You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by or...@apache.org on 2017/11/02 11:03:46 UTC
qpid-broker-j git commit: QPID-8005:[Broker-J][WMC] Redirect requests
for removed 'login.html' to 'index.html'
Repository: qpid-broker-j
Updated Branches:
refs/heads/master b159ab3be -> 7a406d501
QPID-8005:[Broker-J][WMC] Redirect requests for removed 'login.html' to 'index.html'
Project: http://git-wip-us.apache.org/repos/asf/qpid-broker-j/repo
Commit: http://git-wip-us.apache.org/repos/asf/qpid-broker-j/commit/7a406d50
Tree: http://git-wip-us.apache.org/repos/asf/qpid-broker-j/tree/7a406d50
Diff: http://git-wip-us.apache.org/repos/asf/qpid-broker-j/diff/7a406d50
Branch: refs/heads/master
Commit: 7a406d50167f2e3c92e55407aed6db1649da70f5
Parents: b159ab3
Author: Alex Rudyy <or...@apache.org>
Authored: Thu Nov 2 10:49:03 2017 +0000
Committer: Alex Rudyy <or...@apache.org>
Committed: Thu Nov 2 10:49:03 2017 +0000
----------------------------------------------------------------------
.../management/plugin/HttpManagement.java | 12 ++-
.../filter/InteractiveAuthenticationFilter.java | 108 +++++++++++++++++++
.../plugin/filter/RedirectFilter.java | 59 ++++++++++
.../plugin/filter/RedirectingFilter.java | 108 -------------------
4 files changed, 176 insertions(+), 111 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/7a406d50/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java
----------------------------------------------------------------------
diff --git a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java
index 8d79402..4e4d081 100644
--- a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java
+++ b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpManagement.java
@@ -78,8 +78,9 @@ import org.apache.qpid.server.logging.messages.PortMessages;
import org.apache.qpid.server.management.plugin.filter.AuthenticationCheckFilter;
import org.apache.qpid.server.management.plugin.filter.ExceptionHandlingFilter;
import org.apache.qpid.server.management.plugin.filter.ForbiddingTraceFilter;
+import org.apache.qpid.server.management.plugin.filter.InteractiveAuthenticationFilter;
import org.apache.qpid.server.management.plugin.filter.LoggingFilter;
-import org.apache.qpid.server.management.plugin.filter.RedirectingFilter;
+import org.apache.qpid.server.management.plugin.filter.RedirectFilter;
import org.apache.qpid.server.management.plugin.filter.RewriteRequestForUncompressedJavascript;
import org.apache.qpid.server.management.plugin.portunification.TlsOrPlainConnectionFactory;
import org.apache.qpid.server.management.plugin.servlet.FileServlet;
@@ -348,8 +349,13 @@ public class HttpManagement extends AbstractPluginAdapter<HttpManagement> implem
root.addFilter(restAuthorizationFilter, "/apidocs/*", EnumSet.of(DispatcherType.REQUEST));
root.addFilter(restAuthorizationFilter, "/service/*", EnumSet.of(DispatcherType.REQUEST));
- root.addFilter(new FilterHolder(new RedirectingFilter()), "/index.html", EnumSet.of(DispatcherType.REQUEST));
- root.addFilter(new FilterHolder(new RedirectingFilter()), "/", EnumSet.of(DispatcherType.REQUEST));
+ root.addFilter(new FilterHolder(new InteractiveAuthenticationFilter()), "/index.html", EnumSet.of(DispatcherType.REQUEST));
+ root.addFilter(new FilterHolder(new InteractiveAuthenticationFilter()), "/", EnumSet.of(DispatcherType.REQUEST));
+
+ FilterHolder redirectFilter = new FilterHolder(new RedirectFilter());
+ redirectFilter.setInitParameter(RedirectFilter.INIT_PARAM_REDIRECT_URI, "/index.html");
+ root.addFilter(redirectFilter, "/login.html", EnumSet.of(DispatcherType.REQUEST));
+
if (_serveUncompressedDojo)
{
root.addFilter(RewriteRequestForUncompressedJavascript.class, "/dojo/dojo/*", EnumSet.of(DispatcherType.REQUEST));
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/7a406d50/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/filter/InteractiveAuthenticationFilter.java
----------------------------------------------------------------------
diff --git a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/filter/InteractiveAuthenticationFilter.java b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/filter/InteractiveAuthenticationFilter.java
new file mode 100644
index 0000000..5507959
--- /dev/null
+++ b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/filter/InteractiveAuthenticationFilter.java
@@ -0,0 +1,108 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.qpid.server.management.plugin.filter;
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.List;
+
+import javax.security.auth.Subject;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletContext;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.qpid.server.management.plugin.HttpManagementConfiguration;
+import org.apache.qpid.server.management.plugin.HttpManagementUtil;
+import org.apache.qpid.server.management.plugin.HttpRequestInteractiveAuthenticator;
+import org.apache.qpid.server.plugin.QpidServiceLoader;
+import org.apache.qpid.server.security.auth.AuthenticatedPrincipal;
+
+public class InteractiveAuthenticationFilter implements Filter
+{
+
+ private static final Collection<HttpRequestInteractiveAuthenticator> AUTHENTICATORS;
+ static
+ {
+ List<HttpRequestInteractiveAuthenticator> authenticators = new ArrayList<>();
+ for(HttpRequestInteractiveAuthenticator authenticator : (new QpidServiceLoader()).instancesOf(HttpRequestInteractiveAuthenticator.class))
+ {
+ authenticators.add(authenticator);
+ }
+ AUTHENTICATORS = Collections.unmodifiableList(authenticators);
+ }
+
+ private HttpManagementConfiguration _managementConfiguration;
+
+ @Override
+ public void destroy()
+ {
+ }
+
+ @Override
+ public void init(FilterConfig config) throws ServletException
+ {
+ ServletContext servletContext = config.getServletContext();
+ _managementConfiguration = HttpManagementUtil.getManagementConfiguration(servletContext);
+ }
+
+ @Override
+ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException,
+ ServletException
+ {
+ HttpServletRequest httpRequest = (HttpServletRequest) request;
+ HttpServletResponse httpResponse = (HttpServletResponse) response;
+ Subject subject = HttpManagementUtil.getAuthorisedSubject(httpRequest);
+ if (subject != null && !subject.getPrincipals(AuthenticatedPrincipal.class).isEmpty())
+ {
+ chain.doFilter(request, response);
+ }
+ else
+ {
+ HttpRequestInteractiveAuthenticator.AuthenticationHandler handler = null;
+ for(HttpRequestInteractiveAuthenticator authenticator : AUTHENTICATORS)
+ {
+ handler = authenticator.getAuthenticationHandler(httpRequest, _managementConfiguration);
+ if(handler != null)
+ {
+ break;
+ };
+ }
+
+ if(handler != null)
+ {
+ handler.handleAuthentication(httpResponse);
+ }
+ else
+ {
+ httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN);
+ }
+ }
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/7a406d50/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/filter/RedirectFilter.java
----------------------------------------------------------------------
diff --git a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/filter/RedirectFilter.java b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/filter/RedirectFilter.java
new file mode 100644
index 0000000..6b5f853
--- /dev/null
+++ b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/filter/RedirectFilter.java
@@ -0,0 +1,59 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.qpid.server.management.plugin.filter;
+
+import java.io.IOException;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletResponse;
+
+public class RedirectFilter implements Filter
+{
+ public static final String INIT_PARAM_REDIRECT_URI = "redirect-uri";
+ private String _redirectURI;
+
+ @Override
+ public void init(final FilterConfig filterConfig) throws ServletException
+ {
+ _redirectURI = filterConfig.getInitParameter(INIT_PARAM_REDIRECT_URI);
+ }
+
+ @Override
+ public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain)
+ throws IOException, ServletException
+ {
+ if (response instanceof HttpServletResponse)
+ {
+ ((HttpServletResponse) response).sendRedirect(_redirectURI);
+ }
+ }
+
+ @Override
+ public void destroy()
+ {
+
+ }
+}
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/7a406d50/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/filter/RedirectingFilter.java
----------------------------------------------------------------------
diff --git a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/filter/RedirectingFilter.java b/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/filter/RedirectingFilter.java
deleted file mode 100644
index db65fe1..0000000
--- a/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/filter/RedirectingFilter.java
+++ /dev/null
@@ -1,108 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.qpid.server.management.plugin.filter;
-
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.List;
-
-import javax.security.auth.Subject;
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletContext;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.qpid.server.management.plugin.HttpManagementConfiguration;
-import org.apache.qpid.server.management.plugin.HttpManagementUtil;
-import org.apache.qpid.server.management.plugin.HttpRequestInteractiveAuthenticator;
-import org.apache.qpid.server.plugin.QpidServiceLoader;
-import org.apache.qpid.server.security.auth.AuthenticatedPrincipal;
-
-public class RedirectingFilter implements Filter
-{
-
- private static final Collection<HttpRequestInteractiveAuthenticator> AUTHENTICATORS;
- static
- {
- List<HttpRequestInteractiveAuthenticator> authenticators = new ArrayList<>();
- for(HttpRequestInteractiveAuthenticator authenticator : (new QpidServiceLoader()).instancesOf(HttpRequestInteractiveAuthenticator.class))
- {
- authenticators.add(authenticator);
- }
- AUTHENTICATORS = Collections.unmodifiableList(authenticators);
- }
-
- private HttpManagementConfiguration _managementConfiguration;
-
- @Override
- public void destroy()
- {
- }
-
- @Override
- public void init(FilterConfig config) throws ServletException
- {
- ServletContext servletContext = config.getServletContext();
- _managementConfiguration = HttpManagementUtil.getManagementConfiguration(servletContext);
- }
-
- @Override
- public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException,
- ServletException
- {
- HttpServletRequest httpRequest = (HttpServletRequest) request;
- HttpServletResponse httpResponse = (HttpServletResponse) response;
- Subject subject = HttpManagementUtil.getAuthorisedSubject(httpRequest);
- if (subject != null && !subject.getPrincipals(AuthenticatedPrincipal.class).isEmpty())
- {
- chain.doFilter(request, response);
- }
- else
- {
- HttpRequestInteractiveAuthenticator.AuthenticationHandler handler = null;
- for(HttpRequestInteractiveAuthenticator authenticator : AUTHENTICATORS)
- {
- handler = authenticator.getAuthenticationHandler(httpRequest, _managementConfiguration);
- if(handler != null)
- {
- break;
- };
- }
-
- if(handler != null)
- {
- handler.handleAuthentication(httpResponse);
- }
- else
- {
- httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN);
- }
- }
- }
-
-}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org