You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@jclouds.apache.org by Zack Shoylev <za...@RACKSPACE.COM> on 2013/11/05 01:00:46 UTC
unauthenticated calls suggestions
Specifically for openstack services, if a service supports some unauthenticated calls, what is a good way to integrate that call with the rest of the service in jclouds? So there is no authentication, no tenant on the path, and the method can be executed without providing credentials....
Regular call: {endpoint}/v1.0/{tenantid}/some_path/etc
Unauthenticated call: {endpoint}/v1.0/some_other_path/etc
RE: unauthenticated calls suggestions
Posted by Zack Shoylev <za...@RACKSPACE.COM>.
Well there is this particular execute call that can be done in 2 ways:
1) Regular service call, authenticated, you specify exactly what you are calling (through ids)
2) Anonymous call. Basically call a hashed URL without authentication or even context, and you can't tell what you are calling. This one does not really need to be handled by jclouds, though I have provided a helper method (or an example).
________________________________________
From: Ignasi [ignasi.barrera@gmail.com]
Sent: Tuesday, November 05, 2013 4:09 PM
To: dev@jclouds.apache.org
Cc: dev
Subject: Re: unauthenticated calls suggestions
Ok :) Keep us posted; I'm curious now!
On 5 November 2013 22:51, Zack Shoylev <za...@rackspace.com> wrote:
> I looked at it some more and I will try to redesign instead. I have an idea, hopefully it works.
> ________________________________________
> From: Zack Shoylev [zack.shoylev@RACKSPACE.COM]
> Sent: Tuesday, November 05, 2013 1:33 PM
> To: dev@jclouds.apache.org
> Cc: dev
> Subject: RE: unauthenticated calls suggestions
>
> Seems this did not work for me. I see the following issues (I have included the output for both):
> 1) The authenticate request (/tokens) still gets executed first
> 2) The tenant id (in this case 88888..) still gets included in the URL.
>
> This is the annotated method call:
>
> @Named("execute")
> @POST
> @Path("/execute/{capability_version}/{capability_hash}")
> @Consumes(MediaType.APPLICATION_JSON)
> @Fallback(FalseOnNotFoundOr404.class)
> @RequestFilters({})
> @OverrideRequestFilters
> boolean execute(@PathParam("capability_version") String capabilityVersion,
> @PathParam("capability_hash") String capabilityHash);
>
> This is the branch I use: https://github.com/rackerlabs/jclouds-labs-openstack/tree/rackspace-autoscale3
>
> This is the test output I get. From what I can see, I suspect the test itself could also be the problem.
>
> testExecuteWebhook(org.jclouds.rackspace.autoscale.v1.features.ExecutionApiExpectTest) Time elapsed: 0.763 sec <<< FAILURE!
> org.jclouds.http.HttpResponseException: command: POST http://localhost:5000/v2.0/tokens HTTP/1.1 failed with response: HTTP/1.1 500 no response configured for request; content: [
> the following request is not configured:
> ----------------------------------------
> POST http://localhost:5000/v2.0/tokens HTTP/1.1
> Accept: application/json
> Content-Type: application/json
> Content-Length: 114
> {"auth":{"passwordCredentials":{"username":"identity","password":"credential"},"tenantName":"adrian@jclouds.org"}}----------------------------------------
> configured requests:
> ----------------------------------------
> POST https://dfw.autoscale.api.rackspacecloud.com/v1.0/execute/version1/hash12345 HTTP/1.1
> Accept: application/json
> X-Auth-Token: bb03a23aa8271291a7aaa9aaa2aaaaaa
> ]
>
> ***
>
> Alternatively, the output for case 2) :
>
> testExecuteWebhookFail(org.jclouds.rackspace.autoscale.v1.features.ExecutionApiExpectTest) Time elapsed: 0.006 sec <<< FAILURE!
> org.jclouds.http.HttpResponseException: command: POST https://dfw.autoscale.api.rackspacecloud.com/v1.0/888888/execute/version1/hash12345 HTTP/1.1 failed with response: HTTP/1.1 500 no response configured for request; content: [
> the following request is not configured:
> ----------------------------------------
> POST https://dfw.autoscale.api.rackspacecloud.com/v1.0/888888/execute/version1/hash12345 HTTP/1.1
> Accept: application/json
> ----------------------------------------
> configured requests:
> ----------------------------------------
> POST http://localhost:5000/v2.0/tokens HTTP/1.1
> Accept: application/json
> Content-Type: application/json
> Content-Length: 114
> {"auth":{"passwordCredentials":{"username":"identity","password":"credential"},"tenantName":"adrian@jclouds.org"}}----------------------------------------
> POST https://dfw.autoscale.api.rackspacecloud.com/v1.0/execute/version1/hash12345 HTTP/1.1
> Accept: application/json
> X-Auth-Token: bb03a23aa8271291a7aaa9aaa2aaaaaa
> ]
> ________________________________________
> From: Ignasi [ignasi.barrera@gmail.com]
> Sent: Tuesday, November 05, 2013 12:37 AM
> To: dev@jclouds.apache.org
> Cc: dev
> Subject: Re: unauthenticated calls suggestions
>
> Authentication is done per-request by using the request filters.
>
> If you annotate your method like this, the filters in the class should not
> be applied:
>
> @RequestFilters({})
> @OverrideRequestFilters
> public void unauthenticatedMethod()
>
> You still need to have a context and all the rest, but this way you can
> override the filters so the unauthenticated method does not inherit the
> ones from the class (you can still set the particular filters you may need
> for it).
>
> If there are several unauthenticared methods, perhaps it is a good idea to
> grouo all them in an UnauthenticatedApi class or similar, to avoid
> duplicating the filter override logic too much.
>
> HTH!
>
> Ignasi
> El 05/11/2013 01:01, "Zack Shoylev" <za...@rackspace.com> escribió:
>
>> Specifically for openstack services, if a service supports some
>> unauthenticated calls, what is a good way to integrate that call with the
>> rest of the service in jclouds? So there is no authentication, no tenant on
>> the path, and the method can be executed without providing credentials....
>> Regular call: {endpoint}/v1.0/{tenantid}/some_path/etc
>> Unauthenticated call: {endpoint}/v1.0/some_other_path/etc
Re: unauthenticated calls suggestions
Posted by Ignasi <ig...@gmail.com>.
Ok :) Keep us posted; I'm curious now!
On 5 November 2013 22:51, Zack Shoylev <za...@rackspace.com> wrote:
> I looked at it some more and I will try to redesign instead. I have an idea, hopefully it works.
> ________________________________________
> From: Zack Shoylev [zack.shoylev@RACKSPACE.COM]
> Sent: Tuesday, November 05, 2013 1:33 PM
> To: dev@jclouds.apache.org
> Cc: dev
> Subject: RE: unauthenticated calls suggestions
>
> Seems this did not work for me. I see the following issues (I have included the output for both):
> 1) The authenticate request (/tokens) still gets executed first
> 2) The tenant id (in this case 88888..) still gets included in the URL.
>
> This is the annotated method call:
>
> @Named("execute")
> @POST
> @Path("/execute/{capability_version}/{capability_hash}")
> @Consumes(MediaType.APPLICATION_JSON)
> @Fallback(FalseOnNotFoundOr404.class)
> @RequestFilters({})
> @OverrideRequestFilters
> boolean execute(@PathParam("capability_version") String capabilityVersion,
> @PathParam("capability_hash") String capabilityHash);
>
> This is the branch I use: https://github.com/rackerlabs/jclouds-labs-openstack/tree/rackspace-autoscale3
>
> This is the test output I get. From what I can see, I suspect the test itself could also be the problem.
>
> testExecuteWebhook(org.jclouds.rackspace.autoscale.v1.features.ExecutionApiExpectTest) Time elapsed: 0.763 sec <<< FAILURE!
> org.jclouds.http.HttpResponseException: command: POST http://localhost:5000/v2.0/tokens HTTP/1.1 failed with response: HTTP/1.1 500 no response configured for request; content: [
> the following request is not configured:
> ----------------------------------------
> POST http://localhost:5000/v2.0/tokens HTTP/1.1
> Accept: application/json
> Content-Type: application/json
> Content-Length: 114
> {"auth":{"passwordCredentials":{"username":"identity","password":"credential"},"tenantName":"adrian@jclouds.org"}}----------------------------------------
> configured requests:
> ----------------------------------------
> POST https://dfw.autoscale.api.rackspacecloud.com/v1.0/execute/version1/hash12345 HTTP/1.1
> Accept: application/json
> X-Auth-Token: bb03a23aa8271291a7aaa9aaa2aaaaaa
> ]
>
> ***
>
> Alternatively, the output for case 2) :
>
> testExecuteWebhookFail(org.jclouds.rackspace.autoscale.v1.features.ExecutionApiExpectTest) Time elapsed: 0.006 sec <<< FAILURE!
> org.jclouds.http.HttpResponseException: command: POST https://dfw.autoscale.api.rackspacecloud.com/v1.0/888888/execute/version1/hash12345 HTTP/1.1 failed with response: HTTP/1.1 500 no response configured for request; content: [
> the following request is not configured:
> ----------------------------------------
> POST https://dfw.autoscale.api.rackspacecloud.com/v1.0/888888/execute/version1/hash12345 HTTP/1.1
> Accept: application/json
> ----------------------------------------
> configured requests:
> ----------------------------------------
> POST http://localhost:5000/v2.0/tokens HTTP/1.1
> Accept: application/json
> Content-Type: application/json
> Content-Length: 114
> {"auth":{"passwordCredentials":{"username":"identity","password":"credential"},"tenantName":"adrian@jclouds.org"}}----------------------------------------
> POST https://dfw.autoscale.api.rackspacecloud.com/v1.0/execute/version1/hash12345 HTTP/1.1
> Accept: application/json
> X-Auth-Token: bb03a23aa8271291a7aaa9aaa2aaaaaa
> ]
> ________________________________________
> From: Ignasi [ignasi.barrera@gmail.com]
> Sent: Tuesday, November 05, 2013 12:37 AM
> To: dev@jclouds.apache.org
> Cc: dev
> Subject: Re: unauthenticated calls suggestions
>
> Authentication is done per-request by using the request filters.
>
> If you annotate your method like this, the filters in the class should not
> be applied:
>
> @RequestFilters({})
> @OverrideRequestFilters
> public void unauthenticatedMethod()
>
> You still need to have a context and all the rest, but this way you can
> override the filters so the unauthenticated method does not inherit the
> ones from the class (you can still set the particular filters you may need
> for it).
>
> If there are several unauthenticared methods, perhaps it is a good idea to
> grouo all them in an UnauthenticatedApi class or similar, to avoid
> duplicating the filter override logic too much.
>
> HTH!
>
> Ignasi
> El 05/11/2013 01:01, "Zack Shoylev" <za...@rackspace.com> escribió:
>
>> Specifically for openstack services, if a service supports some
>> unauthenticated calls, what is a good way to integrate that call with the
>> rest of the service in jclouds? So there is no authentication, no tenant on
>> the path, and the method can be executed without providing credentials....
>> Regular call: {endpoint}/v1.0/{tenantid}/some_path/etc
>> Unauthenticated call: {endpoint}/v1.0/some_other_path/etc
RE: unauthenticated calls suggestions
Posted by Zack Shoylev <za...@RACKSPACE.COM>.
I looked at it some more and I will try to redesign instead. I have an idea, hopefully it works.
________________________________________
From: Zack Shoylev [zack.shoylev@RACKSPACE.COM]
Sent: Tuesday, November 05, 2013 1:33 PM
To: dev@jclouds.apache.org
Cc: dev
Subject: RE: unauthenticated calls suggestions
Seems this did not work for me. I see the following issues (I have included the output for both):
1) The authenticate request (/tokens) still gets executed first
2) The tenant id (in this case 88888..) still gets included in the URL.
This is the annotated method call:
@Named("execute")
@POST
@Path("/execute/{capability_version}/{capability_hash}")
@Consumes(MediaType.APPLICATION_JSON)
@Fallback(FalseOnNotFoundOr404.class)
@RequestFilters({})
@OverrideRequestFilters
boolean execute(@PathParam("capability_version") String capabilityVersion,
@PathParam("capability_hash") String capabilityHash);
This is the branch I use: https://github.com/rackerlabs/jclouds-labs-openstack/tree/rackspace-autoscale3
This is the test output I get. From what I can see, I suspect the test itself could also be the problem.
testExecuteWebhook(org.jclouds.rackspace.autoscale.v1.features.ExecutionApiExpectTest) Time elapsed: 0.763 sec <<< FAILURE!
org.jclouds.http.HttpResponseException: command: POST http://localhost:5000/v2.0/tokens HTTP/1.1 failed with response: HTTP/1.1 500 no response configured for request; content: [
the following request is not configured:
----------------------------------------
POST http://localhost:5000/v2.0/tokens HTTP/1.1
Accept: application/json
Content-Type: application/json
Content-Length: 114
{"auth":{"passwordCredentials":{"username":"identity","password":"credential"},"tenantName":"adrian@jclouds.org"}}----------------------------------------
configured requests:
----------------------------------------
POST https://dfw.autoscale.api.rackspacecloud.com/v1.0/execute/version1/hash12345 HTTP/1.1
Accept: application/json
X-Auth-Token: bb03a23aa8271291a7aaa9aaa2aaaaaa
]
***
Alternatively, the output for case 2) :
testExecuteWebhookFail(org.jclouds.rackspace.autoscale.v1.features.ExecutionApiExpectTest) Time elapsed: 0.006 sec <<< FAILURE!
org.jclouds.http.HttpResponseException: command: POST https://dfw.autoscale.api.rackspacecloud.com/v1.0/888888/execute/version1/hash12345 HTTP/1.1 failed with response: HTTP/1.1 500 no response configured for request; content: [
the following request is not configured:
----------------------------------------
POST https://dfw.autoscale.api.rackspacecloud.com/v1.0/888888/execute/version1/hash12345 HTTP/1.1
Accept: application/json
----------------------------------------
configured requests:
----------------------------------------
POST http://localhost:5000/v2.0/tokens HTTP/1.1
Accept: application/json
Content-Type: application/json
Content-Length: 114
{"auth":{"passwordCredentials":{"username":"identity","password":"credential"},"tenantName":"adrian@jclouds.org"}}----------------------------------------
POST https://dfw.autoscale.api.rackspacecloud.com/v1.0/execute/version1/hash12345 HTTP/1.1
Accept: application/json
X-Auth-Token: bb03a23aa8271291a7aaa9aaa2aaaaaa
]
________________________________________
From: Ignasi [ignasi.barrera@gmail.com]
Sent: Tuesday, November 05, 2013 12:37 AM
To: dev@jclouds.apache.org
Cc: dev
Subject: Re: unauthenticated calls suggestions
Authentication is done per-request by using the request filters.
If you annotate your method like this, the filters in the class should not
be applied:
@RequestFilters({})
@OverrideRequestFilters
public void unauthenticatedMethod()
You still need to have a context and all the rest, but this way you can
override the filters so the unauthenticated method does not inherit the
ones from the class (you can still set the particular filters you may need
for it).
If there are several unauthenticared methods, perhaps it is a good idea to
grouo all them in an UnauthenticatedApi class or similar, to avoid
duplicating the filter override logic too much.
HTH!
Ignasi
El 05/11/2013 01:01, "Zack Shoylev" <za...@rackspace.com> escribió:
> Specifically for openstack services, if a service supports some
> unauthenticated calls, what is a good way to integrate that call with the
> rest of the service in jclouds? So there is no authentication, no tenant on
> the path, and the method can be executed without providing credentials....
> Regular call: {endpoint}/v1.0/{tenantid}/some_path/etc
> Unauthenticated call: {endpoint}/v1.0/some_other_path/etc
RE: unauthenticated calls suggestions
Posted by Zack Shoylev <za...@RACKSPACE.COM>.
Seems this did not work for me. I see the following issues (I have included the output for both):
1) The authenticate request (/tokens) still gets executed first
2) The tenant id (in this case 88888..) still gets included in the URL.
This is the annotated method call:
@Named("execute")
@POST
@Path("/execute/{capability_version}/{capability_hash}")
@Consumes(MediaType.APPLICATION_JSON)
@Fallback(FalseOnNotFoundOr404.class)
@RequestFilters({})
@OverrideRequestFilters
boolean execute(@PathParam("capability_version") String capabilityVersion,
@PathParam("capability_hash") String capabilityHash);
This is the branch I use: https://github.com/rackerlabs/jclouds-labs-openstack/tree/rackspace-autoscale3
This is the test output I get. From what I can see, I suspect the test itself could also be the problem.
testExecuteWebhook(org.jclouds.rackspace.autoscale.v1.features.ExecutionApiExpectTest) Time elapsed: 0.763 sec <<< FAILURE!
org.jclouds.http.HttpResponseException: command: POST http://localhost:5000/v2.0/tokens HTTP/1.1 failed with response: HTTP/1.1 500 no response configured for request; content: [
the following request is not configured:
----------------------------------------
POST http://localhost:5000/v2.0/tokens HTTP/1.1
Accept: application/json
Content-Type: application/json
Content-Length: 114
{"auth":{"passwordCredentials":{"username":"identity","password":"credential"},"tenantName":"adrian@jclouds.org"}}----------------------------------------
configured requests:
----------------------------------------
POST https://dfw.autoscale.api.rackspacecloud.com/v1.0/execute/version1/hash12345 HTTP/1.1
Accept: application/json
X-Auth-Token: bb03a23aa8271291a7aaa9aaa2aaaaaa
]
***
Alternatively, the output for case 2) :
testExecuteWebhookFail(org.jclouds.rackspace.autoscale.v1.features.ExecutionApiExpectTest) Time elapsed: 0.006 sec <<< FAILURE!
org.jclouds.http.HttpResponseException: command: POST https://dfw.autoscale.api.rackspacecloud.com/v1.0/888888/execute/version1/hash12345 HTTP/1.1 failed with response: HTTP/1.1 500 no response configured for request; content: [
the following request is not configured:
----------------------------------------
POST https://dfw.autoscale.api.rackspacecloud.com/v1.0/888888/execute/version1/hash12345 HTTP/1.1
Accept: application/json
----------------------------------------
configured requests:
----------------------------------------
POST http://localhost:5000/v2.0/tokens HTTP/1.1
Accept: application/json
Content-Type: application/json
Content-Length: 114
{"auth":{"passwordCredentials":{"username":"identity","password":"credential"},"tenantName":"adrian@jclouds.org"}}----------------------------------------
POST https://dfw.autoscale.api.rackspacecloud.com/v1.0/execute/version1/hash12345 HTTP/1.1
Accept: application/json
X-Auth-Token: bb03a23aa8271291a7aaa9aaa2aaaaaa
]
________________________________________
From: Ignasi [ignasi.barrera@gmail.com]
Sent: Tuesday, November 05, 2013 12:37 AM
To: dev@jclouds.apache.org
Cc: dev
Subject: Re: unauthenticated calls suggestions
Authentication is done per-request by using the request filters.
If you annotate your method like this, the filters in the class should not
be applied:
@RequestFilters({})
@OverrideRequestFilters
public void unauthenticatedMethod()
You still need to have a context and all the rest, but this way you can
override the filters so the unauthenticated method does not inherit the
ones from the class (you can still set the particular filters you may need
for it).
If there are several unauthenticared methods, perhaps it is a good idea to
grouo all them in an UnauthenticatedApi class or similar, to avoid
duplicating the filter override logic too much.
HTH!
Ignasi
El 05/11/2013 01:01, "Zack Shoylev" <za...@rackspace.com> escribió:
> Specifically for openstack services, if a service supports some
> unauthenticated calls, what is a good way to integrate that call with the
> rest of the service in jclouds? So there is no authentication, no tenant on
> the path, and the method can be executed without providing credentials....
> Regular call: {endpoint}/v1.0/{tenantid}/some_path/etc
> Unauthenticated call: {endpoint}/v1.0/some_other_path/etc
Re: unauthenticated calls suggestions
Posted by Ignasi <ig...@gmail.com>.
Authentication is done per-request by using the request filters.
If you annotate your method like this, the filters in the class should not
be applied:
@RequestFilters({})
@OverrideRequestFilters
public void unauthenticatedMethod()
You still need to have a context and all the rest, but this way you can
override the filters so the unauthenticated method does not inherit the
ones from the class (you can still set the particular filters you may need
for it).
If there are several unauthenticared methods, perhaps it is a good idea to
grouo all them in an UnauthenticatedApi class or similar, to avoid
duplicating the filter override logic too much.
HTH!
Ignasi
El 05/11/2013 01:01, "Zack Shoylev" <za...@rackspace.com> escribió:
> Specifically for openstack services, if a service supports some
> unauthenticated calls, what is a good way to integrate that call with the
> rest of the service in jclouds? So there is no authentication, no tenant on
> the path, and the method can be executed without providing credentials....
> Regular call: {endpoint}/v1.0/{tenantid}/some_path/etc
> Unauthenticated call: {endpoint}/v1.0/some_other_path/etc