On 2/16/11 18:56, PostMasteR wrote:
> I just took another look inside the spec and found the ServicePermission
> (Core R4.2 - 5.10.1) very useful, but I didn't see any mention of the
> reverse direction that I would like to use.
>
> The basic use case I have here is simply that I have some application
> modules which itself are split up into several bundles, e.g.:
>
> User module:
> * API
> * EJB impl
> * JPA impl
> * Client model
> * WebService
>
> 1.) only the EJB Impl is allowed to consume the service exported by the
> JPA impl bundle
> 2.) The JPA impl is not allowed to consume any of our application level
> services (of course, it is the lowest level)
> 3.) The WebService is only allowed to consume the service exported by
> the EJB impl bundle by using the interfaces from the API bundle and the
> client model implementation classes from the "Client model" bundle
>
> That are the basics that I would like to start with. I hope that such a
> setup doesn't sound too strange. :)
You should be able to use ServicePermission to grant bundles the right
(or deny the right) to only use services from bundles with a given
symbolic name or signed by a given bundle signer. I think this should do
what you want.
For example, you could grant EJB Impl the right to consume services from
JPA Impl. As long as you grant it no other rights, then it can only see
services offered by JPA Impl (or you can limit it to specific service
types from the JPA Impl).
-> richard
>> -> richard
>>
>>> Thanx
>>>