Is it possible to restrict which protocols are allowed on a Camel CometD endpoint, or endpoints in general?
For example, I would like to restrict the endpoint so it can only receive calls through websockets, and not allow HTTP.
From the CometD point of view, you can easily do this by specifying, in the server configuration, the list of allowed protocols:
<web-app ...>
<servlet>
<servlet-name>cometd</servlet-name>
<servlet-class>org.cometd.server.CometDServlet</servlet-class>
<init-param>
<param-name>allowedTransports</param-name>
<param-value>websocket</param-value>
</init-param>
</servlet>
...
</web-app>
The embedded code case is the following:
BayeuxServerImpl bayeuxServer = new BayeuxServerImpl();
bayeuxServer.setAllowedTransports("websocket");
bayeuxServer.start();
If Camel exposes one of these 2 ways to configure the CometD server, then your issue is solved.
Related
I want to use the functionality of dispatch.xml to route my request by subdomain and create a default module which will receive all the non specified subdomain.
I explain myself:
Let's say I have 3 differents modules:
Module 1 routed from: m1.myapp.com
Module 2 routed from: m2.myapp,com
Default Module routed from anything else: *.myapp.com (like: default.myapp.com, *entitieName*.myapp.com, other.myapp.com).
My question: is there any kind of priority mechanism that will handle first written subdomain and if and only if the subdomain called isn't in the dispatch.xml it will route the request to my default module?
Yes, you already have such priority mechanism - that's exactly how dispatch.xml works:
the order of the dispatch rules matter, the first pattern match wins and the request will be dispatched according to that rule
if none of the rules matches the request will be sent to the default service/module.
Something along these lines should do what you desire:
<?xml version="1.0" encoding="UTF-8"?>
<dispatch-entries>
<dispatch>
<url>m1.myapp.com/*</url>
<module>m1</module>
</dispatch>
<dispatch>
<url>m2.myapp.com/*</url>
<module>m2</module>
</dispatch>
</dispatch-entries>
I have an error which I understand is down to the CORS policy to prevent potential security risks.
For security reasons, browsers restrict cross-origin HTTP requests initiated from within scripts. For example, XMLHttpRequest and Fetch follow the same-origin policy. So, a web application using XMLHttpRequest or Fetch could only make HTTP requests to its own domain. To improve web applications, developers asked browser vendors to allow cross-domain requests.
I am running my AngularJS application on Apache (localhost) and am attempting to access information from the back-end running Spring on Tomcat(localhost:8080). I have read a number of threads, one being 'Set CORS header in Tomcat', which have informed me of adding configuration to Tomcat's .config file, as so:
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>http://localhost</url-pattern>
</filter-mapping>
An error is still returned informing me:
XMLHttpRequest cannot load http://localhost:8080/p3sweb/rest-patents/. Redirect from 'http://localhost:8080/p3sweb/rest-patents/' to 'http://localhost:8080/p3sweb/login;jsessionid=2658E20C637694D2154C7EEDF9875B89' has been blocked by /#!/patents:1 CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost' is therefore not allowed access.
The part that says been blocked by /#!/patents:1 has me wondering whether there is any other configuration I have to do on the Apache server.
Question
What configuration do I have to add in order to make a request from the domain localhost to localhost:8080/p3sweb/rest-patents/. Any help would be appreciated.
I am a very beginner in ESB. So, kindly excuse me for this basic question.
Currently we have web services created with Apache CXF and Spring running. Now, we need to create proxy services for these in WSo2 ESB. Can someone please let us know how can we do this?
I created Pass Through proxy and use wsdl definition as from URL, but when i use try it option i get he endpoint reference (EPR) for the Operation not found is /services/ and the WSA Action = null.
If this EPR was previously reachable,please contact the server administrator.
Since ESB 4.6, pass-through transport is enabled by default : The message body is not build so, SOAP Body based dispatching is not supported => in this case, the error you're speaking about is thrown
One solution could be to add this parameter in your proxy conf : <parameter name="disableOperationValidation" locked="false">true</parameter>
Have a look there for other options : Using WSO2 ESB PassThrough Proxy on WebLogic (Spring) Web Service
How did you create the proxy service? If you have the wsdl of the Backend service you can use it to create the proxy service like follows.
<proxy xmlns="http://ws.apache.org/ns/synapse" name="testProxy2" transports="https,http" statistics="disable" trace="disable" startOnLoad="true">
<target>
<outSequence>
<send/>
</outSequence>
<endpoint>
<wsdl service="SimpleStockQuoteService"
port="SimpleStockQuoteServiceHttpSoap11Endpoint"
uri="http://localhost:9000/services/SimpleStockQuoteService?wsdl"/>
</endpoint>
</target>
<description/>
</proxy>
The ESB gets the endpoint url from the Service name and Port defined in the WSDL. For SOAP 1.1 the WSA action will be the SOAPAction header and for SOAP 1.2 the WSA action goes with the action element of Content-Type header. For example,
Content-Type: application/soap+xml;charset=UTF-8;action="TheSoapAction"
Try to use a SOAP client like SOAPUI to test your proxy service.
I have a GAEJ application that until now hasn't had to deal with sensitive data. For that reason it's been happily running under http://
I am using GWT-RPC for my client server calls.
However I now want to start storing customer names and addresses, for which I'd like to start using https.
I understand the limitation that it has to use the https://www.xxxxx.appspot.com/ domain.
My question is how can I create a sub-section of my site that only deals with client-senstive data, leaving the rest of my site untouched?
For example if I put the following security constraint in my web.xml :
<security-constraint>
<web-resource-collection>
<url-pattern>/xxxxx/admin/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
how can I then tell the app to use https for only certain RPCs, and not all of them?
In other words, is it possible to leave it so that my users still access my site using http:
http://www.xxxxx.appspot.com/
and when they make an RPC sending or receiving sensitive data that is done over https ?
Should I use RequestBuilder to construct my GWT-RPC to be https? but if I do that how do I get round the Browser Same origin policy ?
Surely there must be a way of doing this, it must be quite a common problem?
The cross-domain policy for AJAX calls will not allow you to do an RPC to https://blah when you've served the page from http://blah
It's possible to overcome this using an iframe or a header like this:
Access-Control-Allow-Origin: https://www.mysite.com
but I don't know if that's possible on GWT.
My webservice has an REST endpoint URL like /myapp/admin/services. If I set org.apache.cxf.servlet.hide-service-list-page=false then my URL is hijacked by the CXF services list. This happens because the listings URL is relative in org.apache.cxf.transport.servlet.ServletController.
OK, fine, so I shouldn't have used the phrase "services" in my URL structure. Mea culpa. But now how do I fix this? I'd like to override the "/services" default in ServletController. I just need my container to invoke setServiceListRelativePath() on that class, but I can't figure out how. I imagine there's some magic Spring snippet to do this?
If it matters, I'm using CXF as bundled in the Talend Service Factory.
(turning my comment above into an answer, and modernizing since TSF no longer exists)
Under Karaf, add the following to etc/org.apache.cxf.osgi.cfg: "org.apache.cxf.servlet.service-list-path=/desired/path"
You can try this in your web.xml to override the CXF service list path
<init-param>
<param-name>service-list-path</param-name>
<param-value>/*</param-value>
</init-param>