axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Deepal jayasinghe <deep...@gmail.com>
Subject Re: CORS Supprt in Axis2
Date Fri, 17 Jul 2015 05:52:25 GMT
Looks good to me.

Deepal
> Hi Devs,
> I thought of giving some insight to the approach and the design, so 
> that I can have your valuable feedback.
>
> Following configuration should be added to the axis2.xml
>
> <CORSConfig enabled="true">
> <Access-Control-Allow-Headers>content-type,soapaction,x-requested-with</Access-Control-Allow-Headers>
> <Access-Control-Allow-Methods>GET,POST,PUT,DELETE,OPTIONS</Access-Control-Allow-Methods>
> <Access-Control-Allow-Origin>*</Access-Control-Allow-Origin>
> <Access-Control-Expose-Headers>header1,header2</Access-Control-Expose-Headers>
>         <Access-Control-Allow-Credentials enabled="false"/>
> <Access-Control-Max-Age>500</Access-Control-Max-Age>
> </CORSConfig>
>
> Classes
> ------------------------
>
> *CorsConfig*
> Using those configuration CorsConfig is created and can be retrieved 
> through AxisConfiguration.
>
> *CORSProcesser*
> This class is implemented according to the section 6 of the CORS spec.
>
> Currently CORS Processor in engaged in the AxisHttpService handle 
> request method. As per Sagara's mail, I will work on adding this to 
> servlet transport later
>
> if(corsConfig.isEnabled()){
>      //CORS is enabled by the configs
>      corsProcessor.process(axisreq,axisres);
> }
> Thanks,
> Asanka
>
>
> On Thu, Jul 16, 2015 at 10:30 PM, Asanka Dissanayake 
> <asankanbd@gmail.com <mailto:asankanbd@gmail.com>> wrote:
>
>     Hi Devs,
>     I thought of giving some insight to the approach and the design,
>     so that I can have your valuable feedback.
>
>     Following configuration should be added to the axis2.xml
>
>
>
>
>
>     On Thu, Jul 16, 2015 at 1:44 AM, Deepal jayasinghe
>     <deepalk@gmail.com <mailto:deepalk@gmail.com>> wrote:
>
>         Done.
>
>         Deepal
>>         Hi Devs,
>>         Can some one assign me the issue
>>         https://issues.apache.org/jira/browse/AXIS2-5708.
>>         I cannot assign it to myself. Seems I don't have enough
>>         permissions.
>>
>>         Thanks,
>>         Asanka
>>
>>         On Sun, Jul 12, 2015 at 8:57 PM, Asanka Dissanayake
>>         <asankanbd@gmail.com <mailto:asankanbd@gmail.com>> wrote:
>>
>>             Hi Devs,
>>             What is the best place to implement this. IMHO I think
>>             following place is suitable.
>>
>>             org.apache.axis2.transport.http.server.AxisHttpService.handleRequest(final
>>             AxisHttpConnection conn, final HttpContext context)
>>                         throws IOException, HttpException
>>
>>             Thanks,
>>             Asanka D
>>
>>             On Sat, Jul 11, 2015 at 3:18 PM, Asanka Dissanayake
>>             <asankanbd@gmail.com <mailto:asankanbd@gmail.com>> wrote:
>>
>>                 Yes, agreed. I will start implementation with axis2
>>                 http transport .
>>
>>                 Thanks,
>>                 Asanka D
>>
>>
>>                 On Saturday, July 11, 2015, Hiranya Jayathilaka
>>                 <hiranya911@gmail.com <mailto:hiranya911@gmail.com>>
>>                 wrote:
>>
>>
>>                     On Jul 10, 2015, at 6:50 PM, Asanka Dissanayake
>>                     <asankanbd@gmail.com> wrote:
>>
>>>                     Hi Devs,
>>>                     How about implementing this as an Axis2 module.
>>>                     That will allow user to have the feature if user
>>>                     prefers. And we can re-use it for synapse as well.
>>
>>                     I read about this technology a little bit. My
>>                     preference is for implementing it in the HTTP
>>                     transport. This really is a HTTP-specific
>>                     feature, and I don't see a reason why it should
>>                     be implemented outside the transport.
