documentation/reference/2.1.0.RELEASE/appendix-security.html - gerrit/www.eclipse.org/gemini/blueprint - Git at Google

 <html><head>
       <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
    <title>Appendix&nbsp;A.&nbsp;Security Integration</title><link rel="stylesheet" type="text/css" href="css/html.css"><meta name="generator" content="DocBook XSL Stylesheets V1.79.1"><link rel="home" href="index.html" title="Eclipse Gemini Blueprint Reference Guide"><link rel="up" href="appendixes.html" title="Part&nbsp;IV.&nbsp;Appendixes"><link rel="prev" href="appendixes.html" title="Part&nbsp;IV.&nbsp;Appendixes"><link rel="next" href="appendix-pde-integration.html" title="Appendix&nbsp;B.&nbsp;Eclipse Plug-in Development integration"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="appendix"><div class="titlepage"><div><div><h2 class="title"><a name="appendix-security"></a>Appendix&nbsp;A.&nbsp;Security Integration</h2></div></div></div>


     <p>Since Spring DM 1.2.0, Gemini Blueprint integrates with Java 2 <a class="link" href="">security</a>.
     Namely Gemini Blueprint uses <a class="link" href="">privileged blocks</a> for executing security
     sensitive operations using its own permissions.
     </p>

     <p>Being a framework, Gemini Blueprint needs to introspect bundles to determine their content and configuration. In general, it is recommended to grant
     <code class="classname">java.security.AllPermission</code> to Gemini Blueprint bundles. For those that would like to restrict the properties, below you can find a list
     of permissions that are needed for Gemini Blueprint to work properly. However, we <span class="emphasis"><em>strongly</em></span> recommend to test whether the permissions are needed or
     not for your environment since the minimum number depends heavily on what parts of the framework are used.
     </p>

     <div class="table"><a name="spring-dm-permission-table"></a><p class="title"><b>Table&nbsp;A.1.&nbsp;Gemini Blueprint Permission Table</b></p><div class="table-contents">


     	<table class="table" summary="Gemini Blueprint Permission Table" width="100%" border="1"><colgroup><col class="c1"><col class="c2"><col class="c3"><col class="c4"></colgroup><thead><tr><th>Permission</th><th>Target</th><th>Action</th><th>Usage</th></tr></thead><tbody><tr><td><code class="classname">java.io.FilePermission</code></td><td><span class="emphasis"><em>depends</em></span>, &lt;&lt;ALL FILES&gt;&gt; recommended</td><td>read/write</td><td>Required by the logging system and web extender for installing the wars and JSP taglibs</td></tr><tr><td><code class="classname">java.lang.RuntimePermission</code></td><td>*</td><td>accessDeclaredMembers</td><td>Used in some cases for reflection (such as accessing the <code class="interfacename">BundleContext</code> from a
               	given <code class="interfacename">Bundle</code> (on	R4.0 platforms).</td></tr><tr><td><code class="classname">java.lang.reflect.ReflectPermission</code></td><td>*</td><td>suppressAccessChecks</td><td>Used for accessing (through reflection) non-public methods or fields internally.</td></tr><tr><td><code class="classname">java.util.PropertyPermission</code></td><td>*</td><td>read,write</td><td>In use by the testing framework mainy. Useful for reading the environment, including OSGi properties.</td></tr><tr><td><code class="classname">org.osgi.framework.AdminPermission</code></td><td>*</td><td>class, execute, listener, metadata, resolve, resource</td><td>Used by the extender to listen read the content of started bundles.</td></tr><tr><td><code class="classname">org.osgi.framework.BundlePermission</code></td><td>*</td><td>HOST</td><td>Useful when attaching a custom configuration (as fragment) to the extender/web extender.</td></tr><tr><td><code class="classname">org.osgi.framework.PackagePermission</code></td><td>*</td><td>EXPORT, IMPORT</td><td>Basic permission used for importing and exporting the Gemini Blueprint bundles content.</td></tr><tr><td><code class="classname">org.osgi.framework.ServicePermission</code></td><td>*</td><td>get,register</td><td>Used for publishing and lookup of Gemini Blueprint internal services (such as the Spring namespace handlers/resolvers).</td></tr></tbody></table>
     </div></div><br class="table-break">

     <p>Note that as of Gemini Blueprint 1.0, the extender will use the target bundle permissions for all actions executed on its behalf. That is, loading of
     classes, publishing the services, importing packages or the method invocations are executed using the bundle credentials just as if the user bundle
     would </p>

