Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(149)

Issue 6306074: Pass token on listMethods to enable allowUnauthenticated=false

Can't Edit
Can't Publish+Mail
Start Review
Created:
14 years, 1 month ago by btlillie
Modified:
11 years, 9 months ago
Reviewers:
henry.saputra, daviesd, dev, douglasldavies, rbaxter85, Stanton
Base URL:
http://svn.apache.org/repos/asf/shindig/trunk/
Visibility:
Public.

Description

(SHINDIG-1799) On the RPC request for method=system.listMethods, no security token is currently passed. If shindig.allowUnauthenticated=false, then the listMethods request fails and shindig fails to start successfully.

Patch Set 1 #

Patch Set 2 : Updated patch to use Anonymous Security Token #

Patch Set 3 : Switching back to BlobCrypterSecurityToken from AnonymousSecurityToken #

Total comments: 3
Unified diffs Side-by-side diffs Delta from patch set Stats (+46 lines, -14 lines) Patch
java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java View 1 2 1 chunk +1 line, -1 line 0 comments Download
java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java View 1 2 6 chunks +45 lines, -13 lines 3 comments Download

Messages

Total messages: 20
btlillie
14 years, 1 month ago (2012-06-13 12:49:11 UTC) #1
rbaxter85
On 2012/06/13 12:49:11, btlillie wrote: LGTM. Out of curiosity, are there no unit tests for ...
14 years, 1 month ago (2012-06-13 13:40:57 UTC) #2
btlillie
On 2012/06/13 13:40:57, rbaxter85 wrote: > On 2012/06/13 12:49:11, btlillie wrote: > > LGTM. Out ...
14 years, 1 month ago (2012-06-13 14:03:57 UTC) #3
btlillie
Updated patch to use Anonymous Security Token
14 years, 1 month ago (2012-06-13 17:50:16 UTC) #4
Stanton
LGTM
14 years, 1 month ago (2012-06-13 17:53:22 UTC) #5
rbaxter85
On 2012/06/13 17:53:22, Stanton wrote: > LGTM Brian do you have a link to the ...
14 years, 1 month ago (2012-06-13 21:06:59 UTC) #6
henry.saputra
+1
14 years, 1 month ago (2012-06-13 21:16:26 UTC) #7
rbaxter85
On 2012/06/13 21:16:26, henry.saputra wrote: > +1 Committed revision 1350234
14 years, 1 month ago (2012-06-14 13:33:21 UTC) #8
btlillie
Switching back to BlobCrypterSecurityToken from AnonymousSecurityToken
14 years, 1 month ago (2012-06-14 19:11:14 UTC) #9
rbaxter85
On 2012/06/14 19:11:14, btlillie wrote: > Switching back to BlobCrypterSecurityToken from AnonymousSecurityToken LGTM, but then ...
14 years, 1 month ago (2012-06-14 23:12:01 UTC) #10
Stanton
LGTM. As a followup to this review I may look into how we can better ...
14 years, 1 month ago (2012-06-15 02:20:46 UTC) #11
DouglasLDavies
http://codereview.appspot.com/6306074/diff/7002/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java File java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java (right): http://codereview.appspot.com/6306074/diff/7002/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java#newcode154 java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java:154: StringBuilder sb = new StringBuilder( 250 ); So even ...
14 years, 1 month ago (2012-06-15 04:17:43 UTC) #12
DouglasLDavies
http://codereview.appspot.com/6306074/diff/7002/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java File java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java (right): http://codereview.appspot.com/6306074/diff/7002/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java#newcode154 java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java:154: StringBuilder sb = new StringBuilder( 250 ); On 2012/06/15 ...
14 years, 1 month ago (2012-06-15 04:21:06 UTC) #13
rbaxter85
On 2012/06/15 04:21:06, DouglasLDavies wrote: > http://codereview.appspot.com/6306074/diff/7002/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java > File > java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java > (right): > > ...
14 years, 1 month ago (2012-06-15 13:55:59 UTC) #14
DouglasLDavies
Ya, trying it now on shindig trunk. Test are failing for me with org.apache.shindig.auth.SecurityTokenException: Invalid ...
14 years, 1 month ago (2012-06-15 15:23:06 UTC) #15
DouglasLDavies
Ya, trying it now on shindig trunk. Test are failing for me with org.apache.shindig.auth.SecurityTokenException: Invalid ...
14 years, 1 month ago (2012-06-15 15:23:06 UTC) #16
DouglasLDavies
14 years, 1 month ago (2012-06-15 15:23:39 UTC) #17
rbaxter85
On 2012/06/15 15:23:06, DouglasLDavies wrote: > Ya, trying it now on shindig trunk. Test are ...
14 years, 1 month ago (2012-06-15 15:48:16 UTC) #18
daviesd_oclc.org
I am still having issues. I rebuilt everything with secure tokens enabled, but skipped tests ...
14 years, 1 month ago (2012-06-15 16:35:50 UTC) #19
Stanton
14 years, 1 month ago (2012-06-15 22:30:42 UTC) #20
http://codereview.appspot.com/6306074/diff/7002/java/gadgets/src/main/java/or...
File
java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java
(right):

http://codereview.appspot.com/6306074/diff/7002/java/gadgets/src/main/java/or...
java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java:161:
SecurityToken token = new BlobCrypterSecurityToken("default", "*", "0", parms);
Per Doug D's comments on the dev list, you should use the container parameter
instead of "default"
Sign in to reply to this message.

Powered by Google App Engine
RSS Feeds Recent Issues | This issue
This is Rietveld f62528b