use of org.apache.qpid.server.management.plugin.filter.AuthenticationCheckFilter in project qpid-broker-j by apache.
the class HttpManagement method createServer.
private Server createServer(Collection<HttpPort<?>> ports) {
LOGGER.debug("Starting up web server on {}", ports);
_jettyServerExecutor = Executors.newSingleThreadExecutor(new DaemonThreadFactory("Jetty-Server-Thread"));
Server server = new Server(new ExecutorThreadPool(_jettyServerExecutor));
int lastPort = -1;
for (HttpPort<?> port : ports) {
ServerConnector connector = createConnector(port, server);
connector.addBean(new ConnectionTrackingListener());
server.addConnector(connector);
_portConnectorMap.put(port, connector);
lastPort = port.getPort();
}
ServletContextHandler root = new ServletContextHandler(ServletContextHandler.SESSIONS);
root.setContextPath("/");
root.setCompactPath(true);
server.setHandler(root);
final ErrorHandler errorHandler = new ErrorHandler() {
@Override
protected void writeErrorPageBody(HttpServletRequest request, Writer writer, int code, String message, boolean showStacks) throws IOException {
String uri = request.getRequestURI();
writeErrorPageMessage(request, writer, code, message, uri);
for (int i = 0; i < 20; i++) writer.write("<br/> \n");
}
};
root.setErrorHandler(errorHandler);
// set servlet context attributes for broker and configuration
root.getServletContext().setAttribute(HttpManagementUtil.ATTR_BROKER, getBroker());
root.getServletContext().setAttribute(HttpManagementUtil.ATTR_MANAGEMENT_CONFIGURATION, this);
root.addFilter(new FilterHolder(new ExceptionHandlingFilter()), "/*", EnumSet.allOf(DispatcherType.class));
FilterHolder corsFilter = new FilterHolder(new CrossOriginFilter());
corsFilter.setInitParameter(CrossOriginFilter.ALLOWED_ORIGINS_PARAM, getCorsAllowOrigins());
corsFilter.setInitParameter(CrossOriginFilter.ALLOWED_METHODS_PARAM, Joiner.on(",").join(getCorsAllowMethods()));
corsFilter.setInitParameter(CrossOriginFilter.ALLOWED_HEADERS_PARAM, getCorsAllowHeaders());
corsFilter.setInitParameter(CrossOriginFilter.ALLOW_CREDENTIALS_PARAM, String.valueOf(getCorsAllowCredentials()));
root.addFilter(corsFilter, "/*", EnumSet.of(DispatcherType.REQUEST));
root.addFilter(new FilterHolder(new ForbiddingTraceFilter()), "/*", EnumSet.of(DispatcherType.REQUEST));
FilterHolder loggingFilter = new FilterHolder(new LoggingFilter());
root.addFilter(loggingFilter, "/api/*", EnumSet.of(DispatcherType.REQUEST));
root.addFilter(loggingFilter, "/service/*", EnumSet.of(DispatcherType.REQUEST));
FilterHolder restAuthorizationFilter = new FilterHolder(new AuthenticationCheckFilter());
restAuthorizationFilter.setInitParameter(AuthenticationCheckFilter.INIT_PARAM_ALLOWED, "/service/sasl");
root.addFilter(restAuthorizationFilter, "/api/*", EnumSet.of(DispatcherType.REQUEST));
root.addFilter(restAuthorizationFilter, "/apidocs/*", EnumSet.of(DispatcherType.REQUEST));
root.addFilter(restAuthorizationFilter, "/service/*", EnumSet.of(DispatcherType.REQUEST));
root.addFilter(new FilterHolder(new InteractiveAuthenticationFilter()), "/index.html", EnumSet.of(DispatcherType.REQUEST));
root.addFilter(new FilterHolder(new InteractiveAuthenticationFilter()), "/", EnumSet.of(DispatcherType.REQUEST));
FilterHolder redirectFilter = new FilterHolder(new RedirectFilter());
redirectFilter.setInitParameter(RedirectFilter.INIT_PARAM_REDIRECT_URI, "/index.html");
root.addFilter(redirectFilter, "/login.html", EnumSet.of(DispatcherType.REQUEST));
if (_serveUncompressedDojo) {
root.addFilter(RewriteRequestForUncompressedJavascript.class, "/dojo/dojo/*", EnumSet.of(DispatcherType.REQUEST));
root.addFilter(RewriteRequestForUncompressedJavascript.class, "/dojo/dojox/*", EnumSet.of(DispatcherType.REQUEST));
}
addRestServlet(root);
ServletHolder queryServlet = new ServletHolder(new BrokerQueryServlet());
root.addServlet(queryServlet, "/api/latest/querybroker/*");
root.addServlet(queryServlet, "/api/v" + BrokerModel.MODEL_VERSION + "/querybroker/*");
ServletHolder vhQueryServlet = new ServletHolder(new VirtualHostQueryServlet());
root.addServlet(vhQueryServlet, "/api/latest/queryvhost/*");
root.addServlet(vhQueryServlet, "/api/v" + BrokerModel.MODEL_VERSION + "/queryvhost/*");
ServletHolder apiDocsServlet = new ServletHolder(new ApiDocsServlet());
final ServletHolder rewriteSerlvet = new ServletHolder(new RewriteServlet("^(.*)$", "$1/"));
for (String path : new String[] { "/apidocs", "/apidocs/latest", "/apidocs/" + getLatestSupportedVersion() }) {
root.addServlet(rewriteSerlvet, path);
root.addServlet(apiDocsServlet, path + "/");
}
root.addServlet(new ServletHolder(new StructureServlet()), "/service/structure");
root.addServlet(new ServletHolder(new QueueReportServlet()), "/service/queuereport/*");
root.addServlet(new ServletHolder(new MetaDataServlet()), "/service/metadata");
root.addServlet(new ServletHolder(new SaslServlet()), "/service/sasl");
root.addServlet(new ServletHolder(new RootServlet("/", "/apidocs/", "index.html")), "/");
root.addServlet(new ServletHolder(new LogoutServlet()), "/logout");
root.addServlet(new ServletHolder(new FileServlet(DojoHelper.getDojoPath(), true)), "/dojo/dojo/*");
root.addServlet(new ServletHolder(new FileServlet(DojoHelper.getDijitPath(), true)), "/dojo/dijit/*");
root.addServlet(new ServletHolder(new FileServlet(DojoHelper.getDojoxPath(), true)), "/dojo/dojox/*");
root.addServlet(new ServletHolder(new FileServlet(DojoHelper.getDgridPath(), true)), "/dojo/dgrid/*");
root.addServlet(new ServletHolder(new FileServlet(DojoHelper.getDstorePath(), true)), "/dojo/dstore/*");
for (String pattern : STATIC_FILE_TYPES) {
root.addServlet(new ServletHolder(new FileServlet()), pattern);
}
root.addServlet(new ServletHolder(new TimeZoneServlet()), "/service/timezones");
root.getSessionHandler().getSessionCookieConfig().setName(JSESSIONID_COOKIE_PREFIX + lastPort);
root.getSessionHandler().getSessionCookieConfig().setHttpOnly(true);
root.getSessionHandler().setMaxInactiveInterval(getSessionTimeout());
return server;
}
Aggregations