Commit 5bf7c83a authored by Andre Freyssinet's avatar Andre Freyssinet
Browse files

JORAM-336: no longer transmit authentication parameters in the URL.

The old JNDI API is temporary kept for compatibility reasons. The new
methods can be accessed adding '-fp' to the path of the method.
parent 145a63f5
......@@ -192,10 +192,200 @@ public class JndiService {
JmsContextService.logLinks(builder);
}
}
// Note: Temporary duplicates the createProducer and createConsumer methods to allow compatibility with old clients
// using TEXT_PLAIN in requests. The new API is accessible using the same URI adding "-fp" at the end.
@POST
@Path("/{destName}/"+ JmsService.JMS_CREATE_PROD)
@Produces(MediaType.TEXT_PLAIN)
@Consumes(MediaType.TEXT_PLAIN)
@Deprecated
public Response createProducerOld( // TODO: Removes this deprecated method
@Context HttpHeaders headers,
@PathParam("destName") String destName,
@QueryParam("client-id") String clientID,
@QueryParam("name") String prodName,
@DefaultValue(""+JMSContext.AUTO_ACKNOWLEDGE)@QueryParam("session-mode") int sessionMode,
@DefaultValue(""+Message.DEFAULT_DELIVERY_MODE)@QueryParam("persistent") int deliveryMode,
@DefaultValue(""+Message.DEFAULT_DELIVERY_DELAY)@QueryParam("delivery-delay") long deliveryDelay,
@QueryParam("correlation-id") String correlationID,
@DefaultValue(""+Message.DEFAULT_PRIORITY)@QueryParam("priority") int priority,
@DefaultValue(""+Message.DEFAULT_TIME_TO_LIVE)@QueryParam("time-to-live")long timeToLive,
@DefaultValue("0")@QueryParam("idle-timeout") long idleTimeout,
@QueryParam("user") String userName,
@QueryParam("password")String password,
@Context UriInfo uriInfo) {
if (logger.isLoggable(BasicLevel.INFO))
logger.log(BasicLevel.INFO, "POST: " + uriInfo.getAbsolutePathBuilder());
if (logger.isLoggable(BasicLevel.DEBUG))
logger.log(BasicLevel.DEBUG, "createProducer(" + headers + ", " + destName + ", " + clientID + ", " + prodName + ", " +
sessionMode + ", " + deliveryMode + ", " + deliveryDelay + ", " + correlationID + ", " + priority + ", " + timeToLive + ", " +
idleTimeout + ", " + userName + ", " + uriInfo + ")");
Response.ResponseBuilder builder = null;
try {
String prodId = null;
try {
// lookup the destination
Destination dest = helper.lookupDestination(destName);
// create the producer
prodId = helper.createProducer(userName, password, clientID, prodName, dest, sessionMode,
deliveryMode, deliveryDelay, correlationID, priority, timeToLive, destName, (dest instanceof Queue), idleTimeout);
} catch (Exception e) {
if (logger.isLoggable(BasicLevel.WARN))
logger.log(BasicLevel.WARN, e);
if (e instanceof JMSSecurityRuntimeException)
builder = Response.status(Response.Status.UNAUTHORIZED).entity(e.toString());
else
builder = Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(e.toString());
return builder.build();
}
builder = Response.status(Response.Status.CREATED);
// link send message
UriBuilder nextBuilder = UriBuilder.fromUri(uriInfo.getBaseUri()).path(JmsContextService.CONTEXT).path(prodId);
builder.link(nextBuilder.build(), JmsContextService.CONTEXT_SEND);
// link send next message
SessionContext prodCtx = helper.getSessionCtx(prodId);
long id = prodCtx.getLastId() + 1;
nextBuilder = UriBuilder.fromUri(uriInfo.getBaseUri()).path(JmsContextService.CONTEXT).path(prodId).path(""+id);
builder.link(nextBuilder.build(), JmsContextService.CONTEXT_SEND_NEXT);
// link delete producer
nextBuilder = UriBuilder.fromPath(uriInfo.getBaseUri().toString()).path(JmsService.JMS).path(prodId);
builder.link(nextBuilder.build(), "close-" + JmsContextService.CONTEXT);
if (prodCtx.getJmsContext().getTransacted()) {
// link commit message
nextBuilder = UriBuilder.fromUri(uriInfo.getBaseUri()).path(JmsContextService.CONTEXT).path(prodId).path(JmsContextService.CONTEXT_COMMIT);
builder.link(nextBuilder.build(), JmsContextService.CONTEXT_COMMIT);
// link rollback message
nextBuilder = UriBuilder.fromUri(uriInfo.getBaseUri()).path(JmsContextService.CONTEXT).path(prodId).path(JmsContextService.CONTEXT_ROLLBACK);
builder.link(nextBuilder.build(), JmsContextService.CONTEXT_ROLLBACK);
}
return builder.build();
} finally {
JmsContextService.logLinks(builder);
}
}
// Note: Temporary duplicates the createProducer and createConsumer methods to allow compatibility with old clients
// using TEXT_PLAIN in requests. The new API is accessible using the same URI adding "-fp" at the end.
