This design is intended to address the following issues:
KNOX-179@jira: Simple way to introduce new servlet filters into the chains
KNOX-103@jira: Support multiple <pattern> children in <resource> for gateway.xml
KNOX-177@jira: Simplify service deployment contributor implementation
Each of these issues stem from what is currently expected of a ServiceDeploymentContributor
in its contributeService
method.
Basically each service deployment contributor is expected to build its own filter chain.
This is currently done by making calls to Deploymentcontext.contributeFilter
.
While this provides a great deal of flexibility for each service to define a custom chain we have found that this isn't commonly necessary.
Furthermore it makes if very difficult if not impossible to introduce new filters in a chain without impacting all services.
This design will provide an abstraction to the service deployment contributors that can create either a default or specifically configured chain of filters.
The goal is to support a pattern in service deployment contributors that looks like this:
public void contributeService( DeploymentContext context, Service service ) throws Exception { String chain = null; // Default if null, otherwise specific chain name defined in topoloy.xml Map<String,Map<String,String>> params = null; // Default if null, otherwise map of per provider role map of name/value pairs. ResourceDescriptor resource = context.addResource() resource.role( "WEBHDFS" ); resource.pattern( "webhdfs/v1/?**" ); resource.pattern( "webhdfs/v1/**?**" ); context.contributeChain( service, resource, chain, params ); }
<topology> <gateway> <provider/> <chain name=""> <provider role="" name=""> <param name="" value=""/> </provider> <provider/> </chain> </gateway> </topology>
public interface DeploymentContext { GatewayConfig getGatewayConfig(); Topology getTopology(); WebArchive getWebArchive(); WebAppDescriptor getWebAppDescriptor(); GatewayDescriptor getGatewayDescriptor(); void contributeChain( Service service, ResourceDescriptor resource, String chainName, Map<String,List<FilterParamDescriptor>> params ); void addDescriptor( String name, Object descriptor ); <T> T getDescriptor( String name ); }
public interface ServiceDeploymentContributor { // The role of this service deployment contributor. e.g. WEBHDFS String getRole(); // The name of this service deployment contributor. Not used yet. String getName(); // Called after provider initializeContribution methods and in arbitrary order relative to other service contributors. void initializeContribution( DeploymentContext context ); // Called per service based on the service's role. // Returns a list of resources it added to the descriptor. void contributeService( DeploymentContext context, Service service ) throws Exception; // Called after all contributors and before provider finalizeContribution methods. void finalizeContribution( DeploymentContext context ); }
public interface ProviderDeploymentContributor { // The role this provider supports (e.g. authentication) String getRole(); // In the topology the provider will have an optional name element. If it is present // then the framework will look for the the provider deployment contributor with the correct // role and name. String getName(); // All provider initializeContribution methods are called first in arbitrary order. void initializeContribution( DeploymentContext context ); // Called for each provider in the topology based on the role and optionally name. void contributeProvider( DeploymentContext context, Provider provider ); // This will be called indirectly by a ServiceDeploymentContributor when it needs a filter // contributed for this providers role. A ServiceDeploymentContributor may request a specific // provider by role and name otherwise the default provider for the role will be used. void contributeFilter( DeploymentContext context, Provider provider, Service service, ResourceDescriptor resource, List<FilterParamDescriptor> params ); // All provider finalizeContribution methods are called last in arbitrary order. void finalizeContribution( DeploymentContext context );