[jira] [Created] (OLINGO-292) Tomcat server configuration documentation incomplete

Fri, 16 May 2014 10:34:44 -0700 

Riley Rainey created OLINGO-292:
-----------------------------------

             Summary: Tomcat server configuration documentation incomplete
                 Key: OLINGO-292
                 URL: https://issues.apache.org/jira/browse/OLINGO-292
             Project: Olingo
          Issue Type: Bug
          Components: odata2-documentation
    Affects Versions: V2 1.2.0
            Reporter: Riley Rainey


OData PUT and DELETE operations will return a '403 Forbidden' error unless 
extra configuration settings are added to the application's web.xml file.

See the example web.xml file below (tested with Tomcat 7.0.42).  A 
security-constraint section must be added to the web.xml file.  Within that 
section, all HTTP methods required by the application must be enumerated:

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
        xmlns="http://java.sun.com/xml/ns/javaee";
        xsi:schemaLocation="http://java.sun.com/xml/ns/javaee 
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd";
        version="3.0">
        <display-name>WHERE</display-name>
        <welcome-file-list>
                <welcome-file>index.html</welcome-file>
        </welcome-file-list>
        <servlet>
                <servlet-name>ODataServlet</servlet-name>
                
<servlet-class>org.apache.cxf.jaxrs.servlet.CXFNonSpringJaxrsServlet</servlet-class>
                <init-param>
                        <param-name>javax.ws.rs.Application</param-name>
                        
<param-value>org.apache.olingo.odata2.core.rest.app.ODataApplication</param-value>
                </init-param>
                <init-param>
                        
<param-name>org.apache.olingo.odata2.service.factory</param-name>
                        
<param-value>com.sap.mic.where.services.Where1ServiceFactory</param-value>
                </init-param>
                <load-on-startup>1</load-on-startup>
        </servlet>
        <!-- <filter> <filter-name>CorsFilter</filter-name> 
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class> 
                </filter> <filter-mapping> 
<filter-name>CorsFilter</filter-name> <url-pattern>/*</url-pattern> 
                </filter-mapping> -->
        <servlet-mapping>
                <servlet-name>ODataServlet</servlet-name>
                <url-pattern>/V1/*</url-pattern>
        </servlet-mapping>
        <security-constraint>
                <web-resource-collection>
                        <web-resource-name>ODataServlet</web-resource-name>
                        <url-pattern>/V1/*</url-pattern>
                        <http-method>DELETE</http-method>
                        <http-method>PUT</http-method>
                        <http-method>GET</http-method>
                        <http-method>POST</http-method>
                </web-resource-collection>
                <user-data-constraint>
                        <transport-guarantee>NONE</transport-guarantee>
                </user-data-constraint>
        </security-constraint>
</web-app>



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to