Juan Hernandez has posted comments on this change.
Change subject: [WIP] Add CORS filter
......................................................................
Patch Set 1:
I'd suggest you to check that in your actual installation you have the
following files:
/usr/share/ovirt-engine/modules/common/org/ebaysf/web/cors-filter/main/module.xml
/usr/share/ovirt-engine/modules/common/org/ebaysf/web/cors-filter/main/cors-filter.jar
These are new files, required for the CORS filter.
Also the following file should have been modified, and include a reference to
the new filter:
/usr/share/ovirt-engine/restapi.war/WEB-INF/web.xml
Note that these are the locations for an installation done with the generated
RPMs, it will be different if you are using the development environment, adjust
to your own environment.
Verify that it contains something like this:
<filter>
<filter-name>CORSFilter</filter-name>
<filter-class>org.ebaysf.web.cors.CORSFilter</filter-class>
...
</filter>
<filter-mapping>
<filter-name>CORSFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
If any of these things is missing then there is some problem with your build
process.
Once you have checked that the files are in place you should be able to verify
that the filter is working with the browser (use the developer network console)
or with a simple command like this:
curl \
--verbose \
--insecure \
--request OPTIONS \
--header "Accept: application/xml" \
--header "Origin: http://host.example.com"; \
--header "Access-Control-Request-Method: GET" \
--header "Access-Control-Request-Headers: authorization,content-type" \
"https://yourengine/ovirt-engine/api";
This will trigger the execution of the CORS filter, and the output should look
like this:
+ curl --verbose --insecure --request OPTIONS --header 'Accept:
application/xml' --header 'Origin: http://anotherhost' --header
'Access-Control-Request-Method: GET' --header 'Access-Control-Request-Headers:
authorization,content-type' https://yourhost/ovirt-engine/api
* Hostname was NOT found in DNS cache
* Trying 192.168.122.2...
* Connected to yourhost (192.168.122.2) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* skipping SSL peer certificate verification
* SSL connection using TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* subject: CN=yourhost,O=Example Inc.,C=US
* start date: Jan 01 14:46:28 2015 GMT
* expire date: Dec 07 14:46:28 2019 GMT
* common name: yourhost
* issuer: CN=yourhost.36943,O=Example Inc.,C=US
> OPTIONS /ovirt-engine/api HTTP/1.1
> User-Agent: curl/7.37.0
> Host: yourhost
> Accept: application/xml
> Origin: http://anotherhost
> Access-Control-Request-Method: GET
> Access-Control-Request-Headers: authorization,content-type
>
< HTTP/1.1 200 OK
< Date: Fri, 02 Jan 2015 15:06:11 GMT
* Server Apache/2.4.10 (Fedora) OpenSSL/1.0.1e-fips mod_auth_kerb/5.4 is not
blacklisted
< Server: Apache/2.4.10 (Fedora) OpenSSL/1.0.1e-fips mod_auth_kerb/5.4
< Pragma: No-cache
< Cache-Control: no-cache
< Expires: Thu, 01 Jan 1970 01:00:00 CET
< Access-Control-Allow-Origin: http://anotherhost
< Access-Control-Allow-Credentials: true
< Access-Control-Max-Age: 1800
< Access-Control-Allow-Methods: GET
< Access-Control-Allow-Headers: content-type,authorization
< Content-Length: 0
<
* Connection #0 to host fedora.example.com left intact
Make sure that this simple request is working. Then you can try more elaborate
requests with your Javascript application.
--
To view, visit http://gerrit.ovirt.org/36367
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: I40f9a13105fe99bb6b4035e61b8945efd8315f57
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Juan Hernandez <[email protected]>
Gerrit-Reviewer: Greg Sheremeta <[email protected]>
Gerrit-Reviewer: Jenny Kang <[email protected]>
Gerrit-Reviewer: Juan Hernandez <[email protected]>
Gerrit-Reviewer: [email protected]
Gerrit-Reviewer: oVirt Jenkins CI Server
Gerrit-HasComments: No
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches
