You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@stratos.apache.org by Nirmal Fernando <ni...@gmail.com> on 2014/11/01 09:40:49 UTC
Re: git commit: Removing subscribe method from REST API and refining
code/error logs
Don't we need to subscribe anymore?
On Sat, Nov 1, 2014 at 5:50 AM, <im...@apache.org> wrote:
> Repository: stratos
> Updated Branches:
> refs/heads/docker-grouping-merge 47b31d086 -> ef4df6d66
>
>
> Removing subscribe method from REST API and refining code/error logs
>
>
> Project: http://git-wip-us.apache.org/repos/asf/stratos/repo
> Commit: http://git-wip-us.apache.org/repos/asf/stratos/commit/ef4df6d6
> Tree: http://git-wip-us.apache.org/repos/asf/stratos/tree/ef4df6d6
> Diff: http://git-wip-us.apache.org/repos/asf/stratos/diff/ef4df6d6
>
> Branch: refs/heads/docker-grouping-merge
> Commit: ef4df6d66397d12fb84e9867bf4f5e934af58158
> Parents: 47b31d0
> Author: Imesh Gunaratne <im...@apache.org>
> Authored: Sat Nov 1 10:20:01 2014 +0530
> Committer: Imesh Gunaratne <im...@apache.org>
> Committed: Sat Nov 1 10:20:01 2014 +0530
>
> ----------------------------------------------------------------------
> ...tractAuthenticationAuthorizationHandler.java | 4 +-
> .../handlers/CustomExceptionMapper.java | 2 +-
> .../CustomThrowableExceptionMapper.java | 4 +-
> .../handlers/StratosAuthenticationHandler.java | 22 +++--
> .../rest/endpoint/services/StratosAdmin.java | 92 ++++++--------------
> 5 files changed, 45 insertions(+), 79 deletions(-)
> ----------------------------------------------------------------------
>
>
>
> http://git-wip-us.apache.org/repos/asf/stratos/blob/ef4df6d6/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/AbstractAuthenticationAuthorizationHandler.java
> ----------------------------------------------------------------------
> diff --git
> a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/AbstractAuthenticationAuthorizationHandler.java
> b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/AbstractAuthenticationAuthorizationHandler.java
> index b332841..1209860 100644
> ---
> a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/AbstractAuthenticationAuthorizationHandler.java
> +++
> b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/AbstractAuthenticationAuthorizationHandler.java
> @@ -33,8 +33,6 @@ import java.util.List;
> public abstract class AbstractAuthenticationAuthorizationHandler
> implements RequestHandler {
> private Log log =
> LogFactory.getLog(AbstractAuthenticationAuthorizationHandler.class);
>
> -
> -
> public Response handleRequest(Message message, ClassResourceInfo
> classResourceInfo) {
> HttpHeaders headers = new HttpHeadersImpl(message);
> List<String> authHeader =
> headers.getRequestHeader(HttpHeaders.AUTHORIZATION);
> @@ -47,9 +45,9 @@ public abstract class
> AbstractAuthenticationAuthorizationHandler implements Requ
> }
> // give the control to the next handler
> return null;
> -
> }
>
> protected abstract boolean canHandle(String authHeaderPrefix);
> +
> protected abstract Response handle(Message message,ClassResourceInfo
> classResourceInfo);
> }
>
>
> http://git-wip-us.apache.org/repos/asf/stratos/blob/ef4df6d6/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CustomExceptionMapper.java
> ----------------------------------------------------------------------
> diff --git
> a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CustomExceptionMapper.java
> b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CustomExceptionMapper.java
> index bc6941d..8682b7d 100644
> ---
> a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CustomExceptionMapper.java
> +++
> b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CustomExceptionMapper.java
> @@ -40,7 +40,7 @@ public class CustomExceptionMapper implements
> ExceptionMapper<RestAPIException>
> }
> // if no specific error message specified, spitting out a
> generaic error message
> String errorMessage = (restAPIException.getMessage() != null)?
> - restAPIException.getMessage():"Error while fullfilling
> the request";
> + restAPIException.getMessage():"Error while fulfilling the
> request";
> // if no specific error specified we are throwing the bad request
> http status code by default
> Response.Status httpStatus= (restAPIException.getHTTPStatusCode()
> != null)?
