Review Board 1.7.22


Allow ContainerConfig stack to load property values from external resources and update BlobCrypterSecurityTokenCodec to use this new feature.

Review Request #2824 - Created Nov. 14, 2011 and submitted

Jesse Ciancetta
shindig-1660
Reviewers
shindig
shindig
Update the ContainerConfig stack to allow for res://some-resource.txt and file:///some-file.txt style values in container.js and automatically resolve these references during initialization. This allows us to refactor BlobCrypterSecurityTokenCodec to expect to be given the actual encryption key rather than a key or resource pointer as it does currently.

This also opens the door for this functionality to be used for other configuration which we'd like to load from external files (which should be useful for third party implementers).
Updated/added tests.  Ran build, verified unit tests and tested common container.
http://svn.apache.org/repos/asf/shindig/trunk/config/container.js
Diff Revision 1 Diff Revision 2
[20] 41 lines
[+20]
42
// NOTE: Please _don't_ leave trailing commas because the php json parser
42
// NOTE: Please _don't_ leave trailing commas because the php json parser
43
// errors out on this.
43
// errors out on this.
44

    
   
44

   
45
// Container must be an array; this allows multiple containers
45
// Container must be an array; this allows multiple containers
46
// to share configuration.
46
// to share configuration.

    
   
47

   

    
   
48
// Note that you can embed values directly or you can choose to have values read from a file on disk

    
   
49
// or read from the classpath ("foo-key" : "file:///foo-file.txt" || "foo-key" : "res://foo-file.txt")
47
// TODO: Move out accel container config into a separate accel.js file.
50
// TODO: Move out accel container config into a separate accel.js file.
48
{"gadgets.container" : ["default", "accel"],
51
{"gadgets.container" : ["default", "accel"],
49

    
   
52

   
50
// Set of regular expressions to validate the parent parameter. This is
53
// Set of regular expressions to validate the parent parameter. This is
51
// necessary to support situations where you want a single container to support
54
// necessary to support situations where you want a single container to support
[+20] [20] 42 lines
[+20]
94
"gadgets.osDataUri" : "http://%host%${CONTEXT_ROOT}/rpc",
97
"gadgets.osDataUri" : "http://%host%${CONTEXT_ROOT}/rpc",
95

    
   
98

   
96
// Use an insecure security token by default
99
// Use an insecure security token by default
97
"gadgets.securityTokenType" : "insecure",
100
"gadgets.securityTokenType" : "insecure",
98

    
   
101

   
99
// Uncomment the securityTokenType and one of the securityTokenKey's to switch to a secure version
102
// Uncomment the securityTokenType and one of the securityTokenKey's to switch to a secure version.

    
   
103
// Note that you can choose to use an embedded key, a filesystem reference or a classpath reference.

    
   
104
// The best way to generate a key is to do something like this:

    
   
105
// dd if=/dev/random bs=32 count=1 | openssl base64

    
   
106
//
100
//"gadgets.securityTokenType" : "secure",
107
//"gadgets.securityTokenType" : "secure",
101
//"gadgets.securityTokenKey" : "default-insecure-embedded-key",
108
//"gadgets.securityTokenKey" : "default-insecure-embedded-key",
102
//"gadgets.securityTokenKey" : "file:///path/to/key/file.txt",
109
//"gadgets.securityTokenKey" : "file:///path/to/key/file.txt",
103
//"gadgets.securityTokenKey" : "res://some-file-on-the-classpath.txt",
110
//"gadgets.securityTokenKey" : "res://some-file-on-the-classpath.txt",
104

    
   
111

   
[+20] [20] 207 lines
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/config/JsonContainerConfigLoaderTest.java
Diff Revision 1 Diff Revision 2
 
  1. http://svn.apache.org/repos/asf/shindig/trunk/config/container.js: Loading...
  2. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/config/JsonContainerConfigLoaderTest.java: Loading...