Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
   * Copyright (c) OSGi Alliance (2005, 2012). All Rights Reserved.
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
 package org.osgi.service.deploymentadmin;
DeploymentAdminPermission controls access to the Deployment Admin service.

The permission uses a filter string formatted similarly to the org.osgi.framework.Filter. The filter determines the target of the permission. The DeploymentAdminPermission uses the name and the signer filter attributes only. The value of the signer attribute is matched against the signer chain (represented with its semicolon separated Distinguished Name chain) of the Deployment Package, and the value of the name attribute is matched against the value of the "DeploymentPackage-Name" manifest header of the Deployment Package. Example:

  • (signer=cn = Bugs Bunny, o = ACME, c = US)
  • (name=org.osgi.ExampleApp)
Wildcards also can be used:

"cn" and "c" may have an arbitrary value
 (signer=*, o=ACME, c=US)
Only the value of "o" and "c" are significant
 (signer=* ; ou=S & V, o=Tweety Inc., c=US)
The first element of the certificate chain is not important, only the second (the Distinguished Name of the root certificate)
 (signer=- ; *, o=Tweety Inc., c=US)
The same as the previous but '-' represents zero or more certificates, whereas the asterisk only represents a single certificate
The name of the Deployment Package doesn't matter
The name has to begin with "org.osgi."

The following actions are allowed:


A holder of this permission can access the inventory information of the deployment packages selected by the <filter> string. The filter selects the deployment packages on which the holder of the permission can acquire detailed inventory information. See DeploymentAdmin.getDeploymentPackage(org.osgi.framework.Bundle), DeploymentAdmin.getDeploymentPackage(java.lang.String) and DeploymentAdmin.listDeploymentPackages().


A holder of this permission can install/update deployment packages if the deployment package satisfies the <filter> string. See DeploymentAdmin.installDeploymentPackage(


A holder of this permission can uninstall deployment packages if the deployment package satisfies the <filter> string. See DeploymentPackage.uninstall().


A holder of this permission can forcefully uninstall deployment packages if the deployment package satisfies the <filter> string. See DeploymentPackage.uninstallForced().


A holder of this permission can cancel an active deployment action. This action being canceled could correspond to the install, update or uninstall of a deployment package that satisfies the <filter> string. See DeploymentAdmin.cancel()


A holder of this permission is able to retrieve metadata information about a Deployment Package (e.g. is able to ask its manifest headers). See DeploymentPackage.getBundle(java.lang.String), DeploymentPackage.getBundleInfos(), DeploymentPackage.getHeader(java.lang.String), DeploymentPackage.getResourceHeader(java.lang.String,java.lang.String), DeploymentPackage.getResourceProcessor(java.lang.String), DeploymentPackage.getResources()

The actions string is converted to lower case before processing.

public final class DeploymentAdminPermission extends Permission {

	private static final long			serialVersionUID	= 1L;

Constant String to the "install" action.

	public static final String			INSTALL"install";

	public static final String			LIST"list";

Constant String to the "uninstall" action.

	public static final String			UNINSTALL"uninstall";

Constant String to the "uninstall_forced" action.

	public static final String			UNINSTALL_FORCED"uninstall_forced";

Constant String to the "cancel" action.

	public static final String			CANCEL"cancel";

	public static final String			METADATA"metadata";
	private static final String			delegateProperty"org.osgi.vendor.deploymentadmin";
	private static final Constructor	constructor;
	private final Permission			delegate;
	static {
		 = (Constructor) AccessController.doPrivileged(new PrivilegedAction() {
			public Object run() {
				if (null == pckg)
					throw new RuntimeException("Property '" +  + "' is not set");
				try {
					Class c = Class.forName(pckg + ".DeploymentAdminPermission");
					return c.getConstructor(new Class[] {String.classString.class});
catch (Exception e) {
					throw new RuntimeException(e);

Creates a new DeploymentAdminPermission object for the given name and action.

The name parameter identifies the target deployment package the permission relates to. The actions parameter contains the comma separated list of allowed actions.

name filter string, must not be null.
actions action string, must not be null. "*" means all the possible actions.
java.lang.IllegalArgumentException if the filter is invalid, the list of actions contains unknown operations or one of the parameters is null
	public DeploymentAdminPermission(String nameString actions) {
		try {
			try {
				 = (Permission.newInstance(new Object[] {nameactions});
catch (InvocationTargetException e) {
catch (Error e) {
			throw e;
catch (RuntimeException e) {
			throw e;
catch (Throwable e) {
			throw new RuntimeException(e);

Checks two DeploymentAdminPermission objects for equality. Two permission objects are equal if:

  • their target filters are semantically equal and
  • their actions are the same

obj The reference object with which to compare.
true if the two objects are equal.
See also:
	public boolean equals(Object obj) {
		if (obj == this)
			return true;
		if (!(obj instanceof DeploymentAdminPermission))
			return false;
		return .equals(dap.delegate);

Returns hash code for this permission object.

Hash code for this permission object.
See also:
	public int hashCode() {
		return .hashCode();

Returns the String representation of the action list.

The method always gives back the actions in the following (alphabetical) order: cancel, install, list, metadata, uninstall, uninstall_forced

Action list of this permission instance. This is a comma-separated list that reflects the action parameter of the constructor.
See also:
	public String getActions() {

Checks if this DeploymentAdminPermission would imply the parameter permission.

Precondition of the implication is that the action set of this permission is the superset of the action set of the other permission. Further rules of implication are determined by the org.osgi.framework.Filter rules and the "OSGi Service Platform, Core Specification Release 4, Chapter Certificate Matching".

The allowed attributes are: name (the symbolic name of the deployment package) and signer (the signer of the deployment package). In both cases wildcards can be used.


  1. DeploymentAdminPermission("(name=org.osgi.ExampleApp)", "list")
  2. DeploymentAdminPermission("(name=org.osgi.ExampleApp)", "list, install")
  3. DeploymentAdminPermission("(name=org.osgi.*)", "list")
  4. DeploymentAdminPermission("(signer=*, o=ACME, c=US)", "list")
  5. DeploymentAdminPermission("(signer=cn=Bugs Bunny, o=ACME, c=US)", "list")

  1. implies 1.
  2. implies 1.
  1. doesn't implies 2.
  3. implies 1.
  4. implies 5.

permission Permission to check.
true if this DeploymentAdminPermission object implies the specified permission.
See also:
	public boolean implies(Permission permission) {
		if (!(permission instanceof DeploymentAdminPermission))
			return false;
		return .implies(dap.delegate);

Returns a new PermissionCollection object for storing DeploymentAdminPermission objects.

The new PermissionCollection.
See also:
New to GrepCode? Check out our FAQ X