Re: is CXF Oauth2 Services can be used as Singleton ?

Tue, 17 Mar 2015 12:02:47 -0700 

Hi
The context fields are in fact thread safe proxies, so yes, when you have them injected into singletons it is all thread safe. 


In some internal code (which is not expected to be portable) I just 
avoided writing the pure JAX-RS context code, that is all..


Thanks, Sergey


On 17/03/15 12:47, Venkata Pavan Kumar Sannisetty wrote:

Hi ,
I have configured CXF OAuth2 services such as AuthorizationCodeGrantService, 
ImplicitGrantService, AccessTokenService registered using spring configuration. 
While going through how to configure these services using spring XML i have 
found that the service beans which are referenced directly from the 
jaxrs:server endpoint declarations are treated by the runtime as singleton 
JAX-RS root resources.  
(http://cxf.apache.org/docs/jaxrs-services-configuration.html#JAXRSServicesConfiguration-JAXRSServicesConfiguration-FromSpring)
Example:
        <bean id="authCodeGrantService" class="org.apache.cxf.rs.security.oauth2.services.AuthorizationCodeGrantService" 
parent="redirectionBasedOAuth2Service">    </bean>           <bean id="implicitGrantService" 
class="org.apache.cxf.rs.security.oauth2.services.ImplicitGrantService" parent="redirectionBasedOAuth2Service">     </bean>
       <jaxrs:server id="oauthServer" address="/">            <jaxrs:serviceBeans>                      <ref 
bean="authCodeGrantService"/>                      <ref bean="implicitGrantService"/>              </jaxrs:serviceBeans>             
<jaxrs:providers>                 <ref bean="jsonProvider"/>              </jaxrs:providers>        </jaxrs:server>The above code snippet creates a 
singleton resources of both authCodeGrantService and implicitGrantService. But when looking at the source code of these two services i found these two services have been using 
MessageContext cxf class which is per request specific and it is used as a member variable in AbstractOAuthService.
If MessageContext class is per request specific and it is a member variable the 
service can't be used as singleton. Please correct me if i am wrong as i am new 
to cxf.  AbstractOAuthservice is the baseclass for 
AuthorizationCodeGrantService, ImplicitGrantService, AccessTokenService and 
TokenRevocationService.
At the same time i have looked at the source code of 
AbstractAccessTokenValidator which is also using MessageContext as member 
variable but in the get method  it is a bit different.
public MessageContext getMessageContext() {        return mc != null ? mc : new 
MessageContextImpl(PhaseInterceptorChain.getCurrentMessage());    }
I just wanted to know whether these services can be used as singletons or not ? 
If this should a bug/enhancement please let me know so that i can flag for the 
same.
Thanks,Pavan.P.S: CXF Rocks                                     

























					Reply via email to