cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r929719 - in /cxf/dosgi/trunk: dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/ dsw/cxf-dsw/src/test/java/org/apache/cxf/dosgi/dsw/handlers/ parent/ samples/ samples/security_filter/ samples/security_filter/src/ samples/security...
Date Wed, 31 Mar 2010 21:22:22 GMT
Author: sergeyb
Date: Wed Mar 31 21:22:21 2010
New Revision: 929719

URL: http://svn.apache.org/viewvc?rev=929719&view=rev
Log:
DOSGI-67 : applying a patch on behalf of Josh Holtzman

Added:
    cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContext.java
  (with props)
    cxf/dosgi/trunk/dsw/cxf-dsw/src/test/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContextTest.java
  (with props)
    cxf/dosgi/trunk/samples/security_filter/
    cxf/dosgi/trunk/samples/security_filter/pom.xml   (with props)
    cxf/dosgi/trunk/samples/security_filter/src/
    cxf/dosgi/trunk/samples/security_filter/src/main/
    cxf/dosgi/trunk/samples/security_filter/src/main/java/
    cxf/dosgi/trunk/samples/security_filter/src/main/java/org/
    cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/
    cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/
    cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/
    cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/
    cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/
    cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/Activator.java
  (with props)
    cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/SecureRestEndpoint.java
  (with props)
Modified:
    cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/HttpServiceConfigurationTypeHandler.java
    cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/JaxRSHttpServiceConfigurationTypeHandler.java
    cxf/dosgi/trunk/parent/pom.xml
    cxf/dosgi/trunk/samples/pom.xml

Modified: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/HttpServiceConfigurationTypeHandler.java
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/HttpServiceConfigurationTypeHandler.java?rev=929719&r1=929718&r2=929719&view=diff
==============================================================================
--- cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/HttpServiceConfigurationTypeHandler.java
(original)
+++ cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/HttpServiceConfigurationTypeHandler.java
Wed Mar 31 21:22:21 2010
@@ -42,6 +42,7 @@ import org.apache.cxf.transport.servlet.
 import org.osgi.framework.BundleContext;
 import org.osgi.framework.ServiceException;
 import org.osgi.framework.ServiceReference;
+import org.osgi.service.http.HttpContext;
 import org.osgi.service.http.HttpService;
 import org.osgi.service.remoteserviceadmin.EndpointDescription;
 import org.osgi.util.tracker.ServiceTracker;
@@ -89,7 +90,8 @@ public class HttpServiceConfigurationTyp
         CXFNonSpringServlet cxf = new CXFNonSpringServlet();
         HttpService httpService = getHttpService();
         try {
-            httpService.registerServlet(contextRoot, cxf, new Hashtable<String, String>(),
null);
+            httpService.registerServlet(contextRoot, cxf, new Hashtable<String, String>(),

+                                       getHttpContext(dswContext, httpService));
             LOG.info("Successfully registered CXF DOSGi servlet at " + contextRoot);
         } catch (Exception e) {
             throw new ServiceException("CXF DOSGi: problem registering CXF HTTP Servlet",
e);
@@ -219,4 +221,11 @@ public class HttpServiceConfigurationTyp
             }
         }
     }
+
+
+    protected HttpContext getHttpContext(BundleContext bundleContext, HttpService httpService)
{
+
+        HttpContext httpContext = httpService.createDefaultHttpContext();
+        return new SecurityDelegatingHttpContext(bundleContext, httpContext);
+    }
 }

Modified: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/JaxRSHttpServiceConfigurationTypeHandler.java
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/JaxRSHttpServiceConfigurationTypeHandler.java?rev=929719&r1=929718&r2=929719&view=diff
==============================================================================
--- cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/JaxRSHttpServiceConfigurationTypeHandler.java
(original)
+++ cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/JaxRSHttpServiceConfigurationTypeHandler.java
Wed Mar 31 21:22:21 2010
@@ -37,6 +37,7 @@ import org.apache.cxf.transport.servlet.
 import org.osgi.framework.BundleContext;
 import org.osgi.framework.ServiceException;
 import org.osgi.framework.ServiceReference;
+import org.osgi.service.http.HttpContext;
 import org.osgi.service.http.HttpService;
 import org.osgi.service.remoteserviceadmin.EndpointDescription;
 
@@ -65,7 +66,7 @@ public class JaxRSHttpServiceConfigurati
         CXFNonSpringServlet cxf = new CXFNonSpringServlet();
         HttpService httpService = getHttpService();
         try {
-            httpService.registerServlet(contextRoot, cxf, new Hashtable<String, String>(),
null);
+            HttpContext httpContext = getHttpContext(dswContext, httpService);          
                     httpService.registerServlet(contextRoot, cxf, new Hashtable<String,
String>(),                                         httpContext);
             LOG.info("Successfully registered CXF DOSGi servlet at " + contextRoot);
         } catch (Exception e) {
             throw new ServiceException("CXF DOSGi: problem registering CXF HTTP Servlet",
e);

Added: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContext.java
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContext.java?rev=929719&view=auto
==============================================================================
--- cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContext.java
(added)
+++ cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContext.java
Wed Mar 31 21:22:21 2010
@@ -0,0 +1,119 @@
+/** 
+ * Licensed to the Apache Software Foundation (ASF) under one 
+ * or more contributor license agreements. See the NOTICE file 
+ * distributed with this work for additional information 
+ * regarding copyright ownership. The ASF licenses this file 
+ * to you under the Apache License, Version 2.0 (the 
+ * "License"); you may not use this file except in compliance 
+ * with the License. You may obtain a copy of the License at 
+ * 
+ * http://www.apache.org/licenses/LICENSE-2.0 
+ * 
+ * Unless required by applicable law or agreed to in writing, 
+ * software distributed under the License is distributed on an 
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 
+ * KIND, either express or implied. See the License for the 
+ * specific language governing permissions and limitations 
+ * under the License. 
+ */
+package org.apache.cxf.dosgi.dsw.handlers;
+
+import java.io.IOException;
+import java.net.URL;
+import java.util.logging.Logger;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.InvalidSyntaxException;
+import org.osgi.framework.ServiceReference;
+import org.osgi.service.http.HttpContext;
+
+/**
+ * <p>
+ * An HttpContext that delegates to another HttpContext for all things other than security.
This implementation handles
+ * security by delegating to a {@link FilterChain} based on the set of {@link Filter}s registered
with a
+ * {@link #FILTER_PROP} property.
+ * </p>
+ * 
+ * <p>
+ * If the {@link BundleContext} contains a {@link #FILTER_REQUIRED_PROP} property with value
"true", requests will not
+ * be allowed until at least one {@link Filter} with a {@link #FILTER_PROP} property is registered.
+ * </p>
+ */
+public class SecurityDelegatingHttpContext implements HttpContext {
+  private static final Logger LOG = Logger.getLogger(SecurityDelegatingHttpContext.class.getName());
+  public static final String FILTER_PROP = "org.apache.cxf.httpservice.filter";
+  public static final String FILTER_REQUIRED_PROP = "org.apache.cxf.httpservice.requirefilter";
+  private static final String FILTER_FILTER = "(" + FILTER_PROP + "=*)";
+  
+  BundleContext bundleContext;
+  HttpContext delegate;
+  boolean requireFilter;
+
+  public SecurityDelegatingHttpContext(BundleContext bundleContext, HttpContext delegate)
{
+    this.bundleContext = bundleContext;
+    this.delegate = delegate;
+    requireFilter = Boolean.TRUE.toString().equalsIgnoreCase(bundleContext.getProperty(FILTER_REQUIRED_PROP));
+  }
+
+  public String getMimeType(String name) {
+    return delegate.getMimeType(name);
+  }
+
+  public URL getResource(String name) {
+    return delegate.getResource(name);
+  }
+
+  public boolean handleSecurity(HttpServletRequest request, HttpServletResponse response)
throws IOException {
+    ServiceReference[] refs;
+    try {
+      refs = bundleContext.getServiceReferences(Filter.class.getName(), FILTER_FILTER);
+    } catch (InvalidSyntaxException e) {
+      LOG.warning(e.getMessage());
+      return false;
+    }
+    if (refs == null || refs.length == 0) {
+      LOG.info("No filter registered.");
+      return !requireFilter;
+    }
+    Filter[] filters = new Filter[refs.length];
+    for (int i = 0; i < refs.length; i++)
+      filters[i] = (Filter) bundleContext.getService(refs[i]);
+    try {
+      new Chain(filters).doFilter(request, response);
+      return !response.isCommitted();
+    } catch (ServletException e) {
+      LOG.warning(e.getMessage());
+      return false;
+    }
+  }
+}
+
+/**
+ * A {@link FilterChain} composed of {@link Filter}s with the
+ */
+class Chain implements FilterChain {
+  private static final Logger LOG = Logger.getLogger(Chain.class.getName());
+
+  int current = 0;
+  Filter[] filters;
+
+  Chain(Filter[] filters) {
+    this.filters = filters;
+  }
+
+  public void doFilter(ServletRequest request, ServletResponse response) throws IOException,
ServletException {
+    if (current < filters.length && !response.isCommitted()) {
+      Filter filter = filters[current++];
+      LOG.info("doFilter() on " + filter);
+      filter.doFilter(request, response, this);
+    }
+  }
+}

