The OSGi Security Manager allows you to secure your applications by utilizing the built in Java Security Manager and Java's permission system. This does not provide security in the sense that a lot of people tend to think of it: authentication, authorization, etc. The Security Manager allows you to assign/revoke permissions to/from code with a policy.
...
You can also opt to use a custom SecurityManager class by dropping in the standard Java system property instead of using this OSGi specific property. You cannot use both properties at the same time. Adding the Java system property will have the same effect as the above property, except that it will use your custom SecurityManager implmentation, for example:
java.security.manager=net.sourceforge.prograde.sm.ProGradeJSM
You then must add an "all policy" that will allow all of the non-OSGi code to execute with all privileges:
...
This debugger is still a work in progress and may not print out actions for every type of permission that could be encountered. For those situations, you'll need to rely on a standard debugger to see the exact permission that needs to be added.
Linking Your Default m2 Directory to a Custom m2 Directory
Windows
If your m2 is located outside of your home directory (e.g. C:\m2), you will most likely experience security manager exceptions when running itests.
| Code Block |
|---|
2018-03-14T12:04:00,661 | ERROR | pool-1-thread-2 | BootFeaturesInstaller | al.service.BootFeaturesInstaller 100 | 12 - org.apache.karaf.features.core - 4.1.2 | Error installing boot feature repository mvn:org.ops4j.pax.exam/pax-exam-features/4.11.0/xml
java.io.IOException: access denied ("java.io.FilePermission" "C:\m2@snapshots@id=local" "read") : mvn:org.ops4j.pax.exam/pax-exam-features/4.11.0/xml |
In order to fix this, you can create a symbolic link from your default m2 directory (e.g. C:\Users\<username>\.m2) to your custom m2 (e.g. C:\m2).
Sample Powershell Command
| Code Block |
|---|
New-Item -Path C:\Users\<username>\.m2 -ItemType SymbolicLink -Value C:\m2 |
You can also remove <localRepository>C:/m2</localRepository> from your settings.xml.
| Filter by label (Content by label) | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...