0

I am currently trying to find a way to "filter" bundles in OSGI, while installing them. I use Karaf as an OSGI implementation and iPOJO for service resolution. Is there any way I can ensure, that only services provided by iPOJO are allowed to be installed in OSGI?

I already searched the web for methods to see wether the specific service imports OSGI stuff(like BundleContext etc.), but that doesnt seem to be working easily.

Thank you :)

Daniel.T
  • 23
  • 3

2 Answers2

1

Probably no, and I don't recommend doing it. The way how a service is published is better to consider as an implementation-specific detail. If you want to search for the services provided by your library, then it is better to add a custom key-value property to your services (don't know how to do that with iPOJO) and use that key in your LDAP filter.

edit: the provided services' only externally visible characteristics are the classname and the key-value service properties, so if you can't find any reasonable information there about iPOJO, then you don't have too much chance

erosb
  • 2,943
  • 15
  • 22
  • Thanks for your reply. The problem is that i dont have control of what "my" services are and what not. The plan is to have some sort of repo or database, where people can upload OSGI packages. To ensure security I need to know wether the services of this given package are provided by iPOJO and only by iPOJO. – Daniel.T Nov 06 '15 at 12:16
  • 1
    Why? iPOJO is not the only way to securely provide services. – Neil Bartlett Nov 06 '15 at 12:52
  • It's not perfect, but you can check whether the instance.name property if published with the service. It gives you the name of the instance providing the service and is automatically published. – Clement Nov 06 '15 at 19:46
  • I still don't understand why you would restrict bundles to **only** use iPOJO. There is nothing wrong with iPOJO, I like it a lot, but there are other perfectly valid ways of publishing services. – Neil Bartlett Nov 07 '15 at 22:16
  • Yes, but if I dont limit it to only iPOJO, it would be possible to register service, just manually and that would screw up my whole security system, because I had no controll of dependencies etc. – Daniel.T Nov 17 '15 at 13:46
0

I got a solution to my problem... I kind of did it like erosb was suggesting. Every IPOJO service reference owns the property "name", so i just created a LDAP-filter for the @Bind method, which accepts all values for the name-property(filter = "(instance.name=*). Services, that were not created with iPOJO, don't have that field, so in that way i can filter any iPOJO-service.

Thanks alot :)

Daniel.T
  • 23
  • 3