One thing beforehand, calling system.exit from a bundle is evil!
But even worse is a third party legacy jar calling system.exit instead of throwing exceptions. Now how do we stop this jar from doing such evil?
The only way you can do this is to use a SecurityManager preventing calls to system.exit. Wow!!!
Now how am I supposed to do something like that in an OSGi world?
This is where the security bundle of felix comes in place.
Since my favored runtime is Karaf I explain on how to configure the Karaf so that it works
First you need to download the Security bundle from Felix (this one also works with the Equinox framework).
Now we need to make the downloaded bundle a system bundle and configure it in the startup.properties
org/apache/felix/org.apache.felix.security/1.4.0/
org.apache.felix.framework.security-1.4.0.jar=1
One constraint right now is, it only works with equinox 3.6.0. I Don’t know why it doesn’t work with Felix, but it won’t.
So our custom.properties file now should contain the following lines
karaf.framework=equinox
org.osgi.framework.security=osgi
java.security.policy=${karaf.base}/etc/all.policy
Please note, if you surround the framwork.security parameter osgi with quotes it doesn’t work.
The policy file has to look like the following
grant {
permission java.security.AllPermission;
};
If we do go ahead with this, the karaf fails to start because the security is already enabled but the policy file isn’t passed to the framework bundle.
Now we need to patch the latest (2.1.99-SNAPSHOT) version. To do this we do edit the Main.java file in the org.apache.karaf.main project.
We just need to add the java.security. to the filter within the copySystemProperties method.
Still no luck today 🙁 Let’s see to this issue on another day 🙂
Schreibe einen Kommentar