diff options
author | slewis | 2013-05-21 20:36:21 +0000 |
---|---|---|
committer | slewis | 2013-05-21 20:36:21 +0000 |
commit | 3e3b0e56c3c43bd718ccd58be7454de100894984 (patch) | |
tree | 3d9d956e7697e8a87acc0bd1a6eba427ada51f59 /osgi | |
parent | ace591c14193dcc2d2a337c99776023089e2d26b (diff) | |
download | org.eclipse.ecf-3e3b0e56c3c43bd718ccd58be7454de100894984.tar.gz org.eclipse.ecf-3e3b0e56c3c43bd718ccd58be7454de100894984.tar.xz org.eclipse.ecf-3e3b0e56c3c43bd718ccd58be7454de100894984.zip |
Permissions changes for bug
https://bugs.eclipse.org/bugs/show_bug.cgi?id=408532
Diffstat (limited to 'osgi')
9 files changed, 227 insertions, 142 deletions
diff --git a/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/OSGI-INF/permissions.perm b/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/OSGI-INF/permissions.perm index da9e63f45..476599759 100644 --- a/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/OSGI-INF/permissions.perm +++ b/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/OSGI-INF/permissions.perm @@ -26,14 +26,16 @@ (org.osgi.framework.PackagePermission "org.eclipse.ecf.osgi.services.remoteserviceadmin" "export") # Services (org.osgi.service.remoteserviceadmin.EndpointPermission "*" "read,export,import") -(org.osgi.framework.ServicePermission "org.osgi.service.remoteserviceadmin.RemoteServiceAdmin" "register,get") -(org.osgi.framework.ServicePermission "org.eclipse.ecf.osgi.services.remoteserviceadmin.IConsumerContainerSelector" "register,get") -(org.osgi.framework.ServicePermission "org.eclipse.ecf.osgi.services.remoteserviceadmin.IDiscoveredEndpointDescriptionFactory" "register,get") -(org.osgi.framework.ServicePermission "org.eclipse.ecf.osgi.services.remoteserviceadmin.IEndpointDescriptionAdvertiser" "register,get") -(org.osgi.framework.ServicePermission "org.eclipse.ecf.osgi.services.remoteserviceadmin.IEndpointDescriptionReader" "register,get") -(org.osgi.framework.ServicePermission "org.eclipse.ecf.osgi.services.remoteserviceadmin.IHostContainerSelector" "register,get") -(org.osgi.framework.ServicePermission "org.eclipse.ecf.osgi.services.remoteserviceadmin.IServiceInfoFactory" "register,get") -(org.osgi.framework.ServicePermission "org.osgi.framework.hooks.service.EventListenerHook" "register,get") +(org.osgi.framework.ServicePermission "org.osgi.service.remoteserviceadmin.RemoteServiceAdmin" "get,register") +(org.osgi.framework.ServicePermission "org.eclipse.ecf.osgi.services.remoteserviceadmin.IConsumerContainerSelector" "get,register") +(org.osgi.framework.ServicePermission "org.eclipse.ecf.osgi.services.remoteserviceadmin.IDiscoveredEndpointDescriptionFactory" "get,register") +(org.osgi.framework.ServicePermission "org.eclipse.ecf.osgi.services.remoteserviceadmin.IEndpointDescriptionAdvertiser" "get,register") +(org.osgi.framework.ServicePermission "org.eclipse.ecf.osgi.services.remoteserviceadmin.IEndpointDescriptionReader" "get,register") +(org.osgi.framework.ServicePermission "org.eclipse.ecf.osgi.services.remoteserviceadmin.IHostContainerSelector" "get,register") +(org.osgi.framework.ServicePermission "org.eclipse.ecf.osgi.services.remoteserviceadmin.IServiceInfoFactory" "get,register") +(org.osgi.framework.ServicePermission "org.osgi.framework.hooks.service.EventListenerHook" "register") +(org.osgi.framework.ServicePermission "org.eclipse.ecf.discovery.IDiscoveryAdvertiser" "get") +(org.osgi.framework.ServicePermission "org.osgi.service.remoteserviceadmin.RemoteServiceAdminListener" "get,register") (org.osgi.framework.ServicePermission "*" "get,register") # (org.osgi.service.event.TopicPermission "org/osgi/service/remoteserviceadmin/*" "publish") diff --git a/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/internal/osgi/services/remoteserviceadmin/Activator.java