You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@isis.apache.org by Anisha Jaiswal <an...@gmail.com> on 2017/05/05 04:46:47 UTC
Re: REST Web service using Apache ISIS
Hi,
I am so sorry I could not reply earlier. The web service is working
now.There was fault in the way I was calling it.
But there is one thing though. I need to pass the 'Authorization' property
in the header though.
I want to make it work like the 'passThru' parameter works for request
being sent to 'restful/swagger' uri.
In order to implement that i extended
the AuthenticationSessionStrategyBasicAuth class as follows:
public class CustomAuthenticationSessionStrategy extends
AuthenticationSessionStrategyBasicAuth {
@Override
public AuthenticationSession lookupValid(final HttpServletRequest
httpServletRequest, final HttpServletResponse httpServletResponse) {
String requestURI = httpServletRequest.getRequestURI();
if("/restful/services/Authorization/actions/isAuthorized/invoke".equalsIgnoreCase(requestURI)){
AuthenticationSessionStrategyTrusted strategy = new
AuthenticationSessionStrategyTrusted();
AuthenticationSession session = strategy.lookupValid(httpServletRequest,
httpServletResponse);
return session;
} else {
return super.lookupValid(httpServletRequest, httpServletResponse);
}
}
}
And then i replaced the class AuthenticationSessionStrategyBasicAuth with
this class in web.xml.
But this does not work.
Gives me a 404 error.
Please let me know where I am going wrong.
Thanks for your time.
Regards,
Anisha
On Thu, Apr 27, 2017 at 8:47 PM, Dan Haywood <da...@haywood-associates.co.uk>
wrote:
> Hi Anisha,
>
> Could you put together an example app on github demonstrating the issue?
>
> But also, you could perhaps use the "passThru" setting, as used by the
> swagger service:
>
> <filter>
> <filter-name>IsisSessionFilterForRestfulObjects</filter-name>
> <filter-class>org.apache.isis.core.webapp.IsisSessionFilter<
> /filter-class>
> <!-- authentication required for REST -->
> <init-param>
> <param-name>authenticationSessionStrategy</param-name>
> <param-value>org.apache.isis.viewer.restfulobjects.server.
> authentication.AuthenticationSessionStrategyBasicAuth</param-value>
> </init-param>
> <init-param>
> <!-- what to do if no session was found... -->
> <param-name>whenNoSession</param-name>
> <!-- ... 401 and a basic authentication challenge if request
> originates from web browser -->
> <param-value>auto</param-value>
> </init-param>
> <init-param>
> <param-name>passThru</param-name>
> <param-value>/restful/swagger</param-value>
> </init-param>
> </filter>
>
>
> This provides an alternative way to hit a JAXRS resource without a session.
>
> HTH
> Dan
>
>
> On Thu, 27 Apr 2017 at 11:14 Anisha Jaiswal <an...@gmail.com>
> wrote:
>
> > Hi,
> >
> > Thanks for the reply.
> >
> > I am getting the HTTP status code 404 - resource not found.
> >
> > I found out that if i deploy my application with the ROOT context path
> the
> > web service works, but if i deploy it with some other context path then
> it
> > does not. The swagger UI still tries to access the rest web service with
> > the ROOT context path. Is there a way to configure the context path of an
> > isis application.
> >
> > Providing the context as follows in tomcat\conf\Catalina\localhost also
> > does not help:
> >
> > <Context
> > docBase="../my-app-folder/myAppwar"
> > antiResourceLocking="false" privileged="true" path="/myApp" />
> >
> > Thanks for your time !
> >
> > Regards,
> > Anisha
> >
> >
> > 2017-04-26 13:40 GMT+05:30 Rade, Joerg / Kuehne + Nagel / Ham GI-DP <
> > Joerg.Rade@kuehne-nagel.com>:
> >
> > > Hi Anisha,
> > >
> > > what kind of response do you get?
> > >
> > > Could be related to [1].
> > >
> > > -j
> > > [1] https://issues.apache.org/jira/browse/ISIS-1572
> > > -----Ursprüngliche Nachricht-----
> > > Von: Anisha Jaiswal [mailto:anishakjaiswal@gmail.com]
> > > Gesendet: Dienstag, 25. April 2017 14:38
> > > An: users@isis.apache.org
> > > Betreff: REST Web service using Apache ISIS
> > >
> > > Hi,
> > >
> > > I am trying to implement a REST web service using Apache ISIS, but
> unable
> > > to do so.
> > > This is what my implementation looks like:
> > >
> > > @DomainService(
> > > nature = NatureOfService.VIEW_REST_ONLY
> > > )
> > > @Path("/authorization")
> > > public class Authorization implements AuthorizationApiInterface{
> > >
> > > @Override
> > > @Path("/isAuthorized")
> > > @POST
> > > @Action
> > > public Boolean isAuthorized(JSONObject jObj) {
> > >
> > > // some steps
> > > return true;
> > > }
> > >
> > > }
> > >
> > > Also i have overridden the AuthenticationSessionStrategyBasicAuth so
> as
> > > to be able to call this method when there is no valid session object:-
> > > public class CustomAuthenticationSessionStrategy extends
> > > AuthenticationSessionStrategyBasicAuth {
> > >
> > > @Override
> > > public AuthenticationSession lookupValid(final HttpServletRequest
> > > httpServletRequest, final HttpServletResponse httpServletResponse) {
> > String
> > > requestURI = httpServletRequest.getRequestURI();
> > > if("/admin/restful/authorization/isAuthorized".
> > > equalsIgnoreCase(requestURI)){
> > > AuthenticationSessionStrategyTrusted strategy = new
> > > AuthenticationSessionStrategyTrusted();
> > > AuthenticationSession session = strategy.lookupValid(
> httpServletRequest,
> > > httpServletResponse);
> > > return session;
> > > } else {
> > > return super.lookupValid(httpServletRequest, httpServletResponse); }
> } }
> > >
> > > The new CustomAuthenticationSessionStrategy has replaced
> > > AuthenticationSessionStrategyBasicAuth in web.xml
> > >
> > > Also extended RestfulObjectsApplication:- public class
> > > CustomRestfulObjectsApplication extends RestfulObjectsApplication {
> > >
> > > public CustomRestfulObjectsApplication() {
> > > addClass(Authorization.class);
> > > }
> > > }
> > > And replced it in web.xml.
> > >
> > > I am calling this api using the HttpURLConnection class. The url passed
> > is
> > > http://localhost:8080/admin/restful/authorization/isAuthorized.
> > >
> > > Please let me know where I am going wrong.
> > >
> > > Thanks,
> > > Anisha
> > >
> > > Kühne + Nagel (AG & Co.) KG
> > > Rechtsform: Kommanditgesellschaft, Bremen HRA 21928, USt-IdNr.: DE
> > > 812773878.
> > > Geschäftsleitung Kühne + Nagel (AG & Co.) KG: Dr. Hansjörg Rodi (Vors.
> ),
> > > Martin Brinkmann, Matthias Heimbach, Jan-Hendrik Köstergarten, Nicholas
> > > Minde, Michael Nebel, Lars Wedel, Matthias Weiner.
> > > Persönlich haftende Gesellschafterin: Kühne & Nagel A.G., Rechtsform:
> > > Aktiengesellschaft nach luxemburgischem Recht, HR-Nr.: B 18745,
> > > Geschäftsführendes Verwaltungsratsmitglied: Karl Gernandt.
> > > Geschäftsleitung Region Zentral- und Osteuropa: Dr. Hansjörg Rodi
> > (Vors.),
> > > Thierry Held, Uwe Hött, Richard Huhn, Holger Ketz, Jan-Hendrik
> > > Köstergarten, Jan Kunze, Michael Nebel, Guillaume Sauzedde, Mustafa
> > Sener.
> > >
> > > Wir arbeiten ausschließlich auf Grundlage der Allgemeinen Deutschen
> > > Spediteurbedingungen 2017 (ADSp 2017). Hinweis: Die ADSp 2017 weichen
> in
> > > Ziffer 23 hinsichtlich des Haftungshöchstbetrages für Güterschäden (§
> 431
> > > HGB) vom Gesetz ab, indem sie die Haftung bei multimodalen Transporten
> > > unter Einschluss einer Seebeförderung und bei unbekanntem Schadenort
> auf
> > 2
> > > SZR/kg und im Übrigen die Regelhaftung von 8,33 SZR/kg zusätzlich auf
> > 1,25
> > > Millionen Euro je Schadenfall sowie 2,5 Millionen Euro je
> > Schadenereignis,
> > > mindestens aber 2 SZR/kg, beschränken. Die ADSp sind auf unserer
> Webseite
> > > als Download erhältlich. Auf Anfrage senden wir Ihnen diese auch gerne
> > zu.
> > >
> >
>
Re: REST Web service using Apache ISIS
Posted by Dan Haywood <da...@haywood-associates.co.uk>.
Could you put together a quickstart based on the simpleapp archetype,
explaining how to reproduce the issue, and make available via github?
Thx
Dan
On Fri, 5 May 2017 at 05:46 Anisha Jaiswal <an...@gmail.com> wrote:
> Hi,
>
> I am so sorry I could not reply earlier. The web service is working
> now.There was fault in the way I was calling it.
> But there is one thing though. I need to pass the 'Authorization' property
> in the header though.
> I want to make it work like the 'passThru' parameter works for request
> being sent to 'restful/swagger' uri.
>
> In order to implement that i extended
> the AuthenticationSessionStrategyBasicAuth class as follows:
>
> public class CustomAuthenticationSessionStrategy extends
> AuthenticationSessionStrategyBasicAuth {
>
> @Override
> public AuthenticationSession lookupValid(final HttpServletRequest
> httpServletRequest, final HttpServletResponse httpServletResponse) {
> String requestURI = httpServletRequest.getRequestURI();
>
> if("/restful/services/Authorization/actions/isAuthorized/invoke".equalsIgnoreCase(requestURI)){
> AuthenticationSessionStrategyTrusted strategy = new
> AuthenticationSessionStrategyTrusted();
> AuthenticationSession session = strategy.lookupValid(httpServletRequest,
> httpServletResponse);
>
> return session;
> } else {
> return super.lookupValid(httpServletRequest, httpServletResponse);
> }
> }
> }
>
> And then i replaced the class AuthenticationSessionStrategyBasicAuth with
> this class in web.xml.
>
> But this does not work.
> Gives me a 404 error.
>
> Please let me know where I am going wrong.
>
> Thanks for your time.
>
> Regards,
> Anisha
>
>
> On Thu, Apr 27, 2017 at 8:47 PM, Dan Haywood <dan@haywood-associates.co.uk
> >
> wrote:
>
> > Hi Anisha,
> >
> > Could you put together an example app on github demonstrating the issue?
> >
> > But also, you could perhaps use the "passThru" setting, as used by the
> > swagger service:
> >
> > <filter>
> > <filter-name>IsisSessionFilterForRestfulObjects</filter-name>
> > <filter-class>org.apache.isis.core.webapp.IsisSessionFilter<
> > /filter-class>
> > <!-- authentication required for REST -->
> > <init-param>
> > <param-name>authenticationSessionStrategy</param-name>
> > <param-value>org.apache.isis.viewer.restfulobjects.server.
> > authentication.AuthenticationSessionStrategyBasicAuth</param-value>
> > </init-param>
> > <init-param>
> > <!-- what to do if no session was found... -->
> > <param-name>whenNoSession</param-name>
> > <!-- ... 401 and a basic authentication challenge if request
> > originates from web browser -->
> > <param-value>auto</param-value>
> > </init-param>
> > <init-param>
> > <param-name>passThru</param-name>
> > <param-value>/restful/swagger</param-value>
> > </init-param>
> > </filter>
> >
> >
> > This provides an alternative way to hit a JAXRS resource without a
> session.
> >
> > HTH
> > Dan
> >
> >
> > On Thu, 27 Apr 2017 at 11:14 Anisha Jaiswal <an...@gmail.com>
> > wrote:
> >
> > > Hi,
> > >
> > > Thanks for the reply.
> > >
> > > I am getting the HTTP status code 404 - resource not found.
> > >
> > > I found out that if i deploy my application with the ROOT context path
> > the
> > > web service works, but if i deploy it with some other context path then
> > it
> > > does not. The swagger UI still tries to access the rest web service
> with
> > > the ROOT context path. Is there a way to configure the context path of
> an
> > > isis application.
> > >
> > > Providing the context as follows in tomcat\conf\Catalina\localhost also
> > > does not help:
> > >
> > > <Context
> > > docBase="../my-app-folder/myAppwar"
> > > antiResourceLocking="false" privileged="true" path="/myApp" />
> > >
> > > Thanks for your time !
> > >
> > > Regards,
> > > Anisha
> > >
> > >
> > > 2017-04-26 13:40 GMT+05:30 Rade, Joerg / Kuehne + Nagel / Ham GI-DP <
> > > Joerg.Rade@kuehne-nagel.com>:
> > >
> > > > Hi Anisha,
> > > >
> > > > what kind of response do you get?
> > > >
> > > > Could be related to [1].
> > > >
> > > > -j
> > > > [1] https://issues.apache.org/jira/browse/ISIS-1572
> > > > -----Ursprüngliche Nachricht-----
> > > > Von: Anisha Jaiswal [mailto:anishakjaiswal@gmail.com]
> > > > Gesendet: Dienstag, 25. April 2017 14:38
> > > > An: users@isis.apache.org
> > > > Betreff: REST Web service using Apache ISIS
> > > >
> > > > Hi,
> > > >
> > > > I am trying to implement a REST web service using Apache ISIS, but
> > unable
> > > > to do so.
> > > > This is what my implementation looks like:
> > > >
> > > > @DomainService(
> > > > nature = NatureOfService.VIEW_REST_ONLY
> > > > )
> > > > @Path("/authorization")
> > > > public class Authorization implements AuthorizationApiInterface{
> > > >
> > > > @Override
> > > > @Path("/isAuthorized")
> > > > @POST
> > > > @Action
> > > > public Boolean isAuthorized(JSONObject jObj) {
> > > >
> > > > // some steps
> > > > return true;
> > > > }
> > > >
> > > > }
> > > >
> > > > Also i have overridden the AuthenticationSessionStrategyBasicAuth so
> > as
> > > > to be able to call this method when there is no valid session
> object:-
> > > > public class CustomAuthenticationSessionStrategy extends
> > > > AuthenticationSessionStrategyBasicAuth {
> > > >
> > > > @Override
> > > > public AuthenticationSession lookupValid(final HttpServletRequest
> > > > httpServletRequest, final HttpServletResponse httpServletResponse) {
> > > String
> > > > requestURI = httpServletRequest.getRequestURI();
> > > > if("/admin/restful/authorization/isAuthorized".
> > > > equalsIgnoreCase(requestURI)){
> > > > AuthenticationSessionStrategyTrusted strategy = new
> > > > AuthenticationSessionStrategyTrusted();
> > > > AuthenticationSession session = strategy.lookupValid(
> > httpServletRequest,
> > > > httpServletResponse);
> > > > return session;
> > > > } else {
> > > > return super.lookupValid(httpServletRequest, httpServletResponse); }
> > } }
> > > >
> > > > The new CustomAuthenticationSessionStrategy has replaced
> > > > AuthenticationSessionStrategyBasicAuth in web.xml
> > > >
> > > > Also extended RestfulObjectsApplication:- public class
> > > > CustomRestfulObjectsApplication extends RestfulObjectsApplication {
> > > >
> > > > public CustomRestfulObjectsApplication() {
> > > > addClass(Authorization.class);
> > > > }
> > > > }
> > > > And replced it in web.xml.
> > > >
> > > > I am calling this api using the HttpURLConnection class. The url
> passed
> > > is
> > > > http://localhost:8080/admin/restful/authorization/isAuthorized.
> > > >
> > > > Please let me know where I am going wrong.
> > > >
> > > > Thanks,
> > > > Anisha
> > > >
> > > > Kühne + Nagel (AG & Co.) KG
> > > > Rechtsform: Kommanditgesellschaft, Bremen HRA 21928, USt-IdNr.: DE
> > > > 812773878.
> > > > Geschäftsleitung Kühne + Nagel (AG & Co.) KG: Dr. Hansjörg Rodi
> (Vors.
> > ),
> > > > Martin Brinkmann, Matthias Heimbach, Jan-Hendrik Köstergarten,
> Nicholas
> > > > Minde, Michael Nebel, Lars Wedel, Matthias Weiner.
> > > > Persönlich haftende Gesellschafterin: Kühne & Nagel A.G., Rechtsform:
> > > > Aktiengesellschaft nach luxemburgischem Recht, HR-Nr.: B 18745,
> > > > Geschäftsführendes Verwaltungsratsmitglied: Karl Gernandt.
> > > > Geschäftsleitung Region Zentral- und Osteuropa: Dr. Hansjörg Rodi
> > > (Vors.),
> > > > Thierry Held, Uwe Hött, Richard Huhn, Holger Ketz, Jan-Hendrik
> > > > Köstergarten, Jan Kunze, Michael Nebel, Guillaume Sauzedde, Mustafa
> > > Sener.
> > > >
> > > > Wir arbeiten ausschließlich auf Grundlage der Allgemeinen Deutschen
> > > > Spediteurbedingungen 2017 (ADSp 2017). Hinweis: Die ADSp 2017 weichen
> > in
> > > > Ziffer 23 hinsichtlich des Haftungshöchstbetrages für Güterschäden (§
> > 431
> > > > HGB) vom Gesetz ab, indem sie die Haftung bei multimodalen
> Transporten
> > > > unter Einschluss einer Seebeförderung und bei unbekanntem Schadenort
> > auf
> > > 2
> > > > SZR/kg und im Übrigen die Regelhaftung von 8,33 SZR/kg zusätzlich auf
> > > 1,25
> > > > Millionen Euro je Schadenfall sowie 2,5 Millionen Euro je
> > > Schadenereignis,
> > > > mindestens aber 2 SZR/kg, beschränken. Die ADSp sind auf unserer
> > Webseite
> > > > als Download erhältlich. Auf Anfrage senden wir Ihnen diese auch
> gerne
> > > zu.
> > > >
> > >
> >
>