Code Review / aaa.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: af3df95)
Remove CORS filter from ShiroWebContextSecurer 40/101640/1
authorRobert Varga <robert.varga@pantheon.tech>
Wed, 29 Jun 2022 14:21:10 +0000 (16:21 +0200)
committerRobert Varga <robert.varga@pantheon.tech>
Wed, 29 Jun 2022 14:22:06 +0000 (16:22 +0200)
Remove the CORS defaults, so that we do not have a dependency on Jetty.

JIRA: AAA-213
Change-Id: Id16fadbd7e1e7da9b6986f20e20e254c2d00421a
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
aaa-shiro/impl/pom.xml patch | blob | history
aaa-shiro/impl/src/main/java/org/opendaylight/aaa/shiro/web/env/ShiroWebContextSecurer.java patch | blob | history

diff --git a/aaa-shiro/impl/pom.xml b/aaa-shiro/impl/pom.xml
index d9574b42ff12a5214d4237bad6f1a9e4c445d74a..9ef6bbddcc14941a640551e21dd0fa11a0b09c1b 100644 (file)
--- a/aaa-shiro/impl/pom.xml
+++ b/aaa-shiro/impl/pom.xml
@@ -88,13 +88,6 @@ and is available at http://www.eclipse.org/legal/epl-v10.html
             <optional>true</optional>
         </dependency>
 
-        <!-- JSON JAXB Stuff -->
-        <dependency>
-            <groupId>org.eclipse.jetty</groupId>
-            <artifactId>jetty-servlets</artifactId>
-            <scope>provided</scope>
-        </dependency>
-
         <dependency>
             <groupId>net.sf.ehcache</groupId>
             <artifactId>ehcache</artifactId>
diff --git a/aaa-shiro/impl/src/main/java/org/opendaylight/aaa/shiro/web/env/ShiroWebContextSecurer.java b/aaa-shiro/impl/src/main/java/org/opendaylight/aaa/shiro/web/env/ShiroWebContextSecurer.java
index dd06e9e434371a9f31e9f1e1ef9e4199414c7d4a..e88f7cc8f519fa927b021262cda85d9d8c43cb8d 100644 (file)
--- a/aaa-shiro/impl/src/main/java/org/opendaylight/aaa/shiro/web/env/ShiroWebContextSecurer.java
+++ b/aaa-shiro/impl/src/main/java/org/opendaylight/aaa/shiro/web/env/ShiroWebContextSecurer.java
@@ -10,7 +10,6 @@ package org.opendaylight.aaa.shiro.web.env;
 import static java.util.Objects.requireNonNull;
 
 import javax.servlet.ServletContextListener;
-import org.eclipse.jetty.servlets.CrossOriginFilter;
 import org.opendaylight.aaa.shiro.filters.AAAShiroFilter;
 import org.opendaylight.aaa.web.FilterDetails;
 import org.opendaylight.aaa.web.WebContext;
@@ -39,17 +38,6 @@ public class ShiroWebContextSecurer implements WebContextSecurer {
                         .filter(new AAAShiroFilter())
                         .addUrlPatterns(urlPatterns)
                         .asyncSupported(asyncSupported)
-                        .build())
-
-                // CORS filter
-                .addFilter(FilterDetails.builder()
-                        .filter(new CrossOriginFilter())
-                        .addUrlPatterns(urlPatterns)
-                        .asyncSupported(asyncSupported)
-                        .putInitParam(CrossOriginFilter.ALLOWED_ORIGINS_PARAM, "*")
-                        .putInitParam(CrossOriginFilter.ALLOWED_METHODS_PARAM, "GET,POST,OPTIONS,DELETE,PUT,HEAD")
-                        .putInitParam(CrossOriginFilter.ALLOWED_HEADERS_PARAM,
-                            "origin, content-type, accept, authorization")
                         .build());
     }
 }
Authentication, Authorization, Accounting