b/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/internal/osgi/services/remoteserviceadmin/Activator.java index f642811d9..71aca41fc 100644 --- a/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/internal/osgi/services/remoteserviceadmin/Activator.java +++ b/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/internal/osgi/services/remoteserviceadmin/Activator.java @@ -62,7 +62,7 @@ public class Activator implements BundleActivator { public IContainerManager getContainerManager() { return (IContainerManager) ContainerFactory.getDefault(); } - + private ServiceRegistration remoteServiceAdminRegistration; private EndpointDescriptionLocator endpointDescriptionLocator; @@ -118,7 +118,8 @@ public class Activator implements BundleActivator { private String[][] getSupportedConfigsAndIntents() { IContainerManager containerManager = getContainerManager(); - Assert.isNotNull(containerManager,"Container manager must be present to start ECF Remote Service Admin"); //$NON-NLS-1$ + Assert.isNotNull(containerManager, + "Container manager must be present to start ECF Remote Service Admin"); //$NON-NLS-1$ ContainerTypeDescription[] remoteServiceDescriptions = containerManager .getContainerFactory().getDescriptionsForContainerAdapter( IRemoteServiceContainerAdapter.class); @@ -210,10 +211,9 @@ public class Activator implements BundleActivator { new Integer(Integer.MIN_VALUE)); endpointDescriptionAdvertiser = new EndpointDescriptionAdvertiser( endpointDescriptionLocator); - endpointDescriptionAdvertiserRegistration = getContext() - .registerService( - IEndpointDescriptionAdvertiser.class.getName(), - endpointDescriptionAdvertiser, (Dictionary) properties); + endpointDescriptionAdvertiserRegistration = context.registerService( + IEndpointDescriptionAdvertiser.class.getName(), + endpointDescriptionAdvertiser, (Dictionary) properties); // start endpointDescriptionLocator endpointDescriptionLocator.start(); diff --git a/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/internal/osgi/services/remoteserviceadmin/LogUtility.java b/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/internal/osgi/services/remoteserviceadmin/LogUtility.java index 067ac0e8d..e9b5a60a7 100644 --- a/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/internal/osgi/services/remoteserviceadmin/LogUtility.java +++ b/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/internal/osgi/services/remoteserviceadmin/LogUtility.java @@ -20,13 +20,13 @@ public class LogUtility { logError(methodName, debugOption, clazz, message, null); traceException(methodName, debugOption, clazz, message, null); } - + public static void logInfo(String methodName, String debugOption, Class clazz, String message) { trace(methodName, debugOption, clazz, "INFO:" + message); //$NON-NLS-1$ Activator.getDefault().log( - new Status(IStatus.INFO, Activator.PLUGIN_ID, - IStatus.INFO, clazz.getName() + ":" //$NON-NLS-1$ + new Status(IStatus.INFO, Activator.PLUGIN_ID, IStatus.INFO, + clazz.getName() + ":" //$NON-NLS-1$ + ((methodName == null) ? "<unknown>" //$NON-NLS-1$ : methodName) + ":" //$NON-NLS-1$ + ((message == null) ? "<empty>" : message), //$NON-NLS-1$ diff --git a/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/internal/osgi/services/remoteserviceadmin/PropertiesUtil.java b/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/internal/osgi/services/remoteserviceadmin/PropertiesUtil.java index 82f997513..486c30c34 100644 --- a/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/internal/osgi/services/remoteserviceadmin/PropertiesUtil.java +++ b/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/internal/osgi/services/remoteserviceadmin/PropertiesUtil.java @@ -272,7 +272,8 @@ public class PropertiesUtil { for (Iterator i = propMap.keySet().iterator(); i.hasNext();) { Object key = i.next(); Object val = propMap.get(key); - if (key != null && val != null) result.put(key, val); + if (key != null && val != null) + result.put(key, val); } return result; } diff --git a/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/osgi/services/remoteserviceadmin/AbstractMetadataFactory.java b/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/osgi/services/remoteserviceadmin/AbstractMetadataFactory.java index 27c93d29e..90c19e61a 100644 --- a/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/osgi/services/remoteserviceadmin/AbstractMetadataFactory.java +++ b/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/osgi/services/remoteserviceadmin/AbstractMetadataFactory.java @@ -49,7 +49,7 @@ public abstract class AbstractMetadataFactory { } private final Long DEFAULT_LONG = new Long(0); - + protected Long decodeLong(IServiceProperties props, String name) { Object o = props.getProperty(name); if (o == null) diff --git a/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/osgi/services/remoteserviceadmin/AbstractTopologyManager.java b/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/osgi/services/remoteserviceadmin/AbstractTopologyManager.java index 6380931f8..4190756db 100644 --- a/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/osgi/services/remoteserviceadmin/AbstractTopologyManager.java +++ b/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/osgi/services/remoteserviceadmin/AbstractTopologyManager.java @@ -9,6 +9,8 @@ ******************************************************************************/ package org.eclipse.ecf.osgi.services.remoteserviceadmin; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.Iterator; import java.util.List; import java.util.Map; @@ -71,16 +73,22 @@ public abstract class AbstractTopologyManager { */ protected IEndpointDescriptionAdvertiser getEndpointDescriptionAdvertiser( org.osgi.service.remoteserviceadmin.EndpointDescription endpointDescription) { - synchronized (endpointDescriptionAdvertiserTrackerLock) { - if (endpointDescriptionAdvertiserTracker == null) { - endpointDescriptionAdvertiserTracker = new ServiceTracker( - getContext(), - IEndpointDescriptionAdvertiser.class.getName(), null); - endpointDescriptionAdvertiserTracker.open(); - } - } - IEndpointDescriptionAdvertiser advertiser = (IEndpointDescriptionAdvertiser) endpointDescriptionAdvertiserTracker - .getService(); + IEndpointDescriptionAdvertiser advertiser = AccessController + .doPrivileged(new PrivilegedAction<IEndpointDescriptionAdvertiser>() { + public IEndpointDescriptionAdvertiser run() { + synchronized (endpointDescriptionAdvertiserTrackerLock) { + if (endpointDescriptionAdvertiserTracker == null) { + endpointDescriptionAdvertiserTracker = new ServiceTracker( + getContext(), + IEndpointDescriptionAdvertiser.class + .getName(), null); + endpointDescriptionAdvertiserTracker.open(); + } + } + return (IEndpointDescriptionAdvertiser) endpointDescriptionAdvertiserTracker + .getService(); + } + }); if (advertiser == null) logWarning("handleOSGiEndpointAdded", //$NON-NLS-1$ "No endpoint description advertiser available for endpointDescription=" //$NON-NLS-1$ @@ -130,8 +138,8 @@ public abstract class AbstractTopologyManager { protected org.osgi.service.remoteserviceadmin.RemoteServiceAdmin getRemoteServiceAdmin() { synchronized (remoteServiceAdminTrackerLock) { if (remoteServiceAdminTracker == null) { - remoteServiceAdminTracker = new ServiceTracker(Activator.getContext(), - createRSAFilter(), null); + remoteServiceAdminTracker = new ServiceTracker( + Activator.getContext(), createRSAFilter(), null); remoteServiceAdminTracker.open(); } } diff --git a/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/osgi/services/remoteserviceadmin/EndpointDescription.java b/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/osgi/services/remoteserviceadmin/EndpointDescription.java index 5de479f76..ea961a6cc 100644 --- a/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/osgi/services/remoteserviceadmin/EndpointDescription.java +++ b/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/osgi/services/remoteserviceadmin/EndpointDescription.java @@ -211,7 +211,7 @@ public class EndpointDescription extends && getServiceId() == other.getServiceId() && frameworkId .equals(other.getFrameworkUUID())); } - + /* * (non-Javadoc) * @@ -224,12 +224,12 @@ public class EndpointDescription extends return overrides; return super.getProperties(); } - + public String toString() { StringBuffer sb = new StringBuffer("ECFEndpointDescription["); //$NON-NLS-1$ sb.append("id").append(getId()); //$NON-NLS-1$ sb.append(";endpoint.service.id=").append(getServiceId()); //$NON-NLS-1$ - sb.append(";frameworkid=").append(getFrameworkUUID()).append("]"); //$NON-NLS-1$//$NON-NLS-2$ + sb.append(";frameworkid=").append(getFrameworkUUID()).append("]"); //$NON-NLS-1$//$NON-NLS-2$ return sb.toString(); } } diff --git a/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/osgi/services/remoteserviceadmin/EndpointDescriptionLocator.java b/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/osgi/services/remoteserviceadmin/EndpointDescriptionLocator.java index ed65b12fd..238a3f50a 100644 --- a/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/osgi/services/remoteserviceadmin/EndpointDescriptionLocator.java +++ b/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/osgi/services/remoteserviceadmin/EndpointDescriptionLocator.java @@ -12,6 +12,8 @@ package org.eclipse.ecf.osgi.services.remoteserviceadmin; import java.io.IOException; import java.io.InputStream; import java.net.URL; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.ArrayList; import java.util.Arrays; import java.util.Collection; @@ -343,23 +345,30 @@ public class EndpointDescriptionLocator { } public IDiscoveryAdvertiser[] getDiscoveryAdvertisers() { - synchronized (advertiserTrackerLock) { - if (advertiserTracker == null) { - advertiserTracker = new ServiceTracker(context, - IDiscoveryAdvertiser.class.getName(), null); - advertiserTracker.open(); - } - } - ServiceReference[] advertiserRefs = advertiserTracker - .getServiceReferences(); - if (advertiserRefs == null) - return null; - List<IDiscoveryAdvertiser> results = new ArrayList<IDiscoveryAdvertiser>(); - for (int i = 0; i < advertiserRefs.length; i++) { - results.add((IDiscoveryAdvertiser) context - .getService(advertiserRefs[i])); - } - return results.toArray(new IDiscoveryAdvertiser[results.size()]); + return AccessController + .doPrivileged(new PrivilegedAction<IDiscoveryAdvertiser[]>() { + public IDiscoveryAdvertiser[] run() { + synchronized (advertiserTrackerLock) { + if (advertiserTracker == null) { + advertiserTracker = new ServiceTracker(context, + IDiscoveryAdvertiser.class.getName(), + null); + advertiserTracker.open(); + } + } + ServiceReference[] advertiserRefs = advertiserTracker + .getServiceReferences(); + if (advertiserRefs == null) + return null; + List<IDiscoveryAdvertiser> results = new ArrayList<IDiscoveryAdvertiser>(); + for (int i = 0; i < advertiserRefs.length; i++) { + results.add((IDiscoveryAdvertiser) context + .getService(advertiserRefs[i])); + } + return results.toArray(new IDiscoveryAdvertiser[results + .size()]); + } + }); } private void openLocator(IDiscoveryLocator locator) { @@ -531,16 +540,21 @@ public class EndpointDescriptionLocator { } public IServiceInfoFactory getServiceInfoFactory() { - if (context == null) - return null; - synchronized (serviceInfoFactoryTrackerLock) { - if (serviceInfoFactoryTracker == null) { - serviceInfoFactoryTracker = new ServiceTracker(context, - IServiceInfoFactory.class.getName(), null); - serviceInfoFactoryTracker.open(); - } - } - return (IServiceInfoFactory) serviceInfoFactoryTracker.getService(); + return AccessController + .doPrivileged(new PrivilegedAction<IServiceInfoFactory>() { + public IServiceInfoFactory run() { + synchronized (serviceInfoFactoryTrackerLock) { + if (serviceInfoFactoryTracker == null) { + serviceInfoFactoryTracker = new ServiceTracker( + context, IServiceInfoFactory.class + .getName(), null); + serviceInfoFactoryTracker.open(); + } + } + return (IServiceInfoFactory) serviceInfoFactoryTracker + .getService(); + } + }); } public IDiscoveredEndpointDescriptionFactory getDiscoveredEndpointDescriptionFactory() { @@ -560,14 +574,19 @@ public class EndpointDescriptionLocator { private Object endpointListenerServiceTrackerLock = new Object(); - public EndpointListenerHolder[] getMatchingEndpointListenerHolders( - EndpointDescription description) { - synchronized (endpointListenerServiceTrackerLock) { - if (context == null) - return null; - return getMatchingEndpointListenerHolders( - endpointListenerTracker.getServiceReferences(), description); - } + protected EndpointListenerHolder[] getMatchingEndpointListenerHolders( + final EndpointDescription description) { + return AccessController + .doPrivileged(new PrivilegedAction<EndpointListenerHolder[]>() { + public EndpointListenerHolder[] run() { + synchronized (endpointListenerServiceTrackerLock) { + return getMatchingEndpointListenerHolders( + endpointListenerTracker + .getServiceReferences(), + description); + } + } + }); } public class EndpointListenerHolder { diff --git a/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/osgi/services/remoteserviceadmin/RemoteServiceAdmin.java b/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/osgi/services/remoteserviceadmin/RemoteServiceAdmin.java index af5d0b188..52bf2cf00 100644 --- a/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/osgi/services/remoteserviceadmin/RemoteServiceAdmin.java +++ b/osgi/bundles/org.eclipse.ecf.osgi.services.remoteserviceadmin/src/org/eclipse/ecf/osgi/services/remoteserviceadmin/RemoteServiceAdmin.java @@ -9,6 +9,8 @@ ******************************************************************************/ package org.eclipse.ecf.osgi.services.remoteserviceadmin; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.ArrayList; import java.util.Arrays; import java.util.Collection; @@ -140,10 +142,10 @@ public class RemoteServiceAdmin implements Integer.MIN_VALUE)); // host container selector ServiceReference[] hostContainerSelectorRefs = null; + BundleContext rsaBundleContext = getRSABundleContext(); try { - hostContainerSelectorRefs = getClientBundleContext() - .getServiceReferences( - IHostContainerSelector.class.getName(), null); + hostContainerSelectorRefs = rsaBundleContext.getServiceReferences( + IHostContainerSelector.class.getName(), null); } catch (InvalidSyntaxException e) { // will not happen } @@ -152,14 +154,14 @@ public class RemoteServiceAdmin implements || hostContainerSelectorRefs.length == 0) { defaultHostContainerSelector = new HostContainerSelector( hostDefaultConfigTypes, hostAutoCreateContainer); - defaultHostContainerSelectorRegistration = getClientBundleContext() + defaultHostContainerSelectorRegistration = rsaBundleContext .registerService(IHostContainerSelector.class.getName(), defaultHostContainerSelector, (Dictionary) props); } // consumer container selector ServiceReference[] consumerContainerSelectorRefs = null; try { - consumerContainerSelectorRefs = getClientBundleContext() + consumerContainerSelectorRefs = rsaBundleContext .getServiceReferences( IConsumerContainerSelector.class.getName(), null); } catch (InvalidSyntaxException e) { @@ -170,16 +172,16 @@ public class RemoteServiceAdmin implements || consumerContainerSelectorRefs.length == 0) { defaultConsumerContainerSelector = new