Hi Kasun,
Thanks a lot for pointing that out.
So, this is the current implementation.
private static PrivilegedCarbonContext carbonContext;
@OnOpen
public void onOpen (Session session, @PathParam("topic") String topic,
@PathParam("tdomain") String tdomain) {
carbonContext =
PrivilegedCarbonContext.getThreadLocalCarbonContext();
carbonContext.setTenantDomain(tdomain);
}
@OnMessage
public void onMessage (Session session, String message,
@PathParam("topic") String topic, @PathParam("tdomain") String tdomain) {
String tdomain = carbonContext.getTenantDomain();
websocketInputService.invokeListener(tdomain, topic, message);
}
Unless we authenticate clients at onOpen method, this implementation too is
unsecured, right?
Thanks,
Dilini
On Wed, Jul 23, 2014 at 5:08 AM, Kasun Gajasinghe <[email protected]> wrote:
>
>
>
> On Tue, Jul 22, 2014 at 4:30 PM, Dilini Muthumala <[email protected]> wrote:
>
>> Hi Sagara,
>>
>> Thanks a lot for the informative reply.
>>
>> On Tue, Jul 22, 2014 at 8:22 PM, Sagara Gunathunga <[email protected]>
>> wrote:
>>
>>> As we discussed offline you need to modify onOpen() method to receive
>>> tenant id from an initial handshake request, then within the onOpen method
>>> you have to write logic similar to
>>> CarbonContextCreatorValve#initCarbonContext()
>>> method.
>>>
>>
>> Alternatively, how about reading the tenant domain from the path
>> parameter (i.e. without using PrivilegedCarbonContext), as shown below?
>>
>> @OnOpen
>> public void onOpen (Session session, @PathParam("topic") String
>> topic, @PathParam("tdomain") String tdomain) {
>> }
>>
>> @OnMessage
>> public void onMessage (Session session, String message,
>> @PathParam("topic") String topic, @PathParam("tdomain") String tdomain) {
>> websocketInputService.invokeListener(tdomain, topic, message);
>> }
>>
>>
> -1. This would create a security loop hole.
>
> If your webapp needs to work across all the tenants, then you might need
> to make it a SaaS app. This would be pretty much similar to API publisher.
>
>
>
>> Thanks,
>> Dilini
>>
>>>
>>>
>>> Thanks !
>>>
>>> On Tue, Jul 22, 2014 at 7:18 PM, Dilini Muthumala <[email protected]>
>>> wrote:
>>>
>>>> FYI, this is the end point trying to get the tenant id:
>>>>
>>>> import javax.websocket.*;
>>>> import org.wso2.carbon.context.PrivilegedCarbonContext;
>>>> import
>>>> org.wso2.carbon.event.input.adaptor.websocket.WebsocketInputService;
>>>>
>>>> @ServerEndpoint(value = "/{topic}")
>>>> public class DataReceivingEndpoint {
>>>>
>>>> private static WebsocketInputService websocketInputService;
>>>> private static int tenantId;
>>>>
>>>> public DataReceivingEndpoint() {
>>>> websocketInputService = (WebsocketInputService)
>>>> PrivilegedCarbonContext.getThreadLocalCarbonContext()
>>>> .getOSGiService(WebsocketInputService.class);
>>>> }
>>>>
>>>> @OnOpen
>>>> public void onOpen (Session session, @PathParam("topic") String
>>>> topic) {
>>>> }
>>>>
>>>> @OnMessage
>>>> public void onMessage (Session session, String message,
>>>> @PathParam("topic") String topic) {
>>>> tenantId =
>>>> PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(); //
>>>> returned -1
>>>> websocketInputService.invokeListener(tenantId, topic, message);
>>>> }
>>>>
>>>> @OnClose
>>>> public void onClose (Session session, CloseReason reason) {
>>>> }
>>>>
>>>> @OnError
>>>> public void onError (Session session) {
>>>> }
>>>> }
>>>>
>>>>
>>>> On Tue, Jul 22, 2014 at 5:58 PM, Dilini Muthumala <[email protected]>
>>>> wrote:
>>>>
>>>>> Hi all,
>>>>>
>>>>> Had an offline discussion with Sameera, Sagara and Chamil regarding
>>>>> this.
>>>>>
>>>>> The most important piece of info is missing in my initial mail, which
>>>>> is, this web app contains a web-socket end point.
>>>>>
>>>>> That must be the reason why all these usual methods are not working.
>>>>>
>>>>> Thanks,
>>>>> Dilini
>>>>>
>>>>>
>>>>> On Tue, Jul 22, 2014 at 5:45 PM, Kasun Gajasinghe <[email protected]>
>>>>> wrote:
>>>>>
>>>>>> Hi Dilini,
>>>>>>
>>>>>> What's the product you are trying this in? Can you open up
>>>>>> CARBON_HOME/repository/conf/tomcat/catalina-server.xml, and make sure
>>>>>> that
>>>>>> it has the following valve defined?
>>>>>>
>>>>>> <Valve
>>>>>> className="org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve"/>
>>>>>>
>>>>>> The reported jira that is mentioned above is an issue with logging.
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Tue, Jul 22, 2014 at 4:58 AM, Asanka Dissanayake <[email protected]
>>>>>> > wrote:
>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Tue, Jul 22, 2014 at 5:23 PM, Asanka Dissanayake <
>>>>>>> [email protected]> wrote:
>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Tue, Jul 22, 2014 at 5:03 PM, Gayashan Amarasinghe <
>>>>>>>> [email protected]> wrote:
>>>>>>>>
>>>>>>>>> Hi Dilini,
>>>>>>>>>
>>>>>>>>> Did you deploy the web app as super tenant or a tenant? What are
>>>>>>>>> the server versions you used?
>>>>>>>>>
>>>>>>>>> Method you have used is the proper way to access the tenant Id.
>>>>>>>>>
>>>>>>>> AFAIK you shouldn't use PrivilegedCarbonContext to read
>>>>>>>> information. It is used to write stuffs to the carbon context.
>>>>>>>>
>>>>>>> For more information:
>>>>>>>
>>>>>>> PrivilegedCarbonContext
>>>>>>>
>>>>>>> PrivilegedCarbonContext is a special subclass of CarbonContext,
>>>>>>> which allows you to perform privileged operations such as, setting the
>>>>>>> tenant ID and domain, starting or ending tenant flows and more. This
>>>>>>> class
>>>>>>> can only be used by Carbon components that have the permission to get
>>>>>>> hold
>>>>>>> of an instance of the PrivilegedCarbonContext.
>>>>>>>
>>>>>>>
>>>>>>> CarbonContext
>>>>>>> The CarbonContext is designed for normal tenants to retrieve
>>>>>>> information from the Carbon runtime. In the super tenant mode, for this
>>>>>>> to
>>>>>>> work the relevant data has to be set so that tenants can retrieve
>>>>>>> information using the CarbonContext.
>>>>>>>
>>>>>>>> However as Malintha has mentioned, there are some bugs when
>>>>>>>>> certain super-tenant related tasks are logged, which has not been
>>>>>>>>> observed
>>>>>>>>> for tenant-wise tasks. This bug will be fixed with 4.3 release.
>>>>>>>>>
>>>>>>>>> Thanks.
>>>>>>>>>
>>>>>>>>> /Gayashan
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Tue, Jul 22, 2014 at 3:29 PM, Dilini Muthumala <[email protected]
>>>>>>>>> > wrote:
>>>>>>>>>
>>>>>>>>>> Hi,
>>>>>>>>>>
>>>>>>>>>> Would like to know, how to $subject.
>>>>>>>>>>
>>>>>>>>>> I tired with,
>>>>>>>>>>
>>>>>>>>>> PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
>>>>>>>>>>
>>>>>>>>>> which returned -1, as the tenant id.
