CORS support for ContainerManager Northbound APIs 70/1470/1
authorMadhu Venugopal <vmadhu@cisco.com>
Fri, 27 Sep 2013 17:46:25 +0000 (10:46 -0700)
committerMadhu Venugopal <vmadhu@cisco.com>
Fri, 27 Sep 2013 17:46:25 +0000 (10:46 -0700)
Change-Id: Iec1f37a249f92e39ede1ff3796b8d88cd2f510f5
Signed-off-by: Madhu Venugopal <vmadhu@cisco.com>
opendaylight/northbound/containermanager/pom.xml
opendaylight/northbound/containermanager/src/main/java/org/opendaylight/controller/containermanager/northbound/ContainerManagerNorthbound.java
opendaylight/northbound/containermanager/src/main/resources/WEB-INF/web.xml

index 74e4ed8..493cfba 100644 (file)
@@ -50,6 +50,7 @@
               javax.xml.bind.annotation,
               javax.xml.bind,
               org.slf4j,
+              org.apache.catalina.filters,
               org.codehaus.jackson.jaxrs,
               !org.codehaus.enunciate.jaxrs
             </Import-Package>
       <artifactId>com.sun.jersey.jersey-servlet</artifactId>
       <version>1.17-SNAPSHOT</version>
     </dependency>
+    <dependency>
+      <groupId>org.opendaylight.controller.thirdparty</groupId>
+      <artifactId>org.apache.catalina.filters.CorsFilter</artifactId>
+      <version>7.0.42-SNAPSHOT</version>
+    </dependency>
   </dependencies>
 </project>
index e2e1a62..77c3004 100644 (file)
@@ -72,9 +72,9 @@ public class ContainerManagerNorthbound {
 
     @Context
     public void setSecurityContext(SecurityContext context) {
-        Principal principal;
-        principal = context.getUserPrincipal();
-        username = principal.getName();
+        if (context != null && context.getUserPrincipal() != null) {
+            username = context.getUserPrincipal().getName();
+        }
     }
 
     protected String getUserName() {
index 6ace7ec..5e4ad4e 100644 (file)
@@ -16,10 +16,49 @@ http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
       <servlet-name>JAXRSContainerManager</servlet-name>
       <url-pattern>/*</url-pattern>
     </servlet-mapping>
+    <filter>
+      <filter-name>CorsFilter</filter-name>
+      <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
+      <init-param>
+        <param-name>cors.allowed.origins</param-name>
+        <param-value>*</param-value>
+      </init-param>
+      <init-param>
+        <param-name>cors.allowed.methods</param-name>
+        <param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
+      </init-param>
+      <init-param>
+        <param-name>cors.allowed.headers</param-name>
+        <param-value>Content-Type,X-Requested-With,accept,authorization, origin,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
+      </init-param>
+      <init-param>
+        <param-name>cors.exposed.headers</param-name>
+        <param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
+      </init-param>
+      <init-param>
+        <param-name>cors.support.credentials</param-name>
+        <param-value>true</param-value>
+      </init-param>
+      <init-param>
+        <param-name>cors.preflight.maxage</param-name>
+        <param-value>10</param-value>
+      </init-param>
+    </filter>
+    <filter-mapping>
+      <filter-name>CorsFilter</filter-name>
+      <url-pattern>/*</url-pattern>
+    </filter-mapping>
+
     <security-constraint>
         <web-resource-collection>
             <web-resource-name>NB api</web-resource-name>
             <url-pattern>/*</url-pattern>
+            <http-method>POST</http-method>
+            <http-method>GET</http-method>
+            <http-method>PUT</http-method>
+            <http-method>PATCH</http-method>
+            <http-method>DELETE</http-method>
+            <http-method>HEAD</http-method>
         </web-resource-collection>
         <auth-constraint>
             <role-name>System-Admin</role-name>