Uploaded image for project: 'Red Hat Fuse'
  1. Red Hat Fuse
  2. ENTESB-18413

X-HTTP-Method-Override header is not respected in Fuse/CXF application

    XMLWordPrintable

Details

    • Bug
    • Resolution: Not a Bug
    • Major
    • None
    • fuse-7.10-GA
    • CXF
    • None
    • False
    • False
    • % %
    • Todo
    • Hide
      • Obtain and install Fuse 7.10.0 for Karaf
      • Obtain and unpack fuse-karaf-quickstarts-7.10.0
      • In the cxf/rest example, add a @PATCH method like (for example), this 
            @PATCH
    @Path("/customers/")
    @Consumes({ "application/xml", "application/json" })
    @Operation(
               summary = "Foo",
               description = "Foo",
               responses = {
                   @ApiResponse(responseCode = "500", description = "Invalid ID supplied")
               }
           )
    public Response fooCustomer(@Parameter(description = "Foo", required = true) Customer customer) {
        LOG.info("FOOOOOO!!!!!", customer.getName());        return Response.ok().type("application/json").entity(customer).build();
        }

         

      It doesn't have to do anything, just log a distinctive message.

      • Build and deploy on Fuse 7
      • Ensure that the PATCH message can be invoked. For example: 
        curl -X PATCH -T src/test/resources/add_customer.xml -H "Content-Type: application/xml" http://localhost:8181/cxf/crm/customerservice/customers 
      • Verify that the same method can't be invoked using a POST with X-HTTP-Method-Override. Note that the POST method gets invoked instead. 
        curl -X POST -T src/test/resources/add_customer.xml -H "Content-Type: application/xml" -H "X-HTTP-Method-Override: PATCH" http://localhost:8181/cxf/crm/customerservice/customers

         

      Show
      Obtain and install Fuse 7.10.0 for Karaf Obtain and unpack fuse-karaf-quickstarts-7.10.0 In the cxf/rest example, add a @PATCH method like (for example), this    @PATCH     @Path( "/customers/" )     @Consumes({ "application/xml" , "application/json" })     @Operation(                summary = "Foo" ,                description = "Foo" ,                responses = {                    @ApiResponse(responseCode = "500" , description = "Invalid ID supplied" )                }            )     public Response fooCustomer(@Parameter(description = "Foo" , required = true ) Customer customer) {         LOG.info( "FOOOOOO!!!!!" , customer.getName());        return Response.ok().type( "application/json" ).entity(customer).build();         }   It doesn't have to do anything, just log a distinctive message. Build and deploy on Fuse 7 Ensure that the PATCH message can be invoked. For example: curl -X PATCH -T src/test/resources/add_customer.xml -H "Content-Type: application/xml" http: //localhost:8181/cxf/crm/customerservice/customers  Verify that the same method can't be invoked using a POST with X-HTTP-Method-Override. Note that the POST method gets invoked instead. curl -X POST -T src/test/resources/add_customer.xml -H "Content-Type: application/xml" -H "X-HTTP-Method-Override: PATCH" http: //localhost:8181/cxf/crm/customerservice/customers  

    Description

      It ought to be possible to use the X-HTTP-Method-Override mechanism to make Fuse/CXF handle request types that are blocked by the infrastructure. For example, it should be possible for a CXF client of a REST service to issue a PATCH request, even if the installation disallows it at the network level. However, adding the header "X-HTTP-Method-Override: PATCH" to a POST request does not cause the PATCH method to be invoked.

      It appears that this mechanism did work in Fuse 7.6 and earlier.

      Attachments

        Activity

          People

            jondruse@redhat.com Jiri Ondrusek
            rhn-support-kboone Kevin Boone
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: