OSGi Service Platform Compendium - PowerPoint PPT Presentation

1 / 49

About This Presentation

Title:

OSGi Service Platform Compendium

Description:

Bundles can register a URLStreamHandlerService or ContentHandler ... Clients can register an Event ... Allows different bundles to register an XML parser ... – PowerPoint PPT presentation

Number of Views:118

Avg rating:3.0/5.0

Slides: 50

Provided by: peterk7

Category:

more less

Transcript and Presenter's Notes

Title: OSGi Service Platform Compendium

1
OSGi Service PlatformCompendium

IONA Dublin August 2007
Peter Kriens
aQute
OSGi Fellow

2
Contents

Context Diagram
OSGi System Services
OSGi Services
OSGi Utils
OSGi Security Layer

3
OSGi Context
4
Context Diagram
Deployer
Operator
Developer
OSGi Environment
Device
End User
5
OSGi Environment
6
Core OSGi Layering

Execution Environment
All APIs are compatible with CDC and J2SE
CLDC possible with VM specific extensions
Module layer introduces Bundles
Class loading rules
Modularization
Life Cycle Layer provides an API for managing
bundles
Services Layer provides a dynamic component model
with communication ports called services
Security layer provides a comprehensive
permission model with dynamic management

Bundle E
Bundle F
get
register
n
m
service
7
OSGi System Services
8
Package Admin

Provided by the Framework
Shows information about packages
Import/Export
Stale
Used and Usedby
Provides information about bundles
Require Bundle
Fragments
Used mainly by management agents

9
Permission Admin Service

Framework uses Permission Admin Service to
administer permissions
Permissions associated with bundle location
Allows setting before bundle is downloaded
Synchronous Bundle Listener added so that a
Management Bundle
Set the permissions Just In Time
(Simple) Serializable format for permissions

10
Start Level Service

Allows Management Agent to control
startup/shutdown sequence of installed bundles
Supports many levels
System service, implemented by Framework

11
URL Handling
System Bundle

Manages the URLStreamHandlerFactory and
URLContentHandlerFactory of Java
These factories can only be set once so the
Framework must manage them
Bundles can register a URLStreamHandlerService or
ContentHandler
The Framework will automatically add these to the
standard set

URL Content Handler Factory
URL Stream Handler Factory
Provides Protocol Handler for URLs
Provides Content handler
12
Conditional Permission

Provide a flexible policy management for a
delegated management model
An Operator must be able to sell a device to an
Enterprise and be assured the enterprise can not
do anything the Operator does not want
The Enterprise administrator must be able to give
the device to a person and restrict the
possibilities further
Bundles must be restricted to only the
permissions they need

Management domain
Operator
Enterprise
Sales
Bundle
13
Conditional Permissions

Signing based on Public Key Cryptography
Operator signs signing certificate of Deployer
Developer adds a local permissions file to the
bundle
Easy to read
The local permissions are audited by the Deployer
Deployer signs the bundle
The bundle gets deployed on a Service Platform
The permissions of the bundle are the
intersection of
Local permissions
System permissions for that signer
Operator remains in full control at all times

Bundle A
local permissions
signature
controls
OSGi Service Platform
system permissions
S
14
Conditional Permissions
client

Conditional Permission Admin provides granting of
permissions based on conditions
Bundle signed by X
Bundle from location Y
Prompted
Logged into network
Java 2 does not provide a mechanism for this
Very flexible and powerful model

server
checkPermission
JVM
implies
Permission Table
Cond. Perm. Admin
Conditional Permission Admin
15
OSGi Compendium Services
16
Log Service
LogReaderService
Log Service impl
log reader

Simple Service to log message to a log
Dispatches messages between the logging bundles
and bundles interested in log information
Severity
Debug, Info, Warning, Error, Custom
Automatically handles time, date, source bundle
Has buffer of undefined length

LogService
Logging bundle
Logging bundle
17
Http Service
Http Service impl

Provides Simple Access to a local web server
Uses Servlet 2.1 Standard
Allows simplified access to resources in bundles
Very popular
Also usable for web services, UPnP, etc.

Web server
HttpService
Servlet requests And resources
Servlet Provider
18
Device Access
Domain service
Device Driver
installs

Dynamic device driver download model
Plug Play
Plugged in devices identify themselves
Device Manager will download appropriate bundle
Matching process for best driver
Extendable
Driver Selector, Driver locator

Device Access
Device Service
Driver Locator
Driver Selector
Base Driver
Driver Locator Impl
Driver Selector Impl
External Device Controller
External Device
19
Device Access
Device Manager
IEEE 1394B
Network bundle
Driver Locator
Device
Driver Locator
Interface
Driver
10. Show camera on TV
Sony CCD654
TV bundle
TV
Camera
20
Configuration Admin
Configuration Listener Service
Configuration Admin
Config. Listener Impl

Configures bundles
At startup, or any later moment
Maintains a repository of configurations
Local
Management system
Configurations are key/value pairs
Typed with Meta Types
Can be extended with plugins
Managed Services
Provide a single set of properties
Managed Service Factories
Provide creation and deletion of any number of
sets of properties
Supports filter based searches

Managed Service
Managed Factory Service
Variable number of records
A bundle
Another Bundle
One record
21
Preferences Service

Simple hierarchical model like Windows Registry
Uses simple hierarchical names
/bundle/121/httpport81
Different trees
Multiple named trees per bundle
One system tree
Storage can be local or on management system

22
org.osgi.service.prefs v1.0Preferences Service
Named or System
root
/c2
c2
c1
/c1/d2
d1
d2
foo8 bar9 lexacme
properties /c1/d2
d1
/c1/d2/d1/d2
d1
d2
foo8 bar9 lexacme
properties /c1/d2/d1/d2
23
User Admin Service

Repository of users
Maintains data for authentication and other
purposes
Private keys, passwords, bio-profile, User
Preferences
Does not authenticate self
Powerful role based authorization model
Users, group of users, and groups of groups
Administrative functions

User Admin Listener
User Admin
User Admin Listener Impl
User Admin
User Admin Listener Impl
24
Wire Admin Service
Producer Impl

Connects Producer services to Consumer services
via Wire object
Wire objects have properties for configuration
Matches classes flexible
Fully Dynamic
Secure

Producer
Wire Admin
Wire Admin Controller
Wire Admin
Consumer
Consumer Impl
25
IO Connector Service
IO Connector Impl

Standard feature in CLDC and CDC VM profiles to
access protocols instead of URLs
Adds dynamic addition and removal or protocols
Supports streams and message based protocols

Javax. Io. connector
IOConnector
Protocol Provider
http, ftp, sms, etc
26
Initial Provisioning

Provides a model for provisioning a service
platform with its first configuration
Allows service platforms to be delivered from the
factory in a single configuration
When positioned at the customer premises, the
platform retrieves its configuration (bundles
data) from the management host
Only uses a single unique id
Secure protocol (RSH) and normal HTTP

27
Declarative Services

Classic OSGi model based on startup
initialization
Startup time
Many services not needed until much later, if
ever
Lazy Initialization is much better
The service model provides hooks so that a bundle
is not initialized until it is needed
Bundles declare their requirements and
capabilities declaratively in a bundle resource
The Service Component Runtime
Tracks bundles
Calculate dependencies
Initialize a declarative service when it is
needed
Bundles that are not activated do not consume
resources in the system

component.xml
bundle A
SCR
bundle B
28
Event Manager Service

The Event Manager is a simple publish and
subscribe model
Events have
A Topic string
Properties
Events are posted through the Event Admin
service, either synchronous or asynchronous
Clients can register an Event Listener and
receive events
Can use a filter for further selection
Event delivery is protected by an Topic
Permission

Event Listener
Event Manager
Event Manager
29
Topic Permission

The TopicPermission class allows fine-grained
control over which bundles may post events to a
given topic and which bundles may receive those
events.
Matching algorithm.
For example, a name of "a.b." implies "a.b.c"
but not "x.y.z" or "a.b".
There are two available actions "publish" and
"subscribe".

30
Standard Properties

bundle - Bundle A bundle object
bundle.id - Long A bundle's ID
bundle.symbolicName - String A bundle's symbolic
name
event - Object The actual event object. Used
when rebroadcasting an event that was sent via
some other event mechanism.
exception - Throwable An exception or error
exception.class - String Must be equal to
exception.getClass().getName()
exception.message - String Must be equal to
exception.getMessage()
message - String A human-readable message
objectClass - String A service's objectClass
service - ServiceReference A service
service.id - Long A service's ID
service.pid - String A service's persistent
identity
timestamp - Long The time when the event
occurred, as reported by System.currentTimeMillis(
)

31
XML Parser Service

Allows different bundles to register an XML
parser
Supports finding best parser for a specific
application
Based on standard Java JAR service, but then in
bundles

