Repository: stratos Updated Branches: refs/heads/docker-grouping-merge 47b31d086 -> ef4df6d66
Removing subscribe method from REST API and refining code/error logs Project: http://git-wip-us.apache.org/repos/asf/stratos/repo Commit: http://git-wip-us.apache.org/repos/asf/stratos/commit/ef4df6d6 Tree: http://git-wip-us.apache.org/repos/asf/stratos/tree/ef4df6d6 Diff: http://git-wip-us.apache.org/repos/asf/stratos/diff/ef4df6d6 Branch: refs/heads/docker-grouping-merge Commit: ef4df6d66397d12fb84e9867bf4f5e934af58158 Parents: 47b31d0 Author: Imesh Gunaratne <[email protected]> Authored: Sat Nov 1 10:20:01 2014 +0530 Committer: Imesh Gunaratne <[email protected]> Committed: Sat Nov 1 10:20:01 2014 +0530 ---------------------------------------------------------------------- ...tractAuthenticationAuthorizationHandler.java | 4 +- .../handlers/CustomExceptionMapper.java | 2 +- .../CustomThrowableExceptionMapper.java | 4 +- .../handlers/StratosAuthenticationHandler.java | 22 +++-- .../rest/endpoint/services/StratosAdmin.java | 92 ++++++-------------- 5 files changed, 45 insertions(+), 79 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/stratos/blob/ef4df6d6/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/AbstractAuthenticationAuthorizationHandler.java ---------------------------------------------------------------------- diff --git a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/AbstractAuthenticationAuthorizationHandler.java b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/AbstractAuthenticationAuthorizationHandler.java index b332841..1209860 100644 --- a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/AbstractAuthenticationAuthorizationHandler.java +++ b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/AbstractAuthenticationAuthorizationHandler.java @@ -33,8 +33,6 @@ import java.util.List; public abstract class AbstractAuthenticationAuthorizationHandler implements RequestHandler { private Log log = LogFactory.getLog(AbstractAuthenticationAuthorizationHandler.class); - - public Response handleRequest(Message message, ClassResourceInfo classResourceInfo) { HttpHeaders headers = new HttpHeadersImpl(message); List<String> authHeader = headers.getRequestHeader(HttpHeaders.AUTHORIZATION); @@ -47,9 +45,9 @@ public abstract class AbstractAuthenticationAuthorizationHandler implements Requ } // give the control to the next handler return null; - } protected abstract boolean canHandle(String authHeaderPrefix); + protected abstract Response handle(Message message,ClassResourceInfo classResourceInfo); } http://git-wip-us.apache.org/repos/asf/stratos/blob/ef4df6d6/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CustomExceptionMapper.java ---------------------------------------------------------------------- diff --git a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CustomExceptionMapper.java b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CustomExceptionMapper.java index bc6941d..8682b7d 100644 --- a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CustomExceptionMapper.java +++ b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CustomExceptionMapper.java @@ -40,7 +40,7 @@ public class CustomExceptionMapper implements ExceptionMapper<RestAPIException> } // if no specific error message specified, spitting out a generaic error message String errorMessage = (restAPIException.getMessage() != null)? - restAPIException.getMessage():"Error while fullfilling the request"; + restAPIException.getMessage():"Error while fulfilling the request"; // if no specific error specified we are throwing the bad request http status code by default Response.Status httpStatus= (restAPIException.getHTTPStatusCode() != null)? restAPIException.getHTTPStatusCode():Response.Status.BAD_REQUEST; http://git-wip-us.apache.org/repos/asf/stratos/blob/ef4df6d6/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CustomThrowableExceptionMapper.java ---------------------------------------------------------------------- diff --git a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CustomThrowableExceptionMapper.java b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CustomThrowableExceptionMapper.java index 0f08728..74323de 100644 --- a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CustomThrowableExceptionMapper.java +++ b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CustomThrowableExceptionMapper.java @@ -29,8 +29,8 @@ public class CustomThrowableExceptionMapper implements ExceptionMapper<Throwable private static Log log = LogFactory.getLog(CustomThrowableExceptionMapper.class); public Response toResponse(Throwable throwable) { - if(log.isDebugEnabled()){ - log.debug("Internal server error", throwable); + if(log.isErrorEnabled()){ + log.error("Internal server error", throwable); } return Response.status(Response.Status.INTERNAL_SERVER_ERROR).type(MediaType.APPLICATION_JSON). http://git-wip-us.apache.org/repos/asf/stratos/blob/ef4df6d6/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthenticationHandler.java ---------------------------------------------------------------------- diff --git a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthenticationHandler.java b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthenticationHandler.java index bfa676f..0894cd7 100644 --- a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthenticationHandler.java +++ b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthenticationHandler.java @@ -22,6 +22,7 @@ import javax.servlet.http.HttpServletRequest; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; +import org.apache.commons.lang3.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.cxf.configuration.security.AuthorizationPolicy; @@ -67,22 +68,26 @@ public class StratosAuthenticationHandler extends AbstractAuthenticationAuthoriz * @return */ public Response handle(Message message, ClassResourceInfo classResourceInfo) { + if(log.isDebugEnabled()) { + log.debug(String.format("Authenticating request: [message-id] %s", message.getId())); + } + // If Mutual SSL is enabled HttpServletRequest request = (HttpServletRequest) message.get("HTTP.REQUEST"); Object certObject = request.getAttribute("javax.servlet.request.X509Certificate"); - AuthorizationPolicy policy = (AuthorizationPolicy) message.get(AuthorizationPolicy.class); + AuthorizationPolicy policy = message.get(AuthorizationPolicy.class); String username = policy.getUserName().trim(); String password = policy.getPassword().trim(); //sanity check - if ((username == null) || username.equals("")) { - log.error("username is seen as null/empty values."); + if (StringUtils.isEmpty(username)) { + log.error("username is seen as null/empty values"); return Response.status(Response.Status.UNAUTHORIZED) .header("WWW-Authenticate", "Basic").type(MediaType.APPLICATION_JSON) .entity(Utils.buildMessage("Username cannot be null")).build(); - } else if (certObject == null && ((password == null) || password.equals(""))) { - log.error("password is seen as null/empty values."); + } else if (certObject == null && (StringUtils.isEmpty(password))) { + log.error("password is seen as null/empty values"); return Response.status(Response.Status.UNAUTHORIZED) .header("WWW-Authenticate", "Basic").type(MediaType.APPLICATION_JSON) .entity(Utils.buildMessage("password cannot be null")).build(); @@ -119,23 +124,22 @@ public class StratosAuthenticationHandler extends AbstractAuthenticationAuthoriz // set the authenticated flag and let the request to continue AuthenticationContext.setAuthenticated(true); if (log.isDebugEnabled()) { - log.debug("authenticated using the " + CookieBasedAuthenticationHandler.class.getName() + "for username :" + + log.debug("Authenticated using the " + CookieBasedAuthenticationHandler.class.getName() + "for username :" + username + "tenantDomain : " + tenantDomain + " tenantId : " + tenantId); } return null; } else { - log.warn("unable to authenticate the request"); + log.warn(String.format("Unable to authenticate the request: [message-id] %s", message.getId())); // authentication failed, request the authetication, add the realm name if needed to the value of WWW-Authenticate return Response.status(Response.Status.UNAUTHORIZED).header("WWW-Authenticate", "Basic"). type(MediaType.APPLICATION_JSON).entity(Utils.buildMessage("Authentication failed. Please " + "check your username/password")).build(); } } catch (Exception exception) { - log.error("Authentication failed",exception); + log.error(String.format("Authentication failed: [message-id] %s", message.getId()),exception); // server error in the eyes of the client. Hence 5xx HTTP code. return Response.status(Response.Status.INTERNAL_SERVER_ERROR).type(MediaType.APPLICATION_JSON). entity(Utils.buildMessage("Unexpected error. Please contact the system admin")).build(); } - } } http://git-wip-us.apache.org/repos/asf/stratos/blob/ef4df6d6/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/services/StratosAdmin.java ---------------------------------------------------------------------- diff --git a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/services/StratosAdmin.java b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/services/StratosAdmin.java index f28a8e6..116688b 100644 --- a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/services/StratosAdmin.java +++ b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/services/StratosAdmin.java @@ -94,24 +94,21 @@ public class StratosAdmin extends AbstractAdmin { @Context UriInfo uriInfo; - @POST @Path("/init") @AuthorizationAction("/permission/admin/restlogin") public StratosAdminResponse initialize() throws RestAPIException { - - StratosAdminResponse stratosAdminResponse = new StratosAdminResponse(); stratosAdminResponse.setMessage("Successfully logged in"); return stratosAdminResponse; } - /* - This method gets called by the client who are interested in using session mechanism to authenticate themselves in - subsequent calls. This method call get authenticated by the basic authenticator. - Once the authenticated call received, the method creates a session. - + /** + * This method gets called by the client who are interested in using session mechanism to authenticate themselves in + * subsequent calls. This method call get authenticated by the basic authenticator. + * Once the authenticated call received, the method creates a session. + * @return */ @GET @Path("/cookie") @@ -130,22 +127,6 @@ public class StratosAdmin extends AbstractAdmin { entity(Utils.buildAuthenticationSuccessMessage(sessionId)).build(); } - /* - @POST - @Path("/application/definition/") - @Produces("application/json") - @Consumes("application/json") - @AuthorizationAction("/permission/protected/manage/monitor/tenants") - @SuperTenantService(true) - // Grouping - public StratosAdminResponse deployApplicationDefinition(CompositeApplicationDefinitionBean applicationDefinitionBean) - throws RestAPIException { - - return ServiceUtils.deployApplicationDefinition(applicationDefinitionBean, getConfigContext(), getUsername(), - getTenantDomain()); - - } -*/ @POST @Path("/application/definition/") @Produces("application/json") @@ -157,24 +138,10 @@ public class StratosAdmin extends AbstractAdmin { throws RestAPIException { ServiceUtils.deployApplicationDefinition(applicationDefinitionBean, getConfigContext(), getUsername(), getTenantDomain()); - URI url = uriInfo.getAbsolutePathBuilder().path(applicationDefinitionBean.getApplicationId()).build(); return Response.created(url).build(); } - /* @POST - @Path("/application/definition/") - @Produces("application/json") - @Consumes("application/json") - @AuthorizationAction("/permission/protected/manage/monitor/tenants") - @SuperTenantService(true) - // Grouping - public StratosAdminResponse deployApplicationDefinition(CompositeAppDefinition compositeAppDefinition) - throws RestAPIException { - - return ServiceUtils.deployCompositeApplicationDefintion(compositeAppDefinition); - } */ - @DELETE @Path("/application/definition/{applicationId}") @@ -185,7 +152,6 @@ public class StratosAdmin extends AbstractAdmin { // Grouping public Response unDeployApplicationDefinition(@PathParam("applicationId") String applicationId) throws RestAPIException { - ServiceUtils.unDeployApplication(applicationId, getConfigContext(), getUsername(), getTenantDomain()); return Response.noContent().build(); @@ -199,7 +165,6 @@ public class StratosAdmin extends AbstractAdmin { @AuthorizationAction("/permission/admin/manage/add/cartridgeDefinition") public Response deployCartridgeDefinition(CartridgeDefinitionBean cartridgeDefinitionBean) throws RestAPIException { - ServiceUtils.deployCartridge(cartridgeDefinitionBean, getConfigContext(), getUsername(), getTenantDomain()); URI url = uriInfo.getAbsolutePathBuilder().path(cartridgeDefinitionBean.type).build(); @@ -213,7 +178,6 @@ public class StratosAdmin extends AbstractAdmin { @Consumes("application/json") @AuthorizationAction("/permission/admin/manage/add/cartridgeDefinition") public Response unDeployCartridgeDefinition(@PathParam("cartridgeType") String cartridgeType) throws RestAPIException { - ServiceUtils.undeployCartridge(cartridgeType); return Response.noContent().build(); } @@ -226,7 +190,6 @@ public class StratosAdmin extends AbstractAdmin { @SuperTenantService(true) public Response deployServiceGroupDefinition (ServiceGroupDefinition serviceGroupDefinition) throws RestAPIException { - ServiceUtils.deployServiceGroupDefinition(serviceGroupDefinition); URI url = uriInfo.getAbsolutePathBuilder().path(serviceGroupDefinition.getName()).build(); return Response.created(url).build(); @@ -443,10 +406,8 @@ public class StratosAdmin extends AbstractAdmin { } /** - * This API provides information about the application denoted by the given appId. Details includes, - * Application details, - * Top level cluster details - * details of the group and sub groups. + * This API resource provides information about the application denoted by the given appId. Details includes, + * Application details, top level cluster details, details of the group and sub groups. * @param applicationId Id of the application. * @return Json representing the application details with 200 as HTTP status. HTTP 404 is returned when there is * no application with given Id. @@ -561,19 +522,19 @@ public class StratosAdmin extends AbstractAdmin { return rb.build(); } - @POST - @Path("/cartridge/subscribe") - @Produces("application/json") - @Consumes("application/json") - @AuthorizationAction("/permission/admin/manage/add/subscription") - public Response subscribe(CartridgeInfoBean cartridgeInfoBean) throws RestAPIException { - - SubscriptionInfo subscriptionInfo = ServiceUtils.subscribe(cartridgeInfoBean, - getConfigContext(), - getUsername(), - getTenantDomain()); - return Response.ok(subscriptionInfo).build(); - } +// @POST +// @Path("/cartridge/subscribe") +// @Produces("application/json") +// @Consumes("application/json") +// @AuthorizationAction("/permission/admin/manage/add/subscription") +// public Response subscribe(CartridgeInfoBean cartridgeInfoBean) throws RestAPIException { +// +// SubscriptionInfo subscriptionInfo = ServiceUtils.subscribe(cartridgeInfoBean, +// getConfigContext(), +// getUsername(), +// getTenantDomain()); +// return Response.ok(subscriptionInfo).build(); +// } @GET @Path("/cluster/") @@ -676,10 +637,11 @@ public class StratosAdmin extends AbstractAdmin { try { CommonUtil.validateEmail(tenantInfoBean.getEmail()); } catch (Exception e) { - String msg = "Invalid email is provided."; + String msg = "Invalid email is provided"; log.error(msg, e); throw new RestAPIException(msg); } + String tenantDomain = tenantInfoBean.getTenantDomain(); try { TenantMgtUtil.validateDomain(tenantDomain); @@ -688,18 +650,20 @@ public class StratosAdmin extends AbstractAdmin { log.error(msg, e); throw new RestAPIException(msg); } + UserRegistry userRegistry = (UserRegistry) PrivilegedCarbonContext.getThreadLocalCarbonContext(). getRegistry(RegistryType.USER_GOVERNANCE); if (userRegistry == null) { - log.error("Security Alert! User registry is null. A user is trying create a tenant " + log.error("Security alert! User registry is null. A user is trying create a tenant " + " without an authenticated session."); - throw new RestAPIException("Invalid data."); // obscure error message. + throw new RestAPIException("Invalid data"); // obscure error message. } if (userRegistry.getTenantId() != MultitenantConstants.SUPER_TENANT_ID) { - log.error("Security Alert! Non super tenant trying to create a tenant."); - throw new RestAPIException("Invalid data."); // obscure error message. + log.error("Security alert! None super tenant trying to create a tenant."); + throw new RestAPIException("Invalid data"); // obscure error message. } + Tenant tenant = TenantMgtUtil.initializeTenant(tenantInfoBean); TenantPersistor persistor = ServiceHolder.getTenantPersistor(); // not validating the domain ownership, since created by super tenant
