diff options
Diffstat (limited to 'java/sca/modules/binding-http-runtime/src/main')
4 files changed, 304 insertions, 129 deletions
diff --git a/java/sca/modules/binding-http-runtime/src/main/java/org/apache/tuscany/sca/binding/http/provider/HTTPBindingListenerServlet.java b/java/sca/modules/binding-http-runtime/src/main/java/org/apache/tuscany/sca/binding/http/provider/HTTPBindingListenerServlet.java index e969749358..084f52026f 100644 --- a/java/sca/modules/binding-http-runtime/src/main/java/org/apache/tuscany/sca/binding/http/provider/HTTPBindingListenerServlet.java +++ b/java/sca/modules/binding-http-runtime/src/main/java/org/apache/tuscany/sca/binding/http/provider/HTTPBindingListenerServlet.java @@ -24,16 +24,25 @@ import java.io.InputStream; import java.io.OutputStream;
import java.net.URLDecoder;
import java.text.ParseException;
+import java.util.List;
import javax.servlet.ServletException;
+import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.xml.namespace.QName;
-import org.apache.tuscany.sca.binding.http.CacheContext;
+import org.apache.tuscany.sca.assembly.Binding;
+import org.apache.tuscany.sca.binding.http.HTTPCacheContext;
+import org.apache.tuscany.sca.binding.http.util.HTTPHeadersParser;
import org.apache.tuscany.sca.invocation.Invoker;
import org.apache.tuscany.sca.invocation.Message;
import org.apache.tuscany.sca.invocation.MessageFactory;
+import org.apache.tuscany.sca.policy.Intent;
+import org.apache.tuscany.sca.policy.PolicySet;
+import org.apache.tuscany.sca.policy.PolicySetAttachPoint;
+import org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPolicy;
/**
* Servlet responsible for dispatching HTTP requests to the
@@ -44,6 +53,13 @@ import org.apache.tuscany.sca.invocation.MessageFactory; public class HTTPBindingListenerServlet extends HttpServlet {
private static final long serialVersionUID = 2865466417329430610L;
+ private static final QName AUTEHTICATION_INTENT = new QName("http://www.osoa.org/xmlns/sca/1.0","authentication");
+
+ transient private Binding binding;
+
+ transient private boolean requiresAuthentication = false;
+ transient private BasicAuthenticationPolicy basicAuthenticationPolicy = null;
+
private MessageFactory messageFactory;
private Invoker getInvoker;
private Invoker conditionalGetInvoker;
@@ -57,12 +73,49 @@ public class HTTPBindingListenerServlet extends HttpServlet { /**
* Constructs a new HTTPServiceListenerServlet.
*/
- public HTTPBindingListenerServlet(MessageFactory messageFactory) {
+ public HTTPBindingListenerServlet(Binding binding, MessageFactory messageFactory) {
+ this.binding = binding;
this.messageFactory = messageFactory;
+
+
+ // find out which policies are active
+ if (binding instanceof PolicySetAttachPoint) {
+ List<Intent> intents = ((PolicySetAttachPoint)binding).getRequiredIntents();
+ for(Intent intent : intents) {
+ if(intent.getName().equals(AUTEHTICATION_INTENT)) {
+ requiresAuthentication = true;
+ }
+ }
+
+
+ List<PolicySet> policySets = ((PolicySetAttachPoint)binding).getApplicablePolicySets();
+ for (PolicySet ps : policySets) {
+ for (Object p : ps.getPolicies()) {
+ if (BasicAuthenticationPolicy.class.isInstance(p)) {
+ basicAuthenticationPolicy = (BasicAuthenticationPolicy)p;
+ } else {
+ // etc. check for other types of policy being present
+ }
+ }
+ }
+ }
}
@Override
+ protected void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+
+ if(requiresAuthentication) {
+ if(! hasAuthenticationHeader(request, response)) {
+ response.setHeader("WWW-Authenticate", "BASIC realm=\"Tuscany\"");
+ response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
+ }
+ }
+
+ super.service(request, response);
+ }
+
+ @Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// Get the request path
