Imementing a custom interceptor for REST end point
177 views
Skip to first unread message
Nestor Milyaev
Oct 21, 2016, 5:30:53 AM10/21/16
to Hippo Community
Good morning,
We have a specific requirement to check an environment variable upon serving a REST end point and if the environment=prod, we need to disable the end point (e.g. return a 403 error).
The end point is all implemented and works, the problem is to invoke an interceptor. Here's what I've got so far:
Interceptor:
Spring configuration: I've created a new file, spring-web.xml under the META-INF.hst-assembly.overrides folder (where the rest of my spring configurations are), with the following content, courtesy to [1]:
The commented out Resolves views selected for rendering by @Controllers to .jsp resources in the /WEB-INF/views directory block doesn't make much difference.
The errors I'm getting are of the kind:
Which to me looks like a Spring configuration problem.
What is a good way to wire up an interceptor or is there an alternative good way to intercept the REST invocation in Hippo-based application?
NB: Filter does not quite work since the interceptor should have an access to Spring configuration, and filters are not wired through Spring configuration.
[1]: http://www.journaldev.com/2676/spring-mvc-interceptor-example-handlerinterceptor-handlerinterceptoradapter
We have a specific requirement to check an environment variable upon serving a REST end point and if the environment=prod, we need to disable the end point (e.g. return a 403 error).
The end point is all implemented and works, the problem is to invoke an interceptor. Here's what I've got so far:
Interceptor:
public class ReportingApiAccessInterceptor extends HandlerInterceptorAdapter {
private ConfigLocator configLocator;
@Override
public boolean preHandle(HttpServletRequest request,
HttpServletResponse response, Object handler) throws Exception {
// do my stuff, using configLocator
return true;
}
}
Spring configuration: I've created a new file, spring-web.xml under the META-INF.hst-assembly.overrides folder (where the rest of my spring configurations are), with the following content, courtesy to [1]:
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/mvc"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
<!-- DispatcherServlet Context: defines this servlet's request-processing
infrastructure -->
<!-- Enables the Spring MVC @Controller programming model -->
<annotation-driven />
<!-- Resolves views selected for rendering by @Controllers to .jsp resources
in the /WEB-INF/views directory -->
<!--<beans:bean-->
<!--class="org.springframework.web.servlet.view.InternalResourceViewResolver">-->
<!--<beans:property name="prefix" value="/WEB-INF/" />-->
<!--<beans:property name="suffix" value=".*" />-->
<!--</beans:bean>-->
<!-- Configuring interceptors based on URI -->
<interceptors>
<interceptor>
<mapping path="/api/*" />
<beans:bean class="com.workangel.eap.filters.ReportingApiAccessInterceptor">
<beans:property name="configLocator" ref="configLocator" />
</beans:bean>
</interceptor>
</interceptors>
<context:component-scan base-package="com.workangel.eap.filters" />
</beans:beans>
The errors I'm getting are of the kind:
[WARNING] [talledLocalContainer] 21-Oct-2016 09:59:54.206 WARNING [localhost-startStop-1] org.apache.catalina.loader.WebappClassLoaderBase.clearReferencesThreads The web application [site] appears to have started a thread named [page_cache.data] but has failed to stop it. This is very likely to create a memory leak. Stack trace of thread:
[INFO] [talledLocalContainer] sun.misc.Unsafe.park(Native Method)
[INFO] [talledLocalContainer] java.util.concurrent.locks.LockSupport.parkNanos(LockSupport.java:215)
[INFO] [talledLocalContainer] java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.awaitNanos(AbstractQueuedSynchronizer.java:2078)
[INFO] [talledLocalContainer] java.util.concurrent.ScheduledThreadPoolExecutor$DelayedWorkQueue.take(ScheduledThreadPoolExecutor.java:1093)
[INFO] [talledLocalContainer] java.util.concurrent.ScheduledThreadPoolExecutor$DelayedWorkQueue.take(ScheduledThreadPoolExecutor.java:809)
[INFO] [talledLocalContainer] java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1067)
[INFO] [talledLocalContainer] java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1127)
[INFO] [talledLocalContainer] java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
[INFO] [talledLocalContainer] java.lang.Thread.run(Thread.java:745)
[WARNING] [talledLocalContainer] 21-Oct-2016 09:59:54.208 WARNING [localhost-startStop-1] org.apache.catalina.loader.WebappClassLoaderBase.clearReferencesThreads The web application [site] appears to have started a thread named [Statistics Thread-web-1] but has failed to stop it. This is very likely to create a memory leak. Stack trace of thread:
[INFO] [talledLocalContainer] sun.misc.Unsafe.park(Native Method)
[INFO] [talledLocalContainer] java.util.concurrent.locks.LockSupport.parkNanos(LockSupport.java:215)
[INFO] [talledLocalContainer] java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.awaitNanos(AbstractQueuedSynchronizer.java:2078)
[INFO] [talledLocalContainer] java.util.concurrent.ScheduledThreadPoolExecutor$DelayedWorkQueue.take(ScheduledThreadPoolExecutor.java:1093)
[INFO] [talledLocalContainer] java.util.concurrent.ScheduledThreadPoolExecutor$DelayedWorkQueue.take(ScheduledThreadPoolExecutor.java:809)
[INFO] [talledLocalContainer] java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1067)
[INFO] [talledLocalContainer] java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1127)
[INFO] [talledLocalContainer] java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
[INFO] [talledLocalContainer] java.lang.Thread.run(Thread.java:745)
[INFO] [talledLocalContainer] 21-Oct-2016 09:59:54.213 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployWAR Deployment of web application archive /home/nestor/Work/WorkAngel/trunk/EAP/target/tomcat8x/webapps/site.war has finished in 6,981 ms
[INFO] [talledLocalContainer] 21-Oct-2016 09:59:54.213 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployWAR Deploying web application archive /home/nestor/Work/WorkAngel/trunk/EAP/target/tomcat8x/webapps/cms.war
[INFO] [talledLocalContainer] 2016-10-21 09:59:54 JRebel: Directory '/home/nestor/Work/WorkAngel/trunk/EAP/cms/target/classes' will be monitored for changes.
[INFO] [talledLocalContainer] 2016-10-21 09:59:54 JRebel: Directory '/home/nestor/Work/WorkAngel/trunk/EAP/cms/src/main/webapp' will be monitored for changes.
[INFO] [talledLocalContainer] 2016-10-21 09:59:55 JRebel: Directory '/home/nestor/Work/WorkAngel/trunk/EAP/bootstrap/configuration/target/classes' will be monitored for changes.
[INFO] [talledLocalContainer] 2016-10-21 09:59:55 JRebel: Directory '/home/nestor/Work/WorkAngel/trunk/EAP/bootstrap/webfiles/target/classes' will be monitored for changes.
[INFO] [talledLocalContainer] 21-Oct-2016 09:59:55.442 INFO [web] org.apache.catalina.loader.WebappClassLoaderBase.checkStateForResourceLoading Illegal access: this web application instance has been stopped already. Could not load [net/sf/ehcache/version.properties]. The following stack trace is thrown for debugging purposes as well as to attempt to terminate the thread which caused the illegal access.
[INFO] [talledLocalContainer] java.lang.IllegalStateException: Illegal access: this web application instance has been stopped already. Could not load [net/sf/ehcache/version.properties]. The following stack trace is thrown for debugging purposes as well as to attempt to terminate the thread which caused the illegal access.
[INFO] [talledLocalContainer] at org.apache.catalina.loader.WebappClassLoaderBase.checkStateForResourceLoading(WebappClassLoaderBase.java:1327)
[INFO] [talledLocalContainer] at org.apache.catalina.loader.WebappClassLoaderBase.getResourceAsStream(WebappClassLoaderBase.java:1080)
[INFO] [talledLocalContainer] at java.lang.Class.getResourceAsStream(Class.java:2223)
[INFO] [talledLocalContainer] at net.sf.ehcache.util.ProductInfo.parseProductInfo(ProductInfo.java:75)
[INFO] [talledLocalContainer] at net.sf.ehcache.util.ProductInfo.<init>(ProductInfo.java:40)
[INFO] [talledLocalContainer] at net.sf.ehcache.util.UpdateChecker.doCheck(UpdateChecker.java:118)
[INFO] [talledLocalContainer] at net.sf.ehcache.util.UpdateChecker.checkForUpdate(UpdateChecker.java:104)
[INFO] [talledLocalContainer] at net.sf.ehcache.util.UpdateChecker.run(UpdateChecker.java:95)
[INFO] [talledLocalContainer] at java.util.TimerThread.mainLoop(Timer.java:555)
[INFO] [talledLocalContainer] at java.util.TimerThread.run(Timer.java:505)
Which to me looks like a Spring configuration problem.
What is a good way to wire up an interceptor or is there an alternative good way to intercept the REST invocation in Hippo-based application?
NB: Filter does not quite work since the interceptor should have an access to Spring configuration, and filters are not wired through Spring configuration.
[1]: http://www.journaldev.com/2676/spring-mvc-interceptor-example-handlerinterceptor-handlerinterceptoradapter
Jeroen Reijn
Oct 24, 2016, 6:13:39 PM10/24/16
to Hippo Community
Hi,
I'm not sure why you get those exceptions during the startup of the site.war, but Hippo/HST is using Apache CXF for its RESTful services.
What you can try to do is implement your ReportingApiAccessInterceptor as a CXF Filter or interceptor and add it like for instance the CORSFilter is added.
See https://www.onehippo.org/library/concepts/rest/using-rest-api-with-ajax.html for the example of the CORSfilter.
Kind regards,
Jeroen
Nestor Milyaev
Oct 26, 2016, 8:45:50 AM10/26/16
to hippo-c...@googlegroups.com
Hi Jeroen,
Thank you very much for your response.
That did not work for me, sadly, and given the tight deadline I simply disabled the end point on all the servers for now, but I'll add your email to my tool box.
Best regards,
Nestor
-- Hippo Community Group: The place for all discussions and announcements about Hippo CMS (and HST, repository etc. etc.) To post to this group, send email to hippo-c...@googlegroups.com RSS: https://groups.google.com/group/hippo-community/feed/rss_v2_0_msgs.xml?num=50 --- You received this message because you are subscribed to a topic in the Google Groups "Hippo Community" group. To unsubscribe from this topic, visit https://groups.google.com/d/topic/hippo-community/4q40XrlZ0g0/unsubscribe. To unsubscribe from this group and all its topics, send an email to hippo-communi...@googlegroups.com. Visit this group at https://groups.google.com/group/hippo-community. For more options, visit https://groups.google.com/d/optout.
-- Nestor Milyaev Java Developer 1 Battersea Bridge Road, London SW11 3BZ T: +44 20 3567 5900 | E: nestor....@lifeworks.com
LifeWorks - #FeelLoved
Download our App! Available on iOS | Android | Web
Proudly voted "Next Great HR Tech Company 2016"
Registered in UK: 8223675
This communication is intended to be received only by the individual[s] or entity[s] to whom or to which it is addressed, and contains information which is confidential, privileged and subject to copyright. Any unauthorised use, copying, review or disclosure is prohibited. Please notify the sender immediately if you have received this communication in error [by calling collect, if necessary] so that we can arrange for its return at our expense. Thank you in advance for your anticipated assistance and cooperation.
Jasper Floor
Oct 26, 2016, 9:22:50 AM10/26/16
to Hippo Community
Hi,
Can't you just leave the rest end point out of your production host configuration?
mvg,
Jasper
-- Hippo Community Group: The place for all discussions and announcements about Hippo CMS (and HST, repository etc. etc.) To post to this group, send email to hippo-community@googlegroups.com RSS: https://groups.google.com/group/hippo-community/feed/rss_v2_0_msgs.xml?num=50 --- You received this message because you are subscribed to a topic in the Google Groups "Hippo Community" group. To unsubscribe from this topic, visit https://groups.google.com/d/topic/hippo-community/4q40XrlZ0g0/unsubscribe. To unsubscribe from this group and all its topics, send an email to hippo-community+unsubscribe@googlegroups.com. Visit this group at https://groups.google.com/group/hippo-community. For more options, visit https://groups.google.com/d/optout.
-- Nestor Milyaev Java Developer 1 Battersea Bridge Road, London SW11 3BZ T: +44 20 3567 5900 | E: nestor....@lifeworks.com
LifeWorks - #FeelLoved
Download our App! Available on iOS | Android | Web
Proudly voted "Next Great HR Tech Company 2016"
Registered in UK: 8223675
This communication is intended to be received only by the individual[s] or entity[s] to whom or to which it is addressed, and contains information which is confidential, privileged and subject to copyright. Any unauthorised use, copying, review or disclosure is prohibited. Please notify the sender immediately if you have received this communication in error [by calling collect, if necessary] so that we can arrange for its return at our expense. Thank you in advance for your anticipated assistance and cooperation.
--
Hippo Community Group: The place for all discussions and announcements about Hippo CMS (and HST, repository etc. etc.)
To post to this group, send email to hippo-community@googlegroups.com
RSS: https://groups.google.com/group/hippo-community/feed/rss_v2_0_msgs.xml?num=50
---
You received this message because you are subscribed to the Google Groups "Hippo Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to hippo-community+unsubscribe@googlegroups.com.
Nestor Milyaev
Oct 26, 2016, 10:01:58 AM10/26/16
to hippo-c...@googlegroups.com
Hi Jasper,
That's certainly another way of doing that...
The idea was to have the same code across all the servers (so we could test it first), but that's ok for now.
Best regards,
Nestor
-- Hippo Community Group: The place for all discussions and announcements about Hippo CMS (and HST, repository etc. etc.) To post to this group, send email to hippo-c...@googlegroups.com RSS: https://groups.google.com/group/hippo-community/feed/rss_v2_0_msgs.xml?num=50 --- You received this message because you are subscribed to a topic in the Google Groups "Hippo Community" group. To unsubscribe from this topic, visit https://groups.google.com/d/topic/hippo-community/4q40XrlZ0g0/unsubscribe. To unsubscribe from this group and all its topics, send an email to hippo-communi...@googlegroups.com. Visit this group at https://groups.google.com/group/hippo-community. For more options, visit https://groups.google.com/d/optout.
-- Nestor Milyaev Java Developer 1 Battersea Bridge Road, London SW11 3BZ T: +44 20 3567 5900 | E: nestor....@lifeworks.com
Woonsan Ko
Nov 13, 2016, 5:14:25 PM11/13/16
to hippo-c...@googlegroups.com
Hi Nestor,
Sorry for late response. But back to your original question, if you implemented HST Plain JAX RS services [1], then you should take a look at SpringComponentManager-rest-plain-pipeline.xml (included by the direction [1]) and append a CXF interceptor instead of spring mvc interceptor. Or you can add an invoker instead. For example, org.hippoecm.hst.jaxrs.cxf.SecurityAnnotationInvokerPreprocessor checks security annotated method before execution.
Regards,
Woonsan
Boston - 745 Atlantic Ave, 8th Floor, Boston MA 02111
Amsterdam - Oosteinde 11, 1017 WT Amsterdam
US +1 877 414 4776 (toll free)
Europe +31(0)20 522 4466
Amsterdam - Oosteinde 11, 1017 WT Amsterdam
US +1 877 414 4776 (toll free)
Europe +31(0)20 522 4466
Nestor Milyaev
Nov 14, 2016, 5:46:12 AM11/14/16
to hippo-c...@googlegroups.com
Thank you very much Woosan,
I got it all working right now, but I may look into your
suggestions to improve the architecture as the only thing that is
bothering me at the moment is that both sites' REST configuration
is mixed in one xml file.
Best regards,
Nestor
On 13/11/16 22:14, Woonsan Ko wrote:
Hi Nestor,
Sorry for late response. But back to your original question, if you implemented HST Plain JAX RS services [1], then you should take a look at SpringComponentManager-rest-plain-pipeline.xml (included by the direction [1]) and append a CXF interceptor instead of spring mvc interceptor. Or you can add an invoker instead. For example, org.hippoecm.hst.jaxrs.cxf.SecurityAnnotationInvokerPreprocessor checks security annotated method before execution.
Regards,
Woonsan
On Wed, Oct 26, 2016 at 10:01 AM, Nestor Milyaev <nestor....@lifeworks.com> wrote:
Hi Jasper,
That's certainly another way of doing that...
The idea was to have the same code across all the servers (so we could test it first), but that's ok for now.
Best regards,
Nestor
Reply all
Reply to author
Forward
0 new messages