On 10/9/13 10:34 AM, "Ian Boston" <[email protected]> wrote: >On 9 October 2013 09:16, Stefan Egli <[email protected]> wrote: >> Hi Ian, >> >> +1 >> >> I like the idea of making an API out of this. One thing to remember is >> that this API would be part of discovery.impl rather than discovery.api >>- >> since the discovery.api does not make any assumptions on how >> instances/clusters discover each other. Nevertheless I think it's a good >> idea. > >Ok, thats probably easier if its Ok for the Discovery Impl to export a >package. > >I forgot 1 thing, there will need to be support for creating the >aspects of the request that make it trusted, as well as white listing >it.
I added a suggestion for the API to SLING-3154 - do you see additional properties (to the plain request object) needed to decide if a request can be trusted? > > >> >> Additionally, I wonder if we could also include the possibility of >> encrypting/decrypting the payload that discovery.impl sends around via >>the >> topology connectors? It could be a separate service - eg >> DiscoveryPayloadHandler - and provide methods to encrypt and >> decrypt/verify. > >That would be a larger patch, but would also work. If its going to >cover all bases, does it need to be outside the Discovery impl ? I see it as an optional thing, surely. But was thinking it would be a good idea to make the API also support that case. Cheers, Stefan > >I've started a jira for this [1] > >Best Regards >Ian > >1 https://issues.apache.org/jira/browse/SLING-3154 > > > >> >> Cheers, >> Stefan >> >> On 10/8/13 7:40 PM, "Ian Boston" <[email protected]> wrote: >> >>>Hi, >>>The whitelist configuration in this servlet is causing some problems >>>where the contents of the whitelist is potentially large and changing, >>>since it requires constant re-configuration. >>> >>>Would it be possible to have a API service that is consulted if >>>present to check if the request is allowed. For those that want to use >>>the service they would configure the whitelist to reject everything >>>while the service was not present so avoid startup issues. >>> >>>eg >>> >>>+ @Reference(cardinality=ReferenceCardinality.OPTIONAL_UNARY) >>>+ private WhiteListProvider whiteListProvider; >>> >>> /** Checks if the provided request's remote server is whitelisted >>>**/ >>> >>> private boolean isWhitelisted(final SlingHttpServletRequest >>>request) { >>>+ if (whiteListProvider != null) { >>>+ whiteListProvider.isWhitelisted(request); >>>+ } >>> if (whitelist.contains(request.getRemoteAddr())) { >>> >>> return true; >>> >>> } else if (whitelist.contains(request.getRemoteHost())) { >>> >>> return true; >>> >>> } >>> >>> logger.info("isWhitelisted: rejecting " + >>>request.getRemoteAddr() >>> >>> + ", " + request.getRemoteHost()); >>> >>> return false; >>> >>> } >>> >>> >>>and in the API, presumably discovery api. >>> >>>public interface WhiteListProvider { >>> >>> private boolean isWhitelisted(HttpServletRequest request); >>> >>>} >>> >>> >>>Best Regards >>>Ian >>
