Hi,
I am so sorry I could not reply earlier. The web service is working
now.There was fault in the way I was calling it.
But there is one thing though. I need to pass the 'Authorization' property
in the header though.
I want to make it work like the 'passThru' parameter works for request
being sent to 'restful/swagger' uri.
In order to implement that i extended
the AuthenticationSessionStrategyBasicAuth class as follows:
public class CustomAuthenticationSessionStrategy extends
AuthenticationSessionStrategyBasicAuth {
@Override
public AuthenticationSession lookupValid(final HttpServletRequest
httpServletRequest, final HttpServletResponse httpServletResponse) {
String requestURI = httpServletRequest.getRequestURI();
if("/restful/services/Authorization/actions/isAuthorized/invoke".equalsIgnoreCase(requestURI)){
AuthenticationSessionStrategyTrusted strategy = new
AuthenticationSessionStrategyTrusted();
AuthenticationSession session = strategy.lookupValid(httpServletRequest,
httpServletResponse);
return session;
} else {
return super.lookupValid(httpServletRequest, httpServletResponse);
}
}
}
And then i replaced the class AuthenticationSessionStrategyBasicAuth with
this class in web.xml.
But this does not work.
Gives me a 404 error.
Please let me know where I am going wrong.
Thanks for your time.
Regards,
Anisha
On Thu, Apr 27, 2017 at 8:47 PM, Dan Haywood <[email protected]>
wrote:
> Hi Anisha,
>
> Could you put together an example app on github demonstrating the issue?
>
> But also, you could perhaps use the "passThru" setting, as used by the
> swagger service:
>
> <filter>
> <filter-name>IsisSessionFilterForRestfulObjects</filter-name>
> <filter-class>org.apache.isis.core.webapp.IsisSessionFilter<
> /filter-class>
> <!-- authentication required for REST -->
> <init-param>
> <param-name>authenticationSessionStrategy</param-name>
> <param-value>org.apache.isis.viewer.restfulobjects.server.
> authentication.AuthenticationSessionStrategyBasicAuth</param-value>
> </init-param>
> <init-param>
> <!-- what to do if no session was found... -->
> <param-name>whenNoSession</param-name>
> <!-- ... 401 and a basic authentication challenge if request
> originates from web browser -->
> <param-value>auto</param-value>
> </init-param>
> <init-param>
> <param-name>passThru</param-name>
> <param-value>/restful/swagger</param-value>
> </init-param>
> </filter>
>
>
> This provides an alternative way to hit a JAXRS resource without a session.
>
> HTH
> Dan
>
>
> On Thu, 27 Apr 2017 at 11:14 Anisha Jaiswal <[email protected]>
> wrote:
>
> > Hi,
> >
> > Thanks for the reply.
> >
> > I am getting the HTTP status code 404 - resource not found.
> >
> > I found out that if i deploy my application with the ROOT context path
> the
> > web service works, but if i deploy it with some other context path then
> it
> > does not. The swagger UI still tries to access the rest web service with
> > the ROOT context path. Is there a way to configure the context path of an
> > isis application.
> >
> > Providing the context as follows in tomcat\conf\Catalina\localhost also
> > does not help:
> >
> > <Context
> > docBase="../my-app-folder/myAppwar"
> > antiResourceLocking="false" privileged="true" path="/myApp" />
> >
> > Thanks for your time !
> >
> > Regards,
> > Anisha
> >
> >
> > 2017-04-26 13:40 GMT+05:30 Rade, Joerg / Kuehne + Nagel / Ham GI-DP <
> > [email protected]>:
> >
> > > Hi Anisha,
> > >
> > > what kind of response do you get?
> > >
> > > Could be related to [1].
> > >
> > > -j
> > > [1] https://issues.apache.org/jira/browse/ISIS-1572
> > > -----Ursprüngliche Nachricht-----
> > > Von: Anisha Jaiswal [mailto:[email protected]]
> > > Gesendet: Dienstag, 25. April 2017 14:38
> > > An: [email protected]
> > > Betreff: REST Web service using Apache ISIS
> > >
> > > Hi,
> > >
> > > I am trying to implement a REST web service using Apache ISIS, but
> unable
> > > to do so.
