Component org.nuxeo.ecm.platform.web.common.requestcontroller.service.RequestControllerService
In bundle org.nuxeo.ecm.platform.web.common
Documentation
The Request Controller service provides an extension point to apply specific configuration to httpRequest mapping a defined URL pattern. It's possible to handle synchronization, transaction or cache configuration.
Implementation
Class:
org.nuxeo.ecm.platform.web.common.requestcontroller.service.RequestControllerService
Services
Extension Points
XML Source
<?xml version="1.0"?>
<component name="org.nuxeo.ecm.platform.web.common.requestcontroller.service.RequestControllerService">
<implementation
class="org.nuxeo.ecm.platform.web.common.requestcontroller.service.RequestControllerService" />
<documentation>
The Request Controller service provides an extension point to apply specific configuration
to httpRequest mapping a defined URL pattern. It's possible to handle synchronization, transaction or cache
configuration.
@author Thierry Delprat (td@nuxeo.com)
</documentation>
<service>
<provide
interface="org.nuxeo.ecm.platform.web.common.requestcontroller.service.RequestControllerManager" />
</service>
<extension-point name="filterConfig">
<documentation>
Define a new filterConfig.
-filterConfig
- name: name of the Filter.
- transactional: use transaction.
- synchonize: is synchronized
- cached: if true, add cache-control to header
- cacheTime: cache duration.
- private: if true, cache is private, public if false.
-pattern: url pattern to match
Example of a filterConfig Registration:
<code>
<filterConfig name="filterName" transactional="true" synchonize="true"
cached="true" private="true" cachetime="3600">
<pattern>/nuxeo/urlPattern/.*</pattern>
</filterConfig>
</code>
@author Thierry Delprat (td@nuxeo.com)
</documentation>
<object
class="org.nuxeo.ecm.platform.web.common.requestcontroller.service.FilterConfigDescriptor" />
</extension-point>
<extension-point name="corsConfig">
<documentation>
Add a CORS compliant url's pattern
Mandatory:
- name: name of the config
- pattern: url pattern to match
Optionnal:
- allowGenericHttpRequests: If false, only valid and accepted CORS
requests that be allowed (strict CORS filtering).
- allowOrigin: Whitespace-separated list of origins that the CORS
filter must allow.
- allowSubdomains: If true the CORS filter will allow requests from any
origin which is a subdomain origin of the allowed origins.
- supportedMethods: List of the supported HTTP methods.
- supportedHeaders: The names of the supported author request headers.
- exposedHeaders: List of the response headers other than simple
response headers that the browser should expose to the author of the
cross-domain request through the XMLHttpRequest.getResponseHeader()
method.
- supportsCredentials: Indicates whether user credentials, such as
cookies, HTTP authentication or client-side certificates, are
supported.
- maxAge: Indicates how long the results of a preflight request
can be cached by the web browser, in seconds.
Some samples:
- Minimal contribution:
<code>
<corsConfig name="minimal">
<pattern>/nuxeo/site/.*</pattern>
</corsConfig>
</code>
- Contribution with default values:
<code>
<corsConfig name="defaults" allowGenericHttpRequests="true"
allowOrigin="*" allowSubdomains="false" supportedMethods="GET, POST, HEAD, OPTIONS"
supportedHeaders="*" exposedHeaders=""
supportsCredentials="true" maxAge="-1">
<pattern>/nuxeo/site/.*</pattern>
</corsConfig>
</code>
- Other dummy contribution:
<code>
<corsConfig name="dummy" allowGenericHttpRequests="true"
allowOrigin="http://example.com http://example.com:8080"
allowSubdomains="true" supportedMethods="GET"
supportedHeaders="Content-Type, X-Requested-With"
exposedHeaders="X-Custom-1, X-Custom-2"
supportsCredentials="false" maxAge="3600">
<pattern>/nuxeo/site/.*</pattern>
</corsConfig>
</code>
@since 5.7.2
</documentation>
<object
class="org.nuxeo.ecm.platform.web.common.requestcontroller.service.NuxeoCorsFilterDescriptor" />
</extension-point>
<extension-point name="responseHeaders">
<documentation>
Define headers to apply to the HTTP response.
-header
- name: name of the header.
- enabled: flag to enable/disable a header (default value is true)
Example of a response header Registration:
<code>
<header name="WWW-Authenticate" enabled="true">basic</header>
</code>
@author Thierry Martins (tm@nuxeo.com)
@since 6.0
</documentation>
<object
class="org.nuxeo.ecm.platform.web.common.requestcontroller.service.NuxeoHeaderDescriptor" />
</extension-point>
</component>