Re: OwbSecurityFilter does not support async

Wed, 10 Jun 2015 10:05:12 -0700 

@Mark: wrong context? Think OWB missed async handling anyway, we can surely
grab what has been done in TomEE like wrapping the request if needed


Romain Manni-Bucau
@rmannibucau <https://twitter.com/rmannibucau> |  Blog
<http://rmannibucau.wordpress.com> | Github <https://github.com/rmannibucau> |
LinkedIn <https://www.linkedin.com/in/rmannibucau> | Tomitriber
<http://www.tomitribe.com>

2015-06-10 9:41 GMT-07:00 Mark Struberg <[email protected]>:

> Hi!
>
> Well, I’m not quite sure why we have this active by default at all. It’s
> defined by the spec, but most people don’t inject the Principals. So it’s
> unused overhead most of the times…
>
> Will need to take a peek at it, cannot remember exactly how this stuff
> works.
> I think we should only register it ‚on demand‘.  Or at least make this
> configurable.
>
> LieGrue,
> strub
>
>
> > Am 10.06.2015 um 18:04 schrieb [email protected]:
> >
> > Dear all,
> >
> > I have a problem with
> org.apache.webbeans.web.tomcat7.TomcatSecurityFilter. It does not support
> async but is configured to filter everything.
> >
> > Its web fragment is :
> >
> > <web-fragment metadata-complete="true" version="3.0"
> >              xmlns="http://java.sun.com/xml/ns/javaee";
> >              xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
> >              xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
> http://java.sun.com/xml/ns/javaee/web-fragment_3_0.xsd";>
> >    <name>OwbTomcat7</name>
> >    <ordering>
> >        <before>others</before>
> >    </ordering>
> >    <filter>
> >        <icon/>
> >        <filter-name>OwbSecurityFilter</filter-name>
> >
> <filter-class>org.apache.webbeans.web.tomcat7.TomcatSecurityFilter</filter-class>
> >    </filter>
> >    <filter-mapping>
> >        <filter-name>OwbSecurityFilter</filter-name>
> >        <url-pattern>*</url-pattern>
> >        <dispatcher>REQUEST</dispatcher>
> >    </filter-mapping>
> > </web-fragment>
> >
> >
> > This annoys me as OwbSecurityFilter always put itself in the chain, even
> when it is not at all cdi related. In my case, I am using Atmosphere for
> WebSockets, and I always get errors because OwbSecurityFilter denies async
> processing.
> >
> > As far as I understand, OwbSecurityFilter does really not support async
> operations.
> >
> > One obvious (but (not so) dirty) solution for me would be to shade
> openwebbeans-tomcat7 and filter only on *.xhtml.
> >
> > Is there a less dirty way to override this configuration ?
> >
> > Thanks in advance,
> >
> > Ludovic
> >
> >
> > |
> > | AVANT D'IMPRIMER, PENSEZ A L'ENVIRONNEMENT.
> > |
> >
>
>

Reply via email to