brooklyn-rest-server: add org.apache package prefix
Project: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/commit/a9e5ca55 Tree: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/tree/a9e5ca55 Diff: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/diff/a9e5ca55 Branch: refs/heads/master Commit: a9e5ca55faeee67aba23d340b9c8d183f3574125 Parents: cc4ffb9 Author: Ciprian Ciubotariu <cheepe...@gmx.net> Authored: Fri Aug 7 14:42:08 2015 +0300 Committer: Ciprian Ciubotariu <cheepe...@gmx.net> Committed: Fri Aug 7 15:56:42 2015 +0300 ---------------------------------------------------------------------- brooklyn-install.sh | 2 +- docs/guide/ops/brooklyn_properties.md | 10 +- docs/guide/start/brooklyn.properties | 2 +- .../main/java/org/apache/brooklyn/cli/Main.java | 4 +- .../brooklyn/cli/lister/ItemDescriptors.java | 6 +- .../jsgui/BrooklynJavascriptGuiLauncher.java | 2 +- .../BrooklynJavascriptGuiLauncherTest.java | 2 +- .../brooklyn/launcher/BrooklynLauncher.java | 8 +- .../brooklyn/launcher/BrooklynWebServer.java | 22 +- .../launcher/config/BrooklynGlobalConfig.java | 2 +- .../BrooklynEntityMirrorIntegrationTest.java | 2 +- .../launcher/BrooklynWebServerTest.java | 2 +- .../brooklyn/launcher/WebAppRunnerTest.java | 4 +- usage/rest-api/src/main/webapp/WEB-INF/web.xml | 10 +- .../ApplicationResourceIntegrationTest.java | 4 +- .../rest/client/BrooklynApiRestClientTest.java | 6 +- .../rest-client/src/test/webapp/WEB-INF/web.xml | 38 +- .../java/brooklyn/rest/BrooklynRestApi.java | 89 --- .../java/brooklyn/rest/BrooklynWebConfig.java | 155 ----- .../BrooklynPropertiesSecurityFilter.java | 176 ------ .../rest/filter/HaHotCheckResourceFilter.java | 151 ----- .../rest/filter/HaHotStateRequired.java | 36 -- .../rest/filter/HaMasterCheckFilter.java | 140 ----- .../brooklyn/rest/filter/LoggingFilter.java | 160 ----- .../brooklyn/rest/filter/NoCacheFilter.java | 40 -- .../rest/filter/RequestTaggingFilter.java | 62 -- .../resources/AbstractBrooklynRestResource.java | 153 ----- .../brooklyn/rest/resources/AccessResource.java | 46 -- .../rest/resources/ActivityResource.java | 67 --- .../brooklyn/rest/resources/ApidocResource.java | 29 - .../rest/resources/ApplicationResource.java | 463 -------------- .../rest/resources/CatalogResource.java | 481 --------------- .../rest/resources/EffectorResource.java | 115 ---- .../rest/resources/EntityConfigResource.java | 153 ----- .../brooklyn/rest/resources/EntityResource.java | 225 ------- .../rest/resources/LocationResource.java | 185 ------ .../rest/resources/PolicyConfigResource.java | 109 ---- .../brooklyn/rest/resources/PolicyResource.java | 133 ----- .../brooklyn/rest/resources/ScriptResource.java | 99 --- .../brooklyn/rest/resources/SensorResource.java | 150 ----- .../brooklyn/rest/resources/ServerResource.java | 496 --------------- .../brooklyn/rest/resources/UsageResource.java | 257 -------- .../rest/resources/VersionResource.java | 32 - .../brooklyn/rest/security/PasswordHasher.java | 32 - .../provider/AbstractSecurityProvider.java | 56 -- .../provider/AnyoneSecurityProvider.java | 40 -- .../provider/BlackholeSecurityProvider.java | 40 -- ...nUserWithRandomPasswordSecurityProvider.java | 68 --- .../provider/DelegatingSecurityProvider.java | 156 ----- .../provider/ExplicitUsersSecurityProvider.java | 103 ---- .../security/provider/LdapSecurityProvider.java | 131 ---- .../security/provider/SecurityProvider.java | 35 -- .../rest/transform/AccessTransformer.java | 39 -- .../rest/transform/ApplicationTransformer.java | 116 ---- .../transform/BrooklynFeatureTransformer.java | 45 -- .../rest/transform/CatalogTransformer.java | 163 ----- .../rest/transform/EffectorTransformer.java | 86 --- .../rest/transform/EntityTransformer.java | 155 ----- .../transform/HighAvailabilityTransformer.java | 50 -- .../rest/transform/LocationTransformer.java | 194 ------ .../rest/transform/PolicyTransformer.java | 84 --- .../rest/transform/SensorTransformer.java | 85 --- .../rest/transform/TaskTransformer.java | 147 ----- .../rest/util/BrooklynRestResourceUtils.java | 564 ----------------- .../rest/util/DefaultExceptionMapper.java | 102 ---- .../brooklyn/rest/util/EntityLocationUtils.java | 85 --- .../brooklyn/rest/util/FormMapProvider.java | 81 --- .../rest/util/ManagementContextProvider.java | 33 - .../brooklyn/rest/util/ShutdownHandler.java | 23 - .../rest/util/ShutdownHandlerProvider.java | 30 - .../brooklyn/rest/util/URLParamEncoder.java | 27 - .../brooklyn/rest/util/WebResourceUtils.java | 162 ----- .../rest/util/json/BidiSerialization.java | 175 ------ .../util/json/BrooklynJacksonJsonProvider.java | 172 ------ .../json/ConfigurableSerializerProvider.java | 94 --- .../ErrorAndToStringUnknownTypeSerializer.java | 125 ---- .../rest/util/json/MultimapSerializer.java | 62 -- ...StrictPreferringFieldsVisibilityChecker.java | 107 ---- .../apache/brooklyn/rest/BrooklynRestApi.java | 89 +++ .../apache/brooklyn/rest/BrooklynWebConfig.java | 155 +++++ .../BrooklynPropertiesSecurityFilter.java | 176 ++++++ .../rest/filter/HaHotCheckResourceFilter.java | 151 +++++ .../rest/filter/HaHotStateRequired.java | 36 ++ .../rest/filter/HaMasterCheckFilter.java | 140 +++++ .../brooklyn/rest/filter/LoggingFilter.java | 160 +++++ .../brooklyn/rest/filter/NoCacheFilter.java | 40 ++ .../rest/filter/RequestTaggingFilter.java | 62 ++ .../resources/AbstractBrooklynRestResource.java | 153 +++++ .../brooklyn/rest/resources/AccessResource.java | 46 ++ .../rest/resources/ActivityResource.java | 67 +++ .../brooklyn/rest/resources/ApidocResource.java | 29 + .../rest/resources/ApplicationResource.java | 463 ++++++++++++++ .../rest/resources/CatalogResource.java | 481 +++++++++++++++ .../rest/resources/EffectorResource.java | 115 ++++ .../rest/resources/EntityConfigResource.java | 153 +++++ .../brooklyn/rest/resources/EntityResource.java | 225 +++++++ .../rest/resources/LocationResource.java | 185 ++++++ .../rest/resources/PolicyConfigResource.java | 109 ++++ .../brooklyn/rest/resources/PolicyResource.java | 133 +++++ .../brooklyn/rest/resources/ScriptResource.java | 99 +++ .../brooklyn/rest/resources/SensorResource.java | 150 +++++ .../brooklyn/rest/resources/ServerResource.java | 496 +++++++++++++++ .../brooklyn/rest/resources/UsageResource.java | 257 ++++++++ .../rest/resources/VersionResource.java | 32 + .../brooklyn/rest/security/PasswordHasher.java | 32 + .../provider/AbstractSecurityProvider.java | 56 ++ .../provider/AnyoneSecurityProvider.java | 40 ++ .../provider/BlackholeSecurityProvider.java | 40 ++ ...nUserWithRandomPasswordSecurityProvider.java | 68 +++ .../provider/DelegatingSecurityProvider.java | 156 +++++ .../provider/ExplicitUsersSecurityProvider.java | 103 ++++ .../security/provider/LdapSecurityProvider.java | 131 ++++ .../security/provider/SecurityProvider.java | 35 ++ .../rest/transform/AccessTransformer.java | 39 ++ .../rest/transform/ApplicationTransformer.java | 116 ++++ .../transform/BrooklynFeatureTransformer.java | 45 ++ .../rest/transform/CatalogTransformer.java | 163 +++++ .../rest/transform/EffectorTransformer.java | 86 +++ .../rest/transform/EntityTransformer.java | 155 +++++ .../transform/HighAvailabilityTransformer.java | 50 ++ .../rest/transform/LocationTransformer.java | 194 ++++++ .../rest/transform/PolicyTransformer.java | 84 +++ .../rest/transform/SensorTransformer.java | 85 +++ .../rest/transform/TaskTransformer.java | 147 +++++ .../rest/util/BrooklynRestResourceUtils.java | 564 +++++++++++++++++ .../rest/util/DefaultExceptionMapper.java | 102 ++++ .../brooklyn/rest/util/EntityLocationUtils.java | 85 +++ .../brooklyn/rest/util/FormMapProvider.java | 81 +++ .../rest/util/ManagementContextProvider.java | 33 + .../brooklyn/rest/util/ShutdownHandler.java | 23 + .../rest/util/ShutdownHandlerProvider.java | 30 + .../brooklyn/rest/util/URLParamEncoder.java | 27 + .../brooklyn/rest/util/WebResourceUtils.java | 162 +++++ .../rest/util/json/BidiSerialization.java | 175 ++++++ .../util/json/BrooklynJacksonJsonProvider.java | 172 ++++++ .../json/ConfigurableSerializerProvider.java | 94 +++ .../ErrorAndToStringUnknownTypeSerializer.java | 125 ++++ .../rest/util/json/MultimapSerializer.java | 62 ++ ...StrictPreferringFieldsVisibilityChecker.java | 107 ++++ .../rest-server/src/main/webapp/WEB-INF/web.xml | 38 +- .../config/render/TestRendererHints.java | 2 + .../brooklynnode/DeployBlueprintTest.java | 90 --- .../BrooklynPropertiesSecurityFilterTest.java | 111 ---- .../brooklyn/rest/BrooklynRestApiLauncher.java | 433 -------------- .../rest/BrooklynRestApiLauncherTest.java | 76 --- .../BrooklynRestApiLauncherTestFixture.java | 110 ---- .../test/java/brooklyn/rest/HaHotCheckTest.java | 130 ---- .../brooklyn/rest/HaMasterCheckFilterTest.java | 219 ------- .../brooklyn/rest/domain/ApplicationTest.java | 94 --- .../rest/domain/LocationSummaryTest.java | 55 -- .../brooklyn/rest/domain/SensorSummaryTest.java | 102 ---- .../rest/resources/AccessResourceTest.java | 68 --- .../rest/resources/ApiDocResourceTest.java | 138 ----- .../ApplicationResourceIntegrationTest.java | 134 ----- .../rest/resources/ApplicationResourceTest.java | 598 ------------------- .../rest/resources/CatalogResetTest.java | 113 ---- .../rest/resources/CatalogResourceTest.java | 432 -------------- .../rest/resources/DelegatingPrintStream.java | 183 ------ .../rest/resources/DescendantsTest.java | 134 ----- .../resources/EntityConfigResourceTest.java | 173 ------ .../rest/resources/EntityResourceTest.java | 190 ------ .../rest/resources/ErrorResponseTest.java | 98 --- .../rest/resources/LocationResourceTest.java | 189 ------ .../rest/resources/PolicyResourceTest.java | 145 ----- .../rest/resources/ScriptResourceTest.java | 53 -- .../SensorResourceIntegrationTest.java | 83 --- .../rest/resources/SensorResourceTest.java | 272 --------- .../ServerResourceIntegrationTest.java | 126 ---- .../rest/resources/ServerResourceTest.java | 176 ------ .../rest/resources/ServerShutdownTest.java | 187 ------ .../rest/resources/UsageResourceTest.java | 447 -------------- .../rest/resources/VersionResourceTest.java | 50 -- .../rest/security/PasswordHasherTest.java | 37 -- .../security/provider/TestSecurityProvider.java | 46 -- .../rest/testing/BrooklynRestApiTest.java | 185 ------ .../rest/testing/BrooklynRestResourceTest.java | 155 ----- .../rest/testing/mocks/CapitalizePolicy.java | 32 - .../rest/testing/mocks/EverythingGroup.java | 27 - .../rest/testing/mocks/EverythingGroupImpl.java | 32 - .../rest/testing/mocks/NameMatcherGroup.java | 30 - .../testing/mocks/NameMatcherGroupImpl.java | 33 - .../rest/testing/mocks/RestMockApp.java | 24 - .../rest/testing/mocks/RestMockAppBuilder.java | 39 -- .../testing/mocks/RestMockSimpleEntity.java | 104 ---- .../testing/mocks/RestMockSimplePolicy.java | 65 -- .../util/BrooklynRestResourceUtilsTest.java | 215 ------- .../rest/util/EntityLocationUtilsTest.java | 73 --- .../rest/util/HaHotStateCheckClassResource.java | 38 -- .../rest/util/HaHotStateCheckResource.java | 44 -- .../util/NullHttpServletRequestProvider.java | 46 -- .../rest/util/NullServletConfigProvider.java | 46 -- .../brooklyn/rest/util/TestShutdownHandler.java | 39 -- .../json/BrooklynJacksonSerializerTest.java | 399 ------------- .../brooklynnode/DeployBlueprintTest.java | 91 +++ .../BrooklynPropertiesSecurityFilterTest.java | 111 ++++ .../brooklyn/rest/BrooklynRestApiLauncher.java | 433 ++++++++++++++ .../rest/BrooklynRestApiLauncherTest.java | 76 +++ .../BrooklynRestApiLauncherTestFixture.java | 110 ++++ .../apache/brooklyn/rest/HaHotCheckTest.java | 130 ++++ .../brooklyn/rest/HaMasterCheckFilterTest.java | 219 +++++++ .../brooklyn/rest/domain/ApplicationTest.java | 98 +++ .../rest/domain/LocationSummaryTest.java | 57 ++ .../brooklyn/rest/domain/SensorSummaryTest.java | 103 ++++ .../rest/resources/AccessResourceTest.java | 68 +++ .../rest/resources/ApiDocResourceTest.java | 138 +++++ .../ApplicationResourceIntegrationTest.java | 134 +++++ .../rest/resources/ApplicationResourceTest.java | 598 +++++++++++++++++++ .../rest/resources/CatalogResetTest.java | 113 ++++ .../rest/resources/CatalogResourceTest.java | 432 ++++++++++++++ .../rest/resources/DelegatingPrintStream.java | 183 ++++++ .../rest/resources/DescendantsTest.java | 134 +++++ .../resources/EntityConfigResourceTest.java | 173 ++++++ .../rest/resources/EntityResourceTest.java | 190 ++++++ .../rest/resources/ErrorResponseTest.java | 98 +++ .../rest/resources/LocationResourceTest.java | 189 ++++++ .../rest/resources/PolicyResourceTest.java | 145 +++++ .../rest/resources/ScriptResourceTest.java | 53 ++ .../SensorResourceIntegrationTest.java | 83 +++ .../rest/resources/SensorResourceTest.java | 272 +++++++++ .../ServerResourceIntegrationTest.java | 126 ++++ .../rest/resources/ServerResourceTest.java | 176 ++++++ .../rest/resources/ServerShutdownTest.java | 187 ++++++ .../rest/resources/UsageResourceTest.java | 447 ++++++++++++++ .../rest/resources/VersionResourceTest.java | 50 ++ .../rest/security/PasswordHasherTest.java | 37 ++ .../security/provider/TestSecurityProvider.java | 46 ++ .../rest/testing/BrooklynRestApiTest.java | 185 ++++++ .../rest/testing/BrooklynRestResourceTest.java | 155 +++++ .../rest/testing/mocks/CapitalizePolicy.java | 32 + .../rest/testing/mocks/EverythingGroup.java | 27 + .../rest/testing/mocks/EverythingGroupImpl.java | 32 + .../rest/testing/mocks/NameMatcherGroup.java | 30 + .../testing/mocks/NameMatcherGroupImpl.java | 33 + .../rest/testing/mocks/RestMockApp.java | 24 + .../rest/testing/mocks/RestMockAppBuilder.java | 39 ++ .../testing/mocks/RestMockSimpleEntity.java | 104 ++++ .../testing/mocks/RestMockSimplePolicy.java | 65 ++ .../util/BrooklynRestResourceUtilsTest.java | 215 +++++++ .../rest/util/EntityLocationUtilsTest.java | 73 +++ .../rest/util/HaHotStateCheckClassResource.java | 38 ++ .../rest/util/HaHotStateCheckResource.java | 44 ++ .../util/NullHttpServletRequestProvider.java | 46 ++ .../rest/util/NullServletConfigProvider.java | 46 ++ .../brooklyn/rest/util/TestShutdownHandler.java | 39 ++ .../json/BrooklynJacksonSerializerTest.java | 399 +++++++++++++ 245 files changed, 15079 insertions(+), 15069 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/brooklyn-install.sh ---------------------------------------------------------------------- diff --git a/brooklyn-install.sh b/brooklyn-install.sh index 95e614a..f73d83c 100755 --- a/brooklyn-install.sh +++ b/brooklyn-install.sh @@ -252,7 +252,7 @@ brooklyn.webconsole.security.user.${USER}.salt = ${SALT} brooklyn.webconsole.security.user.${USER}.sha256 = ${HASH} EOF else - ssh ${SSH_OPTS} ${USER}@${HOST} "sed -i.bak 's/^# brooklyn.webconsole.security.provider = brooklyn.rest.security.provider.AnyoneSecurityProvider/brooklyn.webconsole.security.provider = brooklyn.rest.security.provider.AnyoneSecurityProvider/' .brooklyn/brooklyn.properties" + ssh ${SSH_OPTS} ${USER}@${HOST} "sed -i.bak 's/^# brooklyn.webconsole.security.provider = org.apache.brooklyn.rest.security.provider.AnyoneSecurityProvider/brooklyn.webconsole.security.provider = org.apache.brooklyn.rest.security.provider.AnyoneSecurityProvider/' .brooklyn/brooklyn.properties" fi log "...done!" fi http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/docs/guide/ops/brooklyn_properties.md ---------------------------------------------------------------------- diff --git a/docs/guide/ops/brooklyn_properties.md b/docs/guide/ops/brooklyn_properties.md index 01d087e..637dba2 100644 --- a/docs/guide/ops/brooklyn_properties.md +++ b/docs/guide/ops/brooklyn_properties.md @@ -104,17 +104,17 @@ Other security providers available include: ### No one -`brooklyn.webconsole.security.provider=brooklyn.rest.security.provider.BlackholeSecurityProvider` +`brooklyn.webconsole.security.provider=org.apache.brooklyn.rest.security.provider.BlackholeSecurityProvider` will block all logins (e.g. if not using the web console) ### No security -`brooklyn.webconsole.security.provider=brooklyn.rest.security.provider.AnyoneSecurityProvider` +`brooklyn.webconsole.security.provider=org.apache.brooklyn.rest.security.provider.AnyoneSecurityProvider` will allow logins with no credentials (e.g. in secure dev/test environments) ### LDAP -`brooklyn.webconsole.security.provider=brooklyn.rest.security.provider.LdapSecurityProvider` +`brooklyn.webconsole.security.provider=org.apache.brooklyn.rest.security.provider.LdapSecurityProvider` will cause Brooklyn to call to an LDAP server to authenticate users; The other things you need to set in `brooklyn.properties` are: @@ -125,13 +125,13 @@ The other things you need to set in `brooklyn.properties` are: **brooklyn.properties example configuration:** ``` -brooklyn.webconsole.security.provider=brooklyn.rest.security.provider.LdapSecurityProvider +brooklyn.webconsole.security.provider=org.apache.brooklyn.rest.security.provider.LdapSecurityProvider brooklyn.webconsole.security.ldap.url=ldap://localhost:10389/????X-BIND-USER=uid=admin%2cou=system,X-BIND-PASSWORD=secret,X-COUNT-LIMIT=1000 brooklyn.webconsole.security.ldap.realm=example.com ``` After you setup the brooklyn connection to your LDAP server, you can authenticate in brooklyn using your cn (e.g. John Smith) and your password. -`brooklyn.rest.security.provider.LdapSecurityProvider` searches in the LDAP tree in LDAP://cn=John Smith,ou=Users,dc=example,dc=com +`org.apache.brooklyn.rest.security.provider.LdapSecurityProvider` searches in the LDAP tree in LDAP://cn=John Smith,ou=Users,dc=example,dc=com If you want to customize the ldap path or something else which is particular to your LDAP setup you can extend `LdapSecurityProvider` class or implement from scratch the `SecurityProvider` interface. http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/docs/guide/start/brooklyn.properties ---------------------------------------------------------------------- diff --git a/docs/guide/start/brooklyn.properties b/docs/guide/start/brooklyn.properties index 08bb4a3..2d6682f 100644 --- a/docs/guide/start/brooklyn.properties +++ b/docs/guide/start/brooklyn.properties @@ -101,7 +101,7 @@ brooklyn.location.jclouds.aws-ec2.credential = <access-key-hex-digits> ## Additional security: Allow all - if you know what you are doing! ## (Or you can also plug in e.g. LDAP security etc here) -# brooklyn.webconsole.security.provider = brooklyn.rest.security.provider.AnyoneSecurityProvider +# brooklyn.webconsole.security.provider = org.apache.brooklyn.rest.security.provider.AnyoneSecurityProvider ## Optionally disallow deployment to localhost (or any other location) # brooklyn.location.localhost.enabled=false http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/usage/cli/src/main/java/org/apache/brooklyn/cli/Main.java ---------------------------------------------------------------------- diff --git a/usage/cli/src/main/java/org/apache/brooklyn/cli/Main.java b/usage/cli/src/main/java/org/apache/brooklyn/cli/Main.java index 71a6d4e..04e31ab 100644 --- a/usage/cli/src/main/java/org/apache/brooklyn/cli/Main.java +++ b/usage/cli/src/main/java/org/apache/brooklyn/cli/Main.java @@ -90,8 +90,8 @@ import brooklyn.management.ManagementContext; import brooklyn.management.Task; import brooklyn.management.ha.HighAvailabilityMode; import brooklyn.management.ha.OsgiManager; -import brooklyn.rest.security.PasswordHasher; -import brooklyn.rest.util.ShutdownHandler; +import org.apache.brooklyn.rest.security.PasswordHasher; +import org.apache.brooklyn.rest.util.ShutdownHandler; import brooklyn.util.ResourceUtils; import brooklyn.util.exceptions.Exceptions; import brooklyn.util.exceptions.FatalConfigurationRuntimeException; http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/usage/cli/src/main/java/org/apache/brooklyn/cli/lister/ItemDescriptors.java ---------------------------------------------------------------------- diff --git a/usage/cli/src/main/java/org/apache/brooklyn/cli/lister/ItemDescriptors.java b/usage/cli/src/main/java/org/apache/brooklyn/cli/lister/ItemDescriptors.java index 3912dd9..af33289 100644 --- a/usage/cli/src/main/java/org/apache/brooklyn/cli/lister/ItemDescriptors.java +++ b/usage/cli/src/main/java/org/apache/brooklyn/cli/lister/ItemDescriptors.java @@ -42,9 +42,9 @@ import brooklyn.rest.domain.EffectorSummary; import brooklyn.rest.domain.EntityConfigSummary; import brooklyn.rest.domain.SensorSummary; import brooklyn.rest.domain.SummaryComparators; -import brooklyn.rest.transform.EffectorTransformer; -import brooklyn.rest.transform.EntityTransformer; -import brooklyn.rest.transform.SensorTransformer; +import org.apache.brooklyn.rest.transform.EffectorTransformer; +import org.apache.brooklyn.rest.transform.EntityTransformer; +import org.apache.brooklyn.rest.transform.SensorTransformer; import brooklyn.util.exceptions.RuntimeInterruptedException; import com.google.common.base.Strings; http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/usage/jsgui/src/test/java/org/apache/brooklyn/rest/jsgui/BrooklynJavascriptGuiLauncher.java ---------------------------------------------------------------------- diff --git a/usage/jsgui/src/test/java/org/apache/brooklyn/rest/jsgui/BrooklynJavascriptGuiLauncher.java b/usage/jsgui/src/test/java/org/apache/brooklyn/rest/jsgui/BrooklynJavascriptGuiLauncher.java index 72897d9..c32c832 100644 --- a/usage/jsgui/src/test/java/org/apache/brooklyn/rest/jsgui/BrooklynJavascriptGuiLauncher.java +++ b/usage/jsgui/src/test/java/org/apache/brooklyn/rest/jsgui/BrooklynJavascriptGuiLauncher.java @@ -25,7 +25,7 @@ import org.eclipse.jetty.webapp.WebAppContext; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import brooklyn.rest.BrooklynRestApiLauncher; +import org.apache.brooklyn.rest.BrooklynRestApiLauncher; import brooklyn.util.net.Networking; /** launches Javascript GUI programmatically. and used for tests. http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/usage/jsgui/src/test/java/org/apache/brooklyn/rest/jsgui/BrooklynJavascriptGuiLauncherTest.java ---------------------------------------------------------------------- diff --git a/usage/jsgui/src/test/java/org/apache/brooklyn/rest/jsgui/BrooklynJavascriptGuiLauncherTest.java b/usage/jsgui/src/test/java/org/apache/brooklyn/rest/jsgui/BrooklynJavascriptGuiLauncherTest.java index cd538cc..aeab8fa 100644 --- a/usage/jsgui/src/test/java/org/apache/brooklyn/rest/jsgui/BrooklynJavascriptGuiLauncherTest.java +++ b/usage/jsgui/src/test/java/org/apache/brooklyn/rest/jsgui/BrooklynJavascriptGuiLauncherTest.java @@ -26,7 +26,7 @@ import org.testng.annotations.Test; import brooklyn.config.BrooklynServiceAttributes; import brooklyn.entity.basic.Entities; import brooklyn.management.ManagementContext; -import brooklyn.rest.BrooklynRestApiLauncherTestFixture; +import org.apache.brooklyn.rest.BrooklynRestApiLauncherTestFixture; import brooklyn.test.Asserts; import brooklyn.test.HttpTestUtils; http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/usage/launcher/src/main/java/org/apache/brooklyn/launcher/BrooklynLauncher.java ---------------------------------------------------------------------- diff --git a/usage/launcher/src/main/java/org/apache/brooklyn/launcher/BrooklynLauncher.java b/usage/launcher/src/main/java/org/apache/brooklyn/launcher/BrooklynLauncher.java index ac17aa1..af09b76 100644 --- a/usage/launcher/src/main/java/org/apache/brooklyn/launcher/BrooklynLauncher.java +++ b/usage/launcher/src/main/java/org/apache/brooklyn/launcher/BrooklynLauncher.java @@ -88,10 +88,10 @@ import brooklyn.management.ha.ManagementPlaneSyncRecordPersisterToObjectStore; import brooklyn.management.internal.LocalManagementContext; import brooklyn.management.internal.ManagementContextInternal; import brooklyn.mementos.BrooklynMementoRawData; -import brooklyn.rest.BrooklynWebConfig; -import brooklyn.rest.filter.BrooklynPropertiesSecurityFilter; -import brooklyn.rest.security.provider.BrooklynUserWithRandomPasswordSecurityProvider; -import brooklyn.rest.util.ShutdownHandler; +import org.apache.brooklyn.rest.BrooklynWebConfig; +import org.apache.brooklyn.rest.filter.BrooklynPropertiesSecurityFilter; +import org.apache.brooklyn.rest.security.provider.BrooklynUserWithRandomPasswordSecurityProvider; +import org.apache.brooklyn.rest.util.ShutdownHandler; import brooklyn.util.exceptions.Exceptions; import brooklyn.util.exceptions.FatalConfigurationRuntimeException; import brooklyn.util.exceptions.FatalRuntimeException; http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/usage/launcher/src/main/java/org/apache/brooklyn/launcher/BrooklynWebServer.java ---------------------------------------------------------------------- diff --git a/usage/launcher/src/main/java/org/apache/brooklyn/launcher/BrooklynWebServer.java b/usage/launcher/src/main/java/org/apache/brooklyn/launcher/BrooklynWebServer.java index 1f2bc5d..86750c3 100644 --- a/usage/launcher/src/main/java/org/apache/brooklyn/launcher/BrooklynWebServer.java +++ b/usage/launcher/src/main/java/org/apache/brooklyn/launcher/BrooklynWebServer.java @@ -70,17 +70,17 @@ import brooklyn.location.basic.LocalhostMachineProvisioningLocation; import brooklyn.location.basic.PortRanges; import brooklyn.management.ManagementContext; import brooklyn.management.internal.ManagementContextInternal; -import brooklyn.rest.BrooklynRestApi; -import brooklyn.rest.BrooklynWebConfig; -import brooklyn.rest.filter.BrooklynPropertiesSecurityFilter; -import brooklyn.rest.filter.HaHotCheckResourceFilter; -import brooklyn.rest.filter.HaMasterCheckFilter; -import brooklyn.rest.filter.LoggingFilter; -import brooklyn.rest.filter.NoCacheFilter; -import brooklyn.rest.filter.RequestTaggingFilter; -import brooklyn.rest.util.ManagementContextProvider; -import brooklyn.rest.util.ShutdownHandler; -import brooklyn.rest.util.ShutdownHandlerProvider; +import org.apache.brooklyn.rest.BrooklynRestApi; +import org.apache.brooklyn.rest.BrooklynWebConfig; +import org.apache.brooklyn.rest.filter.BrooklynPropertiesSecurityFilter; +import org.apache.brooklyn.rest.filter.HaHotCheckResourceFilter; +import org.apache.brooklyn.rest.filter.HaMasterCheckFilter; +import org.apache.brooklyn.rest.filter.LoggingFilter; +import org.apache.brooklyn.rest.filter.NoCacheFilter; +import org.apache.brooklyn.rest.filter.RequestTaggingFilter; +import org.apache.brooklyn.rest.util.ManagementContextProvider; +import org.apache.brooklyn.rest.util.ShutdownHandler; +import org.apache.brooklyn.rest.util.ShutdownHandlerProvider; import brooklyn.util.BrooklynNetworkUtils; import brooklyn.util.ResourceUtils; import brooklyn.util.collections.MutableMap; http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/usage/launcher/src/main/java/org/apache/brooklyn/launcher/config/BrooklynGlobalConfig.java ---------------------------------------------------------------------- diff --git a/usage/launcher/src/main/java/org/apache/brooklyn/launcher/config/BrooklynGlobalConfig.java b/usage/launcher/src/main/java/org/apache/brooklyn/launcher/config/BrooklynGlobalConfig.java index 9ae0504..2e1b54d 100644 --- a/usage/launcher/src/main/java/org/apache/brooklyn/launcher/config/BrooklynGlobalConfig.java +++ b/usage/launcher/src/main/java/org/apache/brooklyn/launcher/config/BrooklynGlobalConfig.java @@ -23,7 +23,7 @@ import brooklyn.config.ConfigKey; import brooklyn.entity.basic.BrooklynConfigKeys; import brooklyn.location.cloud.CloudLocationConfig; import brooklyn.management.internal.BrooklynGarbageCollector; -import brooklyn.rest.BrooklynWebConfig; +import org.apache.brooklyn.rest.BrooklynWebConfig; import brooklyn.util.internal.BrooklynSystemProperties; import brooklyn.util.internal.StringSystemProperty; import brooklyn.util.time.Duration; http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/usage/launcher/src/test/java/org/apache/brooklyn/entity/brooklynnode/BrooklynEntityMirrorIntegrationTest.java ---------------------------------------------------------------------- diff --git a/usage/launcher/src/test/java/org/apache/brooklyn/entity/brooklynnode/BrooklynEntityMirrorIntegrationTest.java b/usage/launcher/src/test/java/org/apache/brooklyn/entity/brooklynnode/BrooklynEntityMirrorIntegrationTest.java index f42c574..b0ba2e7 100644 --- a/usage/launcher/src/test/java/org/apache/brooklyn/entity/brooklynnode/BrooklynEntityMirrorIntegrationTest.java +++ b/usage/launcher/src/test/java/org/apache/brooklyn/entity/brooklynnode/BrooklynEntityMirrorIntegrationTest.java @@ -37,7 +37,7 @@ import brooklyn.entity.proxying.EntitySpec; import org.apache.brooklyn.launcher.BrooklynWebServer; import brooklyn.management.ManagementContext; import brooklyn.management.ha.HighAvailabilityMode; -import brooklyn.rest.filter.BrooklynPropertiesSecurityFilter; +import org.apache.brooklyn.rest.filter.BrooklynPropertiesSecurityFilter; import brooklyn.test.Asserts; import brooklyn.test.EntityTestUtils; import brooklyn.test.HttpTestUtils; http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/usage/launcher/src/test/java/org/apache/brooklyn/launcher/BrooklynWebServerTest.java ---------------------------------------------------------------------- diff --git a/usage/launcher/src/test/java/org/apache/brooklyn/launcher/BrooklynWebServerTest.java b/usage/launcher/src/test/java/org/apache/brooklyn/launcher/BrooklynWebServerTest.java index 9510754..be6398f 100644 --- a/usage/launcher/src/test/java/org/apache/brooklyn/launcher/BrooklynWebServerTest.java +++ b/usage/launcher/src/test/java/org/apache/brooklyn/launcher/BrooklynWebServerTest.java @@ -48,7 +48,7 @@ import org.testng.annotations.Test; import brooklyn.config.BrooklynProperties; import brooklyn.entity.basic.Entities; import brooklyn.management.internal.LocalManagementContext; -import brooklyn.rest.BrooklynWebConfig; +import org.apache.brooklyn.rest.BrooklynWebConfig; import brooklyn.test.entity.LocalManagementContextForTests; import brooklyn.util.collections.MutableMap; import brooklyn.util.exceptions.Exceptions; http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/usage/launcher/src/test/java/org/apache/brooklyn/launcher/WebAppRunnerTest.java ---------------------------------------------------------------------- diff --git a/usage/launcher/src/test/java/org/apache/brooklyn/launcher/WebAppRunnerTest.java b/usage/launcher/src/test/java/org/apache/brooklyn/launcher/WebAppRunnerTest.java index 3aa6334..b0539d1 100644 --- a/usage/launcher/src/test/java/org/apache/brooklyn/launcher/WebAppRunnerTest.java +++ b/usage/launcher/src/test/java/org/apache/brooklyn/launcher/WebAppRunnerTest.java @@ -75,7 +75,7 @@ public class WebAppRunnerTest { BrooklynProperties brooklynProperties = BrooklynProperties.Factory.newEmpty(); brooklynProperties.putAll(bigProps); - brooklynProperties.put("brooklyn.webconsole.security.provider","brooklyn.rest.security.provider.AnyoneSecurityProvider"); + brooklynProperties.put("brooklyn.webconsole.security.provider","org.apache.brooklyn.rest.security.provider.AnyoneSecurityProvider"); brooklynProperties.put("brooklyn.webconsole.security.https.required","false"); return new BrooklynWebServer(bigProps, newManagementContext(brooklynProperties)); } @@ -149,7 +149,7 @@ public class WebAppRunnerTest { BrooklynLauncher launcher = BrooklynLauncher.newInstance() .brooklynProperties(BrooklynProperties.Factory.newEmpty()) - .brooklynProperties("brooklyn.webconsole.security.provider","brooklyn.rest.security.provider.AnyoneSecurityProvider") + .brooklynProperties("brooklyn.webconsole.security.provider","org.apache.brooklyn.rest.security.provider.AnyoneSecurityProvider") .webapp("/hello", "hello-world.war") .start(); BrooklynServerDetails details = launcher.getServerDetails(); http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/usage/rest-api/src/main/webapp/WEB-INF/web.xml ---------------------------------------------------------------------- diff --git a/usage/rest-api/src/main/webapp/WEB-INF/web.xml b/usage/rest-api/src/main/webapp/WEB-INF/web.xml index 0b34da6..27b89f8 100644 --- a/usage/rest-api/src/main/webapp/WEB-INF/web.xml +++ b/usage/rest-api/src/main/webapp/WEB-INF/web.xml @@ -26,7 +26,7 @@ <filter> <filter-name>Brooklyn Request Tagging Filter</filter-name> - <filter-class>brooklyn.rest.filter.RequestTaggingFilter</filter-class> + <filter-class>org.apache.brooklyn.rest.filter.RequestTaggingFilter</filter-class> </filter> <filter-mapping> <filter-name>Brooklyn Request Tagging Filter</filter-name> @@ -35,7 +35,7 @@ <filter> <filter-name>Brooklyn Properties Authentication Filter</filter-name> - <filter-class>brooklyn.rest.filter.BrooklynPropertiesSecurityFilter</filter-class> + <filter-class>org.apache.brooklyn.rest.filter.BrooklynPropertiesSecurityFilter</filter-class> </filter> <filter-mapping> <filter-name>Brooklyn Properties Authentication Filter</filter-name> @@ -44,7 +44,7 @@ <filter> <filter-name>Brooklyn Logging Filter</filter-name> - <filter-class>brooklyn.rest.filter.LoggingFilter</filter-class> + <filter-class>org.apache.brooklyn.rest.filter.LoggingFilter</filter-class> </filter> <filter-mapping> <filter-name>Brooklyn Logging Filter</filter-name> @@ -53,7 +53,7 @@ <filter> <filter-name>Brooklyn HA Master Filter</filter-name> - <filter-class>brooklyn.rest.filter.HaMasterCheckFilter</filter-class> + <filter-class>org.apache.brooklyn.rest.filter.HaMasterCheckFilter</filter-class> </filter> <filter-mapping> <filter-name>Brooklyn HA Master Filter</filter-name> @@ -75,7 +75,7 @@ <!-- load our REST API jersey resources --> <init-param> <param-name>com.sun.jersey.config.property.packages</param-name> - <param-value>brooklyn.rest.resources;brooklyn.rest.apidoc</param-value> + <param-value>org.apache.brooklyn.rest.resources;brooklyn.rest.apidoc</param-value> </init-param> <!-- install Jackson and turn on pojo/json serialization (could add org.codehaus.jackson.jaxrs http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/usage/rest-client/src/test/java/org/apache/brooklyn/rest/client/ApplicationResourceIntegrationTest.java ---------------------------------------------------------------------- diff --git a/usage/rest-client/src/test/java/org/apache/brooklyn/rest/client/ApplicationResourceIntegrationTest.java b/usage/rest-client/src/test/java/org/apache/brooklyn/rest/client/ApplicationResourceIntegrationTest.java index 2c0d8fb..3bfa8c2 100644 --- a/usage/rest-client/src/test/java/org/apache/brooklyn/rest/client/ApplicationResourceIntegrationTest.java +++ b/usage/rest-client/src/test/java/org/apache/brooklyn/rest/client/ApplicationResourceIntegrationTest.java @@ -40,8 +40,8 @@ import brooklyn.entity.basic.StartableApplication; import brooklyn.location.basic.BasicLocationRegistry; import brooklyn.management.ManagementContext; import brooklyn.management.internal.LocalManagementContext; -import brooklyn.rest.BrooklynRestApiLauncher; -import brooklyn.rest.BrooklynRestApiLauncherTest; +import org.apache.brooklyn.rest.BrooklynRestApiLauncher; +import org.apache.brooklyn.rest.BrooklynRestApiLauncherTest; import brooklyn.rest.domain.ApplicationSpec; import brooklyn.rest.domain.ApplicationSummary; import brooklyn.rest.domain.EntitySpec; http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/usage/rest-client/src/test/java/org/apache/brooklyn/rest/client/BrooklynApiRestClientTest.java ---------------------------------------------------------------------- diff --git a/usage/rest-client/src/test/java/org/apache/brooklyn/rest/client/BrooklynApiRestClientTest.java b/usage/rest-client/src/test/java/org/apache/brooklyn/rest/client/BrooklynApiRestClientTest.java index c36a456..5b5bab2 100644 --- a/usage/rest-client/src/test/java/org/apache/brooklyn/rest/client/BrooklynApiRestClientTest.java +++ b/usage/rest-client/src/test/java/org/apache/brooklyn/rest/client/BrooklynApiRestClientTest.java @@ -37,11 +37,11 @@ import brooklyn.entity.basic.StartableApplication; import brooklyn.location.basic.BasicLocationRegistry; import brooklyn.management.ManagementContext; import brooklyn.management.internal.LocalManagementContext; -import brooklyn.rest.BrooklynRestApiLauncher; -import brooklyn.rest.BrooklynRestApiLauncherTest; +import org.apache.brooklyn.rest.BrooklynRestApiLauncher; +import org.apache.brooklyn.rest.BrooklynRestApiLauncherTest; import brooklyn.rest.domain.ApplicationSummary; import brooklyn.rest.domain.CatalogLocationSummary; -import brooklyn.rest.security.provider.TestSecurityProvider; +import org.apache.brooklyn.rest.security.provider.TestSecurityProvider; import brooklyn.test.HttpTestUtils; import brooklyn.test.entity.TestEntity; http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/usage/rest-client/src/test/webapp/WEB-INF/web.xml ---------------------------------------------------------------------- diff --git a/usage/rest-client/src/test/webapp/WEB-INF/web.xml b/usage/rest-client/src/test/webapp/WEB-INF/web.xml index 2496eef..83d76c0 100644 --- a/usage/rest-client/src/test/webapp/WEB-INF/web.xml +++ b/usage/rest-client/src/test/webapp/WEB-INF/web.xml @@ -26,7 +26,7 @@ <filter> <filter-name>Brooklyn Request Tagging Filter</filter-name> - <filter-class>brooklyn.rest.filter.RequestTaggingFilter</filter-class> + <filter-class>org.apache.brooklyn.rest.filter.RequestTaggingFilter</filter-class> </filter> <filter-mapping> <filter-name>Brooklyn Request Tagging Filter</filter-name> @@ -35,7 +35,7 @@ <filter> <filter-name>Brooklyn Properties Authentication Filter</filter-name> - <filter-class>brooklyn.rest.filter.BrooklynPropertiesSecurityFilter</filter-class> + <filter-class>org.apache.brooklyn.rest.filter.BrooklynPropertiesSecurityFilter</filter-class> </filter> <filter-mapping> <filter-name>Brooklyn Properties Authentication Filter</filter-name> @@ -44,7 +44,7 @@ <filter> <filter-name>Brooklyn Logging