|
OSGi™ Service Platform Release 4 Version 4.2 |
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object java.security.Permission org.osgi.service.deploymentadmin.DeploymentAdminPermission
public final class DeploymentAdminPermission
DeploymentAdminPermission controls access to the Deployment Admin service.
The permission uses a filter string formatted similarly to the Filter
.
The filter determines the target of the permission. The DeploymentAdminPermission
uses the
name
and the signer
filter attributes only. The value of the signer
attribute is matched against the signer chain (represented with its semicolon separated Distinguished Name chain)
of the Deployment Package, and the value of the name
attribute is matched against the value of the
"DeploymentPackage-Name" manifest header of the Deployment Package. Example:
(signer=cn=*,o=ACME,c=*)"cn" and "c" may have an arbitrary value
(signer=*, o=ACME, c=US)Only the value of "o" and "c" are significant
(signer=* ; ou=S & V, o=Tweety Inc., c=US)The first element of the certificate chain is not important, only the second (the Distinguished Name of the root certificate)
(signer=- ; *, o=Tweety Inc., c=US)The same as the previous but '-' represents zero or more certificates, whereas the asterisk only represents a single certificate
(name=*)The name of the Deployment Package doesn't matter
(name=org.osgi.*)The name has to begin with "org.osgi."
The following actions are allowed:
list
A holder of this permission can access the inventory information of the deployment
packages selected by the <filter> string. The filter selects the deployment packages
on which the holder of the permission can acquire detailed inventory information.
See DeploymentAdmin.getDeploymentPackage(Bundle)
,
DeploymentAdmin.getDeploymentPackage(String)
and
DeploymentAdmin.listDeploymentPackages()
.
install
A holder of this permission can install/update deployment packages if the deployment
package satisfies the <filter> string. See DeploymentAdmin.installDeploymentPackage(java.io.InputStream)
.
uninstall
A holder of this permission can uninstall deployment packages if the deployment
package satisfies the <filter> string. See DeploymentPackage.uninstall()
.
uninstall_forced
A holder of this permission can forcefully uninstall deployment packages if the deployment
package satisfies the <filter> string. See DeploymentPackage.uninstallForced()
.
cancel
A holder of this permission can cancel an active deployment action. This action being
canceled could correspond to the install, update or uninstall of a deployment package
that satisfies the <filter> string. See DeploymentAdmin.cancel()
metadata
A holder of this permission is able to retrieve metadata information about a Deployment
Package (e.g. is able to ask its manifest headers).
See DeploymentPackage.getBundle(String)
,
DeploymentPackage.getBundleInfos()
,
DeploymentPackage.getHeader(String)
,
DeploymentPackage.getResourceHeader(String, String)
,
DeploymentPackage.getResourceProcessor(String)
,
DeploymentPackage.getResources()
The actions string is converted to lower case before processing.
Field Summary | |
---|---|
static java.lang.String |
CANCEL
Constant String to the "cancel" action. |
static java.lang.String |
INSTALL
Constant String to the "install" action. |
static java.lang.String |
LIST
Constant String to the "list" action. |
static java.lang.String |
METADATA
Constant String to the "metadata" action. |
static java.lang.String |
UNINSTALL
Constant String to the "uninstall" action. |
static java.lang.String |
UNINSTALL_FORCED
Constant String to the "uninstall_forced" action. |
Constructor Summary | |
---|---|
DeploymentAdminPermission(java.lang.String name,
java.lang.String actions)
Creates a new DeploymentAdminPermission object for the given name and
action . |
Method Summary | |
---|---|
boolean |
equals(java.lang.Object obj)
Checks two DeploymentAdminPermission objects for equality. |
java.lang.String |
getActions()
Returns the String representation of the action list. |
int |
hashCode()
Returns hash code for this permission object. |
boolean |
implies(java.security.Permission permission)
Checks if this DeploymentAdminPermission would imply the parameter permission. |
java.security.PermissionCollection |
newPermissionCollection()
Returns a new PermissionCollection object for storing DeploymentAdminPermission objects. |
Methods inherited from class java.security.Permission |
---|
checkGuard, getName |
Methods inherited from class java.lang.Object |
---|
clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final java.lang.String INSTALL
DeploymentAdmin.installDeploymentPackage(InputStream)
,
Constant Field Valuespublic static final java.lang.String LIST
DeploymentAdmin.listDeploymentPackages()
,
DeploymentAdmin.getDeploymentPackage(String)
,
DeploymentAdmin.getDeploymentPackage(Bundle)
,
Constant Field Valuespublic static final java.lang.String UNINSTALL
DeploymentPackage.uninstall()
,
Constant Field Valuespublic static final java.lang.String UNINSTALL_FORCED
DeploymentPackage.uninstallForced()
,
Constant Field Valuespublic static final java.lang.String CANCEL
DeploymentAdmin.cancel()
,
Constant Field Valuespublic static final java.lang.String METADATA
DeploymentPackage.getBundle(String)
,
DeploymentPackage.getBundleInfos()
,
DeploymentPackage.getHeader(String)
,
DeploymentPackage.getResourceHeader(String, String)
,
DeploymentPackage.getResourceProcessor(String)
,
DeploymentPackage.getResources()
,
Constant Field ValuesConstructor Detail |
---|
public DeploymentAdminPermission(java.lang.String name, java.lang.String actions)
DeploymentAdminPermission
object for the given name
and
action
.
The name
parameter identifies the target deployment package the permission
relates to. The actions
parameter contains the comma separated list of allowed actions.
name
- filter string, must not be null.actions
- action string, must not be null. "*" means all the possible actions.
java.lang.IllegalArgumentException
- if the filter is invalid, the list of actions
contains unknown operations or one of the parameters is nullMethod Detail |
---|
public boolean equals(java.lang.Object obj)
equals
in class java.security.Permission
obj
- The reference object with which to compare.
Object.equals(java.lang.Object)
public int hashCode()
hashCode
in class java.security.Permission
Object.hashCode()
public java.lang.String getActions()
The method always gives back the actions in the following (alphabetical) order:
cancel, install, list, metadata, uninstall, uninstall_forced
getActions
in class java.security.Permission
Permission.getActions()
public boolean implies(java.security.Permission permission)
Precondition of the implication is that the action set of this permission is the superset
of the action set of the other permission. Further rules of implication are determined
by the Filter
rules and the "OSGi Service Platform, Core
Specification Release 4, Chapter Certificate Matching".
The allowed attributes are: name
(the symbolic name of the deployment
package) and signer
(the signer of the deployment package). In both cases
wildcards can be used.
Examples:
1. DeploymentAdminPermission("(name=org.osgi.ExampleApp)", "list") 2. DeploymentAdminPermission("(name=org.osgi.ExampleApp)", "list, install") 3. DeploymentAdminPermission("(name=org.osgi.*)", "list") 4. DeploymentAdminPermission("(signer=*, o=ACME, c=US)", "list") 5. DeploymentAdminPermission("(signer=cn = Bugs Bunny, o = ACME, c = US)", "list")
1. implies 1. 2. implies 1. 1. doesn't implies 2. 3. implies 1. 4. implies 5.
implies
in class java.security.Permission
permission
- Permission to check.
Permission.implies(java.security.Permission)
,
Filter
public java.security.PermissionCollection newPermissionCollection()
newPermissionCollection
in class java.security.Permission
Permission.newPermissionCollection()
|
OSGi™ Service Platform Release 4 Version 4.2 |
||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |