Adding Header check to archiva rest services

author Martin Stockhammer <martin_s@apache.org>

Tue, 31 Jan 2017 21:56:50 +0000 (22:56 +0100)

committer Martin Stockhammer <martin_s@apache.org>

Tue, 31 Jan 2017 21:56:50 +0000 (22:56 +0100)
author Martin Stockhammer <martin_s@apache.org>
Tue, 31 Jan 2017 21:56:50 +0000 (22:56 +0100)
committer Martin Stockhammer <martin_s@apache.org>
Tue, 31 Jan 2017 21:56:50 +0000 (22:56 +0100)
diff --git a/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/resources/META-INF/spring-context.xml b/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/resources/META-INF/spring-context.xml

index 77d365cbca262839e31385938b976afa7f980023..c9e677db61d47ecd1049bbdf4986b3ceb9194165 100644 (file)
--- a/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/resources/META-INF/spring-context.xml
+++ b/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/resources/META-INF/spring-context.xml
@@ -52,6 +52,7 @@
        <ref bean="jsonProvider"/>
        <ref bean="authenticationInterceptor#rest"/>
        <ref bean="permissionInterceptor#rest"/>
+      <ref bean="requestValidationInterceptor#rest" />
        <ref bean="archivaRestServiceExceptionMapper"/>
      </jaxrs:providers>
  
diff --git a/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/test/java/org/apache/archiva/rest/services/AbstractArchivaRestTest.java b/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/test/java/org/apache/archiva/rest/services/AbstractArchivaRestTest.java

index 2453e6af8d11b8918a1df66b64ca3ba37446e502..acf9df5b08f3e43d1f3a2f646e8ad08866b50525 100644 (file)
--- a/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/test/java/org/apache/archiva/rest/services/AbstractArchivaRestTest.java
+++ b/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/test/java/org/apache/archiva/rest/services/AbstractArchivaRestTest.java
@@ -138,6 +138,7 @@ public abstract class AbstractArchivaRestTest
          {
              WebClient.client( service ).header( "Authorization", authzHeader );
          }
+        WebClient.client(service).header("Referer","http://localhost:"+port);
          WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( 100000000 );
          WebClient.client( service ).accept( MediaType.APPLICATION_JSON_TYPE );
          WebClient.client( service ).type( MediaType.APPLICATION_JSON_TYPE );
@@ -200,6 +201,7 @@ public abstract class AbstractArchivaRestTest
                                         Collections.singletonList( new JacksonJaxbJsonProvider() ) );
  
          WebClient.client( service ).header( "Authorization", authorizationHeader );
+        WebClient.client(service).header("Referer","http://localhost:"+port);
          WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( 300000 );
          WebClient.client( service ).accept( MediaType.APPLICATION_JSON_TYPE );
          WebClient.client( service ).type( MediaType.APPLICATION_JSON_TYPE );
@@ -214,6 +216,7 @@ public abstract class AbstractArchivaRestTest
                                         Collections.singletonList( new JacksonJaxbJsonProvider() ) );
  
          WebClient.client( service ).header( "Authorization", authorizationHeader );
+        WebClient.client(service).header("Referer","http://localhost:"+port);
          WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( 300000 );
          WebClient.client( service ).accept( MediaType.APPLICATION_JSON_TYPE );
          WebClient.client( service ).type( MediaType.APPLICATION_JSON_TYPE );
@@ -231,6 +234,8 @@ public abstract class AbstractArchivaRestTest
          WebClient.client( service ).type( MediaType.APPLICATION_JSON_TYPE );
  
          WebClient.client( service ).header( "Authorization", authorizationHeader );
+        WebClient.client(service).header("Referer","http://localhost:"+port);
+
          WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( 300000 );
          return service;
      }
@@ -246,6 +251,7 @@ public abstract class AbstractArchivaRestTest
          WebClient.client( service ).type( MediaType.APPLICATION_JSON_TYPE );
  
          WebClient.client( service ).header( "Authorization", authorizationHeader );
+        WebClient.client(service).header("Referer","http://localhost:"+port);
          WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( 300000 );
          return service;
      }
@@ -262,6 +268,7 @@ public abstract class AbstractArchivaRestTest
          {
              WebClient.client( service ).header( "Authorization", authzHeader );
          }
+        WebClient.client(service).header("Referer","http://localhost:"+port);
  
          WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( 100000000 );
          if ( useXml )
@@ -291,6 +298,7 @@ public abstract class AbstractArchivaRestTest
          {
              WebClient.client( service ).header( "Authorization", authzHeader );
          }
+        WebClient.client(service).header("Referer","http://localhost:"+port);
          // to configure read timeout
          WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( 100000000 );
          // if you want to use json as exchange format xml is supported too
@@ -312,6 +320,7 @@ public abstract class AbstractArchivaRestTest
          {
              WebClient.client( service ).header( "Authorization", authzHeader );
          }
+        WebClient.client(service).header("Referer","http://localhost:"+port);
          WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( 100000000 );
          WebClient.client( service ).accept( MediaType.APPLICATION_JSON_TYPE );
          WebClient.client( service ).type( MediaType.APPLICATION_JSON_TYPE );
diff --git a/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/test/java/org/apache/archiva/rest/services/RepositoryGroupServiceTest.java b/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/test/java/org/apache/archiva/rest/services/RepositoryGroupServiceTest.java

index 0175058596e5641015991d118ba210151e8383ca..1fee4a342701c19f68add9a6dd449f97179bf47c 100644 (file)
--- a/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/test/java/org/apache/archiva/rest/services/RepositoryGroupServiceTest.java
+++ b/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/test/java/org/apache/archiva/rest/services/RepositoryGroupServiceTest.java
@@ -39,6 +39,8 @@ public class RepositoryGroupServiceTest
      {
          RepositoryGroupService service = getRepositoryGroupService();
          WebClient.client( service ).header( "Authorization", authorizationHeader );
+        WebClient.client(service).header("Referer","http://localhost:"+port);
+
          WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( 300000 );
  
          assertTrue( service.getRepositoriesGroups().isEmpty() );
author	Martin Stockhammer <martin_s@apache.org>
	Tue, 31 Jan 2017 21:56:50 +0000 (22:56 +0100)
committer	Martin Stockhammer <martin_s@apache.org>
	Tue, 31 Jan 2017 21:56:50 +0000 (22:56 +0100)
archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/resources/META-INF/spring-context.xml		patch \| blob \| history
archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/test/java/org/apache/archiva/rest/services/AbstractArchivaRestTest.java		patch \| blob \| history
archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/test/java/org/apache/archiva/rest/services/RepositoryGroupServiceTest.java		patch \| blob \| history