Filter</filter-name> - <filter-class>brooklyn.rest.filter.LoggingFilter</filter-class> + <filter-class>org.apache.brooklyn.rest.filter.LoggingFilter</filter-class> </filter> <filter-mapping> <filter-name>Brooklyn Logging Filter</filter-name> @@ -53,7 +53,7 @@ <filter> <filter-name>Brooklyn HA Master Filter</filter-name> - <filter-class>brooklyn.rest.filter.HaMasterCheckFilter</filter-class> + <filter-class>org.apache.brooklyn.rest.filter.HaMasterCheckFilter</filter-class> </filter> <filter-mapping> <filter-name>Brooklyn HA Master Filter</filter-name> @@ -82,22 +82,22 @@ <init-param> <param-name>com.sun.jersey.config.property.classnames</param-name> <param-value> - brooklyn.rest.apidoc.ApidocHelpMessageBodyWriter; - brooklyn.rest.util.FormMapProvider; + org.apache.brooklyn.rest.apidoc.ApidocHelpMessageBodyWriter; + org.apache.brooklyn.rest.util.FormMapProvider; org.codehaus.jackson.jaxrs.JacksonJsonProvider; - brooklyn.rest.resources.ActivityResource; - brooklyn.rest.resources.ApidocResource; - brooklyn.rest.resources.ApplicationResource; - brooklyn.rest.resources.CatalogResource; - brooklyn.rest.resources.EffectorResource; - brooklyn.rest.resources.EntityConfigResource; - brooklyn.rest.resources.EntityResource; - brooklyn.rest.resources.LocationResource; - brooklyn.rest.resources.PolicyConfigResource; - brooklyn.rest.resources.PolicyResource; - brooklyn.rest.resources.ScriptResource; - brooklyn.rest.resources.SensorResource; - brooklyn.rest.resources.VersionResource; + org.apache.brooklyn.rest.resources.ActivityResource; + org.apache.brooklyn.rest.resources.ApidocResource; + org.apache.brooklyn.rest.resources.ApplicationResource; + org.apache.brooklyn.rest.resources.CatalogResource; + org.apache.brooklyn.rest.resources.EffectorResource; + org.apache.brooklyn.rest.resources.EntityConfigResource; + org.apache.brooklyn.rest.resources.EntityResource; + org.apache.brooklyn.rest.resources.LocationResource; + org.apache.brooklyn.rest.resources.PolicyConfigResource; + org.apache.brooklyn.rest.resources.PolicyResource; + org.apache.brooklyn.rest.resources.ScriptResource; + org.apache.brooklyn.rest.resources.SensorResource; + org.apache.brooklyn.rest.resources.VersionResource; </param-value> </init-param> http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/usage/rest-server/src/main/java/brooklyn/rest/BrooklynRestApi.java ---------------------------------------------------------------------- diff --git a/usage/rest-server/src/main/java/brooklyn/rest/BrooklynRestApi.java b/usage/rest-server/src/main/java/brooklyn/rest/BrooklynRestApi.java deleted file mode 100644 index 3e0c852..0000000 --- a/usage/rest-server/src/main/java/brooklyn/rest/BrooklynRestApi.java +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package brooklyn.rest; - -import java.util.ArrayList; -import java.util.List; - -import brooklyn.rest.apidoc.ApidocHelpMessageBodyWriter; -import brooklyn.rest.resources.AbstractBrooklynRestResource; -import brooklyn.rest.resources.AccessResource; -import brooklyn.rest.resources.ActivityResource; -import brooklyn.rest.resources.ApidocResource; -import brooklyn.rest.resources.ApplicationResource; -import brooklyn.rest.resources.CatalogResource; -import brooklyn.rest.resources.EffectorResource; -import brooklyn.rest.resources.EntityConfigResource; -import brooklyn.rest.resources.EntityResource; -import brooklyn.rest.resources.LocationResource; -import brooklyn.rest.resources.PolicyConfigResource; -import brooklyn.rest.resources.PolicyResource; -import brooklyn.rest.resources.ScriptResource; -import brooklyn.rest.resources.SensorResource; -import brooklyn.rest.resources.ServerResource; -import brooklyn.rest.resources.UsageResource; -import brooklyn.rest.resources.VersionResource; -import brooklyn.rest.util.DefaultExceptionMapper; -import brooklyn.rest.util.FormMapProvider; -import brooklyn.rest.util.json.BrooklynJacksonJsonProvider; - -import com.google.common.collect.Iterables; - -@SuppressWarnings("deprecation") -public class BrooklynRestApi { - - public static Iterable<AbstractBrooklynRestResource> getBrooklynRestResources() { - List<AbstractBrooklynRestResource> resources = new ArrayList<AbstractBrooklynRestResource>(); - resources.add(new LocationResource()); - resources.add(new CatalogResource()); - resources.add(new ApplicationResource()); - resources.add(new EntityResource()); - resources.add(new EntityConfigResource()); - resources.add(new SensorResource()); - resources.add(new EffectorResource()); - resources.add(new PolicyResource()); - resources.add(new PolicyConfigResource()); - resources.add(new ActivityResource()); - resources.add(new AccessResource()); - resources.add(new ScriptResource()); - resources.add(new ServerResource()); - resources.add(new UsageResource()); - resources.add(new VersionResource()); - return resources; - } - - public static Iterable<Object> getApidocResources() { - List<Object> resources = new ArrayList<Object>(); - resources.add(new ApidocHelpMessageBodyWriter()); - resources.add(new ApidocResource()); - return resources; - } - - public static Iterable<Object> getMiscResources() { - List<Object> resources = new ArrayList<Object>(); - resources.add(new DefaultExceptionMapper()); - resources.add(new BrooklynJacksonJsonProvider()); - resources.add(new FormMapProvider()); - return resources; - } - - public static Iterable<Object> getAllResources() { - return Iterables.concat(getBrooklynRestResources(), getApidocResources(), getMiscResources()); - } -} http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/usage/rest-server/src/main/java/brooklyn/rest/BrooklynWebConfig.java ---------------------------------------------------------------------- diff --git a/usage/rest-server/src/main/java/brooklyn/rest/BrooklynWebConfig.java b/usage/rest-server/src/main/java/brooklyn/rest/BrooklynWebConfig.java deleted file mode 100644 index 294fd18..0000000 --- a/usage/rest-server/src/main/java/brooklyn/rest/BrooklynWebConfig.java +++ /dev/null @@ -1,155 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package brooklyn.rest; - -import brooklyn.config.ConfigKey; -import brooklyn.config.ConfigMap; -import brooklyn.config.ConfigPredicates; -import brooklyn.entity.basic.ConfigKeys; -import brooklyn.location.PortRange; -import brooklyn.rest.security.provider.DelegatingSecurityProvider; -import brooklyn.rest.security.provider.ExplicitUsersSecurityProvider; - -public class BrooklynWebConfig { - - public final static String BASE_NAME = "brooklyn.webconsole"; - public final static String BASE_NAME_SECURITY = BASE_NAME+".security"; - - /** - * The security provider to be loaded by {@link DelegatingSecurityProvider}. - * e.g. <code>brooklyn.webconsole.security.provider=brooklyn.rest.security.provider.AnyoneSecurityProvider</code> - * will allow anyone to log in. - */ - public final static ConfigKey<String> SECURITY_PROVIDER_CLASSNAME = ConfigKeys.newStringConfigKey( - BASE_NAME_SECURITY+".provider", "class name of a Brooklyn SecurityProvider", - ExplicitUsersSecurityProvider.class.getCanonicalName()); - - /** - * Explicitly set the users/passwords, e.g. in brooklyn.properties: - * brooklyn.webconsole.security.users=admin,bob - * brooklyn.webconsole.security.user.admin.password=password - * brooklyn.webconsole.security.user.bob.password=bobspass - */ - public final static ConfigKey<String> USERS = ConfigKeys.newStringConfigKey(BASE_NAME_SECURITY+".users"); - - public final static ConfigKey<String> PASSWORD_FOR_USER(String user) { - return ConfigKeys.newStringConfigKey(BASE_NAME_SECURITY + ".user." + user + ".password"); - } - - public final static ConfigKey<String> SALT_FOR_USER(String user) { - return ConfigKeys.newStringConfigKey(BASE_NAME_SECURITY + ".user." + user + ".salt"); - } - - public final static ConfigKey<String> SHA256_FOR_USER(String user) { - return ConfigKeys.newStringConfigKey(BASE_NAME_SECURITY + ".user." + user + ".sha256"); - } - - public final static ConfigKey<String> LDAP_URL = ConfigKeys.newStringConfigKey( - BASE_NAME_SECURITY+".ldap.url"); - - public final static ConfigKey<String> LDAP_REALM = ConfigKeys.newStringConfigKey( - BASE_NAME_SECURITY+".ldap.realm"); - - public final static ConfigKey<String> LDAP_OU = ConfigKeys.newStringConfigKey( - BASE_NAME_SECURITY+"ldap.ou"); - - public final static ConfigKey<Boolean> HTTPS_REQUIRED = ConfigKeys.newBooleanConfigKey( - BASE_NAME+".security.https.required", - "Whether HTTPS is required; false here can be overridden by CLI option", false); - - public final static ConfigKey<PortRange> WEB_CONSOLE_PORT = ConfigKeys.newConfigKey(PortRange.class, - BASE_NAME+".port", - "Port/range for the web console to listen on; can be overridden by CLI option"); - - public final static ConfigKey<String> KEYSTORE_URL = ConfigKeys.newStringConfigKey( - BASE_NAME+".security.keystore.url", - "Keystore from which to take the certificate to present when running HTTPS; " - + "note that normally the password is also required, and an alias for the certificate if the keystore has more than one"); - - public final static ConfigKey<String> KEYSTORE_PASSWORD = ConfigKeys.newStringConfigKey( - BASE_NAME+".security.keystore.password", - "Password for the "+KEYSTORE_URL); - - public final static ConfigKey<String> KEYSTORE_CERTIFICATE_ALIAS = ConfigKeys.newStringConfigKey( - BASE_NAME+".security.keystore.certificate.alias", - "Alias in "+KEYSTORE_URL+" for the certificate to use; defaults to the first if not supplied"); - - public final static