ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rle...@apache.org
Subject ambari git commit: AMBARI-13304. Add security-related HTTP headers to Views to keep Ambari up to date with best-practices (rlevas)
Date Wed, 07 Oct 2015 12:06:04 GMT
Repository: ambari
Updated Branches:
  refs/heads/branch-2.0.maint 071c2d527 -> 2765b52d8


AMBARI-13304. Add security-related HTTP headers to Views to keep Ambari up to date with best-practices
(rlevas)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/2765b52d
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/2765b52d
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/2765b52d

Branch: refs/heads/branch-2.0.maint
Commit: 2765b52d8b9c15fecccc21b4979d83c7c5255284
Parents: 071c2d5
Author: Robert Levas <rlevas@hortonworks.com>
Authored: Wed Oct 7 05:05:45 2015 -0700
Committer: Robert Levas <rlevas@hortonworks.com>
Committed: Wed Oct 7 05:05:45 2015 -0700

----------------------------------------------------------------------
 .../apache/ambari/server/controller/AmbariHandlerList.java   | 8 ++++++++
 .../ambari/server/controller/AmbariHandlerListTest.java      | 6 ++++++
 2 files changed, 14 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/2765b52d/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariHandlerList.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariHandlerList.java
b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariHandlerList.java
index 345ad67..3644e3e 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariHandlerList.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariHandlerList.java
@@ -20,6 +20,7 @@ package org.apache.ambari.server.controller;
 import org.apache.ambari.server.api.AmbariPersistFilter;
 import org.apache.ambari.server.orm.entities.ViewEntity;
 import org.apache.ambari.server.orm.entities.ViewInstanceEntity;
+import org.apache.ambari.server.security.SecurityHeaderFilter;
 import org.apache.ambari.server.view.ViewContextImpl;
 import org.apache.ambari.server.view.ViewInstanceHandlerList;
 import org.apache.ambari.server.view.ViewRegistry;
@@ -94,6 +95,12 @@ public class AmbariHandlerList extends HandlerCollection implements ViewInstance
   DelegatingFilterProxy springSecurityFilter;
 
   /**
+   * The security header filter - conditionlly adds security-related headers to the HTTP
response.
+   */
+  @Inject
+  SecurityHeaderFilter securityHeaderFilter;
+
+  /**
    * Mapping of view instance entities to handlers.
    */
   private final Map<ViewInstanceEntity, Handler> viewHandlerMap = new HashMap<ViewInstanceEntity,
Handler>();
@@ -234,6 +241,7 @@ public class AmbariHandlerList extends HandlerCollection implements ViewInstance
     webAppContext.setClassLoader(viewInstanceDefinition.getViewEntity().getClassLoader());
     webAppContext.setAttribute(ViewContext.CONTEXT_ATTRIBUTE, new ViewContextImpl(viewInstanceDefinition,
viewRegistry));
     webAppContext.setSessionHandler(new SharedSessionHandler(sessionManager));
+    webAppContext.addFilter(new FilterHolder(securityHeaderFilter), "/*", AmbariServer.DISPATCHER_TYPES);
     webAppContext.addFilter(new FilterHolder(persistFilter), "/*", AmbariServer.DISPATCHER_TYPES);
     webAppContext.addFilter(new FilterHolder(springSecurityFilter), "/*", AmbariServer.DISPATCHER_TYPES);
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/2765b52d/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariHandlerListTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariHandlerListTest.java
b/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariHandlerListTest.java
index bc2f990..2409b27 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariHandlerListTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariHandlerListTest.java
@@ -22,6 +22,7 @@ import org.apache.ambari.server.api.AmbariPersistFilter;
 import org.apache.ambari.server.orm.entities.ViewEntity;
 import org.apache.ambari.server.orm.entities.ViewInstanceEntity;
 import org.apache.ambari.server.orm.entities.ViewInstanceEntityTest;
+import org.apache.ambari.server.security.SecurityHeaderFilter;
 import org.apache.ambari.server.view.ViewRegistry;
 import org.easymock.Capture;
 import org.eclipse.jetty.server.Handler;
@@ -51,6 +52,7 @@ import static org.easymock.EasyMock.verify;
  */
 public class AmbariHandlerListTest {
 
+  private final SecurityHeaderFilter securityHeaderFilter = createNiceMock(SecurityHeaderFilter.class);
   private final AmbariPersistFilter persistFilter = createNiceMock(AmbariPersistFilter.class);
   private final DelegatingFilterProxy springSecurityFilter = createNiceMock(DelegatingFilterProxy.class);
 
@@ -66,9 +68,11 @@ public class AmbariHandlerListTest {
     expect(handler.getServer()).andReturn(server);
     handler.setServer(null);
 
+    Capture<FilterHolder> securityHeaderFilterCapture = new Capture<FilterHolder>();
     Capture<FilterHolder> persistFilterCapture = new Capture<FilterHolder>();
     Capture<FilterHolder> securityFilterCapture = new Capture<FilterHolder>();
 
+    handler.addFilter(capture(securityHeaderFilterCapture), eq("/*"), eq(AmbariServer.DISPATCHER_TYPES));
     handler.addFilter(capture(persistFilterCapture), eq("/*"), eq(AmbariServer.DISPATCHER_TYPES));
     handler.addFilter(capture(securityFilterCapture), eq("/*"), eq(AmbariServer.DISPATCHER_TYPES));
 
@@ -82,6 +86,7 @@ public class AmbariHandlerListTest {
 
     Assert.assertTrue(handlers.contains(handler));
 
+    Assert.assertEquals(securityHeaderFilter, securityHeaderFilterCapture.getValue().getFilter());
     Assert.assertEquals(persistFilter, persistFilterCapture.getValue().getFilter());
     Assert.assertEquals(springSecurityFilter, securityFilterCapture.getValue().getFilter());
 
@@ -155,6 +160,7 @@ public class AmbariHandlerListTest {
     AmbariHandlerList handlerList = new AmbariHandlerList();
 
     handlerList.webAppContextProvider = new HandlerProvider(handler);
+    handlerList.securityHeaderFilter = securityHeaderFilter;
     handlerList.persistFilter = persistFilter;
     handlerList.springSecurityFilter = springSecurityFilter;
 


Mime
View raw message