Author: ffang
Date: Tue Mar 1 11:41:46 2011
New Revision: 1075784
URL: http://svn.apache.org/viewvc?rev=1075784&view=rev
Log:
[CXF-3369]jetty SecurityHandler should be on top of
org.apache.cxf.transport.http_jetty.JettyHTTPHandler
Added:
cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/JettyBasicAuthServer.java
cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/JettyBasicAuthTest.java
cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/jetty-realm.properties
cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/jettyBasicAuthServer.xml
Modified:
cxf/trunk/rt/transports/http-jetty/pom.xml
cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java
cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/GreeterImpl.java
Modified: cxf/trunk/rt/transports/http-jetty/pom.xml
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http-jetty/pom.xml?rev=1075784&r1=1075783&r2=1075784&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http-jetty/pom.xml (original)
+++ cxf/trunk/rt/transports/http-jetty/pom.xml Tue Mar 1 11:41:46 2011
@@ -59,6 +59,11 @@
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-security</artifactId>
+ <version>${cxf.jetty.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-jmx</artifactId>
<version>${cxf.jetty.version}</version>
<optional>true</optional>
Modified:
cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java?rev=1075784&r1=1075783&r2=1075784&view=diff
==============================================================================
---
cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java
(original)
+++
cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java
Tue Mar 1 11:41:46 2011
@@ -37,6 +37,7 @@ import org.apache.cxf.configuration.jsse
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.transport.HttpUriMapper;
import org.apache.cxf.transport.https_jetty.JettySslConnectorFactory;
+import org.eclipse.jetty.security.SecurityHandler;
import org.eclipse.jetty.server.AbstractConnector;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.Handler;
@@ -358,6 +359,14 @@ public class JettyHTTPServerEngine
if (h instanceof DefaultHandler) {
defaultHandler = (DefaultHandler) h;
} else {
+ if ((h instanceof SecurityHandler)
+ && ((SecurityHandler)h).getHandler() == null) {
+ //if h is SecurityHandler(such as
ConstraintSecurityHandler)
+ //then it need be on top of JettyHTTPHandler
+ //set JettyHTTPHandler as inner handler if
+ //inner handler is null
+ ((SecurityHandler)h).setHandler(handler);
+ }
handlerCollection.addHandler(h);
}
}
Modified:
cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/GreeterImpl.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/GreeterImpl.java?rev=1075784&r1=1075783&r2=1075784&view=diff
==============================================================================
---
cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/GreeterImpl.java
(original)
+++
cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/GreeterImpl.java
Tue Mar 1 11:41:46 2011
@@ -46,7 +46,7 @@ import org.apache.hello_world_soap_http.
public class GreeterImpl implements Greeter {
public String greetMe(String me) {
- return null;
+ return "Hello " + me;
}
public String greetMeLater(long delay) {
Added:
cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/JettyBasicAuthServer.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/JettyBasicAuthServer.java?rev=1075784&view=auto
==============================================================================
---
cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/JettyBasicAuthServer.java
(added)
+++
cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/JettyBasicAuthServer.java
Tue Mar 1 11:41:46 2011
@@ -0,0 +1,63 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.http_jetty;
+
+
+import java.net.URL;
+
+import javax.xml.ws.Endpoint;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.interceptor.LoggingInInterceptor;
+import org.apache.cxf.interceptor.LoggingOutInterceptor;
+import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
+
+
+public class JettyBasicAuthServer extends AbstractBusTestServerBase {
+ static final String PORT = allocatePort(JettyBasicAuthServer.class);
+ static final String ADDRESS = "http://localhost:"; + PORT +
"/SoapContext/SoapPort";
+
+ protected void run() {
+ String configurationFile = "jettyBasicAuthServer.xml";
+ URL configure =
+ JettyBasicAuthServer.class.getResource(configurationFile);
+ Bus bus = new SpringBusFactory().createBus(configure, true);
+ bus.getInInterceptors().add(new LoggingInInterceptor());
+ bus.getOutInterceptors().add(new LoggingOutInterceptor());
+ SpringBusFactory.setDefaultBus(bus);
+ setBus(bus);
+
+ GreeterImpl implementor = new GreeterImpl();
+ Endpoint.publish(ADDRESS, implementor);
+ }
+
+ public static void main(String[] args) {
+ try {
+ JettyBasicAuthServer s = new JettyBasicAuthServer();
+ s.start();
+ } catch (Exception ex) {
+ ex.printStackTrace();
+ System.exit(-1);
+ } finally {
+ System.out.println("done!");
+ }
+ }
+}
Added:
cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/JettyBasicAuthTest.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/JettyBasicAuthTest.java?rev=1075784&view=auto
==============================================================================
---
cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/JettyBasicAuthTest.java
(added)
+++
cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/JettyBasicAuthTest.java
Tue Mar 1 11:41:46 2011
@@ -0,0 +1,71 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.http_jetty;
+
+import java.net.URL;
+
+import javax.xml.namespace.QName;
+import javax.xml.ws.BindingProvider;
+
+import org.apache.cxf.frontend.ClientProxy;
+import org.apache.cxf.interceptor.LoggingInInterceptor;
+import org.apache.cxf.interceptor.LoggingOutInterceptor;
+import org.apache.cxf.testutil.common.AbstractClientServerTestBase;
+import org.apache.hello_world_soap_http.Greeter;
+import org.apache.hello_world_soap_http.SOAPService;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+/**
+ * Tests thread pool config.