> > > This is what my implementation looks like:
> > >
> > > @DomainService(
> > > nature = NatureOfService.VIEW_REST_ONLY
> > > )
> > > @Path("/authorization")
> > > public class Authorization implements AuthorizationApiInterface{
> > >
> > > @Override
> > > @Path("/isAuthorized")
> > > @POST
> > > @Action
> > > public Boolean isAuthorized(JSONObject jObj) {
> > >
> > > // some steps
> > > return true;
> > > }
> > >
> > > }
> > >
> > > Also i have overridden the AuthenticationSessionStrategyBasicAuth so
> as
> > > to be able to call this method when there is no valid session object:-
> > > public class CustomAuthenticationSessionStrategy extends
> > > AuthenticationSessionStrategyBasicAuth {
> > >
> > > @Override
> > > public AuthenticationSession lookupValid(final HttpServletRequest
> > > httpServletRequest, final HttpServletResponse httpServletResponse) {
> > String
> > > requestURI = httpServletRequest.getRequestURI();
> > > if("/admin/restful/authorization/isAuthorized".
> > > equalsIgnoreCase(requestURI)){
> > > AuthenticationSessionStrategyTrusted strategy = new
> > > AuthenticationSessionStrategyTrusted();
> > > AuthenticationSession session = strategy.lookupValid(
> httpServletRequest,
> > > httpServletResponse);
> > > return session;
> > > } else {
> > > return super.lookupValid(httpServletRequest, httpServletResponse); }
> } }
> > >
> > > The new CustomAuthenticationSessionStrategy has replaced
> > > AuthenticationSessionStrategyBasicAuth in web.xml
> > >
> > > Also extended RestfulObjectsApplication:- public class
> > > CustomRestfulObjectsApplication extends RestfulObjectsApplication {
> > >
> > > public CustomRestfulObjectsApplication() {
> > > addClass(Authorization.class);
> > > }
> > > }
> > > And replced it in web.xml.
> > >
> > > I am calling this api using the HttpURLConnection class. The url passed
> > is
> > > http://localhost:8080/admin/restful/authorization/isAuthorized.
> > >
> > > Please let me know where I am going wrong.
> > >
> > > Thanks,
> > > Anisha
> > >
> > > Kühne + Nagel (AG & Co.) KG
> > > Rechtsform: Kommanditgesellschaft, Bremen HRA 21928, USt-IdNr.: DE
> > > 812773878.
> > > Geschäftsleitung Kühne + Nagel (AG & Co.) KG: Dr. Hansjörg Rodi (Vors.
> ),
> > > Martin Brinkmann, Matthias Heimbach, Jan-Hendrik Köstergarten, Nicholas
> > > Minde, Michael Nebel, Lars Wedel, Matthias Weiner.
> > > Persönlich haftende Gesellschafterin: Kühne & Nagel A.G., Rechtsform:
> > > Aktiengesellschaft nach luxemburgischem Recht, HR-Nr.: B 18745,
> > > Geschäftsführendes Verwaltungsratsmitglied: Karl Gernandt.
> > > Geschäftsleitung Region Zentral- und Osteuropa: Dr. Hansjörg Rodi
> > (Vors.),
> > > Thierry Held, Uwe Hött, Richard Huhn, Holger Ketz, Jan-Hendrik
> > > Köstergarten, Jan Kunze, Michael Nebel, Guillaume Sauzedde, Mustafa
> > Sener.
> > >
> > > Wir arbeiten ausschließlich auf Grundlage der Allgemeinen Deutschen
> > > Spediteurbedingungen 2017 (ADSp 2017). Hinweis: Die ADSp 2017 weichen
> in
> > > Ziffer 23 hinsichtlich des Haftungshöchstbetrages für Güterschäden (§
> 431
> > > HGB) vom Gesetz ab, indem sie die Haftung bei multimodalen Transporten
> > > unter Einschluss einer Seebeförderung und bei unbekanntem Schadenort
> auf
> > 2
> > > SZR/kg und im Übrigen die Regelhaftung von 8,33 SZR/kg zusätzlich auf
> > 1,25
> > > Millionen Euro je Schadenfall sowie 2,5 Millionen Euro je
> > Schadenereignis,
> > > mindestens aber 2 SZR/kg, beschränken. Die ADSp sind auf unserer
> Webseite
> > > als Download erhältlich. Auf Anfrage senden wir Ihnen diese auch gerne
> > zu.
> > >
> >
>
