You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2010/03/31 23:22:22 UTC
svn commit: r929719 - in /cxf/dosgi/trunk:
dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/
dsw/cxf-dsw/src/test/java/org/apache/cxf/dosgi/dsw/handlers/ parent/
samples/ samples/security_filter/ samples/security_filter/src/
samples/security...
Author: sergeyb
Date: Wed Mar 31 21:22:21 2010
New Revision: 929719
URL: http://svn.apache.org/viewvc?rev=929719&view=rev
Log:
DOSGI-67 : applying a patch on behalf of Josh Holtzman
Added:
cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContext.java (with props)
cxf/dosgi/trunk/dsw/cxf-dsw/src/test/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContextTest.java (with props)
cxf/dosgi/trunk/samples/security_filter/
cxf/dosgi/trunk/samples/security_filter/pom.xml (with props)
cxf/dosgi/trunk/samples/security_filter/src/
cxf/dosgi/trunk/samples/security_filter/src/main/
cxf/dosgi/trunk/samples/security_filter/src/main/java/
cxf/dosgi/trunk/samples/security_filter/src/main/java/org/
cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/
cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/
cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/
cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/
cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/
cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/Activator.java (with props)
cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/SecureRestEndpoint.java (with props)
Modified:
cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/HttpServiceConfigurationTypeHandler.java
cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/JaxRSHttpServiceConfigurationTypeHandler.java
cxf/dosgi/trunk/parent/pom.xml
cxf/dosgi/trunk/samples/pom.xml
Modified: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/HttpServiceConfigurationTypeHandler.java
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/HttpServiceConfigurationTypeHandler.java?rev=929719&r1=929718&r2=929719&view=diff
==============================================================================
--- cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/HttpServiceConfigurationTypeHandler.java (original)
+++ cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/HttpServiceConfigurationTypeHandler.java Wed Mar 31 21:22:21 2010
@@ -42,6 +42,7 @@ import org.apache.cxf.transport.servlet.
import org.osgi.framework.BundleContext;
import org.osgi.framework.ServiceException;
import org.osgi.framework.ServiceReference;
+import org.osgi.service.http.HttpContext;
import org.osgi.service.http.HttpService;
import org.osgi.service.remoteserviceadmin.EndpointDescription;
import org.osgi.util.tracker.ServiceTracker;
@@ -89,7 +90,8 @@ public class HttpServiceConfigurationTyp
CXFNonSpringServlet cxf = new CXFNonSpringServlet();
HttpService httpService = getHttpService();
try {
- httpService.registerServlet(contextRoot, cxf, new Hashtable<String, String>(), null);
+ httpService.registerServlet(contextRoot, cxf, new Hashtable<String, String>(),
+ getHttpContext(dswContext, httpService));
LOG.info("Successfully registered CXF DOSGi servlet at " + contextRoot);
} catch (Exception e) {
throw new ServiceException("CXF DOSGi: problem registering CXF HTTP Servlet", e);
@@ -219,4 +221,11 @@ public class HttpServiceConfigurationTyp
}
}
}
+
+
+ protected HttpContext getHttpContext(BundleContext bundleContext, HttpService httpService) {
+
+ HttpContext httpContext = httpService.createDefaultHttpContext();
+ return new SecurityDelegatingHttpContext(bundleContext, httpContext);
+ }
}
Modified: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/JaxRSHttpServiceConfigurationTypeHandler.java
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/JaxRSHttpServiceConfigurationTypeHandler.java?rev=929719&r1=929718&r2=929719&view=diff
==============================================================================
--- cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/JaxRSHttpServiceConfigurationTypeHandler.java (original)
+++ cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/JaxRSHttpServiceConfigurationTypeHandler.java Wed Mar 31 21:22:21 2010
@@ -37,6 +37,7 @@ import org.apache.cxf.transport.servlet.
import org.osgi.framework.BundleContext;
import org.osgi.framework.ServiceException;
import org.osgi.framework.ServiceReference;
+import org.osgi.service.http.HttpContext;
import org.osgi.service.http.HttpService;
import org.osgi.service.remoteserviceadmin.EndpointDescription;
@@ -65,7 +66,7 @@ public class JaxRSHttpServiceConfigurati
CXFNonSpringServlet cxf = new CXFNonSpringServlet();
HttpService httpService = getHttpService();
try {
- httpService.registerServlet(contextRoot, cxf, new Hashtable<String, String>(), null);
+ HttpContext httpContext = getHttpContext(dswContext, httpService); httpService.registerServlet(contextRoot, cxf, new Hashtable<String, String>(), httpContext);
LOG.info("Successfully registered CXF DOSGi servlet at " + contextRoot);
} catch (Exception e) {
throw new ServiceException("CXF DOSGi: problem registering CXF HTTP Servlet", e);
Added: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContext.java
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContext.java?rev=929719&view=auto
==============================================================================
--- cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContext.java (added)
+++ cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContext.java Wed Mar 31 21:22:21 2010
@@ -0,0 +1,119 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.dosgi.dsw.handlers;
+
+import java.io.IOException;
+import java.net.URL;
+import java.util.logging.Logger;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.InvalidSyntaxException;
+import org.osgi.framework.ServiceReference;
+import org.osgi.service.http.HttpContext;
+
+/**
+ * <p>
+ * An HttpContext that delegates to another HttpContext for all things other than security. This implementation handles
+ * security by delegating to a {@link FilterChain} based on the set of {@link Filter}s registered with a
+ * {@link #FILTER_PROP} property.
+ * </p>
+ *
+ * <p>
+ * If the {@link BundleContext} contains a {@link #FILTER_REQUIRED_PROP} property with value "true", requests will not
+ * be allowed until at least one {@link Filter} with a {@link #FILTER_PROP} property is registered.
+ * </p>
+ */
+public class SecurityDelegatingHttpContext implements HttpContext {
+ private static final Logger LOG = Logger.getLogger(SecurityDelegatingHttpContext.class.getName());
+ public static final String FILTER_PROP = "org.apache.cxf.httpservice.filter";
+ public static final String FILTER_REQUIRED_PROP = "org.apache.cxf.httpservice.requirefilter";
+ private static final String FILTER_FILTER = "(" + FILTER_PROP + "=*)";
+
+ BundleContext bundleContext;
+ HttpContext delegate;
+ boolean requireFilter;
+
+ public SecurityDelegatingHttpContext(BundleContext bundleContext, HttpContext delegate) {
+ this.bundleContext = bundleContext;
+ this.delegate = delegate;
+ requireFilter = Boolean.TRUE.toString().equalsIgnoreCase(bundleContext.getProperty(FILTER_REQUIRED_PROP));
+ }
+
+ public String getMimeType(String name) {
+ return delegate.getMimeType(name);
+ }
+
+ public URL getResource(String name) {
+ return delegate.getResource(name);
+ }
+
+ public boolean handleSecurity(HttpServletRequest request, HttpServletResponse response) throws IOException {
+ ServiceReference[] refs;
+ try {
+ refs = bundleContext.getServiceReferences(Filter.class.getName(), FILTER_FILTER);
+ } catch (InvalidSyntaxException e) {
+ LOG.warning(e.getMessage());
+ return false;
+ }
+ if (refs == null || refs.length == 0) {
+ LOG.info("No filter registered.");
+ return !requireFilter;
+ }
+ Filter[] filters = new Filter[refs.length];
+ for (int i = 0; i < refs.length; i++)
+ filters[i] = (Filter) bundleContext.getService(refs[i]);
+ try {
+ new Chain(filters).doFilter(request, response);
+ return !response.isCommitted();
+ } catch (ServletException e) {
+ LOG.warning(e.getMessage());
+ return false;
+ }
+ }
+}
+
+/**
+ * A {@link FilterChain} composed of {@link Filter}s with the
+ */
+class Chain implements FilterChain {
+ private static final Logger LOG = Logger.getLogger(Chain.class.getName());
+
+ int current = 0;
+ Filter[] filters;
+
+ Chain(Filter[] filters) {
+ this.filters = filters;
+ }
+
+ public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException {
+ if (current < filters.length && !response.isCommitted()) {
+ Filter filter = filters[current++];
+ LOG.info("doFilter() on " + filter);
+ filter.doFilter(request, response, this);
+ }
+ }
+}
Propchange: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContext.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContext.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Added: cxf/dosgi/trunk/dsw/cxf-dsw/src/test/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContextTest.java
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/test/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContextTest.java?rev=929719&view=auto
==============================================================================
--- cxf/dosgi/trunk/dsw/cxf-dsw/src/test/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContextTest.java (added)
+++ cxf/dosgi/trunk/dsw/cxf-dsw/src/test/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContextTest.java Wed Mar 31 21:22:21 2010
@@ -0,0 +1,216 @@
+package org.apache.cxf.dosgi.dsw.handlers;
+
+import java.io.PrintWriter;
+import java.net.URL;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import junit.framework.TestCase;
+
+import org.easymock.EasyMock;
+import org.junit.Assert;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.ServiceReference;
+import org.osgi.service.http.HttpContext;
+
+public class SecurityDelegatingHttpContextTest extends TestCase {
+ protected HttpContext defaultHttpContext;
+ protected SecurityDelegatingHttpContext httpContext;
+ protected CommitResponseFilter commitFilter;
+ protected DoNothingFilter doNothingFilter;
+ protected AccessDeniedFilter accessDeniedFilter;
+ protected String mimeType;
+ protected URL url; // does not need to exist
+
+ public void setUp() throws Exception {
+ mimeType = "text/xml";
+ url = new URL("file:test.xml"); // does not need to exist
+
+ // Sample filters
+ commitFilter = new CommitResponseFilter();
+ doNothingFilter = new DoNothingFilter();
+ accessDeniedFilter = new AccessDeniedFilter();
+
+ // Mock up the default http context
+ defaultHttpContext = EasyMock.createNiceMock(HttpContext.class);
+ EasyMock.expect(defaultHttpContext.getMimeType((String)EasyMock.anyObject())).andReturn(mimeType);
+ EasyMock.expect(defaultHttpContext.getResource((String)EasyMock.anyObject())).andReturn(url);
+ EasyMock.replay(defaultHttpContext);
+ }
+
+ public void testFilterRequired() throws Exception {
+ // Mock up the service references
+ ServiceReference[] serviceReferences = new ServiceReference[] {};
+
+ // Mock up the bundle context
+ BundleContext bundleContext = EasyMock.createNiceMock(BundleContext.class);
+ EasyMock.expect(bundleContext.getServiceReferences(Filter.class.getName(),
+ "(org.apache.cxf.httpservice.filter=true)")).andReturn(serviceReferences);
+ EasyMock.replay(bundleContext);
+
+ // Set up the secure http context
+ httpContext = new SecurityDelegatingHttpContext(bundleContext, defaultHttpContext);
+ httpContext.requireFilter = true;
+
+ // Ensure that the httpContext doesn't allow the request to be processed, since there are no registered servlet filters
+ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+ EasyMock.replay(request);
+ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+ EasyMock.replay(response);
+ boolean requestAllowed = httpContext.handleSecurity(request, response);
+ Assert.assertFalse(requestAllowed);
+
+ // Ensure that the httpContext returns true if there is no requirement for registered servlet filters
+ httpContext.requireFilter = false;
+ requestAllowed = httpContext.handleSecurity(request, response);
+ Assert.assertTrue(requestAllowed);
+ }
+
+ public void testSingleCommitFilter() throws Exception {
+ // Mock up the service references
+ ServiceReference filterReference = EasyMock.createNiceMock(ServiceReference.class);
+ EasyMock.replay(filterReference);
+ ServiceReference[] serviceReferences = new ServiceReference[] {filterReference};
+
+ // Mock up the bundle context
+ BundleContext bundleContext = EasyMock.createNiceMock(BundleContext.class);
+ EasyMock.expect(bundleContext.getServiceReferences((String)EasyMock.anyObject(), (String)EasyMock.anyObject()))
+ .andReturn(serviceReferences);
+ EasyMock.expect(bundleContext.getService((ServiceReference)EasyMock.anyObject())).andReturn(commitFilter);
+ EasyMock.replay(bundleContext);
+
+ // Set up the secure http context
+ httpContext = new SecurityDelegatingHttpContext(bundleContext, defaultHttpContext);
+
+ // Ensure that the httpContext returns false, since the filter has committed the response
+ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+ EasyMock.replay(request);
+ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+ EasyMock.expect(response.isCommitted()).andReturn(false); // the first call checks to see whether to invoke the filter
+ EasyMock.expect(response.isCommitted()).andReturn(true); // the second is called to determine the handleSecurity return value
+ EasyMock.expect(response.getWriter()).andReturn(new PrintWriter(System.out));
+ EasyMock.replay(response);
+ Assert.assertFalse(httpContext.handleSecurity(request, response));
+
+ // Ensure that the appropriate filters were called
+ Assert.assertTrue(commitFilter.called);
+ Assert.assertFalse(doNothingFilter.called);
+ Assert.assertFalse(accessDeniedFilter.called);
+ }
+
+ public void testFilterChain() throws Exception {
+ // Mock up the service references
+ ServiceReference filterReference = EasyMock.createNiceMock(ServiceReference.class);
+ EasyMock.replay(filterReference);
+ ServiceReference[] serviceReferences = new ServiceReference[] {filterReference, filterReference};
+
+ // Mock up the bundle context
+ BundleContext bundleContext = EasyMock.createNiceMock(BundleContext.class);
+ EasyMock.expect(bundleContext.getServiceReferences((String)EasyMock.anyObject(), (String)EasyMock.anyObject()))
+ .andReturn(serviceReferences);
+ EasyMock.expect(bundleContext.getService((ServiceReference)EasyMock.anyObject())).andReturn(doNothingFilter);
+ EasyMock.expect(bundleContext.getService((ServiceReference)EasyMock.anyObject())).andReturn(commitFilter);
+ EasyMock.replay(bundleContext);
+
+ // Set up the secure http context
+ httpContext = new SecurityDelegatingHttpContext(bundleContext, defaultHttpContext);
+
+ // Ensure that the httpContext returns false, since the filter has committed the response
+ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+ EasyMock.replay(request);
+ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+ EasyMock.expect(response.isCommitted()).andReturn(false); // doNothingFilter should not commit the response
+ EasyMock.expect(response.getWriter()).andReturn(new PrintWriter(System.out));
+ EasyMock.expect(response.isCommitted()).andReturn(false);
+ EasyMock.expect(response.isCommitted()).andReturn(true); // the commit filter indicating that it committed the response
+ EasyMock.replay(response);
+ Assert.assertFalse(httpContext.handleSecurity(request, response));
+
+ // Ensure that the appropriate filters were called
+ Assert.assertTrue(doNothingFilter.called);
+ Assert.assertTrue(commitFilter.called);
+ Assert.assertFalse(accessDeniedFilter.called);
+ }
+
+ public void testAllowRequest() throws Exception {
+ // Mock up the service references
+ ServiceReference filterReference = EasyMock.createNiceMock(ServiceReference.class);
+ EasyMock.replay(filterReference);
+ ServiceReference[] serviceReferences = new ServiceReference[] {filterReference};
+
+ // Mock up the bundle context
+ BundleContext bundleContext = EasyMock.createNiceMock(BundleContext.class);
+ EasyMock.expect(bundleContext.getServiceReferences((String)EasyMock.anyObject(), (String)EasyMock.anyObject()))
+ .andReturn(serviceReferences);
+ EasyMock.expect(bundleContext.getService((ServiceReference)EasyMock.anyObject())).andReturn(doNothingFilter);
+ EasyMock.replay(bundleContext);
+
+ // Set up the secure http context
+ httpContext = new SecurityDelegatingHttpContext(bundleContext, defaultHttpContext);
+
+ // Ensure that the httpContext returns true, since the filter has not committed the response
+ HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+ EasyMock.replay(request);
+ HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+ EasyMock.expect(response.isCommitted()).andReturn(false);
+ EasyMock.replay(response);
+ Assert.assertTrue(httpContext.handleSecurity(request, response));
+
+ // Ensure that the appropriate filters were called
+ Assert.assertTrue(doNothingFilter.called);
+ Assert.assertFalse(commitFilter.called);
+ Assert.assertFalse(accessDeniedFilter.called);
+ }
+
+ public void testDelegation() throws Exception {
+ BundleContext bundleContext = EasyMock.createNiceMock(BundleContext.class);
+ EasyMock.replay(bundleContext);
+
+ // Set up the secure http context
+ httpContext = new SecurityDelegatingHttpContext(bundleContext, defaultHttpContext);
+
+ // Ensure that it delegates non-security calls to the wrapped implementation (in this case, the mock)
+ Assert.assertEquals(mimeType, httpContext.getMimeType(""));
+ Assert.assertEquals(url, httpContext.getResource(""));
+ }
+}
+
+class CommitResponseFilter implements Filter {
+ public boolean called = false;
+ public void init(FilterConfig filterConfig) throws ServletException {}
+ public void destroy() {}
+ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+ throws java.io.IOException ,javax.servlet.ServletException {
+ called = true;
+ response.getWriter().write("committing the response");
+ };
+}
+
+class DoNothingFilter implements Filter {
+ boolean called = false;
+ public void init(FilterConfig filterConfig) throws ServletException {}
+ public void destroy() {}
+ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+ throws java.io.IOException ,javax.servlet.ServletException {
+ called = true;
+ chain.doFilter(request, response);
+ };
+}
+
+class AccessDeniedFilter implements Filter {
+ boolean called = false;
+ public void init(FilterConfig filterConfig) throws ServletException {}
+ public void destroy() {}
+ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+ throws java.io.IOException ,javax.servlet.ServletException {
+ called = true;
+ ((HttpServletResponse)response).sendError(HttpServletResponse.SC_FORBIDDEN);
+ };
+}
Propchange: cxf/dosgi/trunk/dsw/cxf-dsw/src/test/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContextTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cxf/dosgi/trunk/dsw/cxf-dsw/src/test/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContextTest.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Modified: cxf/dosgi/trunk/parent/pom.xml
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/parent/pom.xml?rev=929719&r1=929718&r2=929719&view=diff
==============================================================================
--- cxf/dosgi/trunk/parent/pom.xml (original)
+++ cxf/dosgi/trunk/parent/pom.xml Wed Mar 31 21:22:21 2010
@@ -28,6 +28,7 @@
<servicemix.specs.version>1.3.0</servicemix.specs.version>
+ <servlet.version>2.5</servlet.version>
<log4j.version>1.2.15</log4j.version>
<jetty.version>6.1.16</jetty.version>
<xmlschema.bundle.version>1.4.3_1</xmlschema.bundle.version> <!-- CXF uses 1.4.4 -->
Modified: cxf/dosgi/trunk/samples/pom.xml
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/samples/pom.xml?rev=929719&r1=929718&r2=929719&view=diff
==============================================================================
--- cxf/dosgi/trunk/samples/pom.xml (original)
+++ cxf/dosgi/trunk/samples/pom.xml Wed Mar 31 21:22:21 2010
@@ -22,5 +22,6 @@
<module>spring_dm</module>
<module>ds</module>
<module>discovery</module>
+ <module>security_filter</module>
</modules>
</project>
Added: cxf/dosgi/trunk/samples/security_filter/pom.xml
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/samples/security_filter/pom.xml?rev=929719&view=auto
==============================================================================
--- cxf/dosgi/trunk/samples/security_filter/pom.xml (added)
+++ cxf/dosgi/trunk/samples/security_filter/pom.xml Wed Mar 31 21:22:21 2010
@@ -0,0 +1,77 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>org.apache.cxf.dosgi.samples</groupId>
+ <artifactId>cxf-dosgi-ri-bundles-sample-security</artifactId>
+ <packaging>bundle</packaging>
+ <name>Distributed OSGI Security Sample Bundle</name>
+ <version>1.2-SNAPSHOT</version>
+
+ <parent>
+ <groupId>org.apache.cxf.dosgi</groupId>
+ <artifactId>cxf-dosgi-ri-parent</artifactId>
+ <version>1.2-SNAPSHOT</version>
+ <relativePath>../../parent/pom.xml</relativePath>
+ </parent>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>org.apache.felix.framework</artifactId>
+ <version>${felix.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>org.osgi.foundation</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>servlet-api</artifactId>
+ <version>${servlet.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.servicemix.specs</groupId>
+ <artifactId>org.apache.servicemix.specs.jsr311-api-1.0</artifactId>
+ <version>${servicemix.specs.version}</version>
+ </dependency>
+ </dependencies>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>maven-bundle-plugin</artifactId>
+ <configuration>
+ <instructions>
+ <Bundle-Name>${pom.name}</Bundle-Name>
