You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@isis.apache.org by ah...@apache.org on 2020/01/28 06:17:18 UTC
[isis] 02/02: ISIS-2158: RO: allows the authentication strategy to
be configured
This is an automated email from the ASF dual-hosted git repository.
ahuber pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/isis.git
commit 47a76dd25dd414e1cd18762ecabba092afc3663a
Author: Andi Huber <ah...@apache.org>
AuthorDate: Tue Jan 28 07:17:05 2020 +0100
ISIS-2158: RO: allows the authentication strategy to be configured
resteasy:
authentication:
strategyClassName: my.basicauth.Strategy
---
.../isis/core/config/RestEasyConfiguration.java | 12 +++++
.../webmodule/WebModuleJaxrsResteasy4.java | 58 ++++++++++++----------
2 files changed, 43 insertions(+), 27 deletions(-)
diff --git a/core/config/src/main/java/org/apache/isis/core/config/RestEasyConfiguration.java b/core/config/src/main/java/org/apache/isis/core/config/RestEasyConfiguration.java
index f614318..cd45c9c 100644
--- a/core/config/src/main/java/org/apache/isis/core/config/RestEasyConfiguration.java
+++ b/core/config/src/main/java/org/apache/isis/core/config/RestEasyConfiguration.java
@@ -20,6 +20,7 @@ package org.apache.isis.core.config;
import java.util.Collections;
import java.util.Map;
+import java.util.Optional;
import javax.inject.Inject;
import javax.inject.Named;
@@ -50,6 +51,17 @@ public class RestEasyConfiguration {
@Inject @Named("resteasy-settings") private Map<String, String> resteasySettings;
public Map<String, String> getAsMap() { return Collections.unmodifiableMap(resteasySettings); }
+
+ private final Authentication authentication = new Authentication();
+ @Data
+ public static class Authentication {
+ /**
+ * Defaults to 'org.apache.isis.viewer.restfulobjects.viewer.webmodule.auth.AuthenticationSessionStrategyBasicAuth'.
+ */
+ private Optional<String> strategyClassName = Optional.empty();
+ }
+
+
private final Jaxrs jaxrs = new Jaxrs();
@Data
public static class Jaxrs {
diff --git a/viewers/restfulobjects/jaxrs-resteasy-4/src/main/java/org/apache/isis/viewer/restfulobjects/jaxrsresteasy4/webmodule/WebModuleJaxrsResteasy4.java b/viewers/restfulobjects/jaxrs-resteasy-4/src/main/java/org/apache/isis/viewer/restfulobjects/jaxrsresteasy4/webmodule/WebModuleJaxrsResteasy4.java
index f95d249..79f65f2 100644
--- a/viewers/restfulobjects/jaxrs-resteasy-4/src/main/java/org/apache/isis/viewer/restfulobjects/jaxrsresteasy4/webmodule/WebModuleJaxrsResteasy4.java
+++ b/viewers/restfulobjects/jaxrs-resteasy-4/src/main/java/org/apache/isis/viewer/restfulobjects/jaxrsresteasy4/webmodule/WebModuleJaxrsResteasy4.java
@@ -34,13 +34,14 @@ import org.apache.isis.applib.annotation.OrderPrecedence;
import org.apache.isis.applib.services.inject.ServiceInjector;
import org.apache.isis.core.commons.collections.Can;
import org.apache.isis.core.config.RestEasyConfiguration;
+import org.apache.isis.core.webapp.modules.WebModuleAbstract;
+import org.apache.isis.core.webapp.modules.WebModuleContext;
import org.apache.isis.viewer.restfulobjects.viewer.webmodule.IsisRestfulObjectsSessionFilter;
import org.apache.isis.viewer.restfulobjects.viewer.webmodule.IsisTransactionFilterForRestfulObjects;
import org.apache.isis.viewer.restfulobjects.viewer.webmodule.auth.AuthenticationSessionStrategyBasicAuth;
-import org.apache.isis.core.webapp.modules.WebModuleAbstract;
-import org.apache.isis.core.webapp.modules.WebModuleContext;
import lombok.Getter;
+import lombok.val;
/**
* WebModule that provides the RestfulObjects Viewer.
@@ -100,38 +101,41 @@ public final class WebModuleJaxrsResteasy4 extends WebModuleAbstract {
@Override
public Can<ServletContextListener> init(ServletContext ctx) throws ServletException {
+ val authenticationSessionStrategyClassName = restEasyConfiguration.getAuthentication().getStrategyClassName()
+ .orElse(AuthenticationSessionStrategyBasicAuth.class.getName());
+
registerFilter(ctx, ISIS_SESSION_FILTER_FOR_RESTFUL_OBJECTS, IsisRestfulObjectsSessionFilter.class)
- .ifPresent(filterReg -> {
- // this is mapped to the entire application;
- // however the IsisSessionFilter will
- // "notice" if the session filter has already been
- // executed for the request pipeline, and if so will do nothing
- filterReg.addMappingForUrlPatterns(
- null,
- true,
- this.urlPattern);
-
- filterReg.setInitParameter(
- "authenticationSessionStrategy",
- AuthenticationSessionStrategyBasicAuth.class.getName());
- filterReg.setInitParameter(
- "whenNoSession", // what to do if no session was found ...
- "auto"); // ... 401 and a basic authentication challenge if request originates from web browser
- filterReg.setInitParameter(
- "passThru",
- String.join(",",
- this.restfulPath + "swagger",
- this.restfulPath + "health"));
-
- } );
+ .ifPresent(filterReg -> {
+ // this is mapped to the entire application;
+ // however the IsisSessionFilter will
+ // "notice" if the session filter has already been
+ // executed for the request pipeline, and if so will do nothing
+ filterReg.addMappingForUrlPatterns(
+ null,
+ true,
+ this.urlPattern);
+
+ filterReg.setInitParameter(
+ "authenticationSessionStrategy",
+ authenticationSessionStrategyClassName);
+ filterReg.setInitParameter(
+ "whenNoSession", // what to do if no session was found ...
+ "auto"); // ... 401 and a basic authentication challenge if request originates from web browser
+ filterReg.setInitParameter(
+ "passThru",
+ String.join(",",
+ this.restfulPath + "swagger",
+ this.restfulPath + "health"));
+
+ } );
registerFilter(ctx, ISIS_TRANSACTION_FILTER, IsisTransactionFilterForRestfulObjects.class)
- .ifPresent(filterReg -> {
+ .ifPresent(filterReg -> {
filterReg.addMappingForUrlPatterns(
null,
true,
this.urlPattern);
- });
+ });
return Can.empty(); // registers no listeners