32
Dmt Admin

Based on a tree model
A Node maps to specific device aspect, e.g.
current start level
Nodes on the tree are implemented by plugins
Plugins are services
Meta Model extended
Transactional
Session based
Good interface to native device
From native to Java
From Java to native
Alerts
Security
Java 2 Permission model (also remote managers)
ACLs

Deploy Admin
.
Appl. Manager
DmtExecPlugin
DmtAdmin
Event Admin
Dmt Admin
DmtDataPlugin
Config Admin
Monitor
Native State

33
Monitoring

Monitoring
Monitorable services
Any Monitorable service can provide multiple
Status Variables
Status Variables available through the DMT
Monitoring jobs can be scheduled
Report a set of Status Variables to the
management System

DmtDataPlugin
MonitorAdmin
Monitor
EventAdmin
Monitorable
Appl
34
Deployment

Deployment Admin provides the possibility to
install and update Deployment Packages
Deployment Packages are
A set of bundles with associated Resource
Processor
Transactional
No sharing with other Deployment Packages
Resource Processors provide the semantics for the
bitsof the resources in the JAR file
Process (install)
Drop (uninstall)
Security based on the permissions associated with
the signer of the Deployment Package

DmtDataPlugin
DeploymentAdmin
Depl. Admin
EventAdmin
Resource Processor
Rrsrc. Proc.
Autoconf
35
Deployment
Global section

Deployment Package
Based on JAR Format
Manifest describes the resources and associates
them with a Resource Processor
Fix Packages
Provide only updated contents

Name bundle-A.jar SHA1-Digest
RTasyyasi987iasj Bundle-SymbolicName
com.acme.a Bundle-Version 2.1
manifest.mf
signer.sf
Name certificates.cr SHA1-Digest
lkMjUasm87asjjasloe DP-ResourceProcessor
com.acme.c509
signer.rsa
bundle-A.jar
bundle-B.jar
autoconf.xml
certificates.cer
Resource Processor
Certificate Processor
36
Deployment

Customizers
A Deployment Package can contain its own Resource
Processor bundle
This customizer is installed and started before
other bundles in the Deployment Package
It registers a Resource Processor service
The Deployment Admin will only allow only
contents from the correct DP to be processed by
the customizer
The customizer gets access to the private data
area of its related bundles

Customizer
DP
Depl. Admin
bundle A
37
Application Model

A generic model that is intended to abstract
different application models so they can be
treated as one
Screen Manager
Provides access to icons and descriptive
localized information for each application
Can monitor the state of running instances
Applications can be scheduled for later execution
when a specific event arrives
Application Descriptor and Application Handle
services are provided as vendor specific base
classes
Interacts with JSR 211

Screen manager
Application Descriptor
Application Handle
Native Container
MIDP Container
38
UPnP

Popular UPnP specifications adapted to OSGi
Service Platform
Makes it very easy to write a UPnP control point
or device
Involves registering a simple UPnPDevice service

39
OSGi Compendium Utils
40
Service Tracker

Takes the pain out of the dynamics
Tracks the coming, modification, and going of
services
Hides the difference between services already
registered and services that are going to be
registered
Can be used with an interface or through
sub-classing

Object addingService(ServiceReference)
void modifiedService(Object, ServiceReference)
void removedService(Object, ServiceReference)

41
Position, Measurement, State

Support classes for Wire Admin
Position
Supports GPS like position
Measurement
SI measurement system to prevent calculation
errors
Error calculations
Timestamp
State

42
OSGi Security Layer
43
Security Layer Benefits

Possibility to run not fully trusted code on a
device
Deployer can mitigate its risk when signing a
bundle
Local Permissions
Delegated responsibility
Less frustration at Users and Deployers because
they are more independent
Less staff required at Operator
Operator always maintains fully in control
A change of mind is instantaneous

44
Security Layer

Security Architecture based on 4 roles
Operator
Deployer
End User
Developer
The OSGi Framework provides a (optional)
comprehensive security model
Based on Java 2 Permissions
Signing or location based authentication

Deployer
Operator
developer
Bundle B
Bundle A
Bundle D
Bundle E
Bundle F
Framework
Device
end user
45
Security Layer

Provide a flexible policy management for a
delegated management model
An Operator must be able to sell a device to an
Enterprise and be assured the enterprise can not
do anything the Operator does not want
The Enterprise administrator must be able to give
the device to a person and restrict the
possibilities further
Bundles must be restricted to only the
permissions they need