cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sergey Beryozkin (JIRA)" <j...@apache.org>
Subject [jira] Commented: (CXF-2346) CXF with Spring AOP-based Auth makes JAX-RS POST urlencode gives @FormParam=null
Date Mon, 20 Jul 2009 08:39:15 GMT

    [ https://issues.apache.org/jira/browse/CXF-2346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12733157#action_12733157
] 

Sergey Beryozkin commented on CXF-2346:
---------------------------------------

By the way, here's a workaround, untill 2.2.3 gets released.

Register a JAX-RS request filter and in there :

if ("POST".equals(m.get(Message.HTTP_REQUEST_METHOD))
     && "application/x-www-form-urlencoded".equals(m.get(Message.CONTENT_TYPE))) {

HttpServletRequest request = (HttpServletRequest)m.get(AbstractHTTPDestination.HTTP_REQUEST);

StringBuilder sb = new StringBuilder();
for (Enumeration en = request.getParameterNames(); en.hasMoreElements();) {
          String paramName = en.nextElement().toString();
          String[] paramValues = request.getParameterValues(paramName);
           for (int i = 0; i < paramValues.length; i++) {
                  sb.append(paramName).append('=').append(paramValues[i]);
                  if (i + 1 < paramValues.length) {
                       sb.append('&');
                  }
           }
           if (en.hasMoreElements()) {
                sb.append('&');
           }
}

m.putContent(InputStream.class, new ByteArrayInputStream(sb.getBytes("UTF-8")));
}


> CXF with Spring AOP-based Auth makes JAX-RS POST urlencode gives @FormParam=null 
> ---------------------------------------------------------------------------------
>
>                 Key: CXF-2346
>                 URL: https://issues.apache.org/jira/browse/CXF-2346
>             Project: CXF
>          Issue Type: Bug
>          Components: REST
>    Affects Versions: 2.2.2
>         Environment: CXF 2.2.2, JAX-RS, Servlet Edition running under Tomcat 6.0, in
combination with Spring and Spring AOP 2.5.6SEC01, Spring Security 2.0, JSR-250 @RolesAllowed,
and CGLIB 2.2
>            Reporter: Hendy Irawan
>            Assignee: Sergey Beryozkin
>             Fix For: 2.2.3, 2.3
>
>
> It's much accurate to illustrate this with a real project sample, since it takes quite
an effort to setup the integrated environment to reproduce this bug. (yet I have to say, this
integration setup is a good 'standard setup' for my general JAX-RS purposes)
> The sample project is at: http://scm.ops4j.org/repos/ops4j/laboratory/users/ceefour/cxfbug-urlencode-basicauth
> Given a project with the setup of CXF, JAX-RS, Servlet, Spring Security, Spring AOP,
CGLIB, and JSR-250 annotation, doing a POST with urlencode on JAX-RS resource with @FormParam
is not working.
> Here's the script used to test:
>     #!/bin/sh
>     # Environment: CXF 2.2.2, JAX-RS, Servlet Edition running under Tomcat 6.0, in combination
with Spring and Spring AOP 2.5.6SEC01, Spring Security 2.0, JSR-250 @RolesAllowed, and CGLIB
2.2
>     # Description: CXF with Spring AOP-based Auth makes JAX-RS POST urlencode gives @FormParam=null

>     echo 'Test if CXF just works'
>     curl -D - -v http://localhost:8080/cxfbug-urlencode-basicauth/
>     echo
>     echo 'Test if CXF POST works'
>     curl -D - -v -X POST http://localhost:8080/cxfbug-urlencode-basicauth/guestquery?name=Apache
>     echo
>     echo 'Test if CXF POST urlencode works'
>     curl -D - -v -X POST --data-urlencode name=Apache http://localhost:8080/cxfbug-urlencode-basicauth/guestform
>     echo
>     echo 'Test if CXF Auth with Spring AOP + Spring Security + JSR-250 works'
>     curl -D - -v -u apache:apache http://localhost:8080/cxfbug-urlencode-basicauth/loginget
>     echo
>     echo 'Test if CXF POST works'
>     curl -D - -v -u apache:apache -X POST http://localhost:8080/cxfbug-urlencode-basicauth/loginquery?name=Apache
>     echo
>     echo 'Test if CXF POST urlencode works with Auth'
>     curl -D - -v -u apache:apache -X POST --data-urlencode name=Apache http://localhost:8080/cxfbug-urlencode-basicauth/loginform
> Only the last one is failing, here's the result of the last two tests in my setup:
> Test if CXF POST works
> * About to connect() to localhost port 8080 (#0)
> *   Trying ::1... connected
> * Connected to localhost (::1) port 8080 (#0)
> * Server auth using Basic with user 'apache'
> > POST /cxfbug-urlencode-basicauth/loginquery?name=Apache HTTP/1.1
> > Authorization: Basic YXBhY2hlOmFwYWNoZQ==
> > User-Agent: curl/7.18.2 (i486-pc-linux-gnu) libcurl/7.18.2 OpenSSL/0.9.8g zlib/1.2.3.3
libidn/1.10
> > Host: localhost:8080
> > Accept: */*
> > 
> < HTTP/1.1 200 OK
> HTTP/1.1 200 OK
> < Server: Apache-Coyote/1.1
> Server: Apache-Coyote/1.1
> < Date: Fri, 17 Jul 2009 18:16:35 GMT
> Date: Fri, 17 Jul 2009 18:16:35 GMT
> < Content-Type: text/plain
> Content-Type: text/plain
> < Content-Length: 12
> Content-Length: 12
> < 
> * Connection #0 to host localhost left intact
> Hello Apache* Closing connection #0
> Test if CXF POST urlencode works with Auth
> * About to connect() to localhost port 8080 (#0)
> *   Trying ::1... connected
> * Connected to localhost (::1) port 8080 (#0)
> * Server auth using Basic with user 'apache'
> > POST /cxfbug-urlencode-basicauth/loginform HTTP/1.1
> > Authorization: Basic YXBhY2hlOmFwYWNoZQ==
> > User-Agent: curl/7.18.2 (i486-pc-linux-gnu) libcurl/7.18.2 OpenSSL/0.9.8g zlib/1.2.3.3
libidn/1.10
> > Host: localhost:8080
> > Accept: */*
> > Content-Length: 11
> > Content-Type: application/x-www-form-urlencoded
> > 
> < HTTP/1.1 200 OK
> HTTP/1.1 200 OK
> < Server: Apache-Coyote/1.1
> Server: Apache-Coyote/1.1
> < Date: Fri, 17 Jul 2009 18:16:35 GMT
> Date: Fri, 17 Jul 2009 18:16:35 GMT
> < Content-Type: text/plain
> Content-Type: text/plain
> < Content-Length: 10
> Content-Length: 10
> < 
> * Connection #0 to host localhost left intact
> Hello null* Closing connection #0
> @FormParam is giving null instead of provided "Apache".

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message