You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by rm...@apache.org on 2016/07/13 05:42:39 UTC
tomee git commit: TOMEE-1865 TOMEE-1866 capturing the request used by
CDI in the host to be able to use the request in request scoped beans
Repository: tomee
Updated Branches:
refs/heads/master 184cfcfb5 -> 21ee2b6f8
TOMEE-1865 TOMEE-1866 capturing the request used by CDI in the host to be able to use the request in request scoped beans
Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/21ee2b6f
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/21ee2b6f
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/21ee2b6f
Branch: refs/heads/master
Commit: 21ee2b6f8500be3dd1e682b1c77a304904898693
Parents: 184cfcf
Author: Romain manni-Bucau <rm...@gmail.com>
Authored: Wed Jul 13 07:42:14 2016 +0200
Committer: Romain manni-Bucau <rm...@gmail.com>
Committed: Wed Jul 13 07:42:14 2016 +0200
----------------------------------------------------------------------
.../securityejb/SecurityEJBPropagationTest.java | 7 +++-
.../arquillian/tests/securityejb/TheBean.java | 33 ++++++++++++++++
.../tests/securityejb/TheServerAuthModule.java | 40 ++++++++++++++------
.../tomee/catalina/OpenEJBSecurityListener.java | 32 +++++++++++++---
.../tomee/catalina/TomcatWebAppBuilder.java | 1 +
5 files changed, 96 insertions(+), 17 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tomee/blob/21ee2b6f/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/securityejb/SecurityEJBPropagationTest.java
----------------------------------------------------------------------
diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/securityejb/SecurityEJBPropagationTest.java b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/securityejb/SecurityEJBPropagationTest.java
index d1c4500..ec17428 100644
--- a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/securityejb/SecurityEJBPropagationTest.java
+++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/securityejb/SecurityEJBPropagationTest.java
@@ -37,7 +37,7 @@ public class SecurityEJBPropagationTest {
public static Archive<?> app() {
return ShrinkWrap.create(WebArchive.class, "jaspic-ejb.war")
.addClasses(
- TheAuthConfigProvider.class, TheEJb.class, TheServlet.class, Init.class,
+ TheAuthConfigProvider.class, TheEJb.class, TheServlet.class, Init.class, TheBean.class,
TheServerAuthConfig.class, TheServerAuthContext.class, TheServerAuthModule.class, TheServerAuthModule.class);
}
@@ -48,4 +48,9 @@ public class SecurityEJBPropagationTest {
public void run() throws IOException {
assertEquals("testtestnullguest", IO.slurp(new URL(base.toExternalForm() + "test?doLogin=true")));
}
+
+ @Test
+ public void cdi() throws IOException {
+ assertEquals("vrcstesttestnullguestsr", IO.slurp(new URL(base.toExternalForm() + "test?doLogin=true&bean=true")));
+ }
}
http://git-wip-us.apache.org/repos/asf/tomee/blob/21ee2b6f/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/securityejb/TheBean.java
----------------------------------------------------------------------
diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/securityejb/TheBean.java b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/securityejb/TheBean.java
new file mode 100644
index 0000000..81156e3
--- /dev/null
+++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/securityejb/TheBean.java
@@ -0,0 +1,33 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.openejb.arquillian.tests.securityejb;
+
+import javax.enterprise.context.RequestScoped;
+import javax.inject.Inject;
+import javax.inject.Named;
+import javax.servlet.http.HttpServletRequest;
+
+@Named
+@RequestScoped
+public class TheBean {
+ @Inject
+ private HttpServletRequest request;
+
+ public void set(final String val) {
+ request.setAttribute("cdi", val);
+ }
+}
http://git-wip-us.apache.org/repos/asf/tomee/blob/21ee2b6f/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/securityejb/TheServerAuthModule.java
----------------------------------------------------------------------
diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/securityejb/TheServerAuthModule.java b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/securityejb/TheServerAuthModule.java
index d285df5..1562967 100644
--- a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/securityejb/TheServerAuthModule.java
+++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/securityejb/TheServerAuthModule.java
@@ -5,17 +5,18 @@
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
*/
package org.apache.openejb.arquillian.tests.securityejb;
+import javax.enterprise.inject.spi.CDI;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
@@ -70,6 +71,8 @@ public class TheServerAuthModule implements ServerAuthModule {