ConsumerContainerSelector( consumerAutoCreateContainer); - defaultConsumerContainerSelectorRegistration = getClientBundleContext() + defaultConsumerContainerSelectorRegistration = rsaBundleContext .registerService( IConsumerContainerSelector.class.getName(), defaultConsumerContainerSelector, (Dictionary) props); } - eventListenerHookRegistration = getRSABundle().getBundleContext() - .registerService(EventListenerHook.class.getName(), - new RSAEventListenerHook(), null); + eventListenerHookRegistration = rsaBundleContext.registerService( + EventListenerHook.class.getName(), new RSAEventListenerHook(), + null); } private void handleServiceUnregistering(ServiceReference serviceReference) { @@ -313,7 +315,7 @@ public class RemoteServiceAdmin implements // ExportRegistration EndpointDescription endpointDescription = new EndpointDescription( serviceReference, endpointDescriptionProperties); - + checkEndpointPermission(endpointDescription, EndpointPermission.EXPORT); try { @@ -465,11 +467,12 @@ public class RemoteServiceAdmin implements return clientBundle.getBundleContext(); } + private BundleContext getRSABundleContext() { + return Activator.getContext(); + } + private Bundle getRSABundle() { - BundleContext bundleContext = Activator.getContext(); - if (bundleContext == null) - return null; - return bundleContext.getBundle(); + return getRSABundleContext().getBundle(); } private void addImportRegistration(ImportRegistration importRegistration) { @@ -1068,9 +1071,9 @@ public class RemoteServiceAdmin implements .size()])); eventProperties.put("timestamp", new Long(new Date().getTime())); //$NON-NLS-1$ eventProperties.put("event", event); //$NON-NLS-1$ - if (registrationTypeName != null) + if (registrationTypeName != null) eventProperties.put(registrationTypeName, endpointDescription); - + EventAdmin eventAdmin = getEventAdmin(); if (eventAdmin == null) { logError("postRemoteServiceAdminEvent", //$NON-NLS-1$ @@ -1111,14 +1114,20 @@ public class RemoteServiceAdmin implements } private RemoteServiceAdminListener[] getListeners(EndpointPermission perm) { - synchronized (remoteServiceAdminListenerTrackerLock) { - if (remoteServiceAdminListenerTracker == null) { - remoteServiceAdminListenerTracker = new ServiceTracker( - getClientBundleContext(), - RemoteServiceAdminListener.class.getName(), null); - remoteServiceAdminListenerTracker.open(); + AccessController.doPrivileged(new PrivilegedAction<Object>() { + public Object run() { + synchronized (remoteServiceAdminListenerTrackerLock) { + if (remoteServiceAdminListenerTracker == null) { + remoteServiceAdminListenerTracker = new ServiceTracker( + getRSABundleContext(), + RemoteServiceAdminListener.class.getName(), + null); + remoteServiceAdminListenerTracker.open(); + } + return null; + } } - } + }); ServiceReference[] unfilteredRefs = remoteServiceAdminListenerTracker .getServiceReferences(); if (unfilteredRefs == null) @@ -1129,9 +1138,14 @@ public class RemoteServiceAdmin implements if (perm == null || ref.getBundle().hasPermission(perm)) filteredRefs.add(ref); List<RemoteServiceAdminListener> results = new ArrayList<RemoteServiceAdminListener>(); - for (ServiceReference ref : filteredRefs) { - RemoteServiceAdminListener l = (RemoteServiceAdminListener) remoteServiceAdminListenerTracker - .getService(ref); + for (final ServiceReference ref : filteredRefs) { + RemoteServiceAdminListener l = AccessController + .doPrivileged(new PrivilegedAction<RemoteServiceAdminListener>() { + public RemoteServiceAdminListener run() { + return (RemoteServiceAdminListener) remoteServiceAdminListenerTracker + .getService(ref); + } + }); if (l != null) results.add(l); } @@ -1150,12 +1164,18 @@ public class RemoteServiceAdmin implements } private EventAdmin getEventAdmin() { - synchronized (eventAdminTrackerLock) { - eventAdminTracker = new ServiceTracker(getClientBundleContext(), - EventAdmin.class.getName(), null); - eventAdminTracker.open(); - } - return (EventAdmin) eventAdminTracker.getService(); + return AccessController + .doPrivileged(new PrivilegedAction<EventAdmin>() { + public EventAdmin run() { + synchronized (eventAdminTrackerLock) { + eventAdminTracker = new ServiceTracker( + getClientBundleContext(), EventAdmin.class + .getName(), null); + eventAdminTracker.open(); + } + return (EventAdmin) eventAdminTracker.getService(); + } + }); } private Object consumerContainerSelectorTrackerLock = new Object(); @@ -1165,29 +1185,41 @@ public class RemoteServiceAdmin implements private ServiceTracker hostContainerSelectorTracker; protected IHostContainerSelector getHostContainerSelector() { - synchronized (hostContainerSelectorTrackerLock) { - if (hostContainerSelectorTracker == null) { - hostContainerSelectorTracker = new ServiceTracker( - getClientBundleContext(), - IHostContainerSelector.class.getName(), null); - hostContainerSelectorTracker.open(); - } - } - return (IHostContainerSelector) hostContainerSelectorTracker - .getService(); + return AccessController + .doPrivileged(new PrivilegedAction<IHostContainerSelector>() { + public IHostContainerSelector run() { + synchronized (hostContainerSelectorTrackerLock) { + if (hostContainerSelectorTracker == null) { + hostContainerSelectorTracker = new ServiceTracker( + getRSABundleContext(), + IHostContainerSelector.class.getName(), + null); + hostContainerSelectorTracker.open(); + } + } + return (IHostContainerSelector) hostContainerSelectorTracker + .getService(); + } + }); } protected IConsumerContainerSelector getConsumerContainerSelector() { - synchronized (consumerContainerSelectorTrackerLock) { - if (consumerContainerSelectorTracker == null) { - consumerContainerSelectorTracker = new ServiceTracker( - getClientBundleContext(), - IConsumerContainerSelector.class.getName(), null); - consumerContainerSelectorTracker.open(); - } - } - return (IConsumerContainerSelector) consumerContainerSelectorTracker - .getService(); + return AccessController + .doPrivileged(new PrivilegedAction<IConsumerContainerSelector>() { + public IConsumerContainerSelector run() { + synchronized (consumerContainerSelectorTrackerLock) { + if (consumerContainerSelectorTracker == null) { + consumerContainerSelectorTracker = new ServiceTracker( + getClientBundleContext(), + IConsumerContainerSelector.class + .getName(), null); + consumerContainerSelectorTracker.open(); + } + } + return (IConsumerContainerSelector) consumerContainerSelectorTracker + .getService(); + } + }); } private ContainerTypeDescription getContainerTypeDescription( @@ -1204,9 +1236,15 @@ public class RemoteServiceAdmin implements return !ctd.isServer(); } - private Version getPackageVersion(ServiceReference serviceReference, + private Version getPackageVersion(final ServiceReference serviceReference, String serviceInterface, String packageName) { - Object service = getClientBundleContext().getService(serviceReference); + Object service = AccessController + .doPrivileged(new PrivilegedAction<Object>() { + public Object run() { + return getRSABundleContext().getService( + serviceReference); + } + }); if (service == null) return null; Class[] interfaceClasses = service.getClass().getInterfaces(); @@ -1433,11 +1471,11 @@ public class RemoteServiceAdmin implements } private ImportEndpoint createAndRegisterProxy( - EndpointDescription endpointDescription, + final EndpointDescription endpointDescription, IRemoteServiceContainer rsContainer, IRemoteServiceReference selectedRsReference) throws Exception { - BundleContext proxyServiceFactoryContext = getProxyServiceFactoryContext(endpointDescription); + final BundleContext proxyServiceFactoryContext = getProxyServiceFactoryContext(endpointDescription); if (proxyServiceFactoryContext == null) throw new NullPointerException( "getProxyServiceFactoryContext returned null. Cannot register proxy service factory"); //$NON-NLS-1$ @@ -1446,7 +1484,7 @@ public class RemoteServiceAdmin implements .getContainerAdapter(); ID rsContainerID = rsContainer.getContainer().getID(); // First get IRemoteService for selectedRsReference - IRemoteService rs = containerAdapter + final IRemoteService rs = containerAdapter .getRemoteService(selectedRsReference); if (rs == null) throw new NullPointerException( @@ -1454,20 +1492,26 @@ public class RemoteServiceAdmin implements + selectedRsReference + ",rsContainerID=" //$NON-NLS-1$ + rsContainerID); - Map proxyProperties = createProxyProperties(endpointDescription, + final Map proxyProperties = createProxyProperties(endpointDescription, rsContainer, selectedRsReference, rs); // sync sref props with endpoint props endpointDescription.setPropertiesOverrides(proxyProperties); - List<String> serviceTypes = endpointDescription.getInterfaces(); - - ServiceRegistration proxyRegistration = proxyServiceFactoryContext - .registerService((String[]) serviceTypes - .toArray(new String[serviceTypes.size()]), - createProxyServiceFactory(endpointDescription, rs), - (Dictionary) PropertiesUtil - .createDictionaryFromMap(proxyProperties)); + final List<String> serviceTypes = endpointDescription.getInterfaces(); + + ServiceRegistration proxyRegistration = AccessController + .doPrivileged(new PrivilegedAction<ServiceRegistration>() { + public ServiceRegistration run() { + return proxyServiceFactoryContext.registerService( + (String[]) serviceTypes + .toArray(new String[serviceTypes.size()]), + createProxyServiceFactory(endpointDescription, + rs), + (Dictionary) PropertiesUtil + .createDictionaryFromMap(proxyProperties)); + } + }); return new ImportEndpoint(containerAdapter, selectedRsReference, new RemoteServiceListener(), proxyRegistration, @@ -1879,14 +1923,19 @@ public class RemoteServiceAdmin implements // Set endpoint.id and endpoint.service.id String endpointId = endpointDescription.getId(); - resultProperties.put(org.osgi.service.remoteserviceadmin.RemoteConstants.ENDPOINT_ID, endpointId); + resultProperties + .put(org.osgi.service.remoteserviceadmin.RemoteConstants.ENDPOINT_ID, + endpointId); Long endpointServiceId = new Long(endpointDescription.getServiceId()); - resultProperties.put(org.osgi.service.remoteserviceadmin.RemoteConstants.ENDPOINT_SERVICE_ID, endpointServiceId); + resultProperties + .put(org.osgi.service.remoteserviceadmin.RemoteConstants.ENDPOINT_SERVICE_ID, + endpointServiceId); return resultProperties; } - private ExportRegistration exportService(ServiceReference serviceReference, + private ExportRegistration exportService( + final ServiceReference serviceReference, Map<String, ?> overridingProperties, String[] exportedInterfaces, IRemoteServiceContainer rsContainer, Map<String, Object> endpointDescriptionProperties) throws Exception { @@ -1907,12 +1956,18 @@ public class RemoteServiceAdmin implements remoteRegistration = osgiContainerAdapter.registerRemoteService( exportedInterfaces, serviceReference, PropertiesUtil .createDictionaryFromMap(remoteServiceProperties)); - } else + } else { + Object service = AccessController + .doPrivileged(new PrivilegedAction<Object>() { + public Object run() { + return getClientBundleContext().getService( + serviceReference); + } + }); remoteRegistration = containerAdapter.registerRemoteService( - exportedInterfaces, - getClientBundleContext().getService(serviceReference), - PropertiesUtil + exportedInterfaces, service, PropertiesUtil .createDictionaryFromMap(remoteServiceProperties)); + } endpointDescriptionProperties .put(org.osgi.service.remoteserviceadmin.RemoteConstants.ENDPOINT_SERVICE_ID, remoteRegistration |