Examples with Policy org.apache.knox.gateway.service.definition.Policy used on opensource projects

Example 1 with Policy

use of org.apache.knox.gateway.service.definition.Policy in project knox by apache.

the class ServiceDefinitionDeploymentContributor method contributeResource.

private void contributeResource(DeploymentContext context, Service service, Route binding, Map<String, String> filterParams) throws URISyntaxException {
    List<FilterParamDescriptor> params = new ArrayList<FilterParamDescriptor>();
    ResourceDescriptor resource = context.getGatewayDescriptor().addResource();
    resource.role(service.getRole());
    resource.pattern(binding.getPath());
    // add x-forwarded filter if enabled in config
    if (context.getGatewayConfig().isXForwardedEnabled()) {
        resource.addFilter().name(XFORWARDED_FILTER_NAME).role(XFORWARDED_FILTER_ROLE).impl(XForwardedHeaderFilter.class);
    }
    if (context.getGatewayConfig().isCookieScopingToPathEnabled()) {
        FilterDescriptor filter = resource.addFilter().name(COOKIE_SCOPING_FILTER_NAME).role(COOKIE_SCOPING_FILTER_ROLE).impl(CookieScopeServletFilter.class);
        filter.param().name(GatewayConfigImpl.HTTP_PATH).value(context.getGatewayConfig().getGatewayPath());
    }
    List<Policy> policyBindings = binding.getPolicies();
    if (policyBindings == null) {
        policyBindings = serviceDefinition.getPolicies();
    }
    if (policyBindings == null) {
        // add default set
        addDefaultPolicies(context, service, filterParams, params, resource);
    } else {
        addPolicies(context, service, filterParams, params, resource, policyBindings);
    }
    addDispatchFilter(context, service, resource, binding);
}

Example 2 with Policy

use of org.apache.knox.gateway.service.definition.Policy in project knox by apache.

the class ServiceDefinitionDeploymentContributor method addPolicies.

private void addPolicies(DeploymentContext context, Service service, Map<String, String> filterParams, List<FilterParamDescriptor> params, ResourceDescriptor resource, List<Policy> policyBindings) throws URISyntaxException {
    for (Policy policyBinding : policyBindings) {
        String role = policyBinding.getRole();
        if (role == null) {
            throw new IllegalArgumentException("Policy defined has no role for service " + service.getName());
        }
        role = role.trim().toLowerCase();
        if ("rewrite".equals(role)) {
            addRewriteFilter(context, service, filterParams, params, resource);
        } else if (topologyContainsProviderType(context, role)) {
            context.contributeFilter(service, resource, role, policyBinding.getName(), null);
        } else /* handle the case where topology has federation provider but service defines Anonymous authentication see KNOX-1197 */
        if (role.equalsIgnoreCase("authentication") && topologyContainsProviderType(context, "federation")) {
            context.contributeFilter(service, resource, role, policyBinding.getName(), null);
        }
    }
}

Example 3 with Policy

use of org.apache.knox.gateway.service.definition.Policy in project knox by apache.

the class ApplicationDeploymentContributor method contributeResource.

private void contributeResource(DeploymentContext context, Service service, Route binding, Map<String, String> filterParams) throws URISyntaxException {
    List<FilterParamDescriptor> params = new ArrayList<FilterParamDescriptor>();
    ResourceDescriptor resource = context.getGatewayDescriptor().addResource();
    resource.role(service.getRole());
    resource.pattern(binding.getPath());
    // add x-forwarded filter if enabled in config
    if (context.getGatewayConfig().isXForwardedEnabled()) {
        resource.addFilter().name(XFORWARDED_FILTER_NAME).role(XFORWARDED_FILTER_ROLE).impl(XForwardedHeaderFilter.class);
    }
    if (context.getGatewayConfig().isCookieScopingToPathEnabled()) {
        FilterDescriptor filter = resource.addFilter().name(COOKIE_SCOPING_FILTER_NAME).role(COOKIE_SCOPING_FILTER_ROLE).impl(CookieScopeServletFilter.class);
        filter.param().name(GatewayConfigImpl.HTTP_PATH).value(context.getGatewayConfig().getGatewayPath());
    }
    List<Policy> policyBindings = binding.getPolicies();
    if (policyBindings == null) {
        policyBindings = serviceDefinition.getPolicies();
    }
    if (policyBindings == null) {
        // add default set
        addDefaultPolicies(context, service, filterParams, params, resource);
    } else {
        addPolicies(context, service, filterParams, params, resource, policyBindings);
    }
}

Example 4 with Policy

use of org.apache.knox.gateway.service.definition.Policy in project knox by apache.

the class ApplicationDeploymentContributor method addPolicies.

private void addPolicies(DeploymentContext context, Service service, Map<String, String> filterParams, List<FilterParamDescriptor> params, ResourceDescriptor resource, List<Policy> policyBindings) throws URISyntaxException {
    for (Policy policyBinding : policyBindings) {
        String role = policyBinding.getRole();
        if (role == null) {
            throw new IllegalArgumentException("Policy defined has no role for service " + service.getName());
        }
        role = role.trim().toLowerCase();
        if ("rewrite".equals(role)) {
            addRewriteFilter(context, service, filterParams, params, resource);
        } else if (topologyContainsProviderType(context, role)) {
            context.contributeFilter(service, resource, role, policyBinding.getName(), null);
        }
    }
}