+ <Bundle-Description>This bundle contains an example Distributed OSGi endpoint that passes requests through a security filter.</Bundle-Description>
+ <Bundle-SymbolicName>${pom.artifactId}</Bundle-SymbolicName>
+ <Private-Package>org.apache.cxf.dosgi.samples.security</Private-Package>
+ <Bundle-Activator>org.apache.cxf.dosgi.samples.security.Activator</Bundle-Activator>
+ </instructions>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+
+</project>
Propchange: cxf/dosgi/trunk/samples/security_filter/pom.xml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cxf/dosgi/trunk/samples/security_filter/pom.xml
------------------------------------------------------------------------------
svn:keywords = Rev Date
Propchange: cxf/dosgi/trunk/samples/security_filter/pom.xml
------------------------------------------------------------------------------
svn:mime-type = text/xml
Added: cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/Activator.java
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/Activator.java?rev=929719&view=auto
==============================================================================
--- cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/Activator.java (added)
+++ cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/Activator.java Wed Mar 31 21:22:21 2010
@@ -0,0 +1,59 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.dosgi.samples.security;
+
+import java.util.Dictionary;
+import java.util.Hashtable;
+
+import javax.servlet.Filter;
+
+import org.osgi.framework.BundleActivator;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.ServiceRegistration;
+
+/**
+ * Registers a REST endpoint and a servlet filter to control access to the endpoint.
+ */
+public class Activator implements BundleActivator {
+ private ServiceRegistration restRegistration;
+ private ServiceRegistration filterRegistration;
+
+ @SuppressWarnings("unchecked")
+ public void start(BundleContext bundleContext) throws Exception {
+ // Register a rest endpoint
+ Dictionary restProps = new Hashtable();
+ restProps.put("service.exported.interfaces", SecureRestEndpoint.class.getName());
+ restProps.put("service.exported.configs", "org.apache.cxf.rs");
+ restProps.put("org.apache.cxf.rs.httpservice.context", "/secure");
+ restRegistration = bundleContext.registerService(SecureRestEndpoint.class.getName(), new SecureRestEndpoint(), restProps);
+
+ // Register a servlet filter (this could be done in another OSGi bundle, too)
+ Dictionary filterProps = new Hashtable();
+ filterProps.put("org.apache.cxf.httpservice.filter", Boolean.TRUE);
+ // Pax-Web whiteboard (if deployed) will attempt to apply this filter to servlets by name or URL, and will complain
+ // if neither servletName or urlPatterns are specified. The felix http service whiteboard may do something similar.
+ filterProps.put("servletNames", "none");
+ filterRegistration = bundleContext.registerService(Filter.class.getName(), new SampleSecurityFilter(), filterProps);
+ }
+
+ public void stop(BundleContext bundleContext) throws Exception {
+ restRegistration.unregister();
+ filterRegistration.unregister();
+ }
+}
Propchange: cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/Activator.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/Activator.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Added: cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/SecureRestEndpoint.java
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/SecureRestEndpoint.java?rev=929719&view=auto
==============================================================================
--- cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/SecureRestEndpoint.java (added)
+++ cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/SecureRestEndpoint.java Wed Mar 31 21:22:21 2010
@@ -0,0 +1,35 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.dosgi.samples.security;
+
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.MediaType;
+
+@Path("/")
+public class SecureRestEndpoint {
+
+ @GET
+ @Path("hello")
+ @Produces(MediaType.TEXT_PLAIN)
+ public String sayHello() {
+ return "Hello and congratulations, you made it past the security filter";
+ }
+}
Propchange: cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/SecureRestEndpoint.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/SecureRestEndpoint.java
------------------------------------------------------------------------------
svn:keywords = Rev Date