You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It is said in javadoc for installModule: "only an certain modules should be allowed to install modules on the fly". But this never checked and it is unclear how this can be checked. Additionally, these methods are polluting the interfaces as they should only be called by certain modules.
We now have 2 possibilities:
Remove all these methods. The current implementation for the DeployManager uses its own way through a separate bundle mw.connectors.deploy.karaf.osgi, so these methods are actually not needed.
Refactor these methods into a new OSGi service (interface Deployment and class OSGiDeployment) and let the security of OSGi handle it: the modules that are allowed to install modules on the fly need the proper permissions in their permissions.perm (same security principle that is done for bus access).
The text was updated successfully, but these errors were encountered:
Oh, I just see that BundleContext.installBundle (that is called by Container.installModule) throws a SecurityException if the caller does not have the appropriate AdminPermission, so it is already checked by OSGi security..
So, do we keep it (considering that the DeployManager uses its own methods)?
I think deployment is something that was not completed. It should be further developed, thus I think, even though we can/should not invest effort on it right now, the concept or the potential to implement it in the future must remain.
There are a few methods in the container interfaces that are related to deployment of new bundles/artefacts, i.e.:
It is said in javadoc for installModule: "only an certain modules should be allowed to install modules on the fly". But this never checked and it is unclear how this can be checked. Additionally, these methods are polluting the interfaces as they should only be called by certain modules.
We now have 2 possibilities:
The text was updated successfully, but these errors were encountered: