activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From chir...@apache.org
Subject svn commit: r1302486 - in /activemq/activemq-apollo/trunk: apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/jetty/ apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/web/ apollo-website/src/documentation/
Date Mon, 19 Mar 2012 14:55:31 GMT
Author: chirino
Date: Mon Mar 19 14:55:31 2012
New Revision: 1302486

URL: http://svn.apache.org/viewvc?rev=1302486&view=rev
Log:
Fixes APLO-171 : Support allowing cross origin resource sharing (CORS) of web admin APIs and
websocket APIs.

Added:
    activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/web/AllowAnyOriginFilter.scala
Modified:
    activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/jetty/JettyWebServer.scala
    activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/jetty/WebSocketTransportFactory.scala
    activemq/activemq-apollo/trunk/apollo-website/src/documentation/user-manual.md

Modified: activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/jetty/JettyWebServer.scala
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/jetty/JettyWebServer.scala?rev=1302486&r1=1302485&r2=1302486&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/jetty/JettyWebServer.scala
(original)
+++ activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/jetty/JettyWebServer.scala
Mon Mar 19 14:55:31 2012
@@ -22,7 +22,6 @@ import org.eclipse.jetty.webapp.WebAppCo
 import org.eclipse.jetty.server.nio.SelectChannelConnector
 import org.apache.activemq.apollo.util._
 import org.fusesource.hawtdispatch._
-import org.apache.activemq.apollo.broker.web.{WebServer, WebServerFactory}
 import org.eclipse.jetty.server.handler.HandlerList
 import collection.mutable.HashMap
 import org.eclipse.jetty.server.ssl.SslSelectChannelConnector
@@ -33,6 +32,8 @@ import java.net.{URL, URI}
 import java.io.{FileOutputStream, File}
 import java.util.jar.JarInputStream
 import java.lang.String
+import org.eclipse.jetty.servlet.{FilterMapping, FilterHolder}
+import org.apache.activemq.apollo.broker.web.{AllowAnyOriginFilter, WebServer, WebServerFactory}
 
 /**
  * <p>
@@ -171,6 +172,9 @@ class JettyWebServer(val broker:Broker) 
           val host = bind_uri.getHost
           var port = bind_uri.getPort
 
+          var query = URISupport.parseQuery(bind_uri.getQuery)
+          val cors_origin = query.get("cors_origin")
+
           scheme match {
             case "http" =>
               if (port == -1) {
@@ -216,6 +220,12 @@ class JettyWebServer(val broker:Broker) 
             context.setContextPath(prefix)
             context.setWar(webapp_path.getCanonicalPath)
             context.setClassLoader(Broker.class_loader)
+
+            if( cors_origin!=null && !cors_origin.trim().isEmpty ) {
+              val origins = cors_origin.split(",").map(_.trim()).toSet
+              context.addFilter(new FilterHolder(new AllowAnyOriginFilter(origins)), "/*",
FilterMapping.DEFAULT)
+            }
+
             if( broker.tmp !=null ) {
               context.setTempDirectory(broker.tmp)
             }

Modified: activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/jetty/WebSocketTransportFactory.scala
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/jetty/WebSocketTransportFactory.scala?rev=1302486&r1=1302485&r2=1302486&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/jetty/WebSocketTransportFactory.scala
(original)
+++ activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/jetty/WebSocketTransportFactory.scala
Mon Mar 19 14:55:31 2012
@@ -25,7 +25,6 @@ import org.eclipse.jetty.server.nio.Sele
 import javax.net.ssl.SSLContext
 import org.eclipse.jetty.server.ssl.SslSelectChannelConnector
 import org.eclipse.jetty.util.thread.ExecutorThreadPool
-import org.eclipse.jetty.servlet.{ServletHolder, ServletContextHandler}
 import javax.servlet.http.HttpServletRequest
 import org.eclipse.jetty.websocket.{WebSocket, WebSocketServlet}
 import org.eclipse.jetty.server.{Connector, Server}
@@ -40,6 +39,8 @@ import org.fusesource.hawtdispatch.trans
 import org.fusesource.hawtbuf.{AsciiBuffer, Buffer}
 import java.io.{EOFException, IOException}
 import java.security.cert.X509Certificate
+import org.apache.activemq.apollo.broker.web.AllowAnyOriginFilter
+import org.eclipse.jetty.servlet.{FilterMapping, FilterHolder, ServletHolder, ServletContextHandler}
 
 /**
  * @author <a href="http://hiramchirino.com">Hiram Chirino</a>
@@ -67,6 +68,8 @@ object WebSocketTransportFactory extends
     var transportServerListener: TransportServerListener = _
     @BeanProperty
     var binary_transfers = false
+    @BeanProperty
+    var cors_origin:String = null
 
     var broker: Broker = _
 
@@ -123,6 +126,10 @@ object WebSocketTransportFactory extends
 
         var context = new ServletContextHandler(ServletContextHandler.NO_SECURITY)
         context.setContextPath(prefix)
+        if( cors_origin!=null && !cors_origin.trim().isEmpty ) {
+          val origins = cors_origin.split(",").map(_.trim()).toSet
+          context.addFilter(new FilterHolder(new AllowAnyOriginFilter(origins)), "/*", FilterMapping.DEFAULT)
+        }
         context.addServlet(new ServletHolder(this), "/")
 
         server = new Server

Added: activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/web/AllowAnyOriginFilter.scala
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/web/AllowAnyOriginFilter.scala?rev=1302486&view=auto
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/web/AllowAnyOriginFilter.scala
(added)
+++ activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/web/AllowAnyOriginFilter.scala
Mon Mar 19 14:55:31 2012
@@ -0,0 +1,50 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.activemq.apollo.broker.web
+
+import javax.servlet._
+import http.{HttpServletRequest, HttpServletResponse}
+
+/**
+ * Servlet filter which adds a 'Access-Control-Allow-Origin: *' HTTP header
+ * to allow CORS.
+ */
+class AllowAnyOriginFilter(val allowed:Set[String]) extends javax.servlet.Filter {
+
+  val allow_any = allowed.contains("*")
+
+  override def init(filterConfig: FilterConfig) {}
+  override def destroy() = {}
+
+  override def doFilter(request: ServletRequest, response: ServletResponse, chain: FilterChain)
= {
+    response match {
+      case response: HttpServletResponse =>
+        if( allow_any ) {
+          response.addHeader("Access-Control-Allow-Origin", "*");
+        } else {
+          for( origin <- Option(request.asInstanceOf[HttpServletRequest].getHeader("Origin"))
) {
+            if ( allowed.contains(origin) ) {
+              response.addHeader("Access-Control-Allow-Origin", origin);
+            }
+          }
+        }
+      case _ =>
+    }
+    chain.doFilter(request, response)
+  }
+
+}
\ No newline at end of file

Modified: activemq/activemq-apollo/trunk/apollo-website/src/documentation/user-manual.md
URL: http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-website/src/documentation/user-manual.md?rev=1302486&r1=1302485&r2=1302486&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-website/src/documentation/user-manual.md (original)
+++ activemq/activemq-apollo/trunk/apollo-website/src/documentation/user-manual.md Mon Mar
19 14:55:31 2012
@@ -247,9 +247,18 @@ Example configuraiton:
 {pygmentize}
 
 One thing worth noting is that web sockets (just as Ajax) implements the same
-origin policy, so you can access only brokers running on the same host as
+origin policy, so by default you can access only brokers running on the same host as
 where the web page originated from.
 
+If you want to allow cross origin resource sharing (CORS) of the WebSocket connector,
+by different hosts then your should add `cors_origin` query parameter to the bind URI with

+a common seperated list of domains that are allowed to access the WebSocket
+connector.  Use `*` to allow access from any domain.  Example:
+
+{pygmentize:: xml}
+<connector id="ws" bind="ws://0.0.0.0:61623?cors_origin=*"/>
+{pygmentize}
+
 ###### WebSocket Clients
 
 You can use one of the following JavaScript libraries to access
@@ -863,6 +872,20 @@ A `web_admin` element may be configured 
 
 * `bind` : The address and port to bind the web interface on in URL syntax.
 
+If you want to allow cross origin resource sharing (CORS) of the web admin APIs,
+then your should add `cors_origin` query parameter to the bind URI with 
+a common seperated list of domains that are allowed to access the web 
+admin APIs.  Use `*` to allow access from any domain.  Example:
+
+{pygmentize:: xml}
+<broker xmlns="http://activemq.apache.org/schema/activemq/apollo">
+  ...
+  <web_admin bind="http://0.0.0.0:61680?cors_origin=*"/>
+  <web_admin bind="https://0.0.0.0:61681?cors_origin=www.foo.com,bar.com"/>
+  ...
+</broker>
+{pygmentize}
+
 ## Managing Brokers
 
 The rest of this section's example assume that you have created a broker 



Mime
View raw message