>>                     Unfortunately, however, this means we have to
>>                     re-implement it for Synapse.
>>
>>                     Thanks,
>>                     Hiranya
>>
>>>
>>>                     Thanks,
>>>                     Asanka
>>>
>>>                     On Fri, Jul 10, 2015 at 12:46 AM, Hiranya
>>>                     Jayathilaka <hiranya911@gmail.com> wrote:
>>>
>>>                         This might be a useful feature addition to
>>>                         Synapse as well. When you're done with the
>>>                         Axis2 implementation, perhaps you can take a
>>>                         look at the Synapse pass-thru transport as
>>>                         well.
>>>
>>>                         Thanks,
>>>                         Hiranya
>>>
>>>                         On Jul 9, 2015, at 5:27 AM, T. Allen
>>>                         <bif@verizon.net> wrote:
>>>
>>>>                         +1 for adding CORS support.
>>>>
>>>>
>>>>                         On 7/8/2015 8:13 PM, Asanka Dissanayake wrote:
>>>>>                         Hi Devs,
>>>>>                         I recently happened to call a Axis2Service
>>>>>                         with AJAX post method. Then there was an
>>>>>                         "Access-Control-Allow-Origin Error". When
>>>>>                         I was digging through the path, I came to
>>>>>                         know about CORS (Cross Origin Resource
>>>>>                         Sharing) spec [1] .
>>>>>
>>>>>                         User agents commonly apply same-origin
>>>>>                         restrictions to network requests. These
>>>>>                         restrictions prevent a client-side Web
>>>>>                         application running from one origin from
>>>>>                         obtaining data retrieved from another
>>>>>                         origin, and also limit unsafe HTTP
>>>>>                         requests that can be automatically
>>>>>                         launched toward destinations that differ
>>>>>                         from the running application's origin.
>>>>>
>>>>>                         To overcome this issue , I implemented an
>>>>>                         axis2 handler which the implementation is
>>>>>                         very specific to my use case. It handles
>>>>>                         the preflight request.
>>>>>
>>>>>                         In Axis2 , have we implemented CORS Spec?
>>>>>                         If not what about providing CORS support
>>>>>                         with Axis2?
>>>>>                         Since I already have the implementation, I
>>>>>                         can make it more generic and add to Axis2.
>>>>>
>>>>>                         [1] http://www.w3.org/TR/cors/
>>>>>
>>>>>                         Thanks,
>>>>>                         Asanka
>>>>
>>>>                         ---------------------------------------------------------------------
>>>>                         To unsubscribe, e-mail:
>>>>                         java-dev-unsubscribe@axis.apache.org
>>>>                         For additional commands, e-mail:
>>>>                         java-dev-help@axis.apache.org
>>>>
>>>
>>>                         --
>>>                         Hiranya Jayathilaka
>>>                         Mayhem Lab/RACE Lab;
>>>                         Dept. of Computer Science, UCSB;
>>>                         http://cs.ucsb.edu <http://cs.ucsb.edu/>
>>>                         E-mail: hiranya@cs.ucsb.edu; Mobile: +1
>>>                         (805) 895-7443 <tel:%2B1%20%28805%29%20895-7443>
>>>                         Blog: http://techfeast-hiranya.blogspot.com
>>>                         <http://techfeast-hiranya.blogspot.com/>
>>>
>>>
>>
>>                     --
>>                     Hiranya Jayathilaka
>>                     Mayhem Lab/RACE Lab;
>>                     Dept. of Computer Science, UCSB;
>>                     http://cs.ucsb.edu <http://cs.ucsb.edu/>
>>                     E-mail: hiranya@cs.ucsb.edu; Mobile: +1 (805)
>>                     895-7443 <tel:%2B1%20%28805%29%20895-7443>
>>                     Blog: http://techfeast-hiranya.blogspot.com
>>                     <http://techfeast-hiranya.blogspot.com/>
>>
>>
>>
>
>
>


Mime
View raw message