Author: sergeyb
Date: Sun Jul 19 18:27:18 2009
New Revision: 795589
URL: http://svn.apache.org/viewvc?rev=795589&view=rev
Log:
Merged revisions 795583 via svnmerge from
https://svn.apache.org/repos/asf/cxf/trunk
........
r795583 | sergeyb | 2009-07-19 19:20:03 +0100 (Sun, 19 Jul 2009) | 1 line
[CXF-2346] Checking servlet request params in cases when input stream was
consumed by filters
........
Modified:
cxf/branches/2.2.x-fixes/ (props changed)
cxf/branches/2.2.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/FormEncodingProvider.java
cxf/branches/2.2.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/FormUtils.java
cxf/branches/2.2.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/JAXRSUtils.java
cxf/branches/2.2.x-fixes/systests/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSpringSecurityClassTest.java
cxf/branches/2.2.x-fixes/systests/src/test/java/org/apache/cxf/systest/jaxrs/security/SecureBookStoreNoInterface.java
Propchange: cxf/branches/2.2.x-fixes/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Sun Jul 19 18:27:18 2009
@@ -1 +1 @@
-/cxf/trunk:782728-782730,783097,783294,783396,784059,784181-784184,784893,784895,785279-785282,785468,785621,785624,785651,785734,785866,786142,786271-786272,786395,786512,786514,786582-786583,786638,786647,786850,787200,787269,787277-787279,787290-787291,787305,787323,787366,787849,788030,788060,788187,788444,788451,788703,788752,788774,788819-788820,789013,789371,789387,789420,789527-789530,789704-789705,789788,789811,789896-789901,790074,790094,790134,790188,790294,790553,790637-790644,790868,791301,791354,791538,791753,791947,792007,792096,792183,792261-792265,792271,792604,792683-792685,792975,792985,793059,793570,794297,794396,794680,794728,794771,794778-794780,794892,795044,795104,795160
+/cxf/trunk:782728-782730,783097,783294,783396,784059,784181-784184,784893,784895,785279-785282,785468,785621,785624,785651,785734,785866,786142,786271-786272,786395,786512,786514,786582-786583,786638,786647,786850,787200,787269,787277-787279,787290-787291,787305,787323,787366,787849,788030,788060,788187,788444,788451,788703,788752,788774,788819-788820,789013,789371,789387,789420,789527-789530,789704-789705,789788,789811,789896-789901,790074,790094,790134,790188,790294,790553,790637-790644,790868,791301,791354,791538,791753,791947,792007,792096,792183,792261-792265,792271,792604,792683-792685,792975,792985,793059,793570,794297,794396,794680,794728,794771,794778-794780,794892,795044,795104,795160,795583
Propchange: cxf/branches/2.2.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.
Modified:
cxf/branches/2.2.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/FormEncodingProvider.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.2.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/FormEncodingProvider.java?rev=795589&r1=795588&r2=795589&view=diff
==============================================================================
---
cxf/branches/2.2.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/FormEncodingProvider.java
(original)
+++
cxf/branches/2.2.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/FormEncodingProvider.java
Sun Jul 19 18:27:18 2009
@@ -120,7 +120,10 @@
AttachmentUtils.getMultipartBody(mc, attachmentDir,
attachmentThreshold);
FormUtils.populateMapFromMultipart(params, body, decode);
} else {
- FormUtils.populateMapFromString(params, FormUtils.readBody(is),
decode);
+ FormUtils.populateMapFromString(params,
+ FormUtils.readBody(is),
+ decode,
+ mc != null ?
