/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.atlas.web.filters;
import org.apache.atlas.web.service.ActiveInstanceState;
import org.apache.atlas.web.service.ServiceState;
import org.apache.hadoop.http.HtmlQuoting;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import javax.inject.Inject;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.HttpMethod;
import javax.ws.rs.core.HttpHeaders;
import java.io.IOException;
/**
* A servlet {@link Filter} that redirects web requests from a passive Atlas server instance to an active one.
*
* All requests to an active instance pass through. Requests received by a passive instance are redirected
* by identifying the currently active server. Requests to servers which are in transition are returned with
* an error SERVICE_UNAVAILABLE. Identification of this state is carried out using
* {@link ServiceState} and {@link ActiveInstanceState}.
*/
@Component
public class ActiveServerFilter implements Filter {
private static final Logger LOG = LoggerFactory.getLogger(ActiveServerFilter.class);
private final ActiveInstanceState activeInstanceState;
private ServiceState serviceState;
@Inject
public ActiveServerFilter(ActiveInstanceState activeInstanceState, ServiceState serviceState) {
this.activeInstanceState = activeInstanceState;
this.serviceState = serviceState;
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
LOG.info("ActiveServerFilter initialized");
}
/**
* Determines if this Atlas server instance is passive and redirects to active if so.
*
* @param servletRequest Request object from which the URL and other parameters are determined.
* @param servletResponse Response object to handle the redirect.
* @param filterChain Chain to pass through requests if the instance is Active.
* @throws IOException
* @throws ServletException
*/
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
FilterChain filterChain) throws IOException, ServletException {
if (isFilteredURI(servletRequest)) {
LOG.debug("Is a filtered URI: {}. Passing request downstream.",
((HttpServletRequest)servletRequest).getRequestURI());
filterChain.doFilter(servletRequest, servletResponse);
} else if (isInstanceActive()) {
LOG.debug("Active. Passing request downstream");
filterChain.doFilter(servletRequest, servletResponse);
} else if (serviceState.isInstanceInTransition()) {
HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
LOG.error("Instance in transition. Service may not be ready to return a result");
httpServletResponse.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE);
} else {
HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
String activeServerAddress = activeInstanceState.getActiveServerAddress();
if (activeServerAddress == null) {
LOG.error("Could not retrieve active server address as it is null. Cannot redirect request {}",
((HttpServletRequest)servletRequest).getRequestURI());
httpServletResponse.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE);
} else {
handleRedirect((HttpServletRequest) servletRequest, httpServletResponse, activeServerAddress);
}
}
}
private boolean isFilteredURI(ServletRequest servletRequest) {
HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
String requestURI = httpServletRequest.getRequestURI();
return requestURI.contains("/admin/");
}
boolean isInstanceActive() {
return serviceState.getState() == ServiceState.ServiceStateValue.ACTIVE;
}
private void handleRedirect(HttpServletRequest servletRequest, HttpServletResponse httpServletResponse,
String activeServerAddress) throws IOException {
String requestURI = servletRequest.getRequestURI();
String queryString = servletRequest.getQueryString();
if ((queryString != null) && (!queryString.isEmpty())) {
requestURI += "?" + queryString;
}
String quotedUri = HtmlQuoting.quoteHtmlChars(requestURI);
if (quotedUri == null) {
quotedUri = "/";
}
String redirectLocation = activeServerAddress + quotedUri;
LOG.info("Not active. Redirecting to {}", redirectLocation);
// A POST/PUT/DELETE require special handling by sending HTTP 307 instead of the regular 301/302.
// Reference: http://stackoverflow.com/questions/2068418/whats-the-difference-between-a-302-and-a-307-redirect
if (isUnsafeHttpMethod(servletRequest)) {
httpServletResponse.setHeader(HttpHeaders.LOCATION, redirectLocation);
httpServletResponse.setStatus(HttpServletResponse.SC_TEMPORARY_REDIRECT);
} else {
httpServletResponse.sendRedirect(redirectLocation);
}
}
private boolean isUnsafeHttpMethod(HttpServletRequest httpServletRequest) {
String method = httpServletRequest.getMethod();
return (method.equals(HttpMethod.POST)) ||
(method.equals(HttpMethod.PUT)) ||
(method.equals(HttpMethod.DELETE));
}
@Override
public void destroy() {
}
}
