You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2012/03/14 13:33:09 UTC
svn commit: r1300523 - in /cxf/trunk:
rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/
systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/
systests/jaxrs/src/test/resources/jaxrs_cors/WEB-INF/
Author: sergeyb
Date: Wed Mar 14 12:33:09 2012
New Revision: 1300523
URL: http://svn.apache.org/viewvc?rev=1300523&view=rev
Log:
[CXF-4167] Fixing the test and moving the localPreflight property into its own annotation
Added:
cxf/trunk/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/LocalPreflight.java (with props)
Modified:
cxf/trunk/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/CrossOriginResourceSharing.java
cxf/trunk/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/CrossOriginResourceSharingFilter.java
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/AnnotatedCorsServer.java
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/ConfigServer.java
cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_cors/WEB-INF/beans.xml
Modified: cxf/trunk/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/CrossOriginResourceSharing.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/CrossOriginResourceSharing.java?rev=1300523&r1=1300522&r2=1300523&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/CrossOriginResourceSharing.java (original)
+++ cxf/trunk/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/CrossOriginResourceSharing.java Wed Mar 14 12:33:09 2012
@@ -78,14 +78,4 @@ public @interface CrossOriginResourceSha
* value is -1.
*/
int maxAge() default -1;
- /**
- * Controls the implementation of preflight processing
- * on an OPTIONS method.
- * If the current method is OPTIONS, and this method wants to
- * handle the preflight process for itself, set this value to
- * <tt>true</tt>. In the default, false, case, the filter
- * performs preflight processing.
- */
- boolean localPreflight() default false;
-
}
Modified: cxf/trunk/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/CrossOriginResourceSharingFilter.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/CrossOriginResourceSharingFilter.java?rev=1300523&r1=1300522&r2=1300523&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/CrossOriginResourceSharingFilter.java (original)
+++ cxf/trunk/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/CrossOriginResourceSharingFilter.java Wed Mar 14 12:33:09 2012
@@ -19,6 +19,7 @@
package org.apache.cxf.rs.security.cors;
+import java.lang.annotation.Annotation;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Arrays;
@@ -85,31 +86,21 @@ public class CrossOriginResourceSharingF
private boolean defaultOptionsMethodsHandlePreflight;
- private CrossOriginResourceSharing getAnnotation(OperationResourceInfo ori) {
+ private <T extends Annotation> T getAnnotation(OperationResourceInfo ori,
+ Class<T> annClass) {
if (ori == null) {
return null;
}
- return ReflectionUtil.getAnnotationForMethodOrContainingClass(ori.getAnnotatedMethod(),
- CrossOriginResourceSharing.class);
+ return ReflectionUtil.getAnnotationForMethodOrContainingClass(
+ ori.getAnnotatedMethod(), annClass);
}
public Response handleRequest(Message m, ClassResourceInfo resourceClass) {
OperationResourceInfo opResInfo = m.getExchange().get(OperationResourceInfo.class);
- /*
- * If there is an actual method annotated with @OPTIONS, this is the annotation (if any) from it.
- * The lookup falls back to it.
- */
- CrossOriginResourceSharing annotation = getAnnotation(opResInfo);
- /*
- * If we don't have an annotation on the target method or an @OPTION method, perhaps
- * we've got one on the class?
- */
- if (annotation == null) {
- annotation = resourceClass.getServiceClass().getAnnotation(CrossOriginResourceSharing.class);
- }
-
+ CrossOriginResourceSharing annotation =
+ getAnnotation(opResInfo, CrossOriginResourceSharing.class);
+
if ("OPTIONS".equals(m.get(Message.HTTP_REQUEST_METHOD))) {
-
return preflightRequest(m, annotation, opResInfo, resourceClass);
}
return simpleRequest(m, annotation);
@@ -165,7 +156,7 @@ public class CrossOriginResourceSharingF
* @return
*/
//CHECKSTYLE:OFF
- private Response preflightRequest(Message m, CrossOriginResourceSharing optionAnn,
+ private Response preflightRequest(Message m, CrossOriginResourceSharing corsAnn,
OperationResourceInfo opResInfo, ClassResourceInfo resourceClass) {
/*
@@ -174,8 +165,9 @@ public class CrossOriginResourceSharingF
* has one of our annotations on it (or its parent class) indicating 'localPreflight' --
* or the defaultOptionsMethodsHandlePreflight flag is true.
*/
- if (opResInfo != null && ((optionAnn == null && defaultOptionsMethodsHandlePreflight)
- || (optionAnn != null && optionAnn.localPreflight()))) {
+ LocalPreflight preflightAnnotation =
+ getAnnotation(opResInfo, LocalPreflight.class);
+ if (preflightAnnotation != null || defaultOptionsMethodsHandlePreflight) {
return null; // let the resource method take all responsibility.
}
@@ -206,7 +198,7 @@ public class CrossOriginResourceSharingF
return null;
}
CrossOriginResourceSharing ann = method.getAnnotation(CrossOriginResourceSharing.class);
- ann = ann == null ? optionAnn : ann;
+ ann = ann == null ? corsAnn : ann;
/* We aren't required to have any annotation at all. If no annotation,
* the properties of this filter make all the decisions.
Added: cxf/trunk/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/LocalPreflight.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/LocalPreflight.java?rev=1300523&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/LocalPreflight.java (added)
+++ cxf/trunk/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/LocalPreflight.java Wed Mar 14 12:33:09 2012
@@ -0,0 +1,39 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.rs.security.cors;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Inherited;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * Controls the implementation of preflight processing
+ * on an OPTIONS method.
+ * If the current method is OPTIONS, and this method wants to
+ * handle the preflight process for itself then have this annotation
+ * attached to it, otherwise the filter performs it.
+ */
+@Target({ElementType.TYPE, ElementType.METHOD })
+@Retention(RetentionPolicy.RUNTIME)
+@Inherited
+public @interface LocalPreflight {
+}
Propchange: cxf/trunk/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/LocalPreflight.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cxf/trunk/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/LocalPreflight.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Modified: cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/AnnotatedCorsServer.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/AnnotatedCorsServer.java?rev=1300523&r1=1300522&r2=1300523&view=diff
==============================================================================
--- cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/AnnotatedCorsServer.java (original)
+++ cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/AnnotatedCorsServer.java Wed Mar 14 12:33:09 2012
@@ -34,6 +34,7 @@ import javax.ws.rs.core.Response;
import org.apache.cxf.rs.security.cors.CorsHeaderConstants;
import org.apache.cxf.rs.security.cors.CrossOriginResourceSharing;
+import org.apache.cxf.rs.security.cors.LocalPreflight;
/**
* Service bean with no class-level annotation for cross-script control.
@@ -73,7 +74,7 @@ public class AnnotatedCorsServer {
@OPTIONS
@Path("/delete")
- @CrossOriginResourceSharing(localPreflight = true)
+ @LocalPreflight
public Response deleteOptions() {
String origin = headers.getRequestHeader("Origin").get(0);
if ("http://area51.mil:3333".equals(origin)) {
Modified: cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/ConfigServer.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/ConfigServer.java?rev=1300523&r1=1300522&r2=1300523&view=diff
==============================================================================
--- cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/ConfigServer.java (original)
+++ cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/ConfigServer.java Wed Mar 14 12:33:09 2012
@@ -40,10 +40,7 @@ public class ConfigServer {
@Path("/setOriginList")
@Produces("text/plain")
public String setOriginList(String[] origins) {
- if (origins == null || origins.length == 0) {
- inputFilter.setAllowAllOrigins(true);
- } else {
- inputFilter.setAllowAllOrigins(false);
+ if (origins != null) {
inputFilter.setAllowOrigins(Arrays.asList(origins));
}
return "ok";
Modified: cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_cors/WEB-INF/beans.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_cors/WEB-INF/beans.xml?rev=1300523&r1=1300522&r2=1300523&view=diff
==============================================================================
--- cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_cors/WEB-INF/beans.xml (original)
+++ cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_cors/WEB-INF/beans.xml Wed Mar 14 12:33:09 2012
@@ -21,9 +21,7 @@ http://cxf.apache.org/core
http://cxf.apache.org/schemas/core.xsd">
<import resource="classpath:/META-INF/cxf/cxf.xml" />
- <bean id="cors-filter" class="org.apache.cxf.rs.security.cors.CrossOriginResourceSharingFilter">
- <property name="allowAllOrigins" value="true" />
- </bean>
+ <bean id="cors-filter" class="org.apache.cxf.rs.security.cors.CrossOriginResourceSharingFilter"/>
<jaxrs:server id="unann-cors-service" address="/untest">
<jaxrs:serviceBeans>