Repository: knox Updated Branches: refs/heads/master d3582aeb7 -> 39aa06ee8
KNOX-634 - CORS Support as Part of WebAppSec Provider Project: http://git-wip-us.apache.org/repos/asf/knox/repo Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/39aa06ee Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/39aa06ee Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/39aa06ee Branch: refs/heads/master Commit: 39aa06ee8655cdf4e2d1875868a3a1875a3ac2cd Parents: d3582ae Author: Larry McCay <[email protected]> Authored: Thu Nov 26 09:48:40 2015 -0500 Committer: Larry McCay <[email protected]> Committed: Thu Nov 26 09:48:40 2015 -0500 ---------------------------------------------------------------------- gateway-provider-security-jwt/pom.xml | 5 ----- .../jwt/deploy/SSOCookieFederationContributor.java | 2 -- .../jwt/filter/SSOCookieFederationFilter.java | 1 - gateway-provider-security-webappsec/pom.xml | 5 +++++ .../gateway/webappsec/deploy/WebAppSecContributor.java | 12 ++++++++++++ 5 files changed, 17 insertions(+), 8 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/knox/blob/39aa06ee/gateway-provider-security-jwt/pom.xml ---------------------------------------------------------------------- diff --git a/gateway-provider-security-jwt/pom.xml b/gateway-provider-security-jwt/pom.xml index 40077d7..1700c99 100644 --- a/gateway-provider-security-jwt/pom.xml +++ b/gateway-provider-security-jwt/pom.xml @@ -52,11 +52,6 @@ </dependency> <dependency> - <groupId>com.thetransactioncompany</groupId> - <artifactId>cors-filter</artifactId> - </dependency> - - <dependency> <groupId>commons-io</groupId> <artifactId>commons-io</artifactId> </dependency> http://git-wip-us.apache.org/repos/asf/knox/blob/39aa06ee/gateway-provider-security-jwt/src/main/java/org/apache/hadoop/gateway/provider/federation/jwt/deploy/SSOCookieFederationContributor.java ---------------------------------------------------------------------- diff --git a/gateway-provider-security-jwt/src/main/java/org/apache/hadoop/gateway/provider/federation/jwt/deploy/SSOCookieFederationContributor.java b/gateway-provider-security-jwt/src/main/java/org/apache/hadoop/gateway/provider/federation/jwt/deploy/SSOCookieFederationContributor.java index 12b35e1..2d36384 100644 --- a/gateway-provider-security-jwt/src/main/java/org/apache/hadoop/gateway/provider/federation/jwt/deploy/SSOCookieFederationContributor.java +++ b/gateway-provider-security-jwt/src/main/java/org/apache/hadoop/gateway/provider/federation/jwt/deploy/SSOCookieFederationContributor.java @@ -32,7 +32,6 @@ import java.util.Map.Entry; public class SSOCookieFederationContributor extends ProviderDeploymentContributorBase { private static final String FILTER_CLASSNAME = "org.apache.hadoop.gateway.provider.federation.jwt.filter.SSOCookieFederationFilter"; - private static final String CORS_FILTER_CLASSNAME = "com.thetransactioncompany.cors.CORSFilter"; @Override public String getRole() { @@ -58,7 +57,6 @@ public class SSOCookieFederationContributor extends ProviderDeploymentContributo for(Entry<String, String> entry : providerParams.entrySet()) { params.add( resource.createFilterParam().name( entry.getKey().toLowerCase() ).value( entry.getValue() ) ); } - resource.addFilter().name( "CORS" ).role( getRole() ).impl( CORS_FILTER_CLASSNAME ).params( params ); resource.addFilter().name( getName() ).role( getRole() ).impl( FILTER_CLASSNAME ).params( params ); } } http://git-wip-us.apache.org/repos/asf/knox/blob/39aa06ee/gateway-provider-security-jwt/src/main/java/org/apache/hadoop/gateway/provider/federation/jwt/filter/SSOCookieFederationFilter.java ---------------------------------------------------------------------- diff --git a/gateway-provider-security-jwt/src/main/java/org/apache/hadoop/gateway/provider/federation/jwt/filter/SSOCookieFederationFilter.java b/gateway-provider-security-jwt/src/main/java/org/apache/hadoop/gateway/provider/federation/jwt/filter/SSOCookieFederationFilter.java index e2635b4..297e549 100644 --- a/gateway-provider-security-jwt/src/main/java/org/apache/hadoop/gateway/provider/federation/jwt/filter/SSOCookieFederationFilter.java +++ b/gateway-provider-security-jwt/src/main/java/org/apache/hadoop/gateway/provider/federation/jwt/filter/SSOCookieFederationFilter.java @@ -21,7 +21,6 @@ import java.io.IOException; import java.security.Principal; import java.security.PrivilegedActionException; import java.security.PrivilegedExceptionAction; -import java.security.interfaces.RSAPublicKey; import java.util.ArrayList; import java.util.Date; import java.util.HashSet; http://git-wip-us.apache.org/repos/asf/knox/blob/39aa06ee/gateway-provider-security-webappsec/pom.xml ---------------------------------------------------------------------- diff --git a/gateway-provider-security-webappsec/pom.xml b/gateway-provider-security-webappsec/pom.xml index 7b485c6..2d3963f 100644 --- a/gateway-provider-security-webappsec/pom.xml +++ b/gateway-provider-security-webappsec/pom.xml @@ -46,6 +46,11 @@ </dependency> <dependency> + <groupId>com.thetransactioncompany</groupId> + <artifactId>cors-filter</artifactId> + </dependency> + + <dependency> <groupId>org.eclipse.jetty.orbit</groupId> <artifactId>javax.servlet</artifactId> </dependency> http://git-wip-us.apache.org/repos/asf/knox/blob/39aa06ee/gateway-provider-security-webappsec/src/main/java/org/apache/hadoop/gateway/webappsec/deploy/WebAppSecContributor.java ---------------------------------------------------------------------- diff --git a/gateway-provider-security-webappsec/src/main/java/org/apache/hadoop/gateway/webappsec/deploy/WebAppSecContributor.java b/gateway-provider-security-webappsec/src/main/java/org/apache/hadoop/gateway/webappsec/deploy/WebAppSecContributor.java index 0c890c5..86cf899 100644 --- a/gateway-provider-security-webappsec/src/main/java/org/apache/hadoop/gateway/webappsec/deploy/WebAppSecContributor.java +++ b/gateway-provider-security-webappsec/src/main/java/org/apache/hadoop/gateway/webappsec/deploy/WebAppSecContributor.java @@ -36,6 +36,9 @@ public class WebAppSecContributor extends private static final String CSRF_SUFFIX = "_CSRF"; private static final String CSRF_FILTER_CLASSNAME = "org.apache.hadoop.gateway.webappsec.filter.CSRFPreventionFilter"; private static final String CSRF_ENABLED = "csrf.enabled"; + private static final String CORS_SUFFIX = "_CORS"; + private static final String CORS_FILTER_CLASSNAME = "com.thetransactioncompany.cors.CORSFilter"; + private static final String CORS_ENABLED = "cors.enabled"; @Override public String getRole() { @@ -68,9 +71,18 @@ public class WebAppSecContributor extends for(Entry<String, String> entry : providerParams.entrySet()) { params.add( resource.createFilterParam().name( entry.getKey().toLowerCase() ).value( entry.getValue() ) ); } + + // CORS support + String corsEnabled = map.get(CORS_ENABLED); + if ( corsEnabled != null && corsEnabled.equals("true")) { + resource.addFilter().name( getName() + CORS_SUFFIX ).role( getRole() ).impl( CORS_FILTER_CLASSNAME ).params( params ); + } + + // CRSF if ( csrfEnabled != null && csrfEnabled.equals("true")) { resource.addFilter().name( getName() + CSRF_SUFFIX ).role( getRole() ).impl( CSRF_FILTER_CLASSNAME ).params( params ); } + } } }
