package org.argeo.cms.internal.kernel;
+import java.awt.image.Kernel;
import java.io.IOException;
+import java.net.URL;
import java.nio.file.Files;
import java.nio.file.Path;
+import java.security.AllPermission;
import java.util.Dictionary;
import java.util.List;
import java.util.Locale;
+import javax.security.auth.login.Configuration;
+
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.argeo.cms.CmsException;
-import org.argeo.node.ArgeoLogger;
import org.argeo.node.NodeConstants;
import org.argeo.node.NodeDeployment;
import org.argeo.node.NodeInstance;
import org.osgi.framework.BundleContext;
import org.osgi.framework.Constants;
import org.osgi.framework.ServiceReference;
+import org.osgi.service.condpermadmin.BundleLocationCondition;
+import org.osgi.service.condpermadmin.ConditionInfo;
+import org.osgi.service.condpermadmin.ConditionalPermissionAdmin;
+import org.osgi.service.condpermadmin.ConditionalPermissionInfo;
+import org.osgi.service.condpermadmin.ConditionalPermissionUpdate;
import org.osgi.service.log.LogReaderService;
+import org.osgi.service.permissionadmin.PermissionInfo;
+import org.osgi.service.useradmin.UserAdmin;
/**
* Activates the {@link Kernel} from the provided {@link BundleContext}. Gives
private static Activator instance;
private BundleContext bc;
- private CmsSecurity nodeSecurity;
+ // private CmsSecurity nodeSecurity;
private LogReaderService logReaderService;
// private ConfigurationAdmin configurationAdmin;
- private NodeLogger logger;
+ // private NodeLogger logger;
private CmsState nodeState;
private CmsDeployment nodeDeployment;
private CmsInstance nodeInstance;
// this.configurationAdmin = getService(ConfigurationAdmin.class);
try {
- nodeSecurity = new CmsSecurity();
+ // nodeSecurity = new CmsSecurity();
+ initSecurity();
initArgeoLogger();
initNode();
} catch (Exception e) {
}
}
+ private void initSecurity() {
+ if (System.getProperty(KernelConstants.JAAS_CONFIG_PROP) == null) {
+ String jaasConfig = KernelConstants.JAAS_CONFIG;
+ URL url = getClass().getClassLoader().getResource(jaasConfig);
+ // System.setProperty(KernelConstants.JAAS_CONFIG_PROP,
+ // url.toExternalForm());
+ KernelUtils.setJaasConfiguration(url);
+ }
+ // explicitly load JAAS configuration
+ Configuration.getConfiguration();
+
+ ConditionalPermissionAdmin permissionAdmin = bc
+ .getService(bc.getServiceReference(ConditionalPermissionAdmin.class));
+ ConditionalPermissionUpdate update = permissionAdmin.newConditionalPermissionUpdate();
+ // Self
+ update.getConditionalPermissionInfos()
+ .add(permissionAdmin.newConditionalPermissionInfo(null,
+ new ConditionInfo[] {
+ new ConditionInfo(BundleLocationCondition.class.getName(), new String[] { "*" }) },
+ new PermissionInfo[] { new PermissionInfo(AllPermission.class.getName(), null, null) },
+ ConditionalPermissionInfo.ALLOW));
+
+ }
+
private void initArgeoLogger() {
- logger = new NodeLogger(logReaderService);
- bc.registerService(ArgeoLogger.class, logger, null);
+ // logger = new NodeLogger(logReaderService);
+ // bc.registerService(ArgeoLogger.class, logger, null);
}
private void initNode() throws IOException {
}
public static GSSCredential getAcceptorCredentials() {
- return getCmsSecurity().getServerCredentials();
+ ServiceReference<UserAdmin> sr = instance.bc.getServiceReference(UserAdmin.class);
+ NodeUserAdmin userAdmin = (NodeUserAdmin) instance.bc.getService(sr);
+ return userAdmin.getAcceptorCredentials();
}
- static CmsSecurity getCmsSecurity() {
- return instance.nodeSecurity;
- }
+ // static CmsSecurity getCmsSecurity() {
+ // return instance.nodeSecurity;
+ // }
public String[] getLocales() {
// TODO optimize?