| Security in ECF [message #631037] |
Tue, 05 October 2010 18:37  |
Eclipse User |
|
|
|
Does the R-OSGi provider define any specific security mechanism that would limit access to an exported service? Or is it the responsibility of an R-OSGi exploiter to implement security around their remote services (e.g using ServicePermissions, etc.)?
Are there any general security guidelines from an ECF perspective to limit access to remote services? The OSGi specification on remote services seems to leave security details to the implementer of a provider.
Thanks for all your hard work!
|
|
|
| Re: Security in ECF [message #631091 is a reply to message #631037] |
Wed, 06 October 2010 03:18  |
| Eclipse User |
|
|
|
On 10/06/2010 12:37 AM, Jennifer Carlucci wrote:
> Does the R-OSGi provider define any specific security mechanism that
> would limit access to an exported service? Or is it the responsibility
> of an R-OSGi exploiter to implement security around their remote
> services (e.g using ServicePermissions, etc.)?
>
> Are there any general security guidelines from an ECF perspective to
> limit access to remote services? The OSGi specification on remote
> services seems to leave security details to the implementer of a provider.
>
> Thanks for all your hard work!
Hi Jennifer,
WRT to authorization, you might be interested in a current discussion on
the ecf-dev mailinglist [0]. Maybe you want to jump in on it.
For r-OSGi you could implement your own
ch.ethz.iks.r_osgi.channels.NetworkChannel.
In general what kind of security features do you need (authentication,
authorization, message integrity, confidentiality...)?
Markus
[0] http://dev.eclipse.org/mhonarc/lists/ecf-dev/msg04283.html
|
|
|
Powered by
FUDForum. Page generated in 0.02921 seconds
Home