Hi David, I'm sorry but I currently don't have the time to implement the test cases. I will add them as soon as possible, probably in two weeks from now when I will have some more time on my hands.
Cheers, Marc David Bosschaert wrote: > Thanks Marc! > One comment I have is that there are no CXF-DOSGi unit tests for this > code. I know that it's tested in the OSGi TCK but it would be good to > have some tests for it in the CXF-DOSGi codebase. > Do you think you can add these? > > Cheers, > > David > > On 26 April 2010 08:30, <msch...@apache.org> wrote: >> Author: mschaaf >> Date: Mon Apr 26 07:30:42 2010 >> New Revision: 937947 >> >> URL: http://svn.apache.org/viewvc?rev=937947&view=rev >> Log: >> - some additions to the zookeeper discovery to be compiant with the TCK >> - some refactoring in the zookeeper discovery >> - added some basic security checks to the DSW to comply with the TCK >> security tests >> >> Added: >> cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/ >> >> cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm >> Modified: >> >> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java >> >> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java >> >> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java >> >> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java >> >> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java >> >> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java >> >> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java >> >> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java >> >> Modified: >> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java >> URL: >> http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java?rev=937947&r1=937946&r2=937947&view=diff >> ============================================================================== >> --- >> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java >> (original) >> +++ >> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/EndpointListenerTrackerCustomizer.java >> Mon Apr 26 07:30:42 2010 >> @@ -71,14 +71,21 @@ public class EndpointListenerTrackerCust >> for (String key : sref.getPropertyKeys()) { >> LOG.finest("modifiedService: property: " + key + " => " + >> sref.getProperty(key)); >> } >> - String[] scopes = >> getStringPlusProperty(sref.getProperty(EndpointListener.ENDPOINT_LISTENER_SCOPE)); >> - LOG.fine("trying to discover service for scopes[" + scopes.length + >> "]: "); >> + >> + String[] scopes = Util.getScopes(sref); >> + >> + LOG.info("trying to discover services for scopes[" + scopes.length >> + "]: "); >> if(scopes!=null) for (String scope : scopes) { >> - LOG.fine("Scope: "+scope); >> + LOG.info("Scope: "+scope); >> } >> if (scopes.length > 0) { >> for (String scope : scopes) { >> LOG.fine("*********** Handling scope: " + scope); >> + if("".equals(scope) || scope == null){ >> + LOG.warning("skipping empty scope from EndpointListener >> from " + sref.getBundle().getSymbolicName()); >> + continue; >> + } >> + >> String objClass = getObjectClass(scope); >> LOG.fine("*********** objectClass: " + objClass); >> >> @@ -100,10 +107,10 @@ public class EndpointListenerTrackerCust >> interest.im.close(); >> interest.im = null; >> } >> - >> + >> InterfaceMonitor dm = new >> InterfaceMonitor(zooKeeperDiscovery.getZookeeper(), >> objClass, >> interest, scope, bctx); >> - dm.process(); >> + dm.start(); >> interest.im = dm; >> >> List<String> handledScopes = >> handledEndpointlisteners.get(sref); >> @@ -149,34 +156,7 @@ public class EndpointListenerTrackerCust >> >> } >> >> - private String[] getStringPlusProperty(Object property) { >> - >> - if (property instanceof String) { >> - // System.out.println("String"); >> - String[] ret = new String[1]; >> - ret[0] = (String)property; >> - return ret; >> - } >> - >> - if (property instanceof String[]) { >> - // System.out.println("String[]"); >> - return (String[])property; >> - } >> - >> - if (property instanceof Collection) { >> - Collection col = (Collection)property; >> - // System.out.println("Collection: size "+col.size()); >> - String[] ret = new String[col.size()]; >> - int x = 0; >> - for (Object s : col) { >> - ret[x] = (String)s; >> - ++x; >> - } >> - return ret; >> - } >> - >> - return new String[0]; >> - } >> + >> >> // public void discoveredEndpont(EndpointDescription epd) { >> // LOG.info("Endpoint Discovered: " + epd.getProperties()); >> >> Modified: >> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java >> URL: >> http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java?rev=937947&r1=937946&r2=937947&view=diff >> ============================================================================== >> --- >> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java >> (original) >> +++ >> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceDataMonitorListenerImpl.java >> Mon Apr 26 07:30:42 2010 >> @@ -19,9 +19,12 @@ >> package org.apache.cxf.dosgi.discovery.zookeeper; >> >> import java.io.ByteArrayInputStream; >> +import java.util.Dictionary; >> import java.util.HashMap; >> import java.util.List; >> import java.util.Map; >> +import java.util.Properties; >> +import java.util.Set; >> import java.util.logging.Level; >> import java.util.logging.Logger; >> >> @@ -31,6 +34,8 @@ import org.apache.zookeeper.ZooKeeper; >> import org.apache.zookeeper.data.Stat; >> import org.jdom.Element; >> import org.osgi.framework.BundleContext; >> +import org.osgi.framework.Filter; >> +import org.osgi.framework.FrameworkUtil; >> import org.osgi.framework.ServiceReference; >> import org.osgi.service.remoteserviceadmin.EndpointDescription; >> import org.osgi.service.remoteserviceadmin.EndpointListener; >> @@ -63,6 +68,9 @@ public class InterfaceDataMonitorListene >> discoveredServiceTracker = dst; >> bctx = bc; >> this.scope = scope; >> + >> + >> + LOG.fine("InterfaceDataMonitorListenerImpl is recursive: >> "+recursive); >> } >> >> public synchronized void change() { >> @@ -94,7 +102,7 @@ public class InterfaceDataMonitorListene >> >> List<String> children; >> try { >> - LOG.fine("Processing " + znode); >> + LOG.info("Processing the children of " + znode); >> children = zookeeper.getChildren(znode, false); >> >> for (String child : children) { >> @@ -125,7 +133,7 @@ public class InterfaceDataMonitorListene >> try { >> Stat s = zookeeper.exists(node, false); >> if (s.getDataLength() <= 0) { >> - LOG.fine(node + " does not contain any discovery data"); >> + //LOG.info(node + " does not contain any discovery data"); >> return null; >> } >> byte[] data = zookeeper.getData(node, false, null); >> @@ -149,10 +157,27 @@ public class InterfaceDataMonitorListene >> if (bctx.getService(sref) instanceof EndpointListener) { >> EndpointListener epl = >> (EndpointListener)bctx.getService(sref); >> >> - LOG.info("calling EndpointListener; " + epl + "from >> bundle " >> - + sref.getBundle().getSymbolicName()); >> - >> - epl.endpointAdded(epd, scope); >> + // return the >first< matching scope of the listener >> + String[] scopes = Util.getScopes(sref); >> + for (String currentScope : scopes) { >> + LOG.fine("matching " + epd + " against >> "+currentScope); >> + Filter f = >> FrameworkUtil.createFilter(currentScope); >> + >> + Dictionary d = new Properties(); >> + Map<String, Object> props = epd.getProperties(); >> + Set<Map.Entry<String, Object>> entries = >> props.entrySet(); >> + for (Map.Entry<String, Object> entry : entries) >> { >> + d.put(entry.getKey(), entry.getValue()); >> + } >> + >> + if(f.match(d)){ >> + LOG.fine("MATCHED " + epd + "against >> "+currentScope); >> + LOG.info("calling EndpointListener; " + epl >> + " from bundle " >> + + >> sref.getBundle().getSymbolicName() + " based on scope ["+currentScope+"]"); >> + epl.endpointAdded(epd, currentScope); >> + break; >> + } >> + } >> } >> } >> } else if (!prevVal.equals(epd.getProperties())) { >> >> Modified: >> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java >> URL: >> http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java?rev=937947&r1=937946&r2=937947&view=diff >> ============================================================================== >> --- >> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java >> (original) >> +++ >> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/InterfaceMonitor.java >> Mon Apr 26 07:30:42 2010 >> @@ -40,12 +40,17 @@ public class InterfaceMonitor implements >> private boolean closed = false; >> >> public InterfaceMonitor(ZooKeeper zk, String intf, >> EndpointListenerTrackerCustomizer.Interest zkd, String scope, BundleContext >> bctx) { >> + LOG.fine("Creating new InterfaceMonitor for scope ["+scope+"] and >> objectClass ["+intf+"] "); >> listener = new InterfaceDataMonitorListenerImpl(zk, intf, >> zkd,scope,bctx); >> zookeeper = zk; >> znode = Util.getZooKeeperPath(intf); >> } >> >> - public void process() { >> + public void start() { >> + process(); >> + } >> + >> + private void process() { >> LOG.finest("Kicking off a zookeeper.exists() on node: " + znode); >> zookeeper.exists(znode, this, this, null); >> } >> >> Modified: >> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java >> URL: >> http://svn.apache.org/viewvc/cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java?rev=937947&r1=937946&r2=937947&view=diff >> ============================================================================== >> --- >> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java >> (original) >> +++ >> cxf/dosgi/trunk/discovery/distributed/cxf-discovery/src/main/java/org/apache/cxf/dosgi/discovery/zookeeper/Util.java >> Mon Apr 26 07:30:42 2010 >> @@ -18,10 +18,14 @@ >> */ >> package org.apache.cxf.dosgi.discovery.zookeeper; >> >> +import java.util.ArrayList; >> import java.util.Arrays; >> import java.util.Collection; >> import java.util.Collections; >> >> +import org.osgi.framework.ServiceReference; >> +import org.osgi.service.remoteserviceadmin.EndpointListener; >> + >> public class Util { >> static final String PATH_PREFIX = "/osgi/service_registry"; >> >> @@ -43,4 +47,44 @@ public class Util { >> return PATH_PREFIX + '/' + name.replace('.', '/'); >> } >> >> + >> + static String[] getStringPlusProperty(Object property) { >> + >> + if (property instanceof String) { >> + // System.out.println("String"); >> + String[] ret = new String[1]; >> + ret[0] = (String)property; >> + return ret; >> + } >> + >> + if (property instanceof String[]) { >> + // System.out.println("String[]"); >> + return (String[])property; >> + } >> + >> + if (property instanceof Collection) { >> + Collection col = (Collection)property; >> + // System.out.println("Collection: size "+col.size()); >> + String[] ret = new String[col.size()]; >> + int x = 0; >> + for (Object s : col) { >> + ret[x] = (String)s; >> + ++x; >> + } >> + return ret; >> + } >> + >> + return new String[0]; >> + } >> + >> + public static String[] getScopes(ServiceReference sref) { >> + String[] scopes = >> Util.getStringPlusProperty(sref.getProperty(EndpointListener.ENDPOINT_LISTENER_SCOPE)); >> + ArrayList<String> normalizedScopes = new >> ArrayList<String>(scopes.length); >> + for (String scope : scopes) { >> + if(scope!=null || "".equals(scope)) >> + normalizedScopes.add(scope); >> + } >> + return normalizedScopes.toArray(new >> String[normalizedScopes.size()]); >> + } >> + >> } >> >> Added: >> cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm >> URL: >> http://svn.apache.org/viewvc/cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm?rev=937947&view=auto >> ============================================================================== >> --- >> cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm >> (added) >> +++ >> cxf/dosgi/trunk/distribution/single-bundle/src/main/resources/OSGI-INF/permissions.perm >> Mon Apr 26 07:30:42 2010 >> @@ -0,0 +1,29 @@ >> +# >> +# Licensed to the Apache Software Foundation (ASF) under one >> +# or more contributor license agreements. See the NOTICE file >> +# distributed with this work for additional information >> +# regarding copyright ownership. The ASF licenses this file >> +# to you under the Apache License, Version 2.0 (the >> +# "License"); you may not use this file except in compliance >> +# with the License. You may obtain a copy of the License at >> +# >> +# http://www.apache.org/licenses/LICENSE-2.0 >> +# >> +# Unless required by applicable law or agreed to in writing, >> +# software distributed under the