ConfigKey<String> TRANSPORT_PROTOCOLS = ConfigKeys.newStringConfigKey( - BASE_NAME+".security.transport.protocols", - "SSL/TLS protocol versions to use for web console connections", - "TLSv1, TLSv1.1, TLSv1.2"); - - // https://wiki.mozilla.org/Security/Server_Side_TLS (v3.4) - // http://stackoverflow.com/questions/19846020/how-to-map-a-openssls-cipher-list-to-java-jsse - // list created on 05.05.2015, Intermediate config from first link - public final static ConfigKey<String> TRANSPORT_CIPHERS = ConfigKeys.newStringConfigKey( - BASE_NAME+".security.transport.ciphers", - "SSL/TLS cipher suites to use for web console connections", - "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256," + - "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384," + - "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_DSS_WITH_AES_128_GCM_SHA256," + - "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384," + - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256," + - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA," + - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384," + - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA," + - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA," + - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256," + - "TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA," + - "TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384," + - "TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256," + - "TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA," + - "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA," + - "TLS_SRP_SHA_WITH_AES_256_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256," + - "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA," + - "TLS_SRP_SHA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA," + - "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA," + - "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA," + - "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,TLS_RSA_WITH_CAMELLIA_128_CBC_SHA," + - "TLS_RSA_WITH_3DES_EDE_CBC_SHA," + - // Same as above but with SSL_ prefix, IBM Java compatibility (cipher is independent of protocol) - // https://www-01.ibm.com/support/knowledgecenter/SSYKE2_7.0.0/com.ibm.java.security.component.70.doc/security-component/jsse2Docs/ciphersuites.html - "SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256,SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256," + - "SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384,SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384," + - "SSL_DHE_RSA_WITH_AES_128_GCM_SHA256,SSL_DHE_DSS_WITH_AES_128_GCM_SHA256," + - "SSL_DHE_DSS_WITH_AES_256_GCM_SHA384,SSL_DHE_RSA_WITH_AES_256_GCM_SHA384," + - "SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256,SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256," + - "SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA,SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA," + - "SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA384,SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384," + - "SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA,SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA," + - "SSL_DHE_RSA_WITH_AES_128_CBC_SHA256,SSL_DHE_RSA_WITH_AES_128_CBC_SHA," + - "SSL_DHE_DSS_WITH_AES_128_CBC_SHA256,SSL_DHE_RSA_WITH_AES_256_CBC_SHA256," + - "SSL_DHE_DSS_WITH_AES_256_CBC_SHA,SSL_DHE_RSA_WITH_AES_256_CBC_SHA," + - "SSL_RSA_WITH_AES_128_GCM_SHA256,SSL_RSA_WITH_AES_256_GCM_SHA384," + - "SSL_RSA_WITH_AES_128_CBC_SHA256,SSL_RSA_WITH_AES_256_CBC_SHA256," + - "SSL_RSA_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_AES_256_CBC_SHA," + - "SSL_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,SSL_SRP_SHA_RSA_WITH_AES_256_CBC_SHA," + - "SSL_SRP_SHA_WITH_AES_256_CBC_SHA,SSL_DHE_DSS_WITH_AES_256_CBC_SHA256," + - "SSL_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,SSL_SRP_SHA_RSA_WITH_AES_128_CBC_SHA," + - "SSL_SRP_SHA_WITH_AES_128_CBC_SHA,SSL_DHE_DSS_WITH_AES_128_CBC_SHA," + - "SSL_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,SSL_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA," + - "SSL_RSA_WITH_CAMELLIA_256_CBC_SHA,SSL_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA," + - "SSL_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,SSL_RSA_WITH_CAMELLIA_128_CBC_SHA," + - "SSL_RSA_WITH_3DES_EDE_CBC_SHA"); - - public final static boolean hasNoSecurityOptions(ConfigMap config) { - return config.submap(ConfigPredicates.startingWith(BASE_NAME_SECURITY)).isEmpty(); - } - -} http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/usage/rest-server/src/main/java/brooklyn/rest/filter/BrooklynPropertiesSecurityFilter.java ---------------------------------------------------------------------- diff --git a/usage/rest-server/src/main/java/brooklyn/rest/filter/BrooklynPropertiesSecurityFilter.java b/usage/rest-server/src/main/java/brooklyn/rest/filter/BrooklynPropertiesSecurityFilter.java deleted file mode 100644 index 7202a6a..0000000 --- a/usage/rest-server/src/main/java/brooklyn/rest/filter/BrooklynPropertiesSecurityFilter.java +++ /dev/null @@ -1,176 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package brooklyn.rest.filter; - -import java.io.IOException; - -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.FilterConfig; -import javax.servlet.RequestDispatcher; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import brooklyn.config.BrooklynServiceAttributes; -import brooklyn.management.ManagementContext; -import brooklyn.management.entitlement.Entitlements; -import brooklyn.management.entitlement.WebEntitlementContext; -import brooklyn.rest.security.provider.DelegatingSecurityProvider; -import brooklyn.util.text.Strings; - -import com.sun.jersey.core.util.Base64; - -/** - * Provides basic HTTP authentication. - */ -public class BrooklynPropertiesSecurityFilter implements Filter { - - /** - * The session attribute set for authenticated users; for reference - * (but should not be relied up to confirm authentication, as - * the providers may impose additional criteria such as timeouts, - * or a null user (no login) may be permitted) - */ - public static final String AUTHENTICATED_USER_SESSION_ATTRIBUTE = "brooklyn.user"; - - /** - * The session attribute set to indicate the remote address of the HTTP request. - * Corresponds to {@link javax.servlet.http.HttpServletRequest#getRemoteAddr()}. - */ - public static final String REMOTE_ADDRESS_SESSION_ATTRIBUTE = "request.remoteAddress"; - - private static final Logger log = LoggerFactory.getLogger(BrooklynPropertiesSecurityFilter.class); - - protected DelegatingSecurityProvider provider; - - private static ThreadLocal<String> originalRequest = new ThreadLocal<String>(); - - @Override - public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { - HttpServletRequest httpRequest = (HttpServletRequest) request; - HttpServletResponse httpResponse = (HttpServletResponse) response; - String uri = httpRequest.getRequestURI(); - - if (provider == null) { - log.warn("No security provider available: disallowing web access to brooklyn"); - httpResponse.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE); - return; - } - - if (originalRequest.get() != null) { - // clear the entitlement context before setting to avoid warnings - Entitlements.clearEntitlementContext(); - } else { - originalRequest.set(uri); - } - - boolean authenticated = provider.isAuthenticated(httpRequest.getSession()); - if ("/logout".equals(uri) || "/v1/logout".equals(uri)) { - httpResponse.setHeader("WWW-Authenticate", "Basic realm=\"brooklyn\""); - if (authenticated && httpRequest.getSession().getAttributeNames().hasMoreElements()) { - logout(httpRequest); - httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); - } else { - RequestDispatcher dispatcher = httpRequest.getRequestDispatcher("/"); - log.debug("Not authenticated, forwarding request for {} to {}", uri, dispatcher); - dispatcher.forward(httpRequest, httpResponse); - } - return; - } - - if (!(httpRequest.getSession().getAttributeNames().hasMoreElements() && provider.isAuthenticated(httpRequest.getSession())) || - "/logout".equals(originalRequest.get())) { - authenticated = authenticate(httpRequest); - } - - if (!authenticated) { - httpResponse.setHeader("WWW-Authenticate", "Basic realm=\"brooklyn\""); - httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); - return; - } - - // Note that the attribute AUTHENTICATED_USER_SESSION_ATTRIBUTE is only set in the call to authenticate(httpRequest), - // so must not try to get the user until that is done. - String uid = RequestTaggingFilter.getTag(); - String user = Strings.toString(httpRequest.getSession().getAttribute(AUTHENTICATED_USER_SESSION_ATTRIBUTE)); - try { - WebEntitlementContext entitlementContext = new WebEntitlementContext(user, httpRequest.getRemoteAddr(), uri, uid); - Entitlements.setEntitlementContext(entitlementContext); - - chain.doFilter(request, response); - } catch (Throwable e) { - if (!response.isCommitted()) { - httpResponse.