Author: hlship
Date: Sat Mar 7 17:49:09 2009
New Revision: 751300
URL: http://svn.apache.org/viewvc?rev=751300&view=rev
Log:
TAP5-43: Add configuration to turn off @Secure when in development
Modified:
tapestry/tapestry5/trunk/src/site/apt/guide/conf.apt
tapestry/tapestry5/trunk/src/site/apt/index.apt
tapestry/tapestry5/trunk/src/site/apt/upgrade.apt
tapestry/tapestry5/trunk/tapestry-core/src/main/java/org/apache/tapestry5/SymbolConstants.java
tapestry/tapestry5/trunk/tapestry-core/src/main/java/org/apache/tapestry5/internal/services/RequestSecurityManagerImpl.java
tapestry/tapestry5/trunk/tapestry-core/src/main/java/org/apache/tapestry5/services/TapestryModule.java
tapestry/tapestry5/trunk/tapestry-core/src/test/java/org/apache/tapestry5/internal/services/RequestSecurityManagerImplTest.java
Modified: tapestry/tapestry5/trunk/src/site/apt/guide/conf.apt
URL:
http://svn.apache.org/viewvc/tapestry/tapestry5/trunk/src/site/apt/guide/conf.apt?rev=751300&r1=751299&r2=751300&view=diff
==============================================================================
--- tapestry/tapestry5/trunk/src/site/apt/guide/conf.apt (original)
+++ tapestry/tapestry5/trunk/src/site/apt/guide/conf.apt Sat Mar 7 17:49:09
2009
@@ -211,6 +211,11 @@
The time interval that Tapestry will wait for a page instance to become
available before deciding whether to create
an entirely new page instance. The default is "10 ms".
+ [tapestry.secure-enabled]
+ If true, then
{{{../apidocs/org/apache/tapestry5/annotations/secure.ht...@secure}} annotation
is honored; if
+ false, no security checks or redirects take place. This defaults to
tapestry.production-mode, meaning that in development
+ mode it will (by default) be disabled.
+
[tapestry.secure-page]
If true, then the page may only be accessed via HTTPS. The
{{{../apidocs/org/apache/tapestry5/annotations/secure.ht...@secure}}
annotation will set this value to true.
Modified: tapestry/tapestry5/trunk/src/site/apt/index.apt
URL:
http://svn.apache.org/viewvc/tapestry/tapestry5/trunk/src/site/apt/index.apt?rev=751300&r1=751299&r2=751300&view=diff
==============================================================================
--- tapestry/tapestry5/trunk/src/site/apt/index.apt (original)
+++ tapestry/tapestry5/trunk/src/site/apt/index.apt Sat Mar 7 17:49:09 2009
@@ -34,6 +34,10 @@
New And Of Note
+ * An Ajax event requst may now return a
+
{{{apidocs/org/apache/tapestry5/ajax/MultiZoneUpdate.html}MultiZoneUpdate}}
instance
+ to update multiple zones in the client web browser.
+
* Client-side numeric validation is now locale-sensitive.
* Some significant performance improvements over Tapestry 5.0.18: the time
to initially load a page,
Modified: tapestry/tapestry5/trunk/src/site/apt/upgrade.apt
URL:
http://svn.apache.org/viewvc/tapestry/tapestry5/trunk/src/site/apt/upgrade.apt?rev=751300&r1=751299&r2=751300&view=diff
==============================================================================
--- tapestry/tapestry5/trunk/src/site/apt/upgrade.apt (original)
+++ tapestry/tapestry5/trunk/src/site/apt/upgrade.apt Sat Mar 7 17:49:09 2009
@@ -20,6 +20,10 @@
{{{https://issues.apache.org/jira/browse/TAP5-211}TAP5-211}}. This will only
affect users
who have created their own client-side validations.
+ The handling of the
+ {{{apidocs/org/apache/tapestry5/annotations/Secure.html}Secure}} annotation
is now only enabled
+ in production mode (by default).
+
Release 5.1.0.0
* Primary Key Encoder
Modified:
tapestry/tapestry5/trunk/tapestry-core/src/main/java/org/apache/tapestry5/SymbolConstants.java
URL:
http://svn.apache.org/viewvc/tapestry/tapestry5/trunk/tapestry-core/src/main/java/org/apache/tapestry5/SymbolConstants.java?rev=751300&r1=751299&r2=751300&view=diff
==============================================================================
---
tapestry/tapestry5/trunk/tapestry-core/src/main/java/org/apache/tapestry5/SymbolConstants.java
(original)
+++
tapestry/tapestry5/trunk/tapestry-core/src/main/java/org/apache/tapestry5/SymbolConstants.java
Sat Mar 7 17:49:09 2009
@@ -145,4 +145,13 @@
* @since 5.1.0.0
*/
public static final String GZIP_COMPRESSION_ENABLED =
"tapestry.gzip-compression-enabled";
+
+ /**
+ * If "true" (which itself defaults to production mode), then the
{...@link org.apache.tapestry5.annotations.Secure}
+ * annotation will be honored. If "false" (i.e., development mode), then
the annotation and related HTTP/HTTPS
+ * logic is ignored.
+ *
+ * @since 5.1.0.1
+ */
+ public static final String SECURE_ENABLED = "tapestry.secure-enabled";
}
Modified:
tapestry/tapestry5/trunk/tapestry-core/src/main/java/org/apache/tapestry5/internal/services/RequestSecurityManagerImpl.java
URL:
http://svn.apache.org/viewvc/tapestry/tapestry5/trunk/tapestry-core/src/main/java/org/apache/tapestry5/internal/services/RequestSecurityManagerImpl.java?rev=751300&r1=751299&r2=751300&view=diff
==============================================================================
---
tapestry/tapestry5/trunk/tapestry-core/src/main/java/org/apache/tapestry5/internal/services/RequestSecurityManagerImpl.java
(original)
+++
tapestry/tapestry5/trunk/tapestry-core/src/main/java/org/apache/tapestry5/internal/services/RequestSecurityManagerImpl.java
Sat Mar 7 17:49:09 2009
@@ -16,6 +16,8 @@
import org.apache.tapestry5.Link;
import org.apache.tapestry5.MetaDataConstants;
+import org.apache.tapestry5.SymbolConstants;
+import org.apache.tapestry5.ioc.annotations.Symbol;
import org.apache.tapestry5.services.BaseURLSource;
import org.apache.tapestry5.services.MetaDataLocator;
import org.apache.tapestry5.services.Request;
@@ -35,18 +37,26 @@
private final BaseURLSource baseURLSource;
+ private final boolean securityEnabled;
+
public RequestSecurityManagerImpl(Request request, Response response,
LinkSource linkSource,
- MetaDataLocator locator, BaseURLSource
baseURLSource)
+ MetaDataLocator locator, BaseURLSource
baseURLSource,
+
+ @Symbol(SymbolConstants.SECURE_ENABLED)
+ boolean securityEnabled)
{
this.request = request;
this.response = response;
this.linkSource = linkSource;
this.locator = locator;
this.baseURLSource = baseURLSource;
+ this.securityEnabled = securityEnabled;
}
public boolean checkForInsecureRequest(String pageName) throws IOException
{
+ if (!securityEnabled) return false;
+
// We don't (at this time) redirect from secure to insecure, just from
insecure to secure.
if (request.isSecure()) return false;
@@ -69,6 +79,8 @@
public String getBaseURL(String pageName)
{
+ if (!securityEnabled) return null;
+
boolean securePage = isSecure(pageName);
if (securePage == request.isSecure()) return null;
Modified:
tapestry/tapestry5/trunk/tapestry-core/src/main/java/org/apache/tapestry5/services/TapestryModule.java
URL:
http://svn.apache.org/viewvc/tapestry/tapestry5/trunk/tapestry-core/src/main/java/org/apache/tapestry5/services/TapestryModule.java?rev=751300&r1=751299&r2=751300&view=diff
==============================================================================
---
tapestry/tapestry5/trunk/tapestry-core/src/main/java/org/apache/tapestry5/services/TapestryModule.java
(original)
+++
tapestry/tapestry5/trunk/tapestry-core/src/main/java/org/apache/tapestry5/services/TapestryModule.java
Sat Mar 7 17:49:09 2009
@@ -1974,7 +1974,8 @@
configuration.add(SymbolConstants.FILE_CHECK_INTERVAL, "1 s");
configuration.add(SymbolConstants.FILE_CHECK_UPDATE_TIMEOUT, "50 ms");
- // This should be overridden for particular applications.
+ // This should be overridden for particular applications. These are
the locales for
+ // which we have (at least some) localized messages.
configuration.add(SymbolConstants.SUPPORTED_LOCALES,
"en,it,es,zh_CN,pt_PT,de,ru,hr,fi_FI,sv_SE,fr_FR,da,pt_BR,ja,el");
@@ -2028,7 +2029,7 @@
configuration.add(SymbolConstants.CHARSET, "UTF-8");
configuration.add(SymbolConstants.APPLICATION_CATALOG,
- "context:WEB-INF/${" + InternalSymbols.APP_NAME +
"}.properties");
+ String.format("context:WEB-INF/${%s}.properties",
InternalSymbols.APP_NAME));
configuration.add(SymbolConstants.EXCEPTION_REPORT_PAGE,
"ExceptionReport");
@@ -2040,6 +2041,8 @@
configuration.add(SymbolConstants.OMIT_GENERATOR_META, "false");
configuration.add(SymbolConstants.GZIP_COMPRESSION_ENABLED, "true");
+
+ configuration.add(SymbolConstants.SECURE_ENABLED,
String.format("${%s}", SymbolConstants.PRODUCTION_MODE));
}
Modified:
tapestry/tapestry5/trunk/tapestry-core/src/test/java/org/apache/tapestry5/internal/services/RequestSecurityManagerImplTest.java
URL:
http://svn.apache.org/viewvc/tapestry/tapestry5/trunk/tapestry-core/src/test/java/org/apache/tapestry5/internal/services/RequestSecurityManagerImplTest.java?rev=751300&r1=751299&r2=751300&view=diff
==============================================================================
---
tapestry/tapestry5/trunk/tapestry-core/src/test/java/org/apache/tapestry5/internal/services/RequestSecurityManagerImplTest.java
(original)
+++
tapestry/tapestry5/trunk/tapestry-core/src/test/java/org/apache/tapestry5/internal/services/RequestSecurityManagerImplTest.java
Sat Mar 7 17:49:09 2009
@@ -42,7 +42,7 @@
replay();
RequestSecurityManager manager
- = new RequestSecurityManagerImpl(request, response,
linkSource, locator, source);
+ = new RequestSecurityManagerImpl(request, response,
linkSource, locator, source, true);
assertFalse(manager.checkForInsecureRequest(PAGE_NAME));
@@ -65,7 +65,7 @@
replay();
RequestSecurityManager manager
- = new RequestSecurityManagerImpl(request, response,
linkSource, locator, source);
+ = new RequestSecurityManagerImpl(request, response,
linkSource, locator, source, true);
assertFalse(manager.checkForInsecureRequest(PAGE_NAME));
@@ -93,7 +93,7 @@
replay();
RequestSecurityManager manager
- = new RequestSecurityManagerImpl(request, response,
linkSource, locator, source);
+ = new RequestSecurityManagerImpl(request, response,
linkSource, locator, source, true);
assertTrue(manager.checkForInsecureRequest(PAGE_NAME));
@@ -135,7 +135,7 @@
replay();
RequestSecurityManager manager
- = new RequestSecurityManagerImpl(request, response,
linkSource, locator, source);
+ = new RequestSecurityManagerImpl(request, response,
linkSource, locator, source, true);
assertEquals(manager.getBaseURL(PAGE_NAME), expectedURL);