String path = URLDecoder.decode(request.getRequestURI().substring(request.getServletPath().length()), "UTF-8");
@@ -75,12 +128,16 @@ public class HTTPBindingListenerServlet extends HttpServlet { // Invoke the get operation on the service implementation
Message requestMessage = messageFactory.createMessage();
+
+ //store http headers to message
+ requestMessage.getHeaders().addAll(HTTPHeadersParser.getHeaders(request));
+
String id = path.substring(1);
Message responseMessage = null;
- CacheContext cacheContext = null;
+ HTTPCacheContext cacheContext = null;
try {
- cacheContext = CacheContext.getCacheContextFromRequest(request);
+ cacheContext = HTTPCacheContext.getCacheContextFromRequest(request);
} catch (ParseException e) {
}
@@ -144,9 +201,9 @@ public class HTTPBindingListenerServlet extends HttpServlet { String id = path.substring(1);
Message responseMessage = null;
- CacheContext cacheContext = null;
+ HTTPCacheContext cacheContext = null;
try {
- cacheContext = CacheContext.getCacheContextFromRequest(request);
+ cacheContext = HTTPCacheContext.getCacheContextFromRequest(request);
} catch (ParseException e) {
}
@@ -210,9 +267,9 @@ public class HTTPBindingListenerServlet extends HttpServlet { String id = path.substring(1);
Message responseMessage = null;
- CacheContext cacheContext = null;
+ HTTPCacheContext cacheContext = null;
try {
- cacheContext = CacheContext.getCacheContextFromRequest(request);
+ cacheContext = HTTPCacheContext.getCacheContextFromRequest(request);
} catch (ParseException e) {
}
@@ -276,9 +333,9 @@ public class HTTPBindingListenerServlet extends HttpServlet { // String id = path.substring(1);
Message responseMessage = null;
- CacheContext cacheContext = null;
+ HTTPCacheContext cacheContext = null;
try {
- cacheContext = CacheContext.getCacheContextFromRequest(request);
+ cacheContext = HTTPCacheContext.getCacheContextFromRequest(request);
} catch (ParseException e) {
}
@@ -314,9 +371,9 @@ public class HTTPBindingListenerServlet extends HttpServlet { // Test if the ETag and LastModified are returned as a cache context.
Object body = responseMessage.getBody();
- if ( body.getClass() == CacheContext.class ) {
+ if ( body.getClass() == HTTPCacheContext.class ) {
// Transfer to header if so.
- CacheContext cc = (CacheContext)responseMessage.getBody();
+ HTTPCacheContext cc = (HTTPCacheContext)responseMessage.getBody();
if (( cc != null ) && ( cc.isEnabled() )) {
String eTag = cc.getETag();
if ( eTag != null )
@@ -328,116 +385,132 @@ public class HTTPBindingListenerServlet extends HttpServlet { }
}
- /**
- * @return the getInvoker
- */
- public Invoker getGetInvoker() {
- return getInvoker;
- }
-
- /**
- * @param getInvoker the getInvoker to set
- */
- public void setGetInvoker(Invoker getInvoker) {
- this.getInvoker = getInvoker;
- }
-
- /**
- * @return the conditionalGetInvoker
- */
- public Invoker getConditionalGetInvoker() {
- return conditionalGetInvoker;
- }
-
- /**
- * @param conditionalGetInvoker the conditionalGetInvoker to set
- */
- public void setConditionalGetInvoker(Invoker conditionalGetInvoker) {
- this.conditionalGetInvoker = conditionalGetInvoker;
- }
+ /**
+ * @return the getInvoker
+ */
+ public Invoker getGetInvoker() {
+ return getInvoker;
+ }
+
+ /**
+ * @param getInvoker the getInvoker to set
+ */
+ public void setGetInvoker(Invoker getInvoker) {
+ this.getInvoker = getInvoker;
+ }
+
+ /**
+ * @return the conditionalGetInvoker
+ */
+ public Invoker getConditionalGetInvoker() {
+ return conditionalGetInvoker;
+ }
+
+ /**
+ * @param conditionalGetInvoker the conditionalGetInvoker to set
+ */
+ public void setConditionalGetInvoker(Invoker conditionalGetInvoker) {
+ this.conditionalGetInvoker = conditionalGetInvoker;
+ }
+
+ /**
+ * @return the putInvoker
+ */
+ public Invoker getPutInvoker() {
+ return putInvoker;
+ }
+
+ /**
+ * @param putInvoker the putInvoker to set
+ */
+ public void setPutInvoker(Invoker putInvoker) {
+ this.putInvoker = putInvoker;
+ }
+
+ /**
+ * @return the conditionalPutInvoker
+ */
+ public Invoker getConditionalPutInvoker() {
+ return conditionalPutInvoker;
+ }
+
+ /**
+ * @param conditionalPutInvoker the conditionalPutInvoker to set
+ */
+ public void setConditionalPutInvoker(Invoker conditionalPutInvoker) {
+ this.conditionalPutInvoker = conditionalPutInvoker;
+ }
+
+ /**
+ * @return the postInvoker
+ */
+ public Invoker getPostInvoker() {
+ return postInvoker;
+ }
+
+ /**
+ * @param postInvoker the postInvoker to set
+ */
+ public void setPostInvoker(Invoker postInvoker) {
+ this.postInvoker = postInvoker;
+ }
+
+ /**
+ * @return the conditionalPostInvoker
+ */
+ public Invoker getConditionalPostInvoker() {
+ return conditionalPostInvoker;
+ }
+
+ /**
+ * @param conditionalPostInvoker the conditionalPostInvoker to set
+ */
+ public void setConditionalPostInvoker(Invoker conditionalPostInvoker) {
+ this.conditionalPostInvoker = conditionalPostInvoker;
+ }
+
+ /**
+ * @return the deleteInvoker
+ */
+ public Invoker getDeleteInvoker() {
+ return deleteInvoker;
+ }
+
+ /**
+ * @param deleteInvoker the deleteInvoker to set
+ */
+ public void setDeleteInvoker(Invoker deleteInvoker) {
+ this.deleteInvoker = deleteInvoker;
+ }
+
+ /**
+ * @return the conditionalDeleteInvoker
+ */
+ public Invoker getConditionalDeleteInvoker() {
+ return conditionalDeleteInvoker;
+ }
+
+ /**
+ * @param conditionalDeleteInvoker the conditionalDeleteInvoker to set
+ */
+ public void setConditionalDeleteInvoker(Invoker conditionalDeleteInvoker) {
+ this.conditionalDeleteInvoker = conditionalDeleteInvoker;
+ }
+
+
+ /**
+ * Utility Methods related to Policy
+ */
- /**
- * @return the putInvoker
- */
- public Invoker getPutInvoker() {
- return putInvoker;
- }
-
- /**
- * @param putInvoker the putInvoker to set
- */
- public void setPutInvoker(Invoker putInvoker) {
- this.putInvoker = putInvoker;
- }
-
- /**
- * @return the conditionalPutInvoker
- */
- public Invoker getConditionalPutInvoker() {
- return conditionalPutInvoker;
- }
-
- /**
- * @param conditionalPutInvoker the conditionalPutInvoker to set
- */
- public void setConditionalPutInvoker(Invoker conditionalPutInvoker) {
- this.conditionalPutInvoker = conditionalPutInvoker;
- }
-
- /**
- * @return the postInvoker
- */
- public Invoker getPostInvoker() {
- return postInvoker;
- }
-
- /**
- * @param postInvoker the postInvoker to set
- */
- public void setPostInvoker(Invoker postInvoker) {
- this.postInvoker = postInvoker;
- }
-
- /**
- * @return the conditionalPostInvoker
- */
- public Invoker getConditionalPostInvoker() {
- return conditionalPostInvoker;
- }
-
- /**
- * @param conditionalPostInvoker the conditionalPostInvoker to set
- */
- public void setConditionalPostInvoker(Invoker conditionalPostInvoker) {
- this.conditionalPostInvoker = conditionalPostInvoker;
- }
-
- /**
- * @return the deleteInvoker
- */
- public Invoker getDeleteInvoker() {
- return deleteInvoker;
- }
-
- /**
- * @param deleteInvoker the deleteInvoker to set
- */
- public void setDeleteInvoker(Invoker deleteInvoker) {
- this.deleteInvoker = deleteInvoker;
- }
-
- /**
- * @return the conditionalDeleteInvoker
- */
- public Invoker getConditionalDeleteInvoker() {
- return conditionalDeleteInvoker;
- }
-
- /**
- * @param conditionalDeleteInvoker the conditionalDeleteInvoker to set
- */
- public void setConditionalDeleteInvoker(Invoker conditionalDeleteInvoker) {
- this.conditionalDeleteInvoker = conditionalDeleteInvoker;
- }
+
+ private boolean hasAuthenticationHeader(HttpServletRequest request, ServletResponse response) {
+ boolean result = false;
+ if(request.getHeader("Authorization") != null) {
+ result = true;
+ }
+
+ return result;
+ }
+
}
diff --git a/java/sca/modules/binding-http-runtime/src/main/java/org/apache/tuscany/sca/binding/http/provider/HTTPServiceBindingProvider.java b/java/sca/modules/binding-http-runtime/src/main/java/org/apache/tuscany/sca/binding/http/provider/HTTPServiceBindingProvider.java index 0a8f74edca..8f91ff4343 100644 --- a/java/sca/modules/binding-http-runtime/src/main/java/org/apache/tuscany/sca/binding/http/provider/HTTPServiceBindingProvider.java +++ b/java/sca/modules/binding-http-runtime/src/main/java/org/apache/tuscany/sca/binding/http/provider/HTTPServiceBindingProvider.java @@ -39,10 +39,10 @@ import org.apache.tuscany.sca.runtime.RuntimeWire; * @version $Rev$ $Date$ */ public class HTTPServiceBindingProvider implements ServiceBindingProvider { - private RuntimeComponentService service; private HTTPBinding binding; private MessageFactory messageFactory; + private ServletHost servletHost; private String servletMapping; private HTTPBindingListenerServlet bindingListenerServlet; @@ -63,7 +63,7 @@ public class HTTPServiceBindingProvider implements ServiceBindingProvider { RuntimeComponentService componentService = (RuntimeComponentService) service; RuntimeWire wire = componentService.getRuntimeWire(binding); Servlet servlet = null; - bindingListenerServlet = new HTTPBindingListenerServlet( messageFactory ); + bindingListenerServlet = new HTTPBindingListenerServlet(binding, messageFactory ); for (InvocationChain invocationChain : wire.getInvocationChains()) { Operation operation = invocationChain.getTargetOperation(); String operationName = operation.getName(); @@ -101,7 +101,7 @@ public class HTTPServiceBindingProvider implements ServiceBindingProvider { servlet = bindingListenerServlet; } else if (operationName.equals("service")) { Invoker serviceInvoker = invocationChain.getHeadInvoker(); - servlet = new HTTPServiceListenerServlet(serviceInvoker, messageFactory); + servlet = new HTTPServiceListenerServlet(binding, serviceInvoker, messageFactory); break; } } diff --git a/java/sca/modules/binding-http-runtime/src/main/java/org/apache/tuscany/sca/binding/http/provider/HTTPServiceListenerServlet.java b/java/sca/modules/binding-http-runtime/src/main/java/org/apache/tuscany/sca/binding/http/provider/HTTPServiceListenerServlet.java index 03b91c4db2..493255655d 100644 --- a/java/sca/modules/binding-http-runtime/src/main/java/org/apache/tuscany/sca/binding/http/provider/HTTPServiceListenerServlet.java +++ b/java/sca/modules/binding-http-runtime/src/main/java/org/apache/tuscany/sca/binding/http/provider/HTTPServiceListenerServlet.java @@ -20,17 +20,25 @@ package org.apache.tuscany.sca.binding.http.provider; import java.io.IOException; +import java.util.List; import javax.servlet.Servlet; import javax.servlet.ServletConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.xml.namespace.QName; +import org.apache.tuscany.sca.assembly.Binding; import org.apache.tuscany.sca.invocation.Invoker; import org.apache.tuscany.sca.invocation.Message; import org.apache.tuscany.sca.invocation.MessageFactory; +import org.apache.tuscany.sca.policy.Intent; +import org.apache.tuscany.sca.policy.PolicySet; +import org.apache.tuscany.sca.policy.PolicySetAttachPoint; +import org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPolicy; /** * Servlet responsible for dispatching HTTP service requests to the @@ -39,17 +47,45 @@ import org.apache.tuscany.sca.invocation.MessageFactory; * @version $Rev$ $Date$ */ public class HTTPServiceListenerServlet implements Servlet { + private static final QName AUTEHTICATION_INTENT = new