@POST
@Path("/{destName}/"+ JmsService.JMS_CREATE_CONS)
@Produces(MediaType.TEXT_PLAIN)
@Consumes(MediaType.TEXT_PLAIN)
@Deprecated
public Response createConsumerOld( // TODO: Removes this deprecated method
@Context HttpHeaders headers,
@PathParam("destName") String destName,
@QueryParam("client-id") String clientID,
@QueryParam("name") String consName,
@DefaultValue(""+JMSContext.AUTO_ACKNOWLEDGE)@QueryParam("session-mode") int sessionMode,
@QueryParam("selector") String messageSelector,
@DefaultValue("false")@QueryParam("no-local") boolean noLocal,
@DefaultValue("false")@QueryParam("durable") boolean durable,
@DefaultValue("false")@QueryParam("shared") boolean shared,
@QueryParam("sub-name") String subName,
@DefaultValue("0")@QueryParam("idle-timeout") long idleTimeout,
@QueryParam("user") String userName,
@QueryParam("password")String password,
@Context UriInfo uriInfo) {
if (logger.isLoggable(BasicLevel.INFO))
logger.log(BasicLevel.INFO, "POST: " + uriInfo.getAbsolutePathBuilder());
if (logger.isLoggable(BasicLevel.DEBUG))
logger.log(BasicLevel.DEBUG, "createConsumer(" + headers + ", " + destName + ", " + clientID + ", " + consName + ", " +
sessionMode + ", " + messageSelector + ", " + noLocal + ", " + durable + ", " + shared + ", " + subName + ", " +
idleTimeout + ", " + userName + ", " + uriInfo + ")");
Response.ResponseBuilder builder = null;
try {
String consId = null;
try {
// lookup the destination
Destination dest = helper.lookupDestination(destName);
// create the consumer
consId = helper.createConsumer(userName, password, clientID, consName, dest, sessionMode, messageSelector,
noLocal, durable, shared, subName, destName, (dest instanceof Queue), idleTimeout);
} catch (Exception e) {
if (logger.isLoggable(BasicLevel.WARN))
logger.log(BasicLevel.WARN, e);
if (e instanceof JMSSecurityRuntimeException)
builder = Response.status(Response.Status.UNAUTHORIZED).entity(e.toString());
else
builder = Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(e.toString());
return builder.build();
}
builder = Response.status(Response.Status.CREATED);
// link consume message
UriBuilder nextBuilder = UriBuilder.fromUri(uriInfo.getBaseUri()).path(JmsContextService.CONTEXT).path(consId);
builder.link(nextBuilder.build(), JmsContextService.CONTEXT_CONSUME);
// link consume next message
SessionContext consCtx = helper.getSessionCtx(consId);
long id = consCtx.getLastId() + 1;
nextBuilder = UriBuilder.fromUri(uriInfo.getBaseUri()).path(JmsContextService.CONTEXT).path(consId).path(""+id);
builder.link(nextBuilder.build(), JmsContextService.CONTEXT_CONSUME_NEXT);
// link delete consumer
nextBuilder = UriBuilder.fromPath(uriInfo.getBaseUri().toString()).path(JmsService.JMS).path(consId);
builder.link(nextBuilder.build(), "close-" + JmsContextService.CONTEXT);
if (consCtx.getJmsContext().getTransacted()) {
// link commit consumer message
nextBuilder = UriBuilder.fromUri(uriInfo.getBaseUri()).path(JmsContextService.CONTEXT).path(consId).path(JmsContextService.CONTEXT_COMMIT);
builder.link(nextBuilder.build(), JmsContextService.CONTEXT_COMMIT);
// link rollback consumer message
nextBuilder = UriBuilder.fromUri(uriInfo.getBaseUri()).path(JmsContextService.CONTEXT).path(consId).path(JmsContextService.CONTEXT_ROLLBACK);
builder.link(nextBuilder.build(), JmsContextService.CONTEXT_ROLLBACK);
}
return builder.build();
} finally {
JmsContextService.logLinks(builder);
}
}
// Note: Temporary renames the new create-producer and create-consumer methods.
/**
* Creates a producer through the JNDI Rest API.
*
* @param headers
* @param destName
* @param clientID
* @param prodName
* @param sessionMode
* @param deliveryMode
* @param deliveryDelay
* @param correlationID
* @param priority
* @param timeToLive
* @param idleTimeout
* @param userName
* @param password
* @param uriInfo
* @return
*/
@POST
@Path("/{destName}/"+ JmsService.JMS_CREATE_PROD + "-fp") // TODO: Removes the suffix
@Produces(MediaType.TEXT_PLAIN)
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
public Response createProducer(
@Context HttpHeaders headers,
......@@ -284,11 +474,32 @@ public class JndiService {
}
}
/**
* Creates a consumer through the JNDI Rest API.
*
* @param headers
* @param destName
* @param clientID
* @param consName
* @param sessionMode
* @param messageSelector
* @param noLocal
* @param durable
* @param shared
* @param subName
* @param idleTimeout
* @param userName
* @param password
* @param userName2
* @param password2
* @param uriInfo
* @return
*/
@POST
@Path("/{destName}/"+ JmsService.JMS_CREATE_CONS)
@Path("/{destName}/"+ JmsService.JMS_CREATE_CONS + "-fp") // TODO: Removes the suffix
@Produces(MediaType.TEXT_PLAIN)
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
public Response createConsumerNew(
public Response createConsumer(
@Context HttpHeaders headers,
@PathParam("destName") String destName,
@QueryParam("client-id") String clientID,
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment