Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(348)
Issues Repositories Search
Open Issues | Closed Issues | All Issues | Sign in with your Google Account to create issues and add comments

Issue 6306074: Pass token on listMethods to enable allowUnauthenticated=false

Can't Edit
Can't Publish+Mail
Start Review
Created:
13 years, 2 months ago by btlillie
Modified:
10 years, 10 months ago
Reviewers:
henry.saputra, daviesd, dev, douglasldavies, rbaxter85, Stanton
Base URL:
http://svn.apache.org/repos/asf/shindig/trunk/
Visibility:
Public.

Description

(SHINDIG-1799) On the RPC request for method=system.listMethods, no security token is currently passed. If shindig.allowUnauthenticated=false, then the listMethods request fails and shindig fails to start successfully.

Patch Set 1 #

Patch Set 2 : Updated patch to use Anonymous Security Token #

Patch Set 3 : Switching back to BlobCrypterSecurityToken from AnonymousSecurityToken #

Total comments: 3
Unified diffs Side-by-side diffs Delta from patch set Stats (+46 lines, -14 lines) Patch
java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java View 1 2 1 chunk +1 line, -1 line 0 comments Download
java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java View 1 2 6 chunks +45 lines, -13 lines 3 comments Download

Messages

Total messages: 20
btlillie
13 years, 2 months ago (2012-06-13 12:49:11 UTC) #1
rbaxter85
On 2012/06/13 12:49:11, btlillie wrote: LGTM. Out of curiosity, are there no unit tests for ...
13 years, 2 months ago (2012-06-13 13:40:57 UTC) #2
btlillie
On 2012/06/13 13:40:57, rbaxter85 wrote: > On 2012/06/13 12:49:11, btlillie wrote: > > LGTM. Out ...
13 years, 2 months ago (2012-06-13 14:03:57 UTC) #3
btlillie
Updated patch to use Anonymous Security Token
13 years, 2 months ago (2012-06-13 17:50:16 UTC) #4
Stanton
LGTM
13 years, 2 months ago (2012-06-13 17:53:22 UTC) #5
rbaxter85
On 2012/06/13 17:53:22, Stanton wrote: > LGTM Brian do you have a link to the ...
13 years, 2 months ago (2012-06-13 21:06:59 UTC) #6
henry.saputra
+1
13 years, 2 months ago (2012-06-13 21:16:26 UTC) #7
rbaxter85
On 2012/06/13 21:16:26, henry.saputra wrote: > +1 Committed revision 1350234
13 years, 2 months ago (2012-06-14 13:33:21 UTC) #8
btlillie
Switching back to BlobCrypterSecurityToken from AnonymousSecurityToken
13 years, 2 months ago (2012-06-14 19:11:14 UTC) #9
rbaxter85
On 2012/06/14 19:11:14, btlillie wrote: > Switching back to BlobCrypterSecurityToken from AnonymousSecurityToken LGTM, but then ...
13 years, 2 months ago (2012-06-14 23:12:01 UTC) #10
Stanton
LGTM. As a followup to this review I may look into how we can better ...
13 years, 2 months ago (2012-06-15 02:20:46 UTC) #11
DouglasLDavies
http://codereview.appspot.com/6306074/diff/7002/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java File java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java (right): http://codereview.appspot.com/6306074/diff/7002/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java#newcode154 java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java:154: StringBuilder sb = new StringBuilder( 250 ); So even ...
13 years, 2 months ago (2012-06-15 04:17:43 UTC) #12
DouglasLDavies
http://codereview.appspot.com/6306074/diff/7002/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java File java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java (right): http://codereview.appspot.com/6306074/diff/7002/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java#newcode154 java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java:154: StringBuilder sb = new StringBuilder( 250 ); On 2012/06/15 ...
13 years, 2 months ago (2012-06-15 04:21:06 UTC) #13
rbaxter85
On 2012/06/15 04:21:06, DouglasLDavies wrote: > http://codereview.appspot.com/6306074/diff/7002/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java > File > java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java > (right): > > ...
13 years, 2 months ago (2012-06-15 13:55:59 UTC) #14
DouglasLDavies
Ya, trying it now on shindig trunk. Test are failing for me with org.apache.shindig.auth.SecurityTokenException: Invalid ...
13 years, 2 months ago (2012-06-15 15:23:06 UTC) #15
DouglasLDavies
Ya, trying it now on shindig trunk. Test are failing for me with org.apache.shindig.auth.SecurityTokenException: Invalid ...
13 years, 2 months ago (2012-06-15 15:23:06 UTC) #16
DouglasLDavies
13 years, 2 months ago (2012-06-15 15:23:39 UTC) #17
rbaxter85
On 2012/06/15 15:23:06, DouglasLDavies wrote: > Ya, trying it now on shindig trunk. Test are ...
13 years, 2 months ago (2012-06-15 15:48:16 UTC) #18
daviesd_oclc.org
I am still having issues. I rebuilt everything with secure tokens enabled, but skipped tests ...
13 years, 2 months ago (2012-06-15 16:35:50 UTC) #19
Stanton
13 years, 2 months ago (2012-06-15 22:30:42 UTC) #20 
http://codereview.appspot.com/6306074/diff/7002/java/gadgets/src/main/java/or...
File
java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java
(right):

http://codereview.appspot.com/6306074/diff/7002/java/gadgets/src/main/java/or...
java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java:161:
SecurityToken token = new BlobCrypterSecurityToken("default", "*", "0", parms);
Per Doug D's comments on the dev list, you should use the container parameter
instead of "default"
Sign in to reply to this message.

Powered by Google App Engine
RSS Feeds Recent Issues | This issue
This is Rietveld f62528b