1 package org
.argeo
.cms
.internal
.osgi
;
3 import java
.security
.AllPermission
;
4 import java
.util
.Dictionary
;
6 import org
.argeo
.api
.cms
.CmsLog
;
7 import org
.osgi
.framework
.BundleActivator
;
8 import org
.osgi
.framework
.BundleContext
;
9 import org
.osgi
.framework
.Constants
;
10 import org
.osgi
.service
.condpermadmin
.BundleLocationCondition
;
11 import org
.osgi
.service
.condpermadmin
.ConditionInfo
;
12 import org
.osgi
.service
.condpermadmin
.ConditionalPermissionAdmin
;
13 import org
.osgi
.service
.condpermadmin
.ConditionalPermissionInfo
;
14 import org
.osgi
.service
.condpermadmin
.ConditionalPermissionUpdate
;
15 import org
.osgi
.service
.permissionadmin
.PermissionInfo
;
18 * Activates the kernel. Gives access to kernel information for the rest of the
19 * bundle (and only it)
21 public class CmsActivator
implements BundleActivator
{
22 private final static CmsLog log
= CmsLog
.getLog(CmsActivator
.class);
24 // TODO make it configurable
25 private boolean hardened
= false;
27 private static BundleContext bundleContext
;
35 // this.logReaderService = null;
36 } catch (Exception e
) {
37 log
.error("CMS activator shutdown failed", e
);
40 new GogoShellKiller().start();
43 protected void initSecurity() {
44 // code-level permissions
45 String osgiSecurity
= bundleContext
.getProperty(Constants
.FRAMEWORK_SECURITY
);
46 if (osgiSecurity
!= null && Constants
.FRAMEWORK_SECURITY_OSGI
.equals(osgiSecurity
)) {
47 // TODO rather use a tracker?
48 ConditionalPermissionAdmin permissionAdmin
= bundleContext
49 .getService(bundleContext
.getServiceReference(ConditionalPermissionAdmin
.class));
51 // All permissions to all bundles
52 ConditionalPermissionUpdate update
= permissionAdmin
.newConditionalPermissionUpdate();
53 update
.getConditionalPermissionInfos().add(permissionAdmin
.newConditionalPermissionInfo(null,
55 new ConditionInfo(BundleLocationCondition
.class.getName(), new String
[] { "*" }) },
56 new PermissionInfo
[] { new PermissionInfo(AllPermission
.class.getName(), null, null) },
57 ConditionalPermissionInfo
.ALLOW
));
58 // TODO data admin permission
59 // PermissionInfo dataAdminPerm = new PermissionInfo(AuthPermission.class.getName(),
60 // "createLoginContext." + NodeConstants.LOGIN_CONTEXT_DATA_ADMIN, null);
61 // update.getConditionalPermissionInfos().add(permissionAdmin.newConditionalPermissionInfo(null,
62 // new ConditionInfo[] {
63 // new ConditionInfo(BundleLocationCondition.class.getName(), new String[] { "*" }) },
64 // new PermissionInfo[] { dataAdminPerm }, ConditionalPermissionInfo.DENY));
65 // update.getConditionalPermissionInfos().add(permissionAdmin.newConditionalPermissionInfo(null,
66 // new ConditionInfo[] {
67 // new ConditionInfo(BundleSignerCondition.class.getName(), new String[] { "CN=\"Eclipse.org Foundation, Inc.\", OU=IT, O=\"Eclipse.org Foundation, Inc.\", L=Nepean, ST=Ontario, C=CA" }) },
68 // new PermissionInfo[] { dataAdminPerm }, ConditionalPermissionInfo.ALLOW));
71 SecurityProfile securityProfile
= new SecurityProfile() {
73 securityProfile
.applySystemPermissions(permissionAdmin
);
79 public static <T
> void registerService(Class
<T
> clss
, T service
, Dictionary
<String
, ?
> properties
) {
80 if (bundleContext
!= null) {
81 bundleContext
.registerService(clss
, service
, properties
);
86 public static <T
> T
getService(Class
<T
> clss
) {
87 if (bundleContext
!= null) {
88 return bundleContext
.getService(bundleContext
.getServiceReference(clss
));
99 public void start(BundleContext bc
) throws Exception
{
107 public void stop(BundleContext bc
) throws Exception
{
110 bundleContext
= null;
113 public static BundleContext
getBundleContext() {
114 return bundleContext
;