11 年之前 · 3f2a76b1e0
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
@@ -203,12 +203,14 @@ public class AmbariServer {
 
				 
			
 
				       //session-per-request strategy for api and agents
			
 
				       root.addFilter(new FilterHolder(injector.getInstance(AmbariPersistFilter.class)), "/api/*", 1);
			
 
				+      root.addFilter(new FilterHolder(injector.getInstance(AmbariPersistFilter.class)), "/proxy/*", 1);
			
 
				       agentroot.addFilter(new FilterHolder(injector.getInstance(AmbariPersistFilter.class)), "/agent/*", 1);
			
 
				 
			
 
				       agentroot.addFilter(SecurityFilter.class, "/*", 1);
			
 
				 
			
 
				       if (configs.getApiAuthentication()) {
			
 
				         root.addFilter(new FilterHolder(springSecurityFilter), "/api/*", 1);
			
 
				+        root.addFilter(new FilterHolder(springSecurityFilter), "/proxy/*", 1);
			
 
				       }
			
 
				 
			
 
				 
			
@@ -272,10 +274,6 @@ public class AmbariServer {
 
				               "org.apache.ambari.server.api");
			
 
				       sh.setInitParameter("com.sun.jersey.api.json.POJOMappingFeature",
			
 
				           "true");
			
 
				-      if (configs.csrfProtectionEnabled()) {
			
 
				-        sh.setInitParameter("com.sun.jersey.spi.container.ContainerRequestFilters",
			
 
				-            "com.sun.jersey.api.container.filter.CsrfProtectionFilter");
			
 
				-      }
			
 
				       root.addServlet(sh, "/api/v1/*");
			
 
				       sh.setInitOrder(2);
			
 
				 
			
@@ -301,6 +299,15 @@ public class AmbariServer {
 
				       agentroot.addServlet(cert, "/*");
			
 
				       cert.setInitOrder(4);
			
 
				 
			
 
				+      ServletHolder proxy = new ServletHolder(ServletContainer.class);
			
 
				+      proxy.setInitParameter("com.sun.jersey.config.property.resourceConfigClass",
			
 
				+                             "com.sun.jersey.api.core.PackagesResourceConfig");
			
 
				+      proxy.setInitParameter("com.sun.jersey.config.property.packages",
			
 
				+                             "org.apache.ambari.server.proxy");
			
 
				+      proxy.setInitParameter("com.sun.jersey.api.json.POJOMappingFeature", "true");
			
 
				+      root.addServlet(proxy, "/proxy/*");
			
 
				+      proxy.setInitOrder(5);
			
 
				+
			
 
				       ServletHolder resources = new ServletHolder(ServletContainer.class);
			
 
				       resources.setInitParameter("com.sun.jersey.config.property.resourceConfigClass",
			
 
				           "com.sun.jersey.api.core.PackagesResourceConfig");
			
@@ -311,6 +318,13 @@ public class AmbariServer {
 
				       root.addServlet(resources, "/resources/*");
			
 
				       resources.setInitOrder(6);
			
 
				 
			
 
				+      if (configs.csrfProtectionEnabled()) {
			
 
				+        sh.setInitParameter("com.sun.jersey.spi.container.ContainerRequestFilters",
			
 
				+                    "com.sun.jersey.api.container.filter.CsrfProtectionFilter");
			
 
				+        proxy.setInitParameter("com.sun.jersey.spi.container.ContainerRequestFilters",
			
 
				+                    "com.sun.jersey.api.container.filter.CsrfProtectionFilter");
			
 
				+      }
			
 
				+
			
 
				       //Set jetty thread pool
			
 
				       serverForAgent.setThreadPool(new QueuedThreadPool(25));
			
 
				       server.setThreadPool(new QueuedThreadPool(25));
			
--- a/ambari-server/src/main/java/org/apache/ambari/server/api/services/ProxyService.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/api/services/ProxyService.java
@@ -16,7 +16,7 @@
 
				  * limitations under the License.
			
 
				  */
			
 
				 
			
 
				-package org.apache.ambari.server.api.services;
			
 
				+package org.apache.ambari.server.proxy;
			
 
				 
			
 
				 import com.google.gson.Gson;
			
 
				 import org.apache.ambari.server.controller.internal.URLStreamProvider;
			
@@ -42,7 +42,7 @@ import java.net.HttpURLConnection;
 
				 import java.util.List;
			
 
				 import java.util.Map;
			
 
				 
			
 
				-@Path("/proxy/")
			
 
				+@Path("/")
			
 
				 public class ProxyService {
			
 
				 
			
 
				   private static final int REPO_URL_CONNECT_TIMEOUT = 3000;
			
--- a/ambari-server/src/test/java/org/apache/ambari/server/api/services/ProxyServiceTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/api/services/ProxyServiceTest.java
@@ -16,13 +16,14 @@
 
				  * limitations under the License.
			
 
				  */
			
 
				 
			
 
				-package org.apache.ambari.server.api.services;
			
 
				+package org.apache.ambari.server.proxy;
			
 
				 
			
 
				 import com.google.gson.Gson;
			
 
				 import com.sun.jersey.core.spi.factory.ResponseBuilderImpl;
			
 
				 import com.sun.jersey.core.spi.factory.ResponseImpl;
			
 
				 import com.sun.jersey.core.util.MultivaluedMapImpl;
			
 
				 
			
 
				+import org.apache.ambari.server.api.services.BaseServiceTest;
			
 
				 import org.apache.ambari.server.controller.internal.URLStreamProvider;
			
 
				 import org.junit.Test;
			
 
				 import org.junit.runner.RunWith;