>
> restAPIException.getHTTPStatusCode():Response.Status.BAD_REQUEST;
>
>
> http://git-wip-us.apache.org/repos/asf/stratos/blob/ef4df6d6/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CustomThrowableExceptionMapper.java
> ----------------------------------------------------------------------
> diff --git
> a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CustomThrowableExceptionMapper.java
> b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CustomThrowableExceptionMapper.java
> index 0f08728..74323de 100644
> ---
> a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CustomThrowableExceptionMapper.java
> +++
> b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CustomThrowableExceptionMapper.java
> @@ -29,8 +29,8 @@ public class CustomThrowableExceptionMapper implements
> ExceptionMapper<Throwable
> private static Log log =
> LogFactory.getLog(CustomThrowableExceptionMapper.class);
>
> public Response toResponse(Throwable throwable) {
> - if(log.isDebugEnabled()){
> - log.debug("Internal server error", throwable);
> + if(log.isErrorEnabled()){
> + log.error("Internal server error", throwable);
> }
>
> return
> Response.status(Response.Status.INTERNAL_SERVER_ERROR).type(MediaType.APPLICATION_JSON).
>
>
> http://git-wip-us.apache.org/repos/asf/stratos/blob/ef4df6d6/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthenticationHandler.java
> ----------------------------------------------------------------------
> diff --git
> a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthenticationHandler.java
> b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthenticationHandler.java
> index bfa676f..0894cd7 100644
> ---
> a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthenticationHandler.java
> +++
> b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthenticationHandler.java
> @@ -22,6 +22,7 @@ import javax.servlet.http.HttpServletRequest;
> import javax.ws.rs.core.MediaType;
> import javax.ws.rs.core.Response;
>
> +import org.apache.commons.lang3.StringUtils;
> import org.apache.commons.logging.Log;
> import org.apache.commons.logging.LogFactory;
> import org.apache.cxf.configuration.security.AuthorizationPolicy;
> @@ -67,22 +68,26 @@ public class StratosAuthenticationHandler extends
> AbstractAuthenticationAuthoriz
> * @return
> */
> public Response handle(Message message, ClassResourceInfo
> classResourceInfo) {
> + if(log.isDebugEnabled()) {
> + log.debug(String.format("Authenticating request: [message-id]
> %s", message.getId()));
> + }
> +
> // If Mutual SSL is enabled
> HttpServletRequest request = (HttpServletRequest)
> message.get("HTTP.REQUEST");
> Object certObject =
> request.getAttribute("javax.servlet.request.X509Certificate");
>
> - AuthorizationPolicy policy = (AuthorizationPolicy)
> message.get(AuthorizationPolicy.class);
> + AuthorizationPolicy policy =
> message.get(AuthorizationPolicy.class);
> String username = policy.getUserName().trim();
> String password = policy.getPassword().trim();
>
> //sanity check
> - if ((username == null) || username.equals("")) {
> - log.error("username is seen as null/empty values.");
> + if (StringUtils.isEmpty(username)) {
> + log.error("username is seen as null/empty values");
> return Response.status(Response.Status.UNAUTHORIZED)
> .header("WWW-Authenticate",
> "Basic").type(MediaType.APPLICATION_JSON)
> .entity(Utils.buildMessage("Username cannot be
> null")).build();
> - } else if (certObject == null && ((password == null) ||
> password.equals(""))) {
> - log.error("password is seen as null/empty values.");
> + } else if (certObject == null && (StringUtils.isEmpty(password)))
> {
> + log.error("password is seen as null/empty values");
> return Response.status(Response.Status.UNAUTHORIZED)
> .header("WWW-Authenticate",
> "Basic").type(MediaType.APPLICATION_JSON)
> .entity(Utils.buildMessage("password cannot be
> null")).build();
> @@ -119,23 +124,22 @@ public class StratosAuthenticationHandler extends
> AbstractAuthenticationAuthoriz
> // set the authenticated flag and let the request to
> continue
> AuthenticationContext.setAuthenticated(true);
> if (log.isDebugEnabled()) {
> - log.debug("authenticated using the " +
> CookieBasedAuthenticationHandler.class.getName() + "for username :" +
> + log.debug("Authenticated using the " +
> CookieBasedAuthenticationHandler.class.getName() + "for username :" +
> username + "tenantDomain : " + tenantDomain +
> " tenantId : " + tenantId);
> }
> return null;
> } else {
> - log.warn("unable to authenticate the request");
> + log.warn(String.format("Unable to authenticate the
> request: [message-id] %s", message.getId()));
> // authentication failed, request the authetication, add
> the realm name if needed to the value of WWW-Authenticate
> return
> Response.status(Response.Status.UNAUTHORIZED).header("WWW-Authenticate",
> "Basic").
>
> type(MediaType.APPLICATION_JSON).entity(Utils.buildMessage("Authentication
> failed. Please " +
> "check your username/password")).build();
> }
> } catch (Exception exception) {
> - log.error("Authentication failed",exception);
> + log.error(String.format("Authentication failed: [message-id]
> %s", message.getId()),exception);
> // server error in the eyes of the client. Hence 5xx HTTP
> code.
> return
> Response.status(Response.Status.INTERNAL_SERVER_ERROR).type(MediaType.APPLICATION_JSON).
> entity(Utils.buildMessage("Unexpected error. Please
> contact the system admin")).build();
> }
> -
> }
> }
>
>
> http://git-wip-us.apache.org/repos/asf/stratos/blob/ef4df6d6/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/services/StratosAdmin.java
> ----------------------------------------------------------------------
> diff --git
> a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/services/StratosAdmin.java
> b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/services/StratosAdmin.java
> index f28a8e6..116688b 100644
> ---
> a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/services/StratosAdmin.java
> +++
> b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/services/StratosAdmin.java
> @@ -94,24 +94,21 @@ public class StratosAdmin extends AbstractAdmin {
> @Context
> UriInfo uriInfo;
>
> -
> @POST
> @Path("/init")
> @AuthorizationAction("/permission/admin/restlogin")
> public StratosAdminResponse initialize()
> throws RestAPIException {
> -
> -
> StratosAdminResponse stratosAdminResponse = new
> StratosAdminResponse();
> stratosAdminResponse.setMessage("Successfully logged in");
> return stratosAdminResponse;
> }
>
> - /*
> - This method gets called by the client who are interested in using
> session mechanism to authenticate themselves in
> - subsequent calls. This method call get authenticated by the basic
> authenticator.
> - Once the authenticated call received, the method creates a session.
> -
> + /**
> + * This method gets called by the client who are interested in using
> session mechanism to authenticate themselves in
> + * subsequent calls. This method call get authenticated by the basic
> authenticator.
> + * Once the authenticated call received, the method creates a session.
> + * @return
> */
> @GET
> @Path("/cookie")
> @@ -130,22 +127,6 @@ public class StratosAdmin extends AbstractAdmin {
>
> entity(Utils.buildAuthenticationSuccessMessage(sessionId)).build();
> }
>
> - /*
> - @POST
> - @Path("/application/definition/")
> - @Produces("application/json")
> - @Consumes("application/json")
> - @AuthorizationAction("/permission/protected/manage/monitor/tenants")
> - @SuperTenantService(true)
> - // Grouping
> - public StratosAdminResponse
> deployApplicationDefinition(CompositeApplicationDefinitionBean
> applicationDefinitionBean)
> - throws RestAPIException {
> -
> - return
> ServiceUtils.deployApplicationDefinition(applicationDefinitionBean,
> getConfigContext(), getUsername(),
> - getTenantDomain());
> -
> - }
> -*/
> @POST
> @Path("/application/definition/")
> @Produces("application/json")
> @@ -157,24 +138,10 @@ public class StratosAdmin extends AbstractAdmin {
> throws RestAPIException {
>
> ServiceUtils.deployApplicationDefinition(applicationDefinitionBean,
> getConfigContext(),
> getUsername(), getTenantDomain());
> -
> URI url =
> uriInfo.getAbsolutePathBuilder().path(applicationDefinitionBean.getApplicationId()).build();
> return Response.created(url).build();
> }
>
> - /* @POST
> - @Path("/application/definition/")
> - @Produces("application/json")
> - @Consumes("application/json")
> - @AuthorizationAction("/permission/protected/manage/monitor/tenants")
> - @SuperTenantService(true)
> - // Grouping
> - public StratosAdminResponse
> deployApplicationDefinition(CompositeAppDefinition compositeAppDefinition)
> - throws RestAPIException {
> -
> - return
> ServiceUtils.deployCompositeApplicationDefintion(compositeAppDefinition);
> - } */
> -
>
> @DELETE
> @Path("/application/definition/{applicationId}")
> @@ -185,7 +152,6 @@ public class StratosAdmin extends AbstractAdmin {
> // Grouping
> public Response
> unDeployApplicationDefinition(@PathParam("applicationId") String
> applicationId)
> throws RestAPIException {
> -
> ServiceUtils.unDeployApplication(applicationId,
> getConfigContext(), getUsername(),
> getTenantDomain());
> return Response.noContent().build();
> @@ -199,7 +165,6 @@ public class StratosAdmin extends AbstractAdmin {
>
> @AuthorizationAction("/permission/admin/manage/add/cartridgeDefinition")
> public Response deployCartridgeDefinition(CartridgeDefinitionBean
> cartridgeDefinitionBean)
> throws RestAPIException {
> -
> ServiceUtils.deployCartridge(cartridgeDefinitionBean,
> getConfigContext(), getUsername(),
> getTenantDomain());
> URI url =
> uriInfo.getAbsolutePathBuilder().path(cartridgeDefinitionBean.type).build();
> @@ -213,7 +178,6 @@ public class StratosAdmin extends AbstractAdmin {
> @Consumes("application/json")
>
> @AuthorizationAction("/permission/admin/manage/add/cartridgeDefinition")
> public Response
> unDeployCartridgeDefinition(@PathParam("cartridgeType") String
> cartridgeType) throws RestAPIException {
> -
> ServiceUtils.undeployCartridge(cartridgeType);
> return Response.noContent().build();
> }
> @@ -226,7 +190,6 @@ public class StratosAdmin extends AbstractAdmin {
> @SuperTenantService(true)
> public Response deployServiceGroupDefinition (ServiceGroupDefinition
> serviceGroupDefinition)
> throws RestAPIException {
> -
> ServiceUtils.deployServiceGroupDefinition(serviceGroupDefinition);
> URI url =
> uriInfo.getAbsolutePathBuilder().path(serviceGroupDefinition.getName()).build();
> return Response.created(url).build();
> @@ -443,10 +406,8 @@ public class StratosAdmin extends AbstractAdmin {
> }
>
> /**
> - * This API provides information about the application denoted by the
> given appId. Details includes,
> - * Application details,
> - * Top level cluster details
> - * details of the group and sub groups.
