAdmin configurationAdmin;
- private NodeLogger logger;
+ // private NodeLogger logger;
private CmsState nodeState;
private CmsDeployment nodeDeployment;
private CmsInstance nodeInstance;
public void start(BundleContext bundleContext) throws Exception {
instance = this;
this.bc = bundleContext;
- this.permissionAdmin = getService(ConditionalPermissionAdmin.class);
this.logReaderService = getService(LogReaderService.class);
// this.configurationAdmin = getService(ConfigurationAdmin.class);
- initSecurity();// must be first
- initArgeoLogger();
try {
+ // nodeSecurity = new CmsSecurity();
+ initSecurity();
+ initArgeoLogger();
initNode();
} catch (Exception e) {
- e.printStackTrace();
- throw new CmsException("Cannot initialize node", e);
+ log.error("## FATAL: CMS activator failed", e);
+ // throw new CmsException("Cannot initialize node", e);
}
}
private void initSecurity() {
- URL url = getClass().getClassLoader().getResource(KernelConstants.JAAS_CONFIG);
- System.setProperty("java.security.auth.login.config", url.toExternalForm());
+ if (System.getProperty(KernelConstants.JAAS_CONFIG_PROP) == null) {
+ String jaasConfig = KernelConstants.JAAS_CONFIG;
+ URL url = getClass().getClassLoader().getResource(jaasConfig);
+ // System.setProperty(KernelConstants.JAAS_CONFIG_PROP,
+ // url.toExternalForm());
+ KernelUtils.setJaasConfiguration(url);
+ }
+ // explicitly load JAAS configuration
+ Configuration.getConfiguration();
+
+ ConditionalPermissionAdmin permissionAdmin = bc
+ .getService(bc.getServiceReference(ConditionalPermissionAdmin.class));
+ ConditionalPermissionUpdate update = permissionAdmin.newConditionalPermissionUpdate();
+ // Self
+ update.getConditionalPermissionInfos()
+ .add(permissionAdmin.newConditionalPermissionInfo(null,
+ new ConditionInfo[] {
+ new ConditionInfo(BundleLocationCondition.class.getName(), new String[] { "*" }) },
+ new PermissionInfo[] { new PermissionInfo(AllPermission.class.getName(), null, null) },
+ ConditionalPermissionInfo.ALLOW));
+
}
private void initArgeoLogger() {
- logger = new NodeLogger(logReaderService);
- bc.registerService(ArgeoLogger.class, logger, null);
+ // logger = new NodeLogger(logReaderService);
+ // bc.registerService(ArgeoLogger.class, logger, null);
}
private void initNode() throws IOException {
Files.write(stateUuidPath, stateUuid.getBytes());
}
nodeState = new CmsState(stateUuid);
- // Object cn;
- // Configuration nodeConf =
- // configurationAdmin.getConfiguration(NodeConstants.NODE_STATE_PID);
- // Dictionary<String, Object> props = nodeConf.getProperties();
- // if (props == null) {
- // if (log.isDebugEnabled())
- // log.debug("Clean node state");
- // Dictionary<String, Object> envProps = new Hashtable<>();
- // // Use the UUID of the first framework run as state UUID
- // cn = bc.getProperty(Constants.FRAMEWORK_UUID);
- // envProps.put(NodeConstants.CN, cn);
- // nodeConf.update(envProps);
- // } else {
- // cn = props.get(NodeConstants.CN);
- // if (cn == null)
- // throw new CmsException("No state UUID available");
- // }
- Dictionary<String, Object> regProps = LangUtils.init(Constants.SERVICE_PID, NodeConstants.NODE_STATE_PID);
+ Dictionary<String, Object> regProps = LangUtils.dico(Constants.SERVICE_PID, NodeConstants.NODE_STATE_PID);
regProps.put(NodeConstants.CN, stateUuid);
bc.registerService(NodeState.class, nodeState, regProps);
instance = null;
this.bc = null;
- this.permissionAdmin = null;
this.logReaderService = null;
// this.configurationAdmin = null;
}
return instance.nodeState;
}
+ public static GSSCredential getAcceptorCredentials() {
+ ServiceReference<UserAdmin> sr = instance.bc.getServiceReference(UserAdmin.class);
+ NodeUserAdmin userAdmin = (NodeUserAdmin) instance.bc.getService(sr);
+ return userAdmin.getAcceptorCredentials();
+ }
+
+ // static CmsSecurity getCmsSecurity() {
+ // return instance.nodeSecurity;
+ // }
+
public String[] getLocales() {
// TODO optimize?
List<Locale> locales = getNodeState().getLocales();
projects / lgpl / argeo-commons.git / blobdiff