9.2. OSGi Permissions
The OSGi framework defines the following new permissions, all of which are subclasses of java.security.BasicPermission.
9.2.1. AdminPermission
This class represents the permission to perform administrative operations in the framework. You can instantiate AdminPermission as follows:
AdminPermission adminPerm = new AdminPermission();
For example, if a class has the permission adminPerm, it is permitted to perform bundle life cycle operations.
9.2.2. ServicePermission
This class represents a permission to register a service to or to get a service from the service registry. The service's fully qualified class name (optionally with wildcard), and an action must be specified. The action is either “get” or “register.” For example,
ServicePermission sp1 =
new ServicePermission("com.acme.service.*", "get");
If a class has the permission sp1, it is allowed to get any service whose class name begins with com.acme.service. Such a permission may be granted exclusively to bundles of Acme's paying customers in a real deployment scenario.
ServicePermission sp2 =
new ServicePermission("com.acme.TaxService", "register");
Only the class with permission sp2 can register TaxService. Suppose TaxService calculates taxes. Without enforcing this permission, a malicious bundle could register an alleged TaxService, but in fact quietly steal your financial information as part of its implementation. By granting the permission judiciously, you can prevent distrusted bundles from publishing a Trojan horse service.
9.2.3. PackagePermission
This class represents a permission to import or to export a package. A package name (optionally with wildcard), and an action must be specified. The action is either “import” or “export.”
PackagePermission pp1 =
new PackagePermission("com.acme.service.print", "export");
Permission pp1 allows one to export the com.acme.service.print package. If one has PackagePermission to export a package, one also has PackagePermission to import the same package. In other words, for the same set of packages, the “export” PackagePermission implies the “import” PackagePermission.
PackagePermission pp2 =
new PackagePermission("*", "import");
Permission pp2 allows one to import any package.
9.2.4. Permission Required by the Framework APIs
Calling many framework APIs requires that the calling class have one of the previous permissions. Which permission is needed by which API is summarized in Table 9.1.
| Permissions | Interface | API |
|---|---|---|
| AdminPermission | BundleContext | installBundle |
| Bundle | start | |
| update | ||
| stop | ||
| uninstall | ||
| getHeaders | ||
| getLocation | ||
| ServicePermission | BundleContext | registerService |
| getServiceReference(s) | ||
| getService | ||
| PackagePermission | Not applicable | Not applicable |
Obviously, for methods on the BundleContext interface, registerService requires that the caller have the “register” ServicePermission, whereas getServiceReference(s) and getService requires the “get” ServicePermission.
Although not shown in Table 9.1, the behavior of ServiceListener is also affected by ServicePermission. Recall that when a service is registered, unregistered, or its service properties are modified, ServiceEvent is broadcast to the listeners. However, the broadcast is discriminatory: Only those bundles that have ServicePermission to “get” the service are notified through their service listeners. A bundle not permitted to get the service in the first place should not be allowed to learn any occurrence to the service either.
PackagePermission is checked when a bundle's package dependencies are resolved by the framework. There is no corresponding API.