mc.getHttpServletRequest() : null);
}
}
Modified:
cxf/branches/2.2.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/FormUtils.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.2.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/FormUtils.java?rev=795589&r1=795588&r2=795589&view=diff
==============================================================================
---
cxf/branches/2.2.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/FormUtils.java
(original)
+++
cxf/branches/2.2.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/FormUtils.java
Sun Jul 19 18:27:18 2009
@@ -23,9 +23,11 @@
import java.io.IOException;
import java.io.InputStream;
import java.util.Arrays;
+import java.util.Enumeration;
import java.util.List;
import java.util.Map;
+import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.MultivaluedMap;
@@ -68,7 +70,8 @@
}
public static void populateMapFromString(MultivaluedMap<String, String>
params,
- String postBody, boolean decode) {
+ String postBody, boolean decode,
+ HttpServletRequest request) {
if (!StringUtils.isEmpty(postBody)) {
List<String> parts = Arrays.asList(postBody.split("&"));
for (String part : parts) {
@@ -85,6 +88,12 @@
params.add(keyValue[0], "");
}
}
+ } else if (request != null) {
+ for (Enumeration en = request.getParameterNames();
en.hasMoreElements();) {
+ String paramName = en.nextElement().toString();
+ String[] values = request.getParameterValues(paramName);
+ params.put(paramName, Arrays.asList(values));
+ }
}
}
Modified:
cxf/branches/2.2.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/JAXRSUtils.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.2.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/JAXRSUtils.java?rev=795589&r1=795588&r2=795589&view=diff
==============================================================================
---
cxf/branches/2.2.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/JAXRSUtils.java
(original)
+++
cxf/branches/2.2.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/JAXRSUtils.java
Sun Jul 19 18:27:18 2009
@@ -597,7 +597,8 @@
body = FormUtils.readBody(m.getContent(InputStream.class));
m.put("org.apache.cxf.jaxrs.provider.form.body", body);
}
- FormUtils.populateMapFromString(params, (String)body, decode);
+ HttpServletRequest request =
(HttpServletRequest)m.get(AbstractHTTPDestination.HTTP_REQUEST);
+ FormUtils.populateMapFromString(params, (String)body, decode,
request);
} else {
MultipartBody body = AttachmentUtils.getMultipartBody(mc);
FormUtils.populateMapFromMultipart(params, body, decode);
Modified:
cxf/branches/2.2.x-fixes/systests/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSpringSecurityClassTest.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.2.x-fixes/systests/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSpringSecurityClassTest.java?rev=795589&r1=795588&r2=795589&view=diff
==============================================================================
---
cxf/branches/2.2.x-fixes/systests/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSpringSecurityClassTest.java
(original)
+++
cxf/branches/2.2.x-fixes/systests/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSpringSecurityClassTest.java
Sun Jul 19 18:27:18 2009
@@ -19,6 +19,16 @@
package org.apache.cxf.systest.jaxrs.security;
+import java.io.InputStream;
+
+import javax.ws.rs.core.Response;
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.Unmarshaller;
+
+import org.apache.cxf.jaxrs.client.WebClient;
+import org.apache.cxf.jaxrs.ext.form.Form;
+import org.apache.cxf.systest.jaxrs.Book;
+
import org.junit.BeforeClass;
import org.junit.Test;
@@ -38,6 +48,19 @@
}
@Test
+ public void testBookFromForm() throws Exception {
+
+ WebClient wc =
WebClient.create("http://localhost:9080/bookstorestorage/bookforms";,
+ "foo", "bar", null);
+
+ Response r = wc.form(new Form().set("name", "CXF Rocks").set("id",
"123"));
+
+ Book b = readBook((InputStream)r.getEntity());
+ assertEquals("CXF Rocks", b.getName());
+ assertEquals(123L, b.getId());
+ }
+
+ @Test
public void testGetBookUserAdmin() throws Exception {
String endpointAddress =
"http://localhost:9080/bookstorestorage/thosebooks/123";;
@@ -62,6 +85,12 @@
getBook(endpointAddress, "bob", "bobspassword", 403);
}
+ private Book readBook(InputStream is) throws Exception {
+ JAXBContext c = JAXBContext.newInstance(new Class[]{Book.class});
+ Unmarshaller u = c.createUnmarshaller();
+ return (Book)u.unmarshal(is);
+ }
+
@Test
public void testGetBookSubresourceAdmin() throws Exception {
String endpointAddress =
@@ -70,5 +99,5 @@
getBook(endpointAddress, "bob", "bobspassword", 403);
}
-
+
}
Modified:
cxf/branches/2.2.x-fixes/systests/src/test/java/org/apache/cxf/systest/jaxrs/security/SecureBookStoreNoInterface.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.2.x-fixes/systests/src/test/java/org/apache/cxf/systest/jaxrs/security/SecureBookStoreNoInterface.java?rev=795589&r1=795588&r2=795589&view=diff
==============================================================================
---
cxf/branches/2.2.x-fixes/systests/src/test/java/org/apache/cxf/systest/jaxrs/security/SecureBookStoreNoInterface.java
(original)
+++
cxf/branches/2.2.x-fixes/systests/src/test/java/org/apache/cxf/systest/jaxrs/security/SecureBookStoreNoInterface.java
Sun Jul 19 18:27:18 2009
@@ -22,7 +22,9 @@
import java.util.HashMap;
import java.util.Map;
+import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
+import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
@@ -42,6 +44,16 @@
books.put(book.getId(), book);
}
+ @POST
+ @Path("/bookforms")
+ @Secured({"ROLE_USER", "ROLE_ADMIN" })
+ public Book getBookFromFormParams(@FormParam("name") String name,
@FormParam("id") long id) {
+ if (name == null || id == 0) {
+ throw new RuntimeException("FormParams are not set");
+ }
+ return new Book(name, id);
+ }
+
@GET
@Path("/thosebooks/{bookId}/{id}")
@Produces("application/xml")