Propchange: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContext.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/dosgi/trunk/dsw/cxf-dsw/src/main/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContext.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/dosgi/trunk/dsw/cxf-dsw/src/test/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContextTest.java
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/dsw/cxf-dsw/src/test/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContextTest.java?rev=929719&view=auto
==============================================================================
--- cxf/dosgi/trunk/dsw/cxf-dsw/src/test/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContextTest.java
(added)
+++ cxf/dosgi/trunk/dsw/cxf-dsw/src/test/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContextTest.java
Wed Mar 31 21:22:21 2010
@@ -0,0 +1,216 @@
+package org.apache.cxf.dosgi.dsw.handlers;
+
+import java.io.PrintWriter;
+import java.net.URL;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import junit.framework.TestCase;
+
+import org.easymock.EasyMock;
+import org.junit.Assert;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.ServiceReference;
+import org.osgi.service.http.HttpContext;
+
+public class SecurityDelegatingHttpContextTest extends TestCase {
+  protected HttpContext defaultHttpContext;
+  protected SecurityDelegatingHttpContext httpContext;
+  protected CommitResponseFilter commitFilter;
+  protected DoNothingFilter doNothingFilter;
+  protected AccessDeniedFilter accessDeniedFilter;
+  protected String mimeType;
+  protected URL url; // does not need to exist
+
+  public void setUp() throws Exception {
+    mimeType = "text/xml";
+    url = new URL("file:test.xml"); // does not need to exist
+
+    // Sample filters
+    commitFilter = new CommitResponseFilter();
+    doNothingFilter = new DoNothingFilter();
+    accessDeniedFilter = new AccessDeniedFilter();
+
+    // Mock up the default http context
+    defaultHttpContext = EasyMock.createNiceMock(HttpContext.class);
+    EasyMock.expect(defaultHttpContext.getMimeType((String)EasyMock.anyObject())).andReturn(mimeType);
+    EasyMock.expect(defaultHttpContext.getResource((String)EasyMock.anyObject())).andReturn(url);
+    EasyMock.replay(defaultHttpContext);
+  }
+
+  public void testFilterRequired() throws Exception {
+    // Mock up the service references
+    ServiceReference[] serviceReferences = new ServiceReference[] {};
+
+    // Mock up the bundle context
+    BundleContext bundleContext = EasyMock.createNiceMock(BundleContext.class);
+    EasyMock.expect(bundleContext.getServiceReferences(Filter.class.getName(),
+            "(org.apache.cxf.httpservice.filter=true)")).andReturn(serviceReferences);
+    EasyMock.replay(bundleContext);
+
+    // Set up the secure http context
+    httpContext = new SecurityDelegatingHttpContext(bundleContext, defaultHttpContext);
+    httpContext.requireFilter = true;
+    
+    // Ensure that the httpContext doesn't allow the request to be processed, since there
are no registered servlet filters
+    HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+    EasyMock.replay(request);
+    HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+    EasyMock.replay(response);
+    boolean requestAllowed = httpContext.handleSecurity(request, response);
+    Assert.assertFalse(requestAllowed);
+    
+    // Ensure that the httpContext returns true if there is no requirement for registered
servlet filters
+    httpContext.requireFilter = false;
+    requestAllowed = httpContext.handleSecurity(request, response);
+    Assert.assertTrue(requestAllowed);
+  }
+
+  public void testSingleCommitFilter() throws Exception {
+    // Mock up the service references
+    ServiceReference filterReference = EasyMock.createNiceMock(ServiceReference.class);
+    EasyMock.replay(filterReference);
+    ServiceReference[] serviceReferences = new ServiceReference[] {filterReference};
+
+    // Mock up the bundle context
+    BundleContext bundleContext = EasyMock.createNiceMock(BundleContext.class);
+    EasyMock.expect(bundleContext.getServiceReferences((String)EasyMock.anyObject(), (String)EasyMock.anyObject()))
+      .andReturn(serviceReferences);
+    EasyMock.expect(bundleContext.getService((ServiceReference)EasyMock.anyObject())).andReturn(commitFilter);
+    EasyMock.replay(bundleContext);
+
+    // Set up the secure http context
+    httpContext = new SecurityDelegatingHttpContext(bundleContext, defaultHttpContext);
+    
+    // Ensure that the httpContext returns false, since the filter has committed the response
+    HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+    EasyMock.replay(request);
+    HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+    EasyMock.expect(response.isCommitted()).andReturn(false); // the first call checks to
see whether to invoke the filter
+    EasyMock.expect(response.isCommitted()).andReturn(true); // the second is called to determine
the handleSecurity return value
+    EasyMock.expect(response.getWriter()).andReturn(new PrintWriter(System.out));
+    EasyMock.replay(response);
+    Assert.assertFalse(httpContext.handleSecurity(request, response));
+
+    // Ensure that the appropriate filters were called
+    Assert.assertTrue(commitFilter.called);
+    Assert.assertFalse(doNothingFilter.called);
+    Assert.assertFalse(accessDeniedFilter.called);
+  }
+
+  public void testFilterChain() throws Exception {
+    // Mock up the service references
+    ServiceReference filterReference = EasyMock.createNiceMock(ServiceReference.class);
+    EasyMock.replay(filterReference);
+    ServiceReference[] serviceReferences = new ServiceReference[] {filterReference, filterReference};
+
+    // Mock up the bundle context
+    BundleContext bundleContext = EasyMock.createNiceMock(BundleContext.class);
+    EasyMock.expect(bundleContext.getServiceReferences((String)EasyMock.anyObject(), (String)EasyMock.anyObject()))
+      .andReturn(serviceReferences);
+    EasyMock.expect(bundleContext.getService((ServiceReference)EasyMock.anyObject())).andReturn(doNothingFilter);
+    EasyMock.expect(bundleContext.getService((ServiceReference)EasyMock.anyObject())).andReturn(commitFilter);
+    EasyMock.replay(bundleContext);
+
+    // Set up the secure http context
+    httpContext = new SecurityDelegatingHttpContext(bundleContext, defaultHttpContext);
+    
+    // Ensure that the httpContext returns false, since the filter has committed the response
+    HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+    EasyMock.replay(request);
+    HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+    EasyMock.expect(response.isCommitted()).andReturn(false); // doNothingFilter should not
commit the response
+    EasyMock.expect(response.getWriter()).andReturn(new PrintWriter(System.out));
+    EasyMock.expect(response.isCommitted()).andReturn(false);
+    EasyMock.expect(response.isCommitted()).andReturn(true); // the commit filter indicating
that it committed the response
+    EasyMock.replay(response);
+    Assert.assertFalse(httpContext.handleSecurity(request, response));
+
+    // Ensure that the appropriate filters were called
+    Assert.assertTrue(doNothingFilter.called);
+    Assert.assertTrue(commitFilter.called);
+    Assert.assertFalse(accessDeniedFilter.called);
+  }
+
+  public void testAllowRequest() throws Exception {
+    // Mock up the service references
+    ServiceReference filterReference = EasyMock.createNiceMock(ServiceReference.class);
+    EasyMock.replay(filterReference);
+    ServiceReference[] serviceReferences = new ServiceReference[] {filterReference};
+
+    // Mock up the bundle context
+    BundleContext bundleContext = EasyMock.createNiceMock(BundleContext.class);
+    EasyMock.expect(bundleContext.getServiceReferences((String)EasyMock.anyObject(), (String)EasyMock.anyObject()))
+      .andReturn(serviceReferences);
+    EasyMock.expect(bundleContext.getService((ServiceReference)EasyMock.anyObject())).andReturn(doNothingFilter);
+    EasyMock.replay(bundleContext);
+
+    // Set up the secure http context
+    httpContext = new SecurityDelegatingHttpContext(bundleContext, defaultHttpContext);
+    
+    // Ensure that the httpContext returns true, since the filter has not committed the response
+    HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
+    EasyMock.replay(request);
+    HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
+    EasyMock.expect(response.isCommitted()).andReturn(false);
+    EasyMock.replay(response);
+    Assert.assertTrue(httpContext.handleSecurity(request, response));
+
+    // Ensure that the appropriate filters were called
+    Assert.assertTrue(doNothingFilter.called);
+    Assert.assertFalse(commitFilter.called);
+    Assert.assertFalse(accessDeniedFilter.called);
+  }
+
+  public void testDelegation() throws Exception {
+    BundleContext bundleContext = EasyMock.createNiceMock(BundleContext.class);
+    EasyMock.replay(bundleContext);
+
+    // Set up the secure http context
+    httpContext = new SecurityDelegatingHttpContext(bundleContext, defaultHttpContext);
+
+    // Ensure that it delegates non-security calls to the wrapped implementation (in this
case, the mock)
+    Assert.assertEquals(mimeType, httpContext.getMimeType(""));
+    Assert.assertEquals(url, httpContext.getResource(""));
+  }
+}
+
+class CommitResponseFilter implements Filter {
+  public boolean called = false;
+  public void init(FilterConfig filterConfig) throws ServletException {}
+  public void destroy() {}
+  public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+    throws java.io.IOException ,javax.servlet.ServletException {
+    called = true;
+    response.getWriter().write("committing the response");
+  };
+}
+
+class DoNothingFilter implements Filter {
+  boolean called = false;
+  public void init(FilterConfig filterConfig) throws ServletException {}
+  public void destroy() {}
+  public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+    throws java.io.IOException ,javax.servlet.ServletException {
+    called = true;
+    chain.doFilter(request, response);
+  };
+}
+
+class AccessDeniedFilter implements Filter {
+  boolean called = false;
+  public void init(FilterConfig filterConfig) throws ServletException {}
+  public void destroy() {}
+  public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+    throws java.io.IOException ,javax.servlet.ServletException {
+    called = true;
+    ((HttpServletResponse)response).sendError(HttpServletResponse.SC_FORBIDDEN);
+  };
+}

Propchange: cxf/dosgi/trunk/dsw/cxf-dsw/src/test/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContextTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/dosgi/trunk/dsw/cxf-dsw/src/test/java/org/apache/cxf/dosgi/dsw/handlers/SecurityDelegatingHttpContextTest.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Modified: cxf/dosgi/trunk/parent/pom.xml
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/parent/pom.xml?rev=929719&r1=929718&r2=929719&view=diff
==============================================================================
--- cxf/dosgi/trunk/parent/pom.xml (original)
+++ cxf/dosgi/trunk/parent/pom.xml Wed Mar 31 21:22:21 2010
@@ -28,6 +28,7 @@
 
         <servicemix.specs.version>1.3.0</servicemix.specs.version>
 
+        <servlet.version>2.5</servlet.version>
         <log4j.version>1.2.15</log4j.version>
         <jetty.version>6.1.16</jetty.version>
         <xmlschema.bundle.version>1.4.3_1</xmlschema.bundle.version> <!--
CXF uses 1.4.4 -->

Modified: cxf/dosgi/trunk/samples/pom.xml
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/samples/pom.xml?rev=929719&r1=929718&r2=929719&view=diff
==============================================================================
--- cxf/dosgi/trunk/samples/pom.xml (original)
+++ cxf/dosgi/trunk/samples/pom.xml Wed Mar 31 21:22:21 2010
@@ -22,5 +22,6 @@
       <module>spring_dm</module>
       <module>ds</module>
       <module>discovery</module>
+      <module>security_filter</module>
     </modules> 
 </project>

Added: cxf/dosgi/trunk/samples/security_filter/pom.xml
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/samples/security_filter/pom.xml?rev=929719&view=auto
==============================================================================
--- cxf/dosgi/trunk/samples/security_filter/pom.xml (added)
+++ cxf/dosgi/trunk/samples/security_filter/pom.xml Wed Mar 31 21:22:21 2010
@@ -0,0 +1,77 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+
+  <modelVersion>4.0.0</modelVersion>
+  <groupId>org.apache.cxf.dosgi.samples</groupId>
+  <artifactId>cxf-dosgi-ri-bundles-sample-security</artifactId>
+  <packaging>bundle</packaging>
+  <name>Distributed OSGI Security Sample Bundle</name>
+  <version>1.2-SNAPSHOT</version>
+
+  <parent>
+    <groupId>org.apache.cxf.dosgi</groupId>
+    <artifactId>cxf-dosgi-ri-parent</artifactId>
+    <version>1.2-SNAPSHOT</version>
+    <relativePath>../../parent/pom.xml</relativePath> 
+  </parent>
+
+  <dependencies>
+      <dependency> 
+          <groupId>org.apache.felix</groupId>
+          <artifactId>org.apache.felix.framework</artifactId>
+          <version>${felix.version}</version>
+          <exclusions>
+              <exclusion>
+                  <groupId>org.apache.felix</groupId>
+                  <artifactId>org.osgi.foundation</artifactId>
+              </exclusion>
+          </exclusions>
+      </dependency> 
+      <dependency>
+        <groupId>javax.servlet</groupId>
+        <artifactId>servlet-api</artifactId>
+        <version>${servlet.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.apache.servicemix.specs</groupId>
+        <artifactId>org.apache.servicemix.specs.jsr311-api-1.0</artifactId>
+        <version>${servicemix.specs.version}</version>
+      </dependency>
+  </dependencies> 
+
+  <build>
+    <plugins>
+      <plugin>
+        <groupId>org.apache.felix</groupId>
+        <artifactId>maven-bundle-plugin</artifactId>
+        <configuration>
+          <instructions>
+            <Bundle-Name>${pom.name}</Bundle-Name>
+            <Bundle-Description>This bundle contains an example Distributed OSGi endpoint
that passes requests through a security filter.</Bundle-Description>
+            <Bundle-SymbolicName>${pom.artifactId}</Bundle-SymbolicName>
+            <Private-Package>org.apache.cxf.dosgi.samples.security</Private-Package>
+            <Bundle-Activator>org.apache.cxf.dosgi.samples.security.Activator</Bundle-Activator>
+          </instructions>
+        </configuration>
+      </plugin> 
+    </plugins>
+  </build>    
+
+</project>

Propchange: cxf/dosgi/trunk/samples/security_filter/pom.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/dosgi/trunk/samples/security_filter/pom.xml
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Propchange: cxf/dosgi/trunk/samples/security_filter/pom.xml
------------------------------------------------------------------------------
    svn:mime-type = text/xml

Added: cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/Activator.java
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/Activator.java?rev=929719&view=auto
==============================================================================
--- cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/Activator.java
(added)
+++ cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/Activator.java
Wed Mar 31 21:22:21 2010
@@ -0,0 +1,59 @@
+/** 
+ * Licensed to the Apache Software Foundation (ASF) under one 
+ * or more contributor license agreements. See the NOTICE file 
+ * distributed with this work for additional information 
+ * regarding copyright ownership. The ASF licenses this file 
+ * to you under the Apache License, Version 2.0 (the 
+ * "License"); you may not use this file except in compliance 
+ * with the License. You may obtain a copy of the License at 
+ * 
+ * http://www.apache.org/licenses/LICENSE-2.0 
+ * 
+ * Unless required by applicable law or agreed to in writing, 
+ * software distributed under the License is distributed on an 
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 
+ * KIND, either express or implied. See the License for the 
+ * specific language governing permissions and limitations 
+ * under the License. 
+ */
+package org.apache.cxf.dosgi.samples.security;
+
+import java.util.Dictionary;
+import java.util.Hashtable;
+
+import javax.servlet.Filter;
+
+import org.osgi.framework.BundleActivator;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.ServiceRegistration;
+
+/**
+ * Registers a REST endpoint and a servlet filter to control access to the endpoint.
+ */
+public class Activator implements BundleActivator {
+  private ServiceRegistration restRegistration;
+  private ServiceRegistration filterRegistration;
+  
+  @SuppressWarnings("unchecked")
+  public void start(BundleContext bundleContext) throws Exception {
+    // Register a rest endpoint
+    Dictionary restProps = new Hashtable();
+    restProps.put("service.exported.interfaces", SecureRestEndpoint.class.getName());
+    restProps.put("service.exported.configs", "org.apache.cxf.rs");
+    restProps.put("org.apache.cxf.rs.httpservice.context", "/secure");
+    restRegistration = bundleContext.registerService(SecureRestEndpoint.class.getName(),
new SecureRestEndpoint(), restProps);
+    
+    // Register a servlet filter (this could be done in another OSGi bundle, too)
+    Dictionary filterProps = new Hashtable();
+    filterProps.put("org.apache.cxf.httpservice.filter", Boolean.TRUE);
+    // Pax-Web whiteboard (if deployed) will attempt to apply this filter to servlets by
name or URL, and will complain
+    // if neither servletName or urlPatterns are specified.  The felix http service whiteboard
may do something similar.
+    filterProps.put("servletNames", "none");
+    filterRegistration = bundleContext.registerService(Filter.class.getName(), new SampleSecurityFilter(),
filterProps);
+  }
+  
+  public void stop(BundleContext bundleContext) throws Exception {
+    restRegistration.unregister();
+    filterRegistration.unregister();
+  }
+}

Propchange: cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/Activator.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/Activator.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/SecureRestEndpoint.java
URL: http://svn.apache.org/viewvc/cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/SecureRestEndpoint.java?rev=929719&view=auto
==============================================================================
--- cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/SecureRestEndpoint.java
(added)
+++ cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/SecureRestEndpoint.java
Wed Mar 31 21:22:21 2010
@@ -0,0 +1,35 @@
+/** 
+ * Licensed to the Apache Software Foundation (ASF) under one 
+ * or more contributor license agreements. See the NOTICE file 
+ * distributed with this work for additional information 
+ * regarding copyright ownership. The ASF licenses this file 
+ * to you under the Apache License, Version 2.0 (the 
+ * "License"); you may not use this file except in compliance 
+ * with the License. You may obtain a copy of the License at 
+ * 
+ * http://www.apache.org/licenses/LICENSE-2.0 
+ * 
+ * Unless required by applicable law or agreed to in writing, 
+ * software distributed under the License is distributed on an 
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 
+ * KIND, either express or implied. See the License for the 
+ * specific language governing permissions and limitations 
+ * under the License. 
+ */
+package org.apache.cxf.dosgi.samples.security;
+
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.MediaType;
+
+@Path("/")
+public class SecureRestEndpoint {
+  
+  @GET
+  @Path("hello")
+  @Produces(MediaType.TEXT_PLAIN)
+  public String sayHello() {
+    return "Hello and congratulations, you made it past the security filter";
+  }
+}

Propchange: cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/SecureRestEndpoint.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/dosgi/trunk/samples/security_filter/src/main/java/org/apache/cxf/dosgi/samples/security/SecureRestEndpoint.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date



Mime
View raw message