> + * This API resource provides information about the application
> denoted by the given appId. Details includes,
> + * Application details, top level cluster details, details of the
> group and sub groups.
> * @param applicationId Id of the application.
> * @return Json representing the application details with 200 as HTTP
> status. HTTP 404 is returned when there is
> * no application with given Id.
> @@ -561,19 +522,19 @@ public class StratosAdmin extends AbstractAdmin {
> return rb.build();
> }
>
> - @POST
> - @Path("/cartridge/subscribe")
> - @Produces("application/json")
> - @Consumes("application/json")
> - @AuthorizationAction("/permission/admin/manage/add/subscription")
> - public Response subscribe(CartridgeInfoBean cartridgeInfoBean) throws
> RestAPIException {
> -
> - SubscriptionInfo subscriptionInfo =
> ServiceUtils.subscribe(cartridgeInfoBean,
> - getConfigContext(),
> - getUsername(),
> - getTenantDomain());
> - return Response.ok(subscriptionInfo).build();
> - }
> +// @POST
> +// @Path("/cartridge/subscribe")
> +// @Produces("application/json")
> +// @Consumes("application/json")
> +// @AuthorizationAction("/permission/admin/manage/add/subscription")
> +// public Response subscribe(CartridgeInfoBean cartridgeInfoBean)
> throws RestAPIException {
> +//
> +// SubscriptionInfo subscriptionInfo =
> ServiceUtils.subscribe(cartridgeInfoBean,
> +// getConfigContext(),
> +// getUsername(),
> +// getTenantDomain());
> +// return Response.ok(subscriptionInfo).build();
> +// }
>
> @GET
> @Path("/cluster/")
> @@ -676,10 +637,11 @@ public class StratosAdmin extends AbstractAdmin {
> try {
> CommonUtil.validateEmail(tenantInfoBean.getEmail());
> } catch (Exception e) {
> - String msg = "Invalid email is provided.";
> + String msg = "Invalid email is provided";
> log.error(msg, e);
> throw new RestAPIException(msg);
> }
> +
> String tenantDomain = tenantInfoBean.getTenantDomain();
> try {
> TenantMgtUtil.validateDomain(tenantDomain);
> @@ -688,18 +650,20 @@ public class StratosAdmin extends AbstractAdmin {
> log.error(msg, e);
> throw new RestAPIException(msg);
> }
> +
> UserRegistry userRegistry = (UserRegistry)
> PrivilegedCarbonContext.getThreadLocalCarbonContext().
> getRegistry(RegistryType.USER_GOVERNANCE);
> if (userRegistry == null) {
> - log.error("Security Alert! User registry is null. A user is
> trying create a tenant "
> + log.error("Security alert! User registry is null. A user is
> trying create a tenant "
> + " without an authenticated session.");
> - throw new RestAPIException("Invalid data."); // obscure error
> message.
> + throw new RestAPIException("Invalid data"); // obscure error
> message.
> }
>
> if (userRegistry.getTenantId() !=
> MultitenantConstants.SUPER_TENANT_ID) {
> - log.error("Security Alert! Non super tenant trying to create
> a tenant.");
> - throw new RestAPIException("Invalid data."); // obscure error
> message.
> + log.error("Security alert! None super tenant trying to create
> a tenant.");
> + throw new RestAPIException("Invalid data"); // obscure error
> message.
> }
> +
> Tenant tenant = TenantMgtUtil.initializeTenant(tenantInfoBean);
> TenantPersistor persistor = ServiceHolder.getTenantPersistor();
> // not validating the domain ownership, since created by super
> tenant
>
>
--
Best Regards,
Nirmal
Nirmal Fernando.
PPMC Member & Committer of Apache Stratos,
Senior Software Engineer, WSO2 Inc.
Blog: http://nirmalfdo.blogspot.com/