Could you put together a quickstart based on the simpleapp archetype, explaining how to reproduce the issue, and make available via github?
Thx Dan On Fri, 5 May 2017 at 05:46 Anisha Jaiswal <[email protected]> wrote: > Hi, > > I am so sorry I could not reply earlier. The web service is working > now.There was fault in the way I was calling it. > But there is one thing though. I need to pass the 'Authorization' property > in the header though. > I want to make it work like the 'passThru' parameter works for request > being sent to 'restful/swagger' uri. > > In order to implement that i extended > the AuthenticationSessionStrategyBasicAuth class as follows: > > public class CustomAuthenticationSessionStrategy extends > AuthenticationSessionStrategyBasicAuth { > > @Override > public AuthenticationSession lookupValid(final HttpServletRequest > httpServletRequest, final HttpServletResponse httpServletResponse) { > String requestURI = httpServletRequest.getRequestURI(); > > if("/restful/services/Authorization/actions/isAuthorized/invoke".equalsIgnoreCase(requestURI)){ > AuthenticationSessionStrategyTrusted strategy = new > AuthenticationSessionStrategyTrusted(); > AuthenticationSession session = strategy.lookupValid(httpServletRequest, > httpServletResponse); > > return session; > } else { > return super.lookupValid(httpServletRequest, httpServletResponse); > } > } > } > > And then i replaced the class AuthenticationSessionStrategyBasicAuth with > this class in web.xml. > > But this does not work. > Gives me a 404 error. > > Please let me know where I am going wrong. > > Thanks for your time. > > Regards, > Anisha > > > On Thu, Apr 27, 2017 at 8:47 PM, Dan Haywood <[email protected] > > > wrote: > > > Hi Anisha, > > > > Could you put together an example app on github demonstrating the issue? > > > > But also, you could perhaps use the "passThru" setting, as used by the > > swagger service: > > > > <filter> > > <filter-name>IsisSessionFilterForRestfulObjects</filter-name> > > <filter-class>org.apache.isis.core.webapp.IsisSessionFilter< > > /filter-class> > > <!-- authentication required for REST --> > > <init-param> > > <param-name>authenticationSessionStrategy</param-name> > > <param-value>org.apache.isis.viewer.restfulobjects.server. > > authentication.AuthenticationSessionStrategyBasicAuth</param-value> > > </init-param> > > <init-param> > > <!-- what to do if no session was found... --> > > <param-name>whenNoSession</param-name> > > <!-- ... 401 and a basic authentication challenge if request > > originates from web browser --> > > <param-value>auto</param-value> > > </init-param> > > <init-param> > > <param-name>passThru</param-name> > > <param-value>/restful/swagger</param-value> > > </init-param> > > </filter> > > > > > > This provides an alternative way to hit a JAXRS resource without a > session. > > > > HTH > > Dan > > > > > > On Thu, 27 Apr 2017 at 11:14 Anisha Jaiswal <[email protected]> > > wrote: > > > > > Hi, > > > > > > Thanks for the reply. > > > > > > I am getting the HTTP status code 404 - resource not found. > > > > > > I found out that if i deploy my application with the ROOT context path > > the > > > web service works, but if i deploy it with some other context path then > > it > > > does not. The swagger UI still tries to access the rest web service > with > > > the ROOT context path. Is there a way to configure the context path of > an > > > isis application. > > > > > > Providing the context as follows in tomcat\conf\Catalina\localhost also > > > does not help: > > > > > > <Context > > > docBase="../my-app-folder/myAppwar" > > > antiResourceLocking="false" privileged="true" path="/myApp" /> > > > > > > Thanks for your time ! > > > > > > Regards, > > > Anisha > > > > > > > > > 2017-04-26 13:40 GMT+05:30 Rade, Joerg / Kuehne + Nagel / Ham GI-DP < > > > [email protected]>: > > > > > > > Hi Anisha, > > > > > > > > what kind of response do you get? > > > > > > > > Could be related to [1]. > > > > > > > > -j > > > > [1] https://issues.apache.org/jira/browse/ISIS-1572 > > > > -----Ursprüngliche Nachricht----- > > > > Von: Anisha Jaiswal [mailto:[email protected]] > > > > Gesendet: Dienstag, 25. April 2017 14:38 > > > > An: [email protected] > > > > Betreff: REST Web service using Apache ISIS > > > > > > > > Hi, > > > > > > > > I am trying to implement a REST web service using Apache ISIS, but > > unable > > > > to do so. > > > > This is what my implementation looks like: > > > > > > > > @DomainService( > > > > nature = NatureOfService.VIEW_REST_ONLY > > > > ) > > > > @Path("/authorization") > > > > public class Authorization implements AuthorizationApiInterface{ > > > > > > > > @Override > > > > @Path("/isAuthorized") > > > > @POST > > > > @Action > > > > public Boolean isAuthorized(JSONObject jObj) { > > > > > > > > // some steps > > > > return true; > > > > } > > > > > > > > } > > > > > > > > Also i have overridden the AuthenticationSessionStrategyBasicAuth so > > as > > > > to be able to call this method when there is no valid session > object:- > > > > public class CustomAuthenticationSessionStrategy extends > > > > AuthenticationSessionStrategyBasicAuth { > > > > > > > > @Override > > > > public AuthenticationSession lookupValid(final HttpServletRequest > > > > httpServletRequest, final HttpServletResponse httpServletResponse) { > > > String > > > > requestURI = httpServletRequest.getRequestURI(); > > > > if("/admin/restful/authorization/isAuthorized". > > > > equalsIgnoreCase(requestURI)){ > > > > AuthenticationSessionStrategyTrusted strategy = new > > > > AuthenticationSessionStrategyTrusted(); > > > > AuthenticationSession session = strategy.lookupValid( > > httpServletRequest, > > > > httpServletResponse); > > > > return session; > > > > } else { > > > > return super.lookupValid(httpServletRequest, httpServletResponse); } > > } } > > > > > > > > The new CustomAuthenticationSessionStrategy has replaced > > > > AuthenticationSessionStrategyBasicAuth in web.xml > > > > > > > > Also extended RestfulObjectsApplication:- public class > > > > CustomRestfulObjectsApplication extends RestfulObjectsApplication { > > > > > > > > public CustomRestfulObjectsApplication() { > > > > addClass(Authorization.class); > > > > } > > > > } > > > > And replced it in web.xml. > > > > > > > > I am calling this api using the HttpURLConnection class. The url > passed > > > is > > > > http://localhost:8080/admin/restful/authorization/isAuthorized. > > > > > > > > Please let me know where I am going wrong. > > > > > > > > Thanks, > > > > Anisha > > > > > > > > Kühne + Nagel (AG & Co.) KG > > > > Rechtsform: Kommanditgesellschaft, Bremen HRA 21928, USt-IdNr.: DE > > > > 812773878. > > > > Geschäftsleitung Kühne + Nagel (AG & Co.) KG: Dr. Hansjörg Rodi > (Vors. > > ), > > > > Martin Brinkmann, Matthias Heimbach, Jan-Hendrik Köstergarten, > Nicholas > > > > Minde, Michael Nebel, Lars Wedel, Matthias Weiner. > > > > Persönlich haftende Gesellschafterin: Kühne & Nagel A.G., Rechtsform: > > > > Aktiengesellschaft nach luxemburgischem Recht, HR-Nr.: B 18745, > > > > Geschäftsführendes Verwaltungsratsmitglied: Karl Gernandt. > > > > Geschäftsleitung Region Zentral- und Osteuropa: Dr. Hansjörg Rodi > > > (Vors.), > > > > Thierry Held, Uwe Hött, Richard Huhn, Holger Ketz, Jan-Hendrik > > > > Köstergarten, Jan Kunze, Michael Nebel, Guillaume Sauzedde, Mustafa > > > Sener. > > > > > > > > Wir arbeiten ausschließlich auf Grundlage der Allgemeinen Deutschen > > > > Spediteurbedingungen 2017 (ADSp 2017). Hinweis: Die ADSp 2017 weichen > > in > > > > Ziffer 23 hinsichtlich des Haftungshöchstbetrages für Güterschäden (§ > > 431 > > > > HGB) vom Gesetz ab, indem sie die Haftung bei multimodalen > Transporten > > > > unter Einschluss einer Seebeförderung und bei unbekanntem Schadenort > > auf > > > 2 > > > > SZR/kg und im Übrigen die Regelhaftung von 8,33 SZR/kg zusätzlich auf > > > 1,25 > > > > Millionen Euro je Schadenfall sowie 2,5 Millionen Euro je > > > Schadenereignis, > > > > mindestens aber 2 SZR/kg, beschränken. Die ADSp sind auf unserer > > Webseite > > > > als Download erhältlich. Auf Anfrage senden wir Ihnen diese auch > gerne > > > zu. > > > > > > > > > >
