[509735] Improve sirius server

Allow to configure CORS on sirius server. Bug: 509735 Change-Id: Ibaba8a4c4274decfd114a4afbbac33f39ee67a65 Signed-off-by: Guillaume Coutable <guillaume.coutable@obeo.fr>
author: Guillaume Coutable 2018-05-22 11:48:08 +0000
committer: Guillaume Coutable 2018-05-25 12:44:09 +0000
commit: 26c8fe0dacb847cf7ab64be71c834f6aa2f2aced (patch)
tree: 9bf1707341d1170e36bacdca10e4b52e030050e4
parent: 8eba1a5be79a91bbeb440a2c59b0c749b7fc6e3a (diff)
download: org.eclipse.sirius-26c8fe0dacb847cf7ab64be71c834f6aa2f2aced.tar.gz
org.eclipse.sirius-26c8fe0dacb847cf7ab64be71c834f6aa2f2aced.tar.xz
org.eclipse.sirius-26c8fe0dacb847cf7ab64be71c834f6aa2f2aced.zip
2 files changed, 47 insertions, 1 deletions
diff --git a/plugins/org.eclipse.sirius.server.backend/META-INF/MANIFEST.MF b/plugins/org.eclipse.sirius.server.backend/META-INF/MANIFEST.MF
index 2b4976f035..649a8e2aa4 100644
--- a/plugins/org.eclipse.sirius.server.backend/META-INF/MANIFEST.MF
+++ b/plugins/org.eclipse.sirius.server.backend/META-INF/MANIFEST.MF
@@ -22,7 +22,8 @@ Require-Bundle: org.eclipse.core.runtime;bundle-version="3.8.0",
  org.eclipse.sirius.workflow.model;bundle-version="6.0.0",
  org.eclipse.sirius.ecore.extender;bundle-version="6.0.0",
  org.eclipse.emf.transaction;bundle-version="1.9.0",
- org.eclipse.sirius.common;bundle-version="6.0.0"
+ org.eclipse.sirius.common;bundle-version="6.0.0",
+ org.eclipse.jetty.servlets;bundle-version="[9.0.0,10.0.0)"
 Bundle-Localization: plugin
 Export-Package: org.eclipse.sirius.server.backend.internal;x-friends:="org.eclipse.sirius.tests.server.backend",
  org.eclipse.sirius.server.backend.internal.services.activities;x-internal:=true,
diff --git a/plugins/org.eclipse.sirius.server.backend/src/org/eclipse/sirius/server/backend/internal/SiriusServerBackendConfigurator.java b/plugins/org.eclipse.sirius.server.backend/src/org/eclipse/sirius/server/backend/internal/SiriusServerBackendConfigurator.java
index 8393c2a3bb..912c40d648 100644
--- a/plugins/org.eclipse.sirius.server.backend/src/org/eclipse/sirius/server/backend/internal/SiriusServerBackendConfigurator.java
+++ b/plugins/org.eclipse.sirius.server.backend/src/org/eclipse/sirius/server/backend/internal/SiriusServerBackendConfigurator.java
@@ -18,7 +18,9 @@ import javax.servlet.SessionCookieConfig;
 import org.eclipse.jetty.server.Handler;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.server.handler.HandlerCollection;
+import org.eclipse.jetty.servlet.FilterHolder;
 import org.eclipse.jetty.servlet.ServletContextHandler;
+import org.eclipse.jetty.servlets.CrossOriginFilter;
 import org.eclipse.sirius.server.api.ISiriusServerConfigurator;
 
 /**
@@ -29,6 +31,30 @@ import org.eclipse.sirius.server.api.ISiriusServerConfigurator;
 public class SiriusServerBackendConfigurator implements ISiriusServerConfigurator {
 
     /**
+     * The constant used specified allowed methods. Expects a list of string
+     * with comma separated values.
+     */
+    private static final String ALLOWED_METHODS = "org.eclipse.sirius.server.cors.allowed.methods"; //$NON-NLS-1$
+
+    /**
+     * The constant used specified allowed headers. Expects a list of string
+     * with comma separated values.
+     */
+    private static final String ALLOWED_HEADERS = "org.eclipse.sirius.server.cors.allowed.headers"; //$NON-NLS-1$
+
+    /**
+     * The constant used specified allowed origins. Expects a list of string
+     * with comma separated values.
+     */
+    private static final String ALLOWED_ORIGINS = "org.eclipse.sirius.server.cors.allowed.origins"; //$NON-NLS-1$
+
+    /**
+     * The constant used to determine if Cross Origin Resource Sharing are
+     * enabled or not. Expects a boolean.
+     */
+    private static final String ALLOW_CORS = "org.eclipse.sirius.server.cors.enabled"; //$NON-NLS-1$
+
+    /**
      * The context path of the Sirius back-end.
      */
     private static final String CONTEXT_PATH = "/api"; //$NON-NLS-1$
@@ -46,6 +72,25 @@ public class SiriusServerBackendConfigurator implements ISiriusServerConfigurato
         SessionCookieConfig sessionCookieConfig = servletContextHandler.getServletContext().getSessionCookieConfig();
         sessionCookieConfig.setHttpOnly(true);
 
+        boolean allowCors = Boolean.parseBoolean(System.getProperty(ALLOW_CORS));
+        if (allowCors) {
+            FilterHolder cors = new FilterHolder();
+            String allowedOrigins = System.getProperty(ALLOWED_ORIGINS);
+            if (allowedOrigins != null) {
+                cors.setInitParameter(CrossOriginFilter.ALLOWED_ORIGINS_PARAM, allowedOrigins);
+            }
+            String allowedHeaders = System.getProperty(ALLOWED_HEADERS);
+            if (allowedHeaders != null) {
+                cors.setInitParameter(CrossOriginFilter.ALLOWED_HEADERS_PARAM, allowedHeaders);
+            }
+            String allowedMethods = System.getProperty(ALLOWED_METHODS);
+            if (allowedMethods != null) {
+                cors.setInitParameter(CrossOriginFilter.ALLOWED_METHODS_PARAM, allowedMethods);
+            }
+            cors.setFilter(new CrossOriginFilter());
+            servletContextHandler.addFilter(cors, "/*", EnumSet.of(DispatcherType.REQUEST, DispatcherType.ASYNC, DispatcherType.INCLUDE)); //$NON-NLS-1$
+        }
+
         servletContextHandler.addFilter(SiriusServerBackendFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST, DispatcherType.INCLUDE)); //$NON-NLS-1$
 
         Handler handler = server.getHandler();
author	Guillaume Coutable	2018-05-22 11:48:08 +0000
committer	Guillaume Coutable	2018-05-25 12:44:09 +0000
commit	26c8fe0dacb847cf7ab64be71c834f6aa2f2aced (patch)
tree	9bf1707341d1170e36bacdca10e4b52e030050e4
parent	8eba1a5be79a91bbeb440a2c59b0c749b7fc6e3a (diff)
download	org.eclipse.sirius-26c8fe0dacb847cf7ab64be71c834f6aa2f2aced.tar.gz org.eclipse.sirius-26c8fe0dacb847cf7ab64be71c834f6aa2f2aced.tar.xz org.eclipse.sirius-26c8fe0dacb847cf7ab64be71c834f6aa2f2aced.zip