From 4ff5f9f7b0bca86f8b2d117f5ae6e72d63e5cdfb Mon Sep 17 00:00:00 2001 From: Roberto E. Escobar Date: Tue, 25 Mar 2014 12:59:18 -0700 Subject: feature[ats_0JVGP]: Add REST NoSecurityFilter annotation Add support for an annotation to mark resources that should not be processed by the REST security filter. Change-Id: Iabb695ee4aa8e8b05b38fe99b56d7777b37dee89 --- .../rest/admin/internal/RestComponentFactory.java | 12 +-------- .../filters/SecureResourceFilterFactory.java | 30 +++++++++++++++++----- 2 files changed, 25 insertions(+), 17 deletions(-) (limited to 'plugins/org.eclipse.osee.rest.admin') diff --git a/plugins/org.eclipse.osee.rest.admin/src/org/eclipse/osee/rest/admin/internal/RestComponentFactory.java b/plugins/org.eclipse.osee.rest.admin/src/org/eclipse/osee/rest/admin/internal/RestComponentFactory.java index 22b6943fa9b..e0676feb3b4 100644 --- a/plugins/org.eclipse.osee.rest.admin/src/org/eclipse/osee/rest/admin/internal/RestComponentFactory.java +++ b/plugins/org.eclipse.osee.rest.admin/src/org/eclipse/osee/rest/admin/internal/RestComponentFactory.java @@ -21,7 +21,6 @@ import org.eclipse.osee.rest.admin.internal.resources.ApplicationsResource; import org.osgi.framework.Bundle; import com.sun.jersey.api.core.DefaultResourceConfig; import com.sun.jersey.api.core.ResourceConfig; -import com.sun.jersey.spi.container.ContainerRequestFilter; import com.sun.jersey.spi.container.ResourceFilterFactory; import com.sun.jersey.spi.container.servlet.ServletContainer; @@ -33,7 +32,6 @@ public class RestComponentFactory { private final SecurityContextFilter securityContextFilter; private List defaultSingletonResources; - private List containerRequestFilters; public RestComponentFactory(Log logger, SecurityContextFilter securityContextFilter) { super(); @@ -41,15 +39,8 @@ public class RestComponentFactory { this.securityContextFilter = securityContextFilter; } - public List getRequestFilters() { - if (containerRequestFilters == null) { - containerRequestFilters = Collections. singletonList(securityContextFilter); - } - return containerRequestFilters; - } - public List getResourceFilterFactories() { - SecureResourceFilterFactory filterFactory = new SecureResourceFilterFactory(securityContextFilter); + SecureResourceFilterFactory filterFactory = new SecureResourceFilterFactory(logger, securityContextFilter); return Collections. singletonList(filterFactory); } @@ -70,7 +61,6 @@ public class RestComponentFactory { Map bundleMap = new ConcurrentHashMap(); ObjectProvider> provider = newBundleProvider(bundleMap); - config.getProperties().put(ResourceConfig.PROPERTY_CONTAINER_REQUEST_FILTERS, getRequestFilters()); config.getProperties().put(ResourceConfig.PROPERTY_RESOURCE_FILTER_FACTORIES, getResourceFilterFactories()); BundleHttpContext bundleContext = new BundleHttpContext(provider); diff --git a/plugins/org.eclipse.osee.rest.admin/src/org/eclipse/osee/rest/admin/internal/filters/SecureResourceFilterFactory.java b/plugins/org.eclipse.osee.rest.admin/src/org/eclipse/osee/rest/admin/internal/filters/SecureResourceFilterFactory.java index d74c31bea6f..95331a2d68a 100644 --- a/plugins/org.eclipse.osee.rest.admin/src/org/eclipse/osee/rest/admin/internal/filters/SecureResourceFilterFactory.java +++ b/plugins/org.eclipse.osee.rest.admin/src/org/eclipse/osee/rest/admin/internal/filters/SecureResourceFilterFactory.java @@ -12,6 +12,8 @@ package org.eclipse.osee.rest.admin.internal.filters; import java.util.ArrayList; import java.util.List; +import org.eclipse.osee.logger.Log; +import org.eclipse.osee.rest.model.NoSecurityFilter; import com.sun.jersey.api.container.filter.servlet.RolesAllowedResourceFilterFactory; import com.sun.jersey.api.model.AbstractMethod; import com.sun.jersey.spi.container.ResourceFilter; @@ -23,21 +25,37 @@ import com.sun.jersey.spi.container.ResourceFilter; */ public class SecureResourceFilterFactory extends RolesAllowedResourceFilterFactory { + private static final String SECURE = "SECURE"; + private static final String INSECURE = "SKIPPED"; + + private final Log logger; private final SecurityContextFilter securityContextFilter; - public SecureResourceFilterFactory(SecurityContextFilter securityContextFilter) { + public SecureResourceFilterFactory(Log logger, SecurityContextFilter securityContextFilter) { super(); + this.logger = logger; this.securityContextFilter = securityContextFilter; } @Override public List create(AbstractMethod am) { - List filters = super.create(am); - if (filters == null) { - filters = new ArrayList(); + List securityFilters = super.create(am); + if (securityFilters == null) { + securityFilters = new ArrayList(); + } else { + securityFilters = new ArrayList(securityFilters); + } + + boolean secure = isSecured(am); + if (secure) { + securityFilters.add(0, securityContextFilter); } - List securityFilters = new ArrayList(filters); - securityFilters.add(0, securityContextFilter); + logger.info("REST Security Filter: [%s] [%s]", secure ? SECURE : INSECURE, am); return securityFilters; } + + private boolean isSecured(AbstractMethod am) { + return !am.isAnnotationPresent(NoSecurityFilter.class) && // + !am.getResource().isAnnotationPresent(NoSecurityFilter.class); + } } \ No newline at end of file -- cgit v1.2.3