>>>>>>>>>>
>>>>>>>>>> Thanks,
>>>>>>>>>> Dilini
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>> *Dilini Muthumala*
>>>>>>>>>> Software Engineer,
>>>>>>>>>> WSO2 Inc.
>>>>>>>>>>
>>>>>>>>>> *E-mail :* [email protected]
>>>>>>>>>> *Mobile: *+94713 400 029
>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> Dev mailing list
>>>>>>>>>> [email protected]
>>>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> *Gayashan Amarasinghe*
>>>>>>>>> Software Engineer | Platform TG
>>>>>>>>> WSO2, Inc. | http://wso2.com
>>>>>>>>> lean. enterprise. middleware
>>>>>>>>>
>>>>>>>>> Mobile : +94718314517
>>>>>>>>> Blog : gayashan-a.blogspot.com
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> Dev mailing list
>>>>>>>>> [email protected]
>>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>>
>>>>>>>>
>>>>>>>> *Asanka DissanayakeSoftware Engineer*
>>>>>>>> *WSO2 Inc. - lean . enterprise . middleware | wso2.com
>>>>>>>> <http://wso2.com/>*
>>>>>>>>
>>>>>>>> *email: [email protected] <[email protected]>, blog:
>>>>>>>> cyberwaadiya.blogspot.com
>>>>>>>> <http://cyberwaadiya.blogspot.com>, asankastechtalks.wordpress.com
>>>>>>>> <http://asankastechtalks.wordpress.com> mobile: +94 71 8373821*
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>>
>>>>>>>
>>>>>>> *Asanka DissanayakeSoftware Engineer*
>>>>>>> *WSO2 Inc. - lean . enterprise . middleware | wso2.com
>>>>>>> <http://wso2.com/>*
>>>>>>>
>>>>>>> *email: [email protected] <[email protected]>, blog:
>>>>>>> cyberwaadiya.blogspot.com
>>>>>>> <http://cyberwaadiya.blogspot.com>, asankastechtalks.wordpress.com
>>>>>>> <http://asankastechtalks.wordpress.com> mobile: +94 71 8373821*
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Dev mailing list
>>>>>>> [email protected]
>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>>
>>>>>> *Kasun Gajasinghe*Senior Software Engineer, WSO2 Inc.
>>>>>> email: kasung AT spamfree wso2.com
>>>>>> linked-in: http://lk.linkedin.com/in/gajasinghe
>>>>>> blog: http://kasunbg.org
>>>>>>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Dev mailing list
>>>>>> [email protected]
>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> *Dilini Muthumala*
>>>>> Software Engineer,
>>>>> WSO2 Inc.
>>>>>
>>>>> *E-mail :* [email protected]
>>>>> *Mobile: *+94713 400 029
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> *Dilini Muthumala*
>>>> Software Engineer,
>>>> WSO2 Inc.
>>>>
>>>> *E-mail :* [email protected]
>>>> *Mobile: *+94713 400 029
>>>>
>>>> _______________________________________________
>>>> Dev mailing list
>>>> [email protected]
>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>
>>>>
>>>
>>>
>>> --
>>> Sagara Gunathunga
>>>
>>> Senior Technical Lead; WSO2, Inc.; http://wso2.com
>>> V.P Apache Web Services; http://ws.apache.org/
>>> Linkedin; http://www.linkedin.com/in/ssagara
>>> Blog ; http://ssagara.blogspot.com
>>>
>>>
>>
>>
>> --
>> *Dilini Muthumala*
>> Software Engineer,
>> WSO2 Inc.
>>
>> *E-mail :* [email protected]
>> *Mobile: *+94713 400 029
>>
>> _______________________________________________
>> Dev mailing list
>> [email protected]
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
>
> *Kasun Gajasinghe*Senior Software Engineer, WSO2 Inc.
> email: kasung AT spamfree wso2.com
> linked-in: http://lk.linkedin.com/in/gajasinghe
> blog: http://kasunbg.org
>
>
>
--
*Dilini Muthumala*
Software Engineer,
WSO2 Inc.
*E-mail :* [email protected]
*Mobile: *+94713 400 029
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
