[prev in list] [next in list] [prev in thread] [next in thread]
List: wsf-c-dev
Subject: Re: [Dev] Access list of HTTP methods associated with resource path in Interceptor level
From: Renuka Fernando <renuka () wso2 ! com>
Date: 2018-02-26 5:23:10
Message-ID: CA+rtw018bUASwU=q23HpQG4e5je+NOtsz78TfFRbat4LNHh-aw () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hi All,
The above requirement for the feature "Multi-Environment Support" for API
Manager 3.0.0 is resolved by reading the swagger definition [1]. Defined
HTTP methods for the resource path is read from the swagger file and set it
to the "Access-Control-Allow-Methods" header.
[1]
https://github.com/wso2/carbon-apimgt/pulhttps://github.com/wso2/carbon-apimgt/pull/5095l/5095
<https://github.com/wso2/carbon-apimgt/pull/5095>
Thanks and regards
On 22 November 2017 at 15:11, Renuka Fernando <renuka@wso2.com> wrote:
> Hi All,
>
> The feature "Environment Support" for API Manager requires making CORS
> requests.
>
> In CORS preflight requests browser sends request method with "
> Access-Control-Request-Method" header. The server should respond allowed
> HTTP methods with "Access-Control-Allow-Methods" header. In order to set
> the header, the request method should be validated by checking whether
> the request method is within HTTP methods associated with the resource path.
>
> In interceptor level these http methods (http methods associate with the
> resource path) are not accessible.
>
> org.wso2.msf4j.Interceptor
>
> preCall method.
>
> response.setHeader("Access-Control-Allow-Methods", allowedMethods);
>
> These http methods can be found in org.wso2.msf4j.internal.
> MSF4JMessageProcessor dispatchMethod method.
>
> resourceModel.httpMethods
>
> Can the preCall method in org.wso2.msf4j.Interceptor to be improved to
> extract Http-Methods associate with the Resource-Path in interceptor level.
>
> Regards,
>
> --
> *Renuka Fernando*
> Software Engineering Intern | WSO2 Inc
>
> Email : renuka@wso2.com
> Mobile : +94 76 667 8752 <+94%2076%20667%208752>
> Web : http://wso2.com
> <http://wso2.com/signature>
>
--
*Renuka Fernando*
Software Engineering Intern | WSO2 Inc
Email : renuka@wso2.com
Mobile : +94 76 667 8752
Web : http://wso2.com
<http://wso2.com/signature>
[Attachment #5 (text/html)]
<div dir="ltr">Hi All,<div><br></div><div>The above requirement for the feature \
"Multi-Environment Support" for API Manager 3.0.0 is resolved by reading \
the swagger definition [1]. Defined HTTP methods for the resource path is read from \
the swagger file and set it to the "<span \
style="color:rgb(0,0,0);font-family:"Ubuntu \
Mono";font-size:14.6667px;font-style:normal;font-variant-ligatures:normal;font-va \
riant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0 \
px;text-transform:none;white-space:pre-wrap;word-spacing:0px;background-color:rgb(217, \
217,217);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">Access-Control-Allow-Methods</span>" \
header.</div><div><br></div><div>[1] <a \
href="https://github.com/wso2/carbon-apimgt/pull/5095">https://github.com/wso2/carbon- \
apimgt/pulhttps://github.com/wso2/carbon-apimgt/pull/5095l/5095</a></div><div><br></div><div>Thanks \
and regards</div><div class="gmail_extra"><br><div class="gmail_quote">On 22 November \
2017 at 15:11, Renuka Fernando <span dir="ltr"><<a href="mailto:renuka@wso2.com" \
target="_blank">renuka@wso2.com</a>></span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div dir="ltr"><div><span \
id="m_4895719138249773671gmail-docs-internal-guid-38375c7c-e30e-c09a-4320-d2405051599e"><p \
dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span \
style="background-color:transparent;color:rgb(0,0,0);font-family:Arial;font-size:11pt;white-space:pre-wrap">Hi \
All,</span><br></p><br><p dir="ltr" \
style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span \
style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">The \
feature "Environment Support" for API Manager requires making CORS \
requests.</span></p><p dir="ltr" \
style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span \
style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">In \
CORS preflight requests browser sends </span><span \
style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:rgb(255,229,153);vertical-align:baseline;white-space:pre-wrap">request \
method</span><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"> \
with "</span><span style="font-size:11pt;font-family:"Ubuntu \
Mono";color:rgb(0,0,0);background-color:rgb(217,217,217);vertical-align:baseline;white-space:pre-wrap">Access-Control-Request-Method</span><span \
style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"><wbr>" \
header. The server should respond allowed HTTP methods with "</span><span \
style="font-size:11pt;font-family:"Ubuntu \
Mono";color:rgb(0,0,0);background-color:rgb(217,217,217);vertical-align:baseline;white-space:pre-wrap">Access-Control-Allow-Methods</span><span \
style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">" \
header. In order to set the header, the request method should be </span><span \
style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:rgb(255,229,153);vertical-align:baseline;white-space:pre-wrap">validated</span><span \
style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"> \
by checking whether the request method is within HTTP methods associated with the \
resource path.</span></p><br><p dir="ltr" \
style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span \
style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">In \
interceptor level these http methods (http methods associate with the resource path) \
are not accessible.</span></p><p dir="ltr" \
style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span \
style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"> \
</span><span style="font-size:11pt;font-family:"Ubuntu \
Mono";color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">org.wso2.msf4j.Interceptor</span></p><p \
dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span \
style="font-size:11pt;font-family:"Ubuntu \
Mono";color:rgb(0,0,0);background-color:rgb(255,229,153);vertical-align:baseline;white-space:pre-wrap">preCall</span><span \
style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"> \
method. </span></p><p dir="ltr" \
style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;text-indent:36pt"><span \
style="background-color:rgb(238,238,238)"><span \
style="font-size:11pt;font-family:"Ubuntu \
Mono";color:rgb(0,0,0);vertical-align:baseline;white-space:pre-wrap">response.setHeader(</span><span \
style="font-size:11pt;font-family:"Ubuntu \
Mono";color:rgb(0,128,0);font-weight:700;vertical-align:baseline;white-space:pre-wrap">"Access-<wbr>Control-Allow-Methods"</span><span \
style="font-size:11pt;font-family:"Ubuntu \
Mono";color:rgb(0,0,0);vertical-align:baseline;white-space:pre-wrap">, \
allowedMethods);</span></span></p><br><p dir="ltr" \
style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span \
style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">These \
http methods can be found in </span><span \
style="font-size:11pt;font-family:"Ubuntu \
Mono";color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">org.wso2.msf4j.internal.<wbr>MSF4JMessageProcessor</span><span \
style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"> \
</span><span style="font-size:11pt;font-family:"Ubuntu \
Mono";color:rgb(0,0,0);background-color:rgb(255,229,153);vertical-align:baseline;white-space:pre-wrap">dispatchMethod</span><span \
style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"> \
method.</span></p><p dir="ltr" \
style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;text-indent:36pt"><span \
style="font-size:11pt;font-family:"Ubuntu \
Mono";color:rgb(0,0,0);vertical-align:baseline;white-space:pre-wrap;background-color:rgb(238,238,238)">resourceModel.httpMethods</span></p><br><p \
dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span \
style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">Can \
the </span><span style="font-size:11pt;font-family:"Ubuntu \
Mono";color:rgb(0,0,0);background-color:rgb(255,229,153);vertical-align:baseline;white-space:pre-wrap">preCall</span><span \
style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"> \
method in </span><span style="font-size:11pt;font-family:"Ubuntu \
Mono";color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">org.wso2.msf4j.Interceptor \
to be</span><span style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap"> \
improved to extract Http-Methods associate with the Resource-Path in interceptor \
level.</span></p><br><p dir="ltr" \
style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span \
style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent;vertical-align:baseline;white-space:pre-wrap">Regards,</span></p><span \
class="HOEnZb"><font color="#888888"><div><span \
style="font-size:11pt;font-family:Arial;color:rgb(0,0,0);background-color:transparent; \
vertical-align:baseline;white-space:pre-wrap"><br></span></div></font></span></span></div><span \
class="HOEnZb"><font color="#888888">-- <br><div \
class="m_4895719138249773671gmail_signature"><div dir="ltr"><div><div \
dir="ltr"><b>Renuka Fernando</b><div>Software Engineering Intern | WSO2 \
Inc</div><div><br></div><div>Email : <a href="mailto:renuka@wso2.com" \
target="_blank">renuka@wso2.com</a></div><div>Mobile : <a \
href="tel:+94%2076%20667%208752" value="+94766678752" target="_blank">+94 76 667 \
8752</a></div><div>Web : <a href="http://wso2.com" \
target="_blank">http://wso2.com</a></div><div><a href="http://wso2.com/signature" \
target="_blank"><img \
src="http://c.content.wso2.com/signatures/wso2-signature-general.png"></a><br></div></div></div></div></div>
</font></span></div>
</blockquote></div><br><br clear="all"><div><br></div>-- <br><div \
class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div \
dir="ltr"><b>Renuka Fernando</b><div>Software Engineering Intern | WSO2 \
Inc</div><div><br></div><div>Email : <a href="mailto:renuka@wso2.com" \
target="_blank">renuka@wso2.com</a></div><div>Mobile : +94 76 667 8752</div><div>Web \
: <a href="http://wso2.com" target="_blank">http://wso2.com</a></div><div><a \
href="http://wso2.com/signature" target="_blank"><img \
src="http://c.content.wso2.com/signatures/wso2-signature-general.png"></a><br></div></div></div></div></div>
</div></div>
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic