[brooklyn-server] 32/49: Updated dependencies and test corrected

Tue, 15 Jan 2019 18:11:59 -0800 

This is an automated email from the ASF dual-hosted git repository.

heneveld pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/brooklyn-server.git

commit 1402f10139922c1d50cafa65af6461851af17cb0
Author: Juan Cabrerizo <[email protected]>
AuthorDate: Thu Jan 10 10:22:23 2019 +0000

    Updated dependencies and test corrected
---
 .../rest/filter/EntitlementContextFilter.java      | 41 +++++++++++++++++-----
 .../rest/filter/EntitlementContextFilterTest.java  |  2 +-
 software/winrm/pom.xml                             |  8 +++++
 3 files changed, 42 insertions(+), 9 deletions(-)

diff --git 
a/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/filter/EntitlementContextFilter.java
 
b/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/filter/EntitlementContextFilter.java
index c7a9a5c..58ba340 100644
--- 
a/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/filter/EntitlementContextFilter.java
+++ 
b/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/filter/EntitlementContextFilter.java
@@ -23,35 +23,60 @@ import java.security.Principal;
 
 import javax.annotation.Priority;
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
 import javax.ws.rs.container.ContainerRequestContext;
 import javax.ws.rs.container.ContainerRequestFilter;
 import javax.ws.rs.container.ContainerResponseContext;
 import javax.ws.rs.container.ContainerResponseFilter;
 import javax.ws.rs.core.Context;
+import javax.ws.rs.core.Request;
 import javax.ws.rs.core.SecurityContext;
 import javax.ws.rs.ext.Provider;
 
+import org.apache.brooklyn.api.mgmt.entitlement.EntitlementContext;
 import org.apache.brooklyn.core.mgmt.entitlement.Entitlements;
 import org.apache.brooklyn.core.mgmt.entitlement.WebEntitlementContext;
+import org.apache.brooklyn.util.text.Strings;
 
 @Provider
 @Priority(400)
 public class EntitlementContextFilter implements ContainerRequestFilter, 
ContainerResponseFilter {
     @Context
     private HttpServletRequest request;
-    
+
     @Override
     public void filter(ContainerRequestContext requestContext) throws 
IOException {
+        String userName = null;
+
+        // first see if there is a principal
         SecurityContext securityContext = requestContext.getSecurityContext();
         Principal user = securityContext.getUserPrincipal();
+        if (user!=null) {
+            userName = user.getName();
+        } else {
+
+            // now look in session attribute - because principals hard to set 
from javax filter
+            if (request!=null) {
+                HttpSession s = request.getSession(false);
+                if (s!=null) {
+                    userName = Strings.toString(s.getAttribute(
+                            
BrooklynSecurityProviderFilterHelper.AUTHENTICATED_USER_SESSION_ATTRIBUTE));
+                }
+            }
+        }
+
+        if (userName != null) {
+            EntitlementContext oldEntitlement = 
Entitlements.getEntitlementContext();
+            if (oldEntitlement!=null && 
!userName.equals(oldEntitlement.user())) {
+                throw new IllegalStateException("Illegal entitement context 
switch, from user "+oldEntitlement.user()+" to "+userName);
+            }
+
+            String uri = request.getRequestURI();
+            String remoteAddr = request.getRemoteAddr();
 
-        if (user != null) {
-           String uri = request.getRequestURI();
-           String remoteAddr = request.getRemoteAddr();
-   
-           String uid = RequestTaggingRsFilter.getTag();
-           WebEntitlementContext entitlementContext = new 
WebEntitlementContext(user.getName(), remoteAddr, uri, uid);
-           Entitlements.setEntitlementContext(entitlementContext);
+            String uid = RequestTaggingRsFilter.getTag();
+            WebEntitlementContext entitlementContext = new 
WebEntitlementContext(userName, remoteAddr, uri, uid);
+            Entitlements.setEntitlementContext(entitlementContext);
         }
     }
 
diff --git 
a/rest/rest-resources/src/test/java/org/apache/brooklyn/rest/filter/EntitlementContextFilterTest.java
 
b/rest/rest-resources/src/test/java/org/apache/brooklyn/rest/filter/EntitlementContextFilterTest.java
index 7b75428..b266bd4 100644
--- 
a/rest/rest-resources/src/test/java/org/apache/brooklyn/rest/filter/EntitlementContextFilterTest.java
+++ 
b/rest/rest-resources/src/test/java/org/apache/brooklyn/rest/filter/EntitlementContextFilterTest.java
@@ -63,7 +63,7 @@ public class EntitlementContextFilterTest extends 
BrooklynRestResourceTest {
 
     @Override
     protected void addBrooklynResources() {
-        addResource(new BrooklynSecurityProviderFilterHelper());
+        addResource(new BrooklynSecurityProviderFilterJersey());
         addResource(new RequestTaggingRsFilter());
         addResource(new EntitlementContextFilter());
         addResource(new EntitlementResource());
diff --git a/software/winrm/pom.xml b/software/winrm/pom.xml
index b4a3f7e..8882c03 100644
--- a/software/winrm/pom.xml
+++ b/software/winrm/pom.xml
@@ -52,6 +52,14 @@
                     <groupId>org.slf4j</groupId>
                     <artifactId>slf4j-api</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>org.apache.cxf</groupId>
+                    <artifactId>cxf-core</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.apache.cxf</groupId>
+                    <artifactId>cxf-rt-transports-http</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <!--

Reply via email to