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); - } - } finally { - originalRequest.remove(); - Entitlements.clearEntitlementContext(); - } - } - - protected boolean authenticate(HttpServletRequest request) { - HttpSession session = request.getSession(); - if (provider.isAuthenticated(session)) { - return true; - } - session.setAttribute(REMOTE_ADDRESS_SESSION_ATTRIBUTE, request.getRemoteAddr()); - String user = null, pass = null; - String authorization = request.getHeader("Authorization"); - if (authorization != null) { - String userpass = Base64.base64Decode(authorization.substring(6)); - user = userpass.substring(0, userpass.indexOf(":")); - pass = userpass.substring(userpass.indexOf(":") + 1); - } - if (provider.authenticate(session, user, pass)) { - if (user != null) { - session.setAttribute(AUTHENTICATED_USER_SESSION_ATTRIBUTE, user); - } - return true; - } - - return false; - } - - @Override - public void init(FilterConfig config) throws ServletException { - ManagementContext mgmt = (ManagementContext) config.getServletContext().getAttribute(BrooklynServiceAttributes.BROOKLYN_MANAGEMENT_CONTEXT); - provider = new DelegatingSecurityProvider(mgmt); - } - - @Override - public void destroy() { - } - - protected void logout(HttpServletRequest request) { - log.info("REST logging {} out of session {}", - request.getSession().getAttribute(AUTHENTICATED_USER_SESSION_ATTRIBUTE), request.getSession().getId()); - provider.logout(request.getSession()); - request.getSession().removeAttribute(AUTHENTICATED_USER_SESSION_ATTRIBUTE); - request.getSession().removeAttribute(REMOTE_ADDRESS_SESSION_ATTRIBUTE); - request.getSession().invalidate(); - } - -} http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/usage/rest-server/src/main/java/brooklyn/rest/filter/HaHotCheckResourceFilter.java ---------------------------------------------------------------------- diff --git a/usage/rest-server/src/main/java/brooklyn/rest/filter/HaHotCheckResourceFilter.java b/usage/rest-server/src/main/java/brooklyn/rest/filter/HaHotCheckResourceFilter.java deleted file mode 100644 index bae561a..0000000 --- a/usage/rest-server/src/main/java/brooklyn/rest/filter/HaHotCheckResourceFilter.java +++ /dev/null @@ -1,151 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package brooklyn.rest.filter; - -import java.util.Collections; -import java.util.List; -import java.util.Set; - -import javax.ws.rs.WebApplicationException; -import javax.ws.rs.core.Context; -import javax.ws.rs.core.Response; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import brooklyn.management.ManagementContext; -import brooklyn.management.ha.ManagementNodeState; -import brooklyn.rest.domain.ApiError; -import brooklyn.util.text.Strings; - -import com.google.common.annotations.VisibleForTesting; -import com.google.common.collect.ImmutableSet; -import com.sun.jersey.api.model.AbstractMethod; -import com.sun.jersey.spi.container.ContainerRequest; -import com.sun.jersey.spi.container.ContainerRequestFilter; -import com.sun.jersey.spi.container.ContainerResponseFilter; -import com.sun.jersey.spi.container.ResourceFilter; -import com.sun.jersey.spi.container.ResourceFilterFactory; - -/** - * Checks that if the method or resource class corresponding to a request - * has a {@link HaHotStateRequired} annotation, - * that the server is in that state (and up). - * Requests with {@link #SKIP_CHECK_HEADER} set as a header skip this check. - * <p> - * This follows a different pattern to {@link HaMasterCheckFilter} - * as this needs to know the method being invoked. - */ -public class HaHotCheckResourceFilter implements ResourceFilterFactory { - - private static final Logger log = LoggerFactory.getLogger(HaHotCheckResourceFilter.class); - - private static final Set<ManagementNodeState> HOT_STATES = ImmutableSet.of( - ManagementNodeState.MASTER, ManagementNodeState.HOT_STANDBY, ManagementNodeState.HOT_BACKUP); - - @Context - private ManagementContext mgmt; - - public HaHotCheckResourceFilter() {} - - @VisibleForTesting - public HaHotCheckResourceFilter(ManagementContext mgmt) { - this.mgmt = mgmt; - } - - private static class MethodFilter implements ResourceFilter, ContainerRequestFilter { - - private AbstractMethod am; - private ManagementContext mgmt; - - public MethodFilter(AbstractMethod am, ManagementContext mgmt) { - this.am = am; - this.mgmt = mgmt; - } - - @Override - public ContainerRequestFilter getRequestFilter() { - return this; - } - - @Override - public ContainerResponseFilter getResponseFilter() { - return null; - } - - private String lookForProblem(ContainerRequest request) { - if (isSkipCheckHeaderSet(request)) - return null; - - if (!isHaHotStateRequired(request)) - return null; - - String problem = HaMasterCheckFilter.lookForProblemIfServerNotRunning(mgmt); - if (Strings.isNonBlank(problem)) - return problem; - - if (!isHaHotStatus()) - return "server not in required HA hot state"; - if (isStateNotYetValid()) - return "server not yet completed loading data for required HA hot state"; - - return null; - } - - @Override - public ContainerRequest filter(ContainerRequest request) { - String problem = lookForProblem(request); - if (Strings.isNonBlank(problem)) { - log.warn("Disallowing web request as "+problem+": "+request+"/"+am+" (caller should set '"+HaMasterCheckFilter.SKIP_CHECK_HEADER+"' to force)"); - throw new WebApplicationException(ApiError.builder() - .message("This request is only permitted against an active hot Brooklyn server") - .errorCode(Response.Status.FORBIDDEN).build().asJsonResponse()); - } - return request; - } - - // Maybe there should be a separate state to indicate that we have switched state - // but still haven't finished rebinding. (Previously there was a time delay and an - // isRebinding check, but introducing RebindManager#isAwaitingInitialRebind() seems cleaner.) - private boolean isStateNotYetValid() { - return mgmt.getRebindManager().isAwaitingInitialRebind(); - } - - private boolean isHaHotStateRequired(ContainerRequest request) { - return (am.getAnnotation(HaHotStateRequired.class) != null || - am.getResource().getAnnotation(HaHotStateRequired.class) != null); - } - - private boolean isSkipCheckHeaderSet(ContainerRequest request) { - return "true".equalsIgnoreCase(request.getHeaderValue(HaMasterCheckFilter.SKIP_CHECK_HEADER)); - } - - private boolean isHaHotStatus() { - ManagementNodeState state = mgmt.getHighAvailabilityManager().getNodeState(); - return HOT_STATES.contains(state); - } - - } - - @Override - public List<ResourceFilter> create(AbstractMethod am) { - return Collections.<ResourceFilter>singletonList(new MethodFilter(am, mgmt)); - } - -} http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/usage/rest-server/src/main/java/brooklyn/rest/filter/HaHotStateRequired.java ---------------------------------------------------------------------- diff --git a/usage/rest-server/src/main/java/brooklyn/rest/filter/HaHotStateRequired.java b/usage/rest-server/src/main/java/brooklyn/rest/filter/HaHotStateRequired.java deleted file mode 100644 index 09eea5f..0000000 --- a/usage/rest-server/src/main/java/brooklyn/rest/filter/HaHotStateRequired.java +++ /dev/null @@ -1,36 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package brooklyn.rest.filter; - -import java.lang.annotation.ElementType; -import java.lang.annotation.Retention; -import java.lang.annotation.RetentionPolicy; -import java.lang.annotation.Target; - -/** - * When a REST method (or its containing class) is marked with this annotation - * requests to it will fail with a 403 response if the instance is not in MASTER - * mode (or has recently switched or is still rebinding). Guards the method so - * that when it returns the caller can be certain of the response. For example - * if the response is 404, then the resource doesn't exist as opposed to - * not being loaded from persistence store yet. - */ -@Retention(RetentionPolicy.RUNTIME) -@Target({ElementType.METHOD, ElementType.TYPE}) -public @interface HaHotStateRequired {} http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/usage/rest-server/src/main/java/brooklyn/rest/filter/HaMasterCheckFilter.java ---------------------------------------------------------------------- diff --git a/usage/rest-server/src/main/java/brooklyn/rest/filter/HaMasterCheckFilter.java b/usage/rest-server/src/main/java/brooklyn/rest/filter/HaMasterCheckFilter.java deleted file mode 100644 index 74e7cf1..0000000 --- a/usage/rest-server/src/main/java/brooklyn/rest/filter/HaMasterCheckFilter.java +++ /dev/null @@ -1,140 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package brooklyn.rest.filter; - -import java.io.IOException; -import java.util.Set; - -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.FilterConfig; -import javax.servlet.ServletContext; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.ws.rs.core.Response; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import brooklyn.config.BrooklynServiceAttributes; -import brooklyn.management.ManagementContext; -import brooklyn.management.ha.ManagementNodeState; -import brooklyn.rest.domain.ApiError; -import brooklyn.rest.util.WebResourceUtils; -import brooklyn.util.text.Strings; - -import com.google.common.collect.Sets; - -/** - * Checks that for requests that want HA master state, the server is up and in that state. - * <p> - * Post POSTs and PUTs are assumed to need master state, with the exception of shutdown. - * Requests with {@link #SKIP_CHECK_HEADER} set as a header skip this check. - */ -public class HaMasterCheckFilter implements Filter { - - private static final Logger log = LoggerFactory.getLogger(HaMasterCheckFilter.class); - - public static final String SKIP_CHECK_HEADER = "Brooklyn-Allow-Non-Master-Access"; - private static final Set<String> SAFE_STANDBY_METHODS = Sets.newHashSet("GET", "HEAD"); - - protected ServletContext servletContext; - protected ManagementContext mgmt; - - @Override - public void init(FilterConfig config) throws ServletException { - servletContext = config.getServletContext(); - mgmt = (ManagementContext) servletContext.getAttribute(BrooklynServiceAttributes.BROOKLYN_MANAGEMENT_CONTEXT); - } - - static String lookForProblemIfServerNotRunning(ManagementContext mgmt) { - if (mgmt==null) return "no management context available"; - if (!mgmt.isRunning()) return "server no longer running"; - if (!mgmt.isStartupComplete()) return "server not in required startup-completed state"; - return null; - } - - private String lookForProblem(ServletRequest request) { - if (isSkipCheckHeaderSet(request)) - return null; - - if (!isMasterRequiredForRequest(request)) - return null; - - String problem = lookForProblemIfServerNotRunning(mgmt); - if (Strings.isNonBlank(problem)) - return problem; - - if (!isMaster()) - return "server not in required HA master state"; - - return null; - } - - @Override - public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { - String problem = lookForProblem(request); - if (problem!=null) { - log.warn("Disallowing web request as "+problem+": "+request.getParameterMap()+" (caller should set '"+SKIP_CHECK_HEADER+"' to force)"); - WebResourceUtils.applyJsonResponse(servletContext, ApiError.builder() - .message("This request is only permitted against an active master Brooklyn server") - .errorCode(Response.Status.FORBIDDEN).build().asJsonResponse(), (HttpServletResponse)response); - } else { - chain.doFilter(request, response); - } - } - - @Override - public void destroy() { - } - - private boolean isMaster() { - return ManagementNodeState.MASTER.equals(mgmt.getHighAvailabilityManager().getNodeState()); - } - - private boolean isMasterRequiredForRequest(ServletRequest request) { - if (request instanceof HttpServletRequest) { - HttpServletRequest httpRequest = (HttpServletRequest) request; - - String method = httpRequest.getMethod().toUpperCase(); - // gets usually okay - if (SAFE_STANDBY_METHODS.contains(method)) return false; - - // explicitly allow calls to shutdown - // (if stopAllApps is specified, the method itself will fail; but we do not want to consume parameters here, that breaks things!) - // TODO combine with HaHotCheckResourceFilter and use an annotation HaAnyStateAllowed or similar - if ("/v1/server/shutdown".equals(httpRequest.getRequestURI())) return false; - - // master required for everything else - return true; - } - // previously non-HttpServletRequests were allowed but I don't think they should be - return true; - } - - private boolean isSkipCheckHeaderSet(ServletRequest httpRequest) { - if (httpRequest instanceof HttpServletRequest) - return "true".equalsIgnoreCase(((HttpServletRequest)httpRequest).getHeader(SKIP_CHECK_HEADER)); - return false; - } - -} http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/usage/rest-server/src/main/java/brooklyn/rest/filter/LoggingFilter.java ---------------------------------------------------------------------- diff --git a/usage/rest-server/src/main/java/brooklyn/rest/filter/LoggingFilter.java b/usage/rest-server/src/main/java/brooklyn/rest/filter/LoggingFilter.java deleted file mode 100644 index d841fdb..0000000 --- a/usage/rest-server/src/main/java/brooklyn/rest/filter/LoggingFilter.java +++ /dev/null @@ -1,160 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package brooklyn.rest.filter; - -import java.io.IOException; -import java.util.Enumeration; -import java.util.Set; -import java.util.concurrent.TimeUnit; -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.FilterConfig; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import com.google.common.base.Joiner; -import com.google.common.base.Stopwatch; -import com.google.common.collect.Sets; - -import brooklyn.config.BrooklynLogging; -import brooklyn.util.exceptions.Exceptions; -import brooklyn.util.time.Duration; - -/** - * Handles logging of request information. - */ -public class LoggingFilter implements Filter { - - private static final Logger LOG = LoggerFactory.getLogger(BrooklynLogging.REST); - - /** Methods logged at trace. */ - private static final Set<String> UNINTERESTING_METHODS = Sets.newHashSet("GET", "HEAD"); - - /** Headers whose values will not be logged. */ - private static final Set<String> CENSORED_HEADERS = Sets.newHashSet("Authorization"); - - /** Log all requests that take this time or longer to complete. */ - private static final Duration REQUEST_DURATION_LOG_POINT = Duration.FIVE_SECONDS; - - public void init(FilterConfig config) throws ServletException { - } - - @Override - public void destroy() { - } - - @Override - public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { - HttpServletRequest httpRequest = (HttpServletRequest) request; - HttpServletResponse httpResponse = (HttpServletResponse) response; - - String rid = RequestTaggingFilter.getTag(); - boolean isInteresting = !UNINTERESTING_METHODS.contains(httpRequest.getMethod().toUpperCase()); - boolean shouldLog = (isInteresting && LOG.isDebugEnabled()) || LOG.isTraceEnabled(); - boolean requestErrored = false; - if (shouldLog) { - String message = "Request {} starting: {} {} from {}"; - Object[] args = new Object[]{rid, httpRequest.getMethod(), httpRequest.getRequestURI(), httpRequest.getRemoteAddr()}; - if (isInteresting) { - LOG.debug(message, args); - } else { - LOG.trace(message, args); - } - } - - Stopwatch timer = Stopwatch.createStarted(); - try { - chain.doFilter(request, response); - } catch (Throwable e) { - requestErrored = true; - isInteresting = true; - LOG.warn("Request " + rid + " ("+httpRequest.getMethod()+" "+httpRequest.getRequestURI()+" from "+httpRequest.getRemoteAddr()+") failed: " + e, e); - // Propagate for handling by other filter - throw Exceptions.propagate(e); - } finally { - timer.stop(); - // This logging must not happen before chain.doFilter, or FormMapProvider will not work as expected. - // Getting the parameter map consumes the request body and only resource methods using @FormParam - // will work as expected. - isInteresting |= (timer.elapsed(TimeUnit.SECONDS) - REQUEST_DURATION_LOG_POINT.toSeconds()) > 0; - if (shouldLog) { - boolean includeHeaders = requestErrored || httpResponse.getStatus() / 100 == 5 || LOG.isTraceEnabled(); - String message = getRequestCompletedMessage(includeHeaders, Duration.of(timer), rid, httpRequest, httpResponse); - if (requestErrored || isInteresting) { - LOG.debug(message); - } else { - LOG.trace(message); - } - } - } - } - - private String getRequestCompletedMessage(boolean includeHeaders, Duration elapsed, - String id, HttpServletRequest httpRequest, HttpServletResponse httpResponse) { - StringBuilder message = new StringBuilder("Request ") - .append(id) - .append(" completed in ") - .append(elapsed) - .append(": response ") - .append(httpResponse.getStatus()) - .append(" for ") - .append(httpRequest.getMethod()) - .append(" ") - .append(httpRequest.getRequestURI()) - .append(" from ") - .append(httpRequest.getRemoteAddr()); - - if (!httpRequest.getParameterMap().isEmpty()) { - message.append(", parameters: ") - .append(Joiner.on(", ").withKeyValueSeparator("=").join(httpRequest.getParameterMap())); - } - if (httpRequest.getContentLength() > 0) { - int len = httpRequest.getContentLength(); - message.append(" contentType=").append(httpRequest.getContentType()) - .append(" (length=").append(len).append(")"); - } - if (includeHeaders) { - Enumeration<String> headerNames = httpRequest.getHeaderNames(); - if (headerNames.hasMoreElements()) { - message.append(", headers: "); - while (headerNames.hasMoreElements()) { - String headerName = headerNames.nextElement(); - message.append(headerName).append(": "); - if (CENSORED_HEADERS.contains(headerName)) { - message.append("******"); - } else { - message.append(httpRequest.getHeader(headerName)); - } - if (headerNames.hasMoreElements()) { - message.append(", "); - } - } - } - } - - return message.toString(); - } - -} http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/a9e5ca55/usage/rest-server/src/main/java/brooklyn/rest/filter/NoCacheFilter.java ---------------------------------------------------------------------- diff --git a/usage/rest-server/src/main/java/brooklyn/rest/filter/NoCacheFilter.java b/usage/rest-server/src/main/java/brooklyn/rest/filter/NoCacheFilter.java deleted file mode 100644 index d948241..0000000 --- a/usage/rest-server/src/main/java/brooklyn/rest/filter/NoCacheFilter.java +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package brooklyn.rest.filter; - -import javax.ws.rs.core.HttpHeaders; -import javax.ws.rs.core.MultivaluedMap; - -import com.sun.jersey.spi.container.ContainerRequest; -import com.sun.jersey.spi.container.ContainerResponse; -import com.sun.jersey.spi.container.ContainerResponseFilter; - -public class NoCacheFilter implements ContainerResponseFilter { - - @Override - public ContainerResponse filter(ContainerRequest request, ContainerResponse response) { - //https://developer.mozilla.org/en-US/docs/Web/HTTP/Caching_FAQ - MultivaluedMap<String, Object> headers = response.getHttpHeaders(); - headers.putSingle(HttpHeaders.CACHE_CONTROL, "no-cache, no-store"); - headers.putSingle("Pragma", "no-cache"); - headers.putSingle(HttpHeaders.EXPIRES, "0"); - return response; - } - -}
