I have the osgi.core.framework mbean deployed into the OSGI container. This particular mbean has a method 'installBundleFromURL' which someone can use to deploy a malicious jar. I want to prevent anyone to invoke this particular method. Is there anyway to do it?
Asked
Active
Viewed 50 times
1 Answers
1
Use permissions to verify the caller has been granted the required permission.
BJ Hargrave
- 9,324
- 1
- 19
- 27
-
What if you want no one to use that method? – anusuya May 22 '14 at 16:41
-
Delete the method would be best. Or change the method to immediately throw an exception. – BJ Hargrave May 23 '14 at 12:45
-
This method is in a third party library. so cannot change the source code. – anusuya May 27 '14 at 21:53
-
Then, if the object is available to anyone, you can't control who can call it from outside the object. All that may be possible is permissions since you can assign permissions to the mbean containing bundle that deny it the right to install a bundle. – BJ Hargrave May 28 '14 at 16:09