throw (AuthException) new AuthException().initCause(e);
}
+ cdi(messageInfo, "vr");
+
return SUCCESS;
}
@@ -79,12 +82,27 @@ public class TheServerAuthModule implements ServerAuthModule {
}
@Override
- public AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject) throws AuthException {
+ public AuthStatus secureResponse(final MessageInfo messageInfo, final Subject serviceSubject) throws AuthException {
+ cdi(messageInfo, "sr");
return AuthStatus.SEND_SUCCESS;
}
+ private void cdi(final MessageInfo messageInfo, final String msg) throws AuthException {
+ final HttpServletRequest request = HttpServletRequest.class.cast(messageInfo.getRequestMessage());
+ final HttpServletResponse response = HttpServletResponse.class.cast(messageInfo.getResponseMessage());
+ if (request.getParameter("bean") != null) {
+ final TheBean cdiBean = CDI.current().select(TheBean.class).get();
+ cdiBean.set(msg);
+ try {
+ response.getWriter().write(String.valueOf(request.getAttribute("cdi")));
+ } catch (final IOException e) {
+ throw new AuthException(e.getMessage());
+ }
+ }
+ }
+
@Override
- public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException {
- // no-op
+ public void cleanSubject(final MessageInfo messageInfo, final Subject subject) throws AuthException {
+ cdi(messageInfo, "cs");
}
}
http://git-wip-us.apache.org/repos/asf/tomee/blob/21ee2b6f/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/OpenEJBSecurityListener.java
----------------------------------------------------------------------
diff --git a/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/OpenEJBSecurityListener.java b/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/OpenEJBSecurityListener.java
index eb0cc6a..937f87f 100644
--- a/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/OpenEJBSecurityListener.java
+++ b/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/OpenEJBSecurityListener.java
@@ -17,9 +17,12 @@
package org.apache.tomee.catalina;
import org.apache.catalina.connector.Request;
+import org.apache.catalina.connector.Response;
+import org.apache.catalina.valves.ValveBase;
import javax.servlet.AsyncEvent;
import javax.servlet.AsyncListener;
+import javax.servlet.ServletException;
import java.io.IOException;
public class OpenEJBSecurityListener implements AsyncListener {
@@ -36,36 +39,55 @@ public class OpenEJBSecurityListener implements AsyncListener {
@Override
public void onComplete(final AsyncEvent asyncEvent) throws IOException {
- exit();
+ asyncExit();
}
@Override
public void onError(final AsyncEvent asyncEvent) throws IOException {
- exit();
+ asyncExit();
}
@Override
public void onStartAsync(final AsyncEvent asyncEvent) throws IOException {
asyncEvent.getAsyncContext().addListener(this); // super vicious isnt it? that's in servlet spec, start != end events.
+ requests.set(request);
enter();
}
@Override
public void onTimeout(final AsyncEvent asyncEvent) throws IOException {
- exit();
+ asyncExit();
+ }
+
+ private void asyncExit() {
+ try {
+ exit();
+ } finally {
+ requests.remove();
+ }
}
public void enter() {
- requests.set(request);
if (securityService != null && request.getWrapper() != null) {
oldState = securityService.enterWebApp(request.getWrapper().getRealm(), request.getPrincipal(), request.getWrapper().getRunAs());
}
}
public void exit() {
- requests.remove();
if (securityService != null) {
securityService.exitWebApp(oldState);
}
}
+
+ public static class RequestCapturer extends ValveBase {
+ @Override
+ public void invoke(final Request request, final Response response) throws IOException, ServletException {
+ requests.set(request);
+ try {
+ getNext().invoke(request, response);
+ } finally {
+ requests.remove();
+ }
+ }
+ }
}
http://git-wip-us.apache.org/repos/asf/tomee/blob/21ee2b6f/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/TomcatWebAppBuilder.java
----------------------------------------------------------------------
diff --git a/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/TomcatWebAppBuilder.java b/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/TomcatWebAppBuilder.java
index 3c0981a..66226ae 100644
--- a/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/TomcatWebAppBuilder.java
+++ b/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/TomcatWebAppBuilder.java
@@ -307,6 +307,7 @@ public class TomcatWebAppBuilder implements WebAppBuilder, ContextListener, Pare
final StandardHost host = (StandardHost) engineChild;
manageCluster(host.getCluster());
addTomEERealm(host);
+ host.addValve(new OpenEJBSecurityListener.RequestCapturer());
hosts.add(host);
for (final LifecycleListener listener : host.findLifecycleListeners()) {
if (listener instanceof HostConfig) {