I am using Camel 2.25, I am making an interface between several system.
I have some Http endpoint which will be call by the different system. Now I can generate a swagger, the problem is it contains all the endpoints. I would like to generate swagger for each system which contains only the endpoint they will need.
I can achieve it by using .apiDocs(false) on all the endpoints for system1, then generate the swagger, remove this apiDocs(false) and add to the endpoint of system1 and generate swagger for system2
As you can see it is definitely not convenient.
Here is my restconfiguration:
restConfiguration().component("servlet")
.apiContextListing(true)
.apiContextPath("/api-doc")
.apiProperty("api.title", "My Api")
.apiProperty("api.version", "1.0.2")
// and enable CORS
.enableCORS(true)
.apiProperty("cors", "true")
.bindingMode(RestBindingMode.auto);
rest("system1")
.consumes("application/json").produces("application/json")
.post("/example")
.tag(system1)
//
rest("system2")
.consumes("application/json").produces("application/json")
.post("/example2")
.tag(system1)
//
I am using camel-swagger-java for generating the swagger
Related
I need to retrieve SSO Siteminder's headers from the request.
It seems it is not possible to do it from browser/js because they are server side headers.
I can see the cookie session broeser correctly set, now I need to read the headers from the request, but I could not achieve this.
I've seen some topic in which they got them using a while loop in a JSP page.
Should I do it from Java Spring or is there some other way?
Every server-side webapp language and framework has methods for inspecting the inbound HTTP request to see the headers, including JEE, Spring Framework, even NodeJS.
currently, for a server to server communication, we have our own authentication method which will expect a random key in the HTTP request header.is there a way I can extend the camle HTTP to add the header for all the HTTP request call. Note we have 4 camel context XML and each camel context have 10 routes which make the HTTP request
You could also use Camel interceptors in order to add your custom header to (all or some) "http:*"-like endpoints.
Have a look at:
http://camel.apache.org/intercept.html
I am trying to integrate swagger to my application to document my rest APIs.
My application is not Maven dependent so I included all required jars manually.
After changes have been made, hitting /v2/api-docs doesn't return any JSON output but a 404 response instead.
Hitting /swagger-ui.html a page with swagger header prompts an alert box continuously with a message saying:
"Unable to infer base url. This is common when using dynamic servlet registration or when the API is behind an API Gateway. The base url is the root of where all the swagger resources are served. For e.g. if the api is available at http://example.org/api/v2/api-docs then the base url is http://example.org/api/. Please enter the location manually:
Thank you.
I'm building a RESTful API with the Restlet framework and need it to work with cross domain calls (CORS) as well as basic authentication.
At the moment I'm using the CorsFilter which does the job of making my webservice support CORS requests. But, when I try to use this with a simple ChallengeAuthenticator with HTTP Basic Authentication it won't work as I want it to (from a web site).
When I access the webservice directly via Chrome it works as intended, but when I try it in a small web application written in angularjs (jquery/javascript) and try to access the webservice it does not.
Basically what happens is that when a OPTIONS request is sent to my webservice it will not respond with the headers: 'Access-Control-Allow-Origin', 'Access-Control-Allow-Credentials', etc. as it should. Instead it is sending a respond with HTTP status code 401 saying that the authentication failed.. Is this because the authenticator is overriding the CorsFilter somehow?
My createInboundRoot method can be seen below.
#Override
public Restlet createInboundRoot() {
ChallengeAuthenticator authenticator = createAuthenticator();
RoleAuthorizer authorizer = createRoleAuthorizer();
Router router = new Router(getContext());
router.attach("/items", ItemsServerResource.class);
router.attach("/items/", ItemsServerResource.class);
Router baseRouter = new Router(getContext());
authorizer.setNext(ItemServerResource.class);
authenticator.setNext(baseRouter);
baseRouter.attach("/items/{itemID}", authorizer);
baseRouter.attach("", router);
// router.attach("/items/{itemID}", ItemServerResource.class);
CorsFilter corsFilter = new CorsFilter(getContext());
corsFilter.setNext(authenticator);
corsFilter.setAllowedOrigins(new HashSet(Arrays.asList("*")));
corsFilter.setAllowedCredentials(true);
return corsFilter;
}
(The authorizer and authenticator code is taken from the "official" restlet guide for authorization and authentication)
I've tried alot of changes to my code but none which given me any luck. But I noticed that when setting the argument "optional" in ChallengeAuthenticator to true (which "Indicates if the authentication success is optional") the CorsFilter does its job, but obviously the ChallengeAuthenticator does not care about authenticating the client and lets anything use the protected resources..
Has anyone had a similar problem? Or have you solved this (CORS + Authentication in Restlet) in any other way?
Thanks in advance!
I think that it's a bug of the Restlet CORS filter. As a matter of fact, the filter uses the method afterHandle to set the CORS headers. See the source code: https://github.com/restlet/restlet-framework-java/blob/4e8f0414b4f5ea733fcc30dd19944fd1e104bf74/modules/org.restlet/src/org/restlet/engine/application/CorsFilter.java#L119.
This means that the CORS processing is done after executing the whole processing chain (authentication, ...). So if your authentication failed, you will have a status code 401. It's actually the case since CORS preflighted requests don't send authentication hints.
For more details about using CORS with Restlet, you could have a look at this link: https://templth.wordpress.com/2014/11/12/understanding-and-using-cors/. This can provide you a workaround until this bug was fixed in Restlet itself.
I opened an issue in Github for your problem: https://github.com/restlet/restlet-framework-java/issues/1019.
Hope it helps,
Thierry
The CorsService (in 2.3.1 coming tomorrow) contains also a skippingResourceForCorsOptions property, that answers directly the Options request without transmitting the request to the underlying filters and server resources.
I would like to use Squid as a proxy for a Google App Engine based application (as we need to have a static outgoing ip, and GAE does not support that).
Also, I want to keep using urlfetch, so as not to do too much changes in the existing code.
The solution I want to implement is to install a Squid proxy, and direct all the urlfetch requests to this proxy by using the proxy url in the fetch request, and add some custom http header that will contain the final destination url.
Then, I want to configure Squid to take this custom header parameter from the request, and use it as the request url.
How do I configure this last part on Squid ?
(There may be many different urls, so configuring a separate port for each destination url is not an option).