QName("http://www.osoa.org/xmlns/sca/1.0","authentication"); - private ServletConfig config; - private MessageFactory messageFactory; - private Invoker serviceInvoker; + transient private Binding binding; + transient private ServletConfig config; + transient private MessageFactory messageFactory; + transient private Invoker serviceInvoker; + transient private boolean requiresAuthentication = false; + transient private BasicAuthenticationPolicy basicAuthenticationPolicy = null; + /** * Constructs a new HTTPServiceListenerServlet. */ - public HTTPServiceListenerServlet(Invoker serviceInvoker, MessageFactory messageFactory) { + public HTTPServiceListenerServlet(Binding binding, Invoker serviceInvoker, MessageFactory messageFactory) { + this.binding = binding; this.serviceInvoker = serviceInvoker; this.messageFactory = messageFactory; + + // find out which policies are active + if (binding instanceof PolicySetAttachPoint) { + List<Intent> intents = ((PolicySetAttachPoint)binding).getRequiredIntents(); + for(Intent intent : intents) { + if(intent.getName().equals(AUTEHTICATION_INTENT)) { + requiresAuthentication = true; + } + } + + + List<PolicySet> policySets = ((PolicySetAttachPoint)binding).getApplicablePolicySets(); + for (PolicySet ps : policySets) { + for (Object p : ps.getPolicies()) { + if (BasicAuthenticationPolicy.class.isInstance(p)) { + basicAuthenticationPolicy = (BasicAuthenticationPolicy)p; + } else { + // etc. check for other types of policy being present + } + } + } + } } public ServletConfig getServletConfig() { @@ -65,10 +101,17 @@ public class HTTPServiceListenerServlet implements Servlet { } public void destroy() { + } public void service(ServletRequest request, ServletResponse response) throws ServletException, IOException { + if(requiresAuthentication) { + if(! hasAuthenticationHeader((HttpServletRequest)request, (HttpServletResponse)response)) { + ((HttpServletResponse)response).sendError(HttpServletResponse.SC_UNAUTHORIZED); + } + } + // Dispatch the service interaction to the service invoker Message requestMessage = messageFactory.createMessage(); requestMessage.setBody(new Object[]{request, response}); @@ -81,4 +124,13 @@ public class HTTPServiceListenerServlet implements Servlet { } } + + private boolean hasAuthenticationHeader(HttpServletRequest request, ServletResponse response) { + boolean result = false; + if(request.getHeader("Authorization") != null) { + result = true; + } + + return result; + } } diff --git a/java/sca/modules/binding-http-runtime/src/main/java/org/apache/tuscany/sca/binding/http/util/HTTPHeadersParser.java b/java/sca/modules/binding-http-runtime/src/main/java/org/apache/tuscany/sca/binding/http/util/HTTPHeadersParser.java new file mode 100644 index 0000000000..1fe4600e31 --- /dev/null +++ b/java/sca/modules/binding-http-runtime/src/main/java/org/apache/tuscany/sca/binding/http/util/HTTPHeadersParser.java @@ -0,0 +1,50 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.tuscany.sca.binding.http.util; + +import java.util.ArrayList; +import java.util.Enumeration; +import java.util.List; + +import javax.servlet.http.HttpServletRequest; + +import org.apache.tuscany.sca.binding.http.HTTPHeader; + +public class HTTPHeadersParser { + + /** + * Parse http request headers to a map + * + * @param request + * @return + */ + public static List<HTTPHeader> getHeaders(HttpServletRequest request) { + List<HTTPHeader> headers = new ArrayList<HTTPHeader>(); + + Enumeration<?> headerNames = request.getHeaderNames(); + while (headerNames.hasMoreElements()) { + String headerName = (String) headerNames.nextElement(); + Object headerValue = request.getHeader(headerName); + HTTPHeader header = new HTTPHeader(headerName, headerValue); + headers.add(header); + } + return headers; + } +} |