You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@isis.apache.org by ah...@apache.org on 2018/08/28 17:54:03 UTC
[isis] branch master updated: ISIS-1895: IsisSessionFilter no
longer needs to be declared in web.xml
This is an automated email from the ASF dual-hosted git repository.
ahuber pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/isis.git
The following commit(s) were added to refs/heads/master by this push:
new e4e715d ISIS-1895: IsisSessionFilter no longer needs to be declared in web.xml
e4e715d is described below
commit e4e715dcc4085d83ec321171e056f9c03f2f4ae9
Author: Andi Huber <ah...@apache.org>
AuthorDate: Tue Aug 28 19:53:18 2018 +0200
ISIS-1895: IsisSessionFilter no longer needs to be declared in web.xml
Task-Url: https://issues.apache.org/jira/browse/ISIS-1895
---
.../apache/isis/core/webapp/IsisSessionFilter.java | 21 +++++++++++++++++++++
core/viewer-restfulobjects-server/pom.xml | 8 ++++----
2 files changed, 25 insertions(+), 4 deletions(-)
diff --git a/core/runtime/src/main/java/org/apache/isis/core/webapp/IsisSessionFilter.java b/core/runtime/src/main/java/org/apache/isis/core/webapp/IsisSessionFilter.java
index 0585e8a..7c2383a 100644
--- a/core/runtime/src/main/java/org/apache/isis/core/webapp/IsisSessionFilter.java
+++ b/core/runtime/src/main/java/org/apache/isis/core/webapp/IsisSessionFilter.java
@@ -32,6 +32,8 @@ import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
+import javax.servlet.annotation.WebFilter;
+import javax.servlet.annotation.WebInitParam;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -50,6 +52,25 @@ import org.apache.isis.core.webapp.auth.AuthenticationSessionStrategy;
import org.apache.isis.core.webapp.auth.AuthenticationSessionStrategyDefault;
import org.apache.isis.core.webapp.content.ResourceCachingFilter;
+/**
+ * Filter for RestfulObjects.
+ *
+ * authenticate user, set up an Isis session
+ */
+@WebFilter(
+ servletNames={"RestfulObjectsRestEasyDispatcher"}, // this is mapped to the entire application;
+ // however the IsisSessionFilter will
+ // "notice" if the session filter has already been
+ // executed for the request pipeline, and if so will do nothing
+ initParams={
+ @WebInitParam(
+ name="authenticationSessionStrategy",
+ value="org.apache.isis.viewer.restfulobjects.server.authentication.AuthenticationSessionStrategyBasicAuth"), // authentication required for REST
+ @WebInitParam(
+ name="whenNoSession", // what to do if no session was found ...
+ value="auto"), // ... 401 and a basic authentication challenge if request originates from web browser
+ @WebInitParam(name="passThru", value="/restful/swagger")
+})
public class IsisSessionFilter implements Filter {
/**
diff --git a/core/viewer-restfulobjects-server/pom.xml b/core/viewer-restfulobjects-server/pom.xml
index 4b03d86..b2f7d8b 100644
--- a/core/viewer-restfulobjects-server/pom.xml
+++ b/core/viewer-restfulobjects-server/pom.xml
@@ -42,10 +42,10 @@
<artifactId>isis-core-viewer-restfulobjects-rendering</artifactId>
</dependency>
- <dependency>
- <groupId>org.webjars</groupId>
- <artifactId>webjars-servlet-2.x</artifactId>
- </dependency>
+<!-- <dependency> -->
+<!-- <groupId>org.webjars</groupId> -->
+<!-- <artifactId>webjars-servlet-2.x</artifactId> -->
+<!-- </dependency> -->
<!-- JDO API (non transient, provided by plugin) -->
<dependency>