License is distributed on an >> +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY >> +# KIND, either express or implied. See the License for the >> +# specific language governing permissions and limitations >> +# under the License. >> +# >> + >> +(java.security.AllPermission ) >> + >> +(org.osgi.framework.PackagePermission "*" "import") >> +(org.osgi.framework.PackagePermission "*" "export") >> + >> +(org.osgi.framework.ServicePermission "*" "register") >> +(org.osgi.framework.ServicePermission "*" "get") >> + >> +(org.osgi.framework.AdminPermission "*" "metadata") >> +(org.osgi.framework.AdminPermission "*" "listen") >> >> Modified: >> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java >> URL: >> http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java?rev=937947&r1=937946&r2=937947&view=diff >> ============================================================================== >> --- >> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java >> (original) >> +++ >> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ClientServiceFactory.java >> Mon Apr 26 07:30:42 2010 >> @@ -18,6 +18,9 @@ >> */ >> package org.apache.cxf.dosgi.dsw.handlers; >> >> +import java.security.AccessController; >> +import java.security.PrivilegedAction; >> +import java.util.List; >> import java.util.logging.Level; >> import java.util.logging.Logger; >> >> @@ -51,14 +54,20 @@ public class ClientServiceFactory implem >> importRegistartion = ir; >> } >> >> - public Object getService(Bundle requestingBundle, ServiceRegistration >> sreg) { >> + public Object getService(final Bundle requestingBundle, final >> ServiceRegistration sreg) { >> String interfaceName = sd.getInterfaces() != null && >> sd.getInterfaces().size() > 0 ? (String)sd >> .getInterfaces().toArray()[0] : null; >> + >> LOG.info("************ getService() from serviceFactory for " + >> interfaceName); >> >> try { >> - Object proxy = handler.createProxy(sreg.getReference(), >> dswContext, requestingBundle >> - .getBundleContext(), iClass, sd); >> + Object proxy = AccessController.doPrivileged(new >> PrivilegedAction<Object>() { >> + public Object run() { >> + return handler.createProxy(sreg.getReference(), >> dswContext, requestingBundle >> + .getBundleContext(), >> iClass, sd); >> + } >> + }); >> + >> synchronized (this) { >> ++serviceCounter; >> } >> >> Modified: >> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java >> URL: >> http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java?rev=937947&r1=937946&r2=937947&view=diff >> ============================================================================== >> --- >> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java >> (original) >> +++ >> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ServiceInvocationHandler.java >> Mon Apr 26 07:30:42 2010 >> @@ -22,6 +22,9 @@ import java.lang.reflect.InvocationHandl >> import java.lang.reflect.InvocationTargetException; >> import java.lang.reflect.Method; >> import java.lang.reflect.Proxy; >> +import java.security.AccessController; >> +import java.security.PrivilegedAction; >> +import java.security.PrivilegedExceptionAction; >> import java.util.ArrayList; >> import java.util.Arrays; >> import java.util.Collection; >> @@ -45,7 +48,7 @@ public class ServiceInvocationHandler im >> introspectType(iType); >> } >> >> - public Object invoke(Object proxy, Method m, Object[] params) throws >> Throwable { >> + public Object invoke(Object proxy, final Method m, Object[] params) >> throws Throwable { >> if (OBJECT_METHODS.contains(m)) { >> if (m.getName().equals("equals")) { >> params = new Object[] >> {Proxy.getInvocationHandler(params[0])}; >> @@ -56,7 +59,12 @@ public class ServiceInvocationHandler im >> ClassLoader oldCl = Thread.currentThread().getContextClassLoader(); >> try { >> >> Thread.currentThread().setContextClassLoader(getClass().getClassLoader()); >> - return m.invoke(serviceObject, params); >> + final Object[] paramsFinal = params; >> + return AccessController.doPrivileged(new >> PrivilegedExceptionAction<Object>() { >> + public Object run() throws Exception { >> + return m.invoke(serviceObject, paramsFinal); >> + } >> + }); >> } catch (Throwable ex) { >> Throwable theCause = ex.getCause() == null ? ex : ex.getCause(); >> >> >> Modified: >> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java >> URL: >> http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java?rev=937947&r1=937946&r2=937947&view=diff >> ============================================================================== >> --- >> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java >> (original) >> +++ >> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminCore.java >> Mon Apr 26 07:30:42 2010 >> @@ -22,16 +22,12 @@ import java.util.ArrayList; >> import java.util.Collection; >> import java.util.Collections; >> import java.util.Dictionary; >> -import java.util.Enumeration; >> import java.util.HashMap; >> -import java.util.HashSet; >> import java.util.Hashtable; >> -import java.util.Iterator; >> import java.util.LinkedHashMap; >> import java.util.List; >> import java.util.Map; >> import java.util.Properties; >> -import java.util.Set; >> import java.util.logging.Logger; >> >> import org.apache.cxf.dosgi.dsw.ClassUtils; >> @@ -337,8 +333,8 @@ public class RemoteServiceAdminCore impl >> /** >> * Importing form here .... >> */ >> - public ImportRegistration importService(EndpointDescription endpoint) { >> - >> + public ImportRegistration importService(EndpointDescription endpoint) { >> + >> LOG.info("importService() Endpoint: " + endpoint.getProperties()); >> >> synchronized (importedServices) { >> >> Modified: >> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java >> URL: >> http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java?rev=937947&r1=937946&r2=937947&view=diff >> ============================================================================== >> --- >> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java >> (original) >> +++ >> cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/service/RemoteServiceAdminInstance.java >> Mon Apr 26 07:30:42 2010 >> @@ -1,23 +1,26 @@ >> /** >> - * Licensed to the Apache Software Foundation (ASF) under one >> - * or more contributor license agreements. See the NOTICE file >> - * distributed with this work for additional information >> - * regarding copyright ownership. The ASF licenses this file >> - * to you under the Apache License, Version 2.0 (the >> - * "License"); you may not use this file except in compliance >> - * with the License. You may obtain a copy of the License at >> - * >> - * http://www.apache.org/licenses/LICENSE-2.0 >> - * >> - * Unless required by applicable law or agreed to in writing, >> - * software distributed under the License is distributed on an >> - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY >> - * KIND, either express or implied. See the License for the >> - * specific language governing permissions and limitations >> - * under the License. >> - */ >> + * Licensed to the Apache Software Foundation (ASF) under one >> + * or more contributor license agreements. See the NOTICE file >> + * distributed with this work for additional information >> + * regarding copyright ownership. The ASF licenses this file >> + * to you under the Apache License, Version 2.0 (the >> + * "License"); you may not use this file except in compliance >> + * with the License. You may obtain a copy of the License at >> + * >> + * http://www.apache.org/licenses/LICENSE-2.0 >> + * >> + * Unless required by applicable law or agreed to in writing, >> + * software distributed under the License is distributed on an >> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY >> + * KIND, either express or implied. See the License for the >> + * specific language governing permissions and limitations >> + * under the License. >> + */ >> package org.apache.cxf.dosgi.dsw.service; >> >> +import java.security.AccessControlContext; >> +import java.security.AccessController; >> +import java.security.PrivilegedAction; >> import java.util.ArrayList; >> import java.util.Collection; >> import java.util.Collections; >> @@ -25,17 +28,18 @@ import java.util.List; >> import java.util.Map; >> import java.util.logging.Logger; >> >> +import org.apache.cxf.dosgi.dsw.OsgiUtils; >> import org.osgi.framework.BundleContext; >> import org.osgi.framework.ServiceReference; >> import org.osgi.service.remoteserviceadmin.EndpointDescription; >> +import org.osgi.service.remoteserviceadmin.EndpointPermission; >> import org.osgi.service.remoteserviceadmin.ExportRegistration; >> import org.osgi.service.remoteserviceadmin.ImportRegistration; >> import org.osgi.service.remoteserviceadmin.RemoteServiceAdmin; >> >> - >> public class RemoteServiceAdminInstance implements RemoteServiceAdmin { >> Logger LOG = >> Logger.getLogger(RemoteServiceAdminInstance.class.getName()); >> - >> + >> private BundleContext bctx; >> private RemoteServiceAdminCore rsaCore; >> >> @@ -51,38 +55,86 @@ public class RemoteServiceAdminInstance >> >> public List /* ExportRegistration */exportService(ServiceReference ref, >> Map properties) >> throws IllegalArgumentException, UnsupportedOperationException { >> - if (closed) >> - return Collections.EMPTY_LIST; >> >> - synchronized (exportedServices) { >> - List er = rsaCore.exportService(ref, properties); >> - if(er!=null) >> - exportedServices.addAll(er); >> - return er; >> + SecurityManager sm = System.getSecurityManager(); >> + EndpointPermission epp = new EndpointPermission("*", >> EndpointPermission.EXPORT); >> + >> + >> + if (sm != null) { >> + sm.checkPermission(epp); >> } >> + >> + >> + final ServiceReference refFinal = ref; >> + final Map propertiesFinal = properties; >> + >> + return AccessController.doPrivileged(new PrivilegedAction<List>() { >> + public List run() { >> + >> + if (closed) >> + return Collections.EMPTY_LIST; >> + >> + synchronized (exportedServices) { >> + List er = rsaCore.exportService(refFinal, >> propertiesFinal); >> + if (er != null) >> + exportedServices.addAll(er); >> + return er; >> + } >> + } >> + }); >> } >> >> public Collection getExportedServices() { >> + >> + SecurityManager sm = System.getSecurityManager(); >> + EndpointPermission epp = new EndpointPermission("*", >> EndpointPermission.READ); >> + if (sm != null) { >> + sm.checkPermission(epp); >> + } >> + >> if (closed) >> return null; >> return rsaCore.getExportedServices(); >> } >> >> public Collection getImportedEndpoints() { >> + >> + SecurityManager sm = System.getSecurityManager(); >> + EndpointPermission epp = new EndpointPermission("*", >> EndpointPermission.READ); >> + if (sm != null) { >> + sm.checkPermission(epp); >> + } >> + >> if (closed) >> return null; >> return rsaCore.getImportedEndpoints(); >> } >> >> public ImportRegistration importService(EndpointDescription endpoint) { >> - if (closed) >> - return null; >> - synchronized (importedServices) { >> - ImportRegistration ir = rsaCore.importService(endpoint); >> - if(ir!=null) >> - importedServices.add(ir); >> - return ir; >> + >> + final EndpointDescription epd = endpoint; >> + >> + SecurityManager sm = System.getSecurityManager(); >> + EndpointPermission epp = new EndpointPermission(epd, >> OsgiUtils.getUUID(bctx), >> + >> EndpointPermission.IMPORT); >> + if (sm != null) { >> + sm.checkPermission(epp); >> } >> + >> + return AccessController.doPrivileged(new >> PrivilegedAction<ImportRegistration>() { >> + public ImportRegistration run() { >> + >> + if (closed) >> + return null; >> + >> + synchronized (importedServices) { >> + ImportRegistration ir = rsaCore.importService(epd); >> + if (ir != null) >> + importedServices.add(ir); >> + return ir; >> + } >> + } >> + }); >> } >> >> public void close() { >> @@ -91,14 +143,14 @@ public class RemoteServiceAdminInstance >> synchronized (importedServices) { >> LOG.info("Removing all services imported by this RSA instance"); >> for (ImportRegistration ir : importedServices) { >> - LOG.finest("Closing ImportRegistration "+ir); >> + LOG.finest("Closing ImportRegistration " + ir); >> ir.close(); >> } >> } >> synchronized (exportedServices) { >> LOG.info("Removing all services exported by this RSA instance"); >> for (ExportRegistration er : exportedServices) { >> - LOG.finest("Closing ExportRegistration "+er); >> + LOG.finest("Closing ExportRegistration " + er); >> er.close(); >> } >> } >> >> >>
