You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@drill.apache.org by pa...@apache.org on 2016/07/23 04:58:44 UTC

[4/6] drill git commit: DRILL-4690: initial support for CORS

DRILL-4690: initial support for CORS

Added CrossOriginFilter to WebServer based on option HTTP_ENABLE_CORS
Fixed issues related to style
Restricted headers, added run of filterChain
Filter from org.eclipse.jetty.servlets
Enabled configuration, jetty version 9.1.5, restrict filtered paths
CORS by default disabled, reduced size of dependencies (reset maxsize)

This closes #507


Project: http://git-wip-us.apache.org/repos/asf/drill/repo
Commit: http://git-wip-us.apache.org/repos/asf/drill/commit/855873ef
Tree: http://git-wip-us.apache.org/repos/asf/drill/tree/855873ef
Diff: http://git-wip-us.apache.org/repos/asf/drill/diff/855873ef

Branch: refs/heads/master
Commit: 855873ef30bae0af402d32ee4cf44a65f97fb1db
Parents: 4d94134
Author: Wojciech Nowak <ma...@pythonic.ninja>
Authored: Sat May 21 18:00:37 2016 +0200
Committer: Parth Chandra <pa...@apache.org>
Committed: Fri Jul 22 21:28:09 2016 -0700

----------------------------------------------------------------------
 .../src/resources/drill-override-example.conf   |  9 ++++-
 exec/java-exec/pom.xml                          | 35 ++++++++++++++++++++
 .../org/apache/drill/exec/ExecConstants.java    |  5 +++
 .../drill/exec/server/rest/WebServer.java       | 21 ++++++++++++
 .../src/main/resources/drill-module.conf        |  9 ++++-
 5 files changed, 77 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/drill/blob/855873ef/distribution/src/resources/drill-override-example.conf
----------------------------------------------------------------------
diff --git a/distribution/src/resources/drill-override-example.conf b/distribution/src/resources/drill-override-example.conf
index 9e29a5f..52949db 100644
--- a/distribution/src/resources/drill-override-example.conf
+++ b/distribution/src/resources/drill-override-example.conf
@@ -84,7 +84,14 @@ drill.exec: {
     enabled: true,
     ssl_enabled: false,
     port: 8047
-    session_max_idle_secs: 3600 # Default value 1hr
+    session_max_idle_secs: 3600, # Default value 1hr
+    cors: {
+      enabled: false,
+      allowedOrigins: ["null"],
+      allowedMethods: ["GET", "POST", "HEAD", "OPTIONS"],
+      allowedHeaders: ["X-Requested-With", "Content-Type", "Accept", "Origin"],
+      credentials: true
+    }
   },
   functions: ["org.apache.drill.expr.fn.impl"],
   network: {

http://git-wip-us.apache.org/repos/asf/drill/blob/855873ef/exec/java-exec/pom.xml
----------------------------------------------------------------------
diff --git a/exec/java-exec/pom.xml b/exec/java-exec/pom.xml
index 9de4720..892467d 100644
--- a/exec/java-exec/pom.xml
+++ b/exec/java-exec/pom.xml
@@ -104,6 +104,41 @@
       <version>9.1.5.v20140505</version>
     </dependency>
     <dependency>
+      <groupId>org.eclipse.jetty</groupId>
+      <artifactId>jetty-servlets</artifactId>
+      <version>9.1.5.v20140505</version>
+      <exclusions>
+        <exclusion>
+          <artifactId>jetty-continuation</artifactId>
+          <groupId>org.eclipse.jetty</groupId>
+        </exclusion>
+        <exclusion>
+          <artifactId>jetty-http</artifactId>
+          <groupId>org.eclipse.jetty</groupId>
+        </exclusion>
+        <exclusion>
+          <artifactId>jetty-util</artifactId>
+          <groupId>org.eclipse.jetty</groupId>
+        </exclusion>
+        <exclusion>
+          <artifactId>javax.servlet-api</artifactId>
+          <groupId>javax.servlet</groupId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.eclipse.jetty</groupId>
+          <artifactId>jetty-io</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.eclipse.jetty</groupId>
+          <artifactId>jetty-jmx</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.eclipse.jetty.toolchain</groupId>
+          <artifactId>jetty-test-helper</artifactId>
+        </exclusion>
+      </exclusions>
+    </dependency>
+    <dependency>
       <groupId>org.glassfish.jersey.containers</groupId>
       <artifactId>jersey-container-jetty-servlet</artifactId>
       <version>2.8</version>

http://git-wip-us.apache.org/repos/asf/drill/blob/855873ef/exec/java-exec/src/main/java/org/apache/drill/exec/ExecConstants.java
----------------------------------------------------------------------
diff --git a/exec/java-exec/src/main/java/org/apache/drill/exec/ExecConstants.java b/exec/java-exec/src/main/java/org/apache/drill/exec/ExecConstants.java
index 0d7e0d0..64931a2 100644
--- a/exec/java-exec/src/main/java/org/apache/drill/exec/ExecConstants.java
+++ b/exec/java-exec/src/main/java/org/apache/drill/exec/ExecConstants.java
@@ -76,6 +76,11 @@ public interface ExecConstants {
   String HTTP_ENABLE = "drill.exec.http.enabled";
   String HTTP_PORT = "drill.exec.http.port";
   String HTTP_ENABLE_SSL = "drill.exec.http.ssl_enabled";
+  String HTTP_CORS_ENABLED = "drill.exec.http.cors.enabled";
+  String HTTP_CORS_ALLOWED_ORIGINS = "drill.exec.http.cors.allowedOrigins";
+  String HTTP_CORS_ALLOWED_METHODS = "drill.exec.http.cors.allowedMethods";
+  String HTTP_CORS_ALLOWED_HEADERS = "drill.exec.http.cors.allowedHeaders";
+  String HTTP_CORS_CREDENTIALS = "drill.exec.http.cors.credentials";
   String HTTP_SESSION_MAX_IDLE_SECS = "drill.exec.http.session_max_idle_secs";
   String HTTP_KEYSTORE_PATH = "javax.net.ssl.keyStore";
   String HTTP_KEYSTORE_PASSWORD = "javax.net.ssl.keyStorePassword";

http://git-wip-us.apache.org/repos/asf/drill/blob/855873ef/exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/WebServer.java
----------------------------------------------------------------------
diff --git a/exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/WebServer.java b/exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/WebServer.java
index 5ea781b..0b19dce 100644
--- a/exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/WebServer.java
+++ b/exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/WebServer.java
@@ -23,6 +23,7 @@ import com.codahale.metrics.servlets.ThreadDumpServlet;
 import com.google.common.base.Strings;
 import com.google.common.collect.ImmutableSet;
 import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.apache.drill.common.config.DrillConfig;
 import org.apache.drill.exec.ExecConstants;
 import org.apache.drill.exec.server.rest.auth.DrillRestLoginService;
@@ -53,13 +54,16 @@ import org.eclipse.jetty.server.handler.ErrorHandler;
 import org.eclipse.jetty.server.session.HashSessionManager;
 import org.eclipse.jetty.server.session.SessionHandler;
 import org.eclipse.jetty.servlet.DefaultServlet;
+import org.eclipse.jetty.servlet.FilterHolder;
 import org.eclipse.jetty.servlet.ServletContextHandler;
 import org.eclipse.jetty.servlet.ServletHolder;
+import org.eclipse.jetty.servlets.CrossOriginFilter;
 import org.eclipse.jetty.util.resource.Resource;
 import org.eclipse.jetty.util.ssl.SslContextFactory;
 import org.glassfish.jersey.servlet.ServletContainer;
 import org.joda.time.DateTime;
 
+import javax.servlet.DispatcherType;
 import javax.servlet.http.HttpSession;
 import javax.servlet.http.HttpSessionEvent;
 import javax.servlet.http.HttpSessionListener;
@@ -71,6 +75,7 @@ import java.security.SecureRandom;
 import java.security.cert.X509Certificate;
 import java.util.Collections;
 import java.util.Date;
+import java.util.EnumSet;
 import java.util.Set;
 
 import static org.apache.drill.exec.server.rest.auth.DrillUserPrincipal.ADMIN_ROLE;
@@ -159,6 +164,22 @@ public class WebServer implements AutoCloseable {
       servletContextHandler.setSessionHandler(createSessionHandler(servletContextHandler.getSecurityHandler()));
     }
 
+    if (config.getBoolean(ExecConstants.HTTP_CORS_ENABLED)) {
+      FilterHolder holder = new FilterHolder(CrossOriginFilter.class);
+      holder.setInitParameter(CrossOriginFilter.ALLOWED_ORIGINS_PARAM,
+              StringUtils.join(config.getStringList(ExecConstants.HTTP_CORS_ALLOWED_ORIGINS), ","));
+      holder.setInitParameter(CrossOriginFilter.ALLOWED_METHODS_PARAM,
+              StringUtils.join(config.getStringList(ExecConstants.HTTP_CORS_ALLOWED_METHODS), ","));
+      holder.setInitParameter(CrossOriginFilter.ALLOWED_HEADERS_PARAM,
+              StringUtils.join(config.getStringList(ExecConstants.HTTP_CORS_ALLOWED_HEADERS), ","));
+      holder.setInitParameter(CrossOriginFilter.ALLOW_CREDENTIALS_PARAM,
+              String.valueOf(config.getBoolean(ExecConstants.HTTP_CORS_CREDENTIALS)));
+
+      for (String path: new String[] { "*.json", "/storage/*/enable/*", "/status*" }) {
+        servletContextHandler.addFilter(holder, path, EnumSet.of(DispatcherType.REQUEST));
+      }
+    }
+
     embeddedJetty.start();
   }
 

http://git-wip-us.apache.org/repos/asf/drill/blob/855873ef/exec/java-exec/src/main/resources/drill-module.conf
----------------------------------------------------------------------
diff --git a/exec/java-exec/src/main/resources/drill-module.conf b/exec/java-exec/src/main/resources/drill-module.conf
index b1b9b46..d8f4759b 100644
--- a/exec/java-exec/src/main/resources/drill-module.conf
+++ b/exec/java-exec/src/main/resources/drill-module.conf
@@ -111,7 +111,14 @@ drill.exec: {
     enabled: true,
     ssl_enabled: false,
     port: 8047
-    session_max_idle_secs: 3600 # Default value 1hr
+    session_max_idle_secs: 3600, # Default value 1hr
+    cors: {
+      enabled: false,
+      allowedOrigins: ["null"],
+      allowedMethods: ["GET", "POST", "HEAD", "OPTIONS"],
+      allowedHeaders: ["X-Requested-With", "Content-Type", "Accept", "Origin"],
+      credentials: true
+    }
   },
   network: {
     start: 35000