+ */
+
+public class JettyBasicAuthTest extends AbstractClientServerTestBase {
+ private static final String ADDRESS = JettyBasicAuthServer.ADDRESS;
+ private static final QName SERVICE_NAME =
+ new QName("http://apache.org/hello_world_soap_http";,
"SOAPServiceAddressing");
+
+ private Greeter greeter;
+
+ @BeforeClass
+ public static void startServers() throws Exception {
+ assertTrue("server did not launch correctly",
+ launchServer(JettyBasicAuthServer.class, false));
+ }
+
+ @Before
+ public void setUp() throws Exception {
+ URL wsdl = getClass().getResource("/wsdl/hello_world.wsdl");
+ greeter = new SOAPService(wsdl, SERVICE_NAME).getPort(Greeter.class);
+ BindingProvider bp = (BindingProvider)greeter;
+ ClientProxy.getClient(greeter).getInInterceptors().add(new
LoggingInInterceptor());
+ ClientProxy.getClient(greeter).getOutInterceptors().add(new
LoggingOutInterceptor());
+ bp.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY,
+ ADDRESS);
+ bp.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "ffang");
+ bp.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "pswd");
+ }
+
+ @Test
+ public void testBasicAuth() throws Exception {
+ assertEquals("Hello Alice", greeter.greetMe("Alice"));
+ }
+}
Added:
cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/jetty-realm.properties
URL:
http://svn.apache.org/viewvc/cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/jetty-realm.properties?rev=1075784&view=auto
==============================================================================
---
cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/jetty-realm.properties
(added)
+++
cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/jetty-realm.properties
Tue Mar 1 11:41:46 2011
@@ -0,0 +1,20 @@
+## ---------------------------------------------------------------------------
+## Licensed to the Apache Software Foundation (ASF) under one or more
+## contributor license agreements. See the NOTICE file distributed with
+## this work for additional information regarding copyright ownership.
+## The ASF licenses this file to You under the Apache License, Version 2.0
+## (the "License"); you may not use this file except in compliance with
+## the License. You may obtain a copy of the License at
+##
+## http://www.apache.org/licenses/LICENSE-2.0
+##
+## Unless required by applicable law or agreed to in writing, software
+## distributed under the License is distributed on an "AS IS" BASIS,
+## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+## See the License for the specific language governing permissions and
+## limitations under the License.
+## ---------------------------------------------------------------------------
+
+# Defines users that can access the web (console, demo, etc.)
+# username: password [,rolename ...]
+ffang: pswd, admin
Added:
cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/jettyBasicAuthServer.xml
URL:
http://svn.apache.org/viewvc/cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/jettyBasicAuthServer.xml?rev=1075784&view=auto
==============================================================================
---
cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/jettyBasicAuthServer.xml
(added)
+++
cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/jettyBasicAuthServer.xml
Tue Mar 1 11:41:46 2011
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans";
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+ xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration";
+ xsi:schemaLocation="
+http://cxf.apache.org/transports/http-jetty/configuration
http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd";>
+
+ <bean
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+ <httpj:engine-factory bus="cxf">
+ <httpj:engine port="${testutil.ports.JettyBasicAuthServer}">
+ <httpj:handlers>
+ <bean
class="org.eclipse.jetty.security.ConstraintSecurityHandler">
+ <property name="loginService" ref="securityLoginService" />
+ <property name="constraintMappings">
+ <list>
+ <ref bean="securityConstraintMapping" />
+ </list>
+ </property>
+ </bean>
+ </httpj:handlers>
+ </httpj:engine>
+ </httpj:engine-factory>
+
+ <bean id="securityLoginService"
class="org.eclipse.jetty.security.HashLoginService">
+ <property name="name" value="WSRealm" />
+ <property name="config"
value="src/test/java/org/apache/cxf/systest/http_jetty/jetty-realm.properties"
/>
+ </bean>
+
+ <bean id="securityConstraint"
class="org.eclipse.jetty.http.security.Constraint">
+ <property name="name" value="BASIC" />
+ <property name="roles" value="admin" />
+ <property name="authenticate" value="true" />
+ </bean>
+
+ <bean id="securityConstraintMapping"
class="org.eclipse.jetty.security.ConstraintMapping">
+ <property name="constraint" ref="securityConstraint" />
+ <property name="pathSpec" value="/*" />
+ </bean>
+</beans>
+