     <p>As a general recommendation, for security sensible environments, to determine the minimum number of permissions start with a basic set of bundles
     and no permissions. This way, on each run, one can find out what permissions are needed and by whom and tweak the system accordingly.</p>
 </div><div xmlns:fo="http://www.w3.org/1999/XSL/Format" class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="appendixes.html">Prev</a>&nbsp;</td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right">&nbsp;<a accesskey="n" href="appendix-pde-integration.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Part&nbsp;IV.&nbsp;Appendixes&nbsp;</td><td width="20%" align="center"><span style="color:white;font-size:90%;"><a href="http://www.SpringSource.com/" title="SpringSource - Spring from the Source">Sponsored by SpringSource
                                         </a></span></td><td width="40%" align="right" valign="top">&nbsp;Appendix&nbsp;B.&nbsp;Eclipse Plug-in Development integration</td></tr></table></div></body></html>
	<html><head>
	<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
	<title>Appendix A. Security Integration</title><link rel="stylesheet" type="text/css" href="css/html.css"><meta name="generator" content="DocBook XSL Stylesheets V1.79.1"><link rel="home" href="index.html" title="Eclipse Gemini Blueprint Reference Guide"><link rel="up" href="appendixes.html" title="Part IV. Appendixes"><link rel="prev" href="appendixes.html" title="Part IV. Appendixes"><link rel="next" href="appendix-pde-integration.html" title="Appendix B. Eclipse Plug-in Development integration"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="appendix"><div class="titlepage"><div><div><h2 class="title"><a name="appendix-security"></a>Appendix A. Security Integration</h2></div></div></div>


	<p>Since Spring DM 1.2.0, Gemini Blueprint integrates with Java 2 <a class="link" href="">security</a>.
	Namely Gemini Blueprint uses <a class="link" href="">privileged blocks</a> for executing security
	sensitive operations using its own permissions.
	</p>

	<p>Being a framework, Gemini Blueprint needs to introspect bundles to determine their content and configuration. In general, it is recommended to grant
	<code class="classname">java.security.AllPermission</code> to Gemini Blueprint bundles. For those that would like to restrict the properties, below you can find a list
	of permissions that are needed for Gemini Blueprint to work properly. However, we <span class="emphasis"><em>strongly</em></span> recommend to test whether the permissions are needed or
	not for your environment since the minimum number depends heavily on what parts of the framework are used.
	</p>

	<div class="table"><a name="spring-dm-permission-table"></a><p class="title"><b>Table A.1. Gemini Blueprint Permission Table</b></p><div class="table-contents">


	<table class="table" summary="Gemini Blueprint Permission Table" width="100%" border="1"><colgroup><col class="c1"><col class="c2"><col class="c3"><col class="c4"></colgroup><thead><tr><th>Permission</th><th>Target</th><th>Action</th><th>Usage</th></tr></thead><tbody><tr><td><code class="classname">java.io.FilePermission</code></td><td><span class="emphasis"><em>depends</em></span>, <<ALL FILES>> recommended</td><td>read/write</td><td>Required by the logging system and web extender for installing the wars and JSP taglibs</td></tr><tr><td><code class="classname">java.lang.RuntimePermission</code></td><td>*</td><td>accessDeclaredMembers</td><td>Used in some cases for reflection (such as accessing the <code class="interfacename">BundleContext</code> from a
	given <code class="interfacename">Bundle</code> (on R4.0 platforms).</td></tr><tr><td><code class="classname">java.lang.reflect.ReflectPermission</code></td><td></td><td>suppressAccessChecks</td><td>Used for accessing (through reflection) non-public methods or fields internally.</td></tr><tr><td><code class="classname">java.util.PropertyPermission</code></td><td></td><td>read,write</td><td>In use by the testing framework mainy. Useful for reading the environment, including OSGi properties.</td></tr><tr><td><code class="classname">org.osgi.framework.AdminPermission</code></td><td></td><td>class, execute, listener, metadata, resolve, resource</td><td>Used by the extender to listen read the content of started bundles.</td></tr><tr><td><code class="classname">org.osgi.framework.BundlePermission</code></td><td></td><td>HOST</td><td>Useful when attaching a custom configuration (as fragment) to the extender/web extender.</td></tr><tr><td><code class="classname">org.osgi.framework.PackagePermission</code></td><td></td><td>EXPORT, IMPORT</td><td>Basic permission used for importing and exporting the Gemini Blueprint bundles content.</td></tr><tr><td><code class="classname">org.osgi.framework.ServicePermission</code></td><td></td><td>get,register</td><td>Used for publishing and lookup of Gemini Blueprint internal services (such as the Spring namespace handlers/resolvers).</td></tr></tbody></table>
	</div></div><br class="table-break">

	<p>Note that as of Gemini Blueprint 1.0, the extender will use the target bundle permissions for all actions executed on its behalf. That is, loading of
	classes, publishing the services, importing packages or the method invocations are executed using the bundle credentials just as if the user bundle
	would </p>

	<p>As a general recommendation, for security sensible environments, to determine the minimum number of permissions start with a basic set of bundles
	and no permissions. This way, on each run, one can find out what permissions are needed and by whom and tweak the system accordingly.</p>
	</div><div xmlns:fo="http://www.w3.org/1999/XSL/Format" class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="appendixes.html">Prev</a> </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right"> <a accesskey="n" href="appendix-pde-integration.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Part IV. Appendixes </td><td width="20%" align="center"><span style="color:white;font-size:90%;"><a href="http://www.SpringSource.com/" title="SpringSource - Spring from the Source">Sponsored by SpringSource
	</a></span></td><td width="40%" align="right" valign="top"> Appendix B. Eclipse Plug-in Development integration</td></tr></table></div></body></html>