Context Navigation

source: main/trunk/greenstone3/src/java/org/greenstone/gsdl3/LibraryServlet.java@ 28972

Last change on this file since 28972 was 28972, checked in by kjdon, 10 years ago
removing this.converter and this.doc - just create a new document when we need one, and all XMLConverter methods are now static so don't need this.converter
Property svn:keywords set to `Author Date Id Revision`
File size: 38.4 KB

Line
1	package org.greenstone.gsdl3;
2
3	import java.io.File;
4	import java.io.IOException;
5	import java.io.PrintWriter;
6	import java.io.Serializable;
7	import java.lang.reflect.Type;
8	import java.util.ArrayList;
9	import java.util.Enumeration;
10	import java.util.HashMap;
11	import java.util.Hashtable;
12	import java.util.Iterator;
13	import java.util.List;
14	import java.util.Map;
15
16	import javax.servlet.ServletConfig;
17	import javax.servlet.ServletException;
18	import javax.servlet.http.Cookie;
19	import javax.servlet.http.HttpServletRequest;
20	import javax.servlet.http.HttpServletResponse;
21	import javax.servlet.http.HttpSession;
22	import javax.servlet.http.HttpSessionBindingEvent;
23	import javax.servlet.http.HttpSessionBindingListener;
24
25	import org.apache.commons.fileupload.FileItem;
26	import org.apache.commons.fileupload.disk.DiskFileItemFactory;
27	import org.apache.commons.fileupload.servlet.ServletFileUpload;
28	import org.apache.commons.lang3.StringUtils;
29	import org.apache.log4j.Logger;
30	import org.greenstone.gsdl3.action.PageAction;
31	import org.greenstone.gsdl3.comms.Communicator;
32	import org.greenstone.gsdl3.comms.SOAPCommunicator;
33	import org.greenstone.gsdl3.core.DefaultReceptionist;
34	import org.greenstone.gsdl3.core.MessageRouter;
35	import org.greenstone.gsdl3.core.Receptionist;
36	import org.greenstone.gsdl3.service.Authentication;
37	import org.greenstone.gsdl3.util.GSConstants;
38	import org.greenstone.gsdl3.util.GSParams;
39	import org.greenstone.gsdl3.util.GSXML;
40	import org.greenstone.gsdl3.util.UserContext;
41	import org.greenstone.gsdl3.util.XMLConverter;
42	import org.greenstone.util.GlobalProperties;
43	import org.json.JSONObject;
44	import org.w3c.dom.Document;
45	import org.w3c.dom.Element;
46	import org.w3c.dom.Node;
47	import org.w3c.dom.NodeList;
48
49	import com.google.gson.Gson;
50	import com.google.gson.reflect.TypeToken;
51
52	/**
53	* a servlet to serve the greenstone library - we are using servlets instead of
54	* cgi the init method is called only once - the first time the servlet classes
55	* are loaded. Each time a request comes in to the servlet, the session() method
56	* is called in a new thread (calls doGet/doPut etc) takes the a=p&p=home type
57	* args and builds a simple request to send to its receptionist, which returns a
58	* result in html, cos output=html is set in the request
59	*
60	* 18/Jul/07 xiao modify to make the cached parameters collection-specific. Most
61	* of the work is done in doGet(), except adding an inner class
62	* UserSessionCache.
63	*
64	* @see Receptionist
65	*/
66	public class LibraryServlet extends BaseGreenstoneServlet
67	{
68	/** the receptionist to send messages to */
69	protected Receptionist recept = null;
70
71	/**
72	* the default language - is specified by setting a servlet param, otherwise
73	* DEFAULT_LANG is used
74	*/
75	protected String default_lang = null;
76
77	/** We record the library name for later */
78	protected String library_name = null;
79	/** Whether or not client-side XSLT support should be exposed */
80	protected boolean supports_client_xslt = false;
81
82	/**
83	* The default default - used if a default lang is not specified in the
84	* servlet params
85	*/
86	protected final String DEFAULT_LANG = "en";
87
88	/**
89	* the cgi stuff - the Receptionist can add new args to this
90	*
91	* its used by the servlet to determine what args to save
92	*/
93	protected GSParams params = null;
94
95	/**
96	* user id - new one per session. This doesn't work if session state is
97	* saved between restarts - this requires this value to be saved too.
98	*/
99	protected int next_user_id = 0;
100
101	/**
102	* a hash that contains all the active session IDs mapped to the cached
103	* items It is updated whenever the whole site or a particular collection is
104	* reconfigured using the command a=s&sa=c or a=s&sa=c&c=xxx It is in the
105	* form: sid -> (UserSessionCache object)
106	*/
107	protected Hashtable<String, UserSessionCache> session_ids_table = new Hashtable<String, UserSessionCache>();
108
109	/**
110	* the maximum interval that the cached info remains in session_ids_table
111	* (in seconds) This is set in web.xml
112	*/
113	protected int session_expiration = 1800;
114
115	static Logger logger = Logger.getLogger(org.greenstone.gsdl3.LibraryServlet.class.getName());
116
117	/** initialise the servlet */
118	public void init(ServletConfig config) throws ServletException
119	{
120	// always call super.init;
121	super.init(config);
122	// disable preferences - does this work anyway??
123	//System.setProperty("java.util.prefs.PreferencesFactory", "org.greenstone.gsdl3.util.DisabledPreferencesFactory");
124
125	library_name = config.getInitParameter(GSConstants.LIBRARY_NAME);
126	String interface_name = config.getInitParameter(GSConstants.INTERFACE_NAME);
127
128	String allowXslt = (String) config.getInitParameter(GSConstants.ALLOW_CLIENT_SIDE_XSLT);
129	supports_client_xslt = allowXslt != null && allowXslt.equals("true");
130
131	this.default_lang = config.getInitParameter(GSConstants.DEFAULT_LANG);
132	String sess_expire = config.getInitParameter(GSXML.SESSION_EXPIRATION);
133
134	if (sess_expire != null && !sess_expire.equals(""))
135	{
136	this.session_expiration = Integer.parseInt(sess_expire);
137	}
138
139	if (library_name == null \|\| interface_name == null)
140	{
141	// must have this
142	System.err.println("initialisation parameters not all set!");
143	System.err.println(" you must have libraryname and interfacename");
144	System.exit(1);
145	}
146
147	String site_name = config.getInitParameter(GSConstants.SITE_NAME);
148	String remote_site_name = null;
149	String remote_site_type = null;
150	String remote_site_address = null;
151
152	if (site_name == null)
153	{
154	// no site, try for communicator
155	remote_site_name = config.getInitParameter("remote_site_name");
156	remote_site_type = config.getInitParameter("remote_site_type");
157	remote_site_address = config.getInitParameter("remote_site_address");
158	if (remote_site_name == null \|\| remote_site_type == null \|\| remote_site_address == null)
159	{
160	System.err.println("initialisation paramters not all set!");
161	System.err.println("if site_name is not set, then you must have remote_site_name, remote_site_type and remote_site_address set");
162	System.exit(1);
163	}
164	}
165
166	if (this.default_lang == null)
167	{
168	// choose english
169	this.default_lang = DEFAULT_LANG;
170	}
171
172	HashMap<String, Object> config_params = new HashMap<String, Object>();
173
174	config_params.put(GSConstants.LIBRARY_NAME, library_name);
175	config_params.put(GSConstants.INTERFACE_NAME, interface_name);
176	config_params.put(GSConstants.ALLOW_CLIENT_SIDE_XSLT, supports_client_xslt);
177
178	if (site_name != null)
179	{
180	config_params.put(GSConstants.SITE_NAME, site_name);
181	}
182	//this.converter = new XMLConverter();
183	//this.doc = XMLConverter.newDOM();
184
185	// the receptionist -the servlet will talk to this
186	String recept_name = (String) config.getInitParameter("receptionist_class");
187	if (recept_name == null)
188	{
189	this.recept = new DefaultReceptionist();
190	}
191	else
192	{
193	try
194	{
195	this.recept = (Receptionist) Class.forName("org.greenstone.gsdl3.core." + recept_name).newInstance();
196	}
197	catch (Exception e)
198	{ // cant use this new one, so use normal one
199	System.err.println("LibraryServlet configure exception when trying to use a new Receptionist " + recept_name + ": " + e.getMessage());
200	e.printStackTrace();
201	this.recept = new DefaultReceptionist();
202	}
203	}
204	this.recept.setConfigParams(config_params);
205
206	// the receptionist uses a MessageRouter or Communicator to send its requests to. We either create a MessageRouter here for the designated site (if site_name set), or we create a Communicator for a remote site. The is given to teh Receptionist, and the servlet never talks to it again.directly.
207	if (site_name != null)
208	{
209	String mr_name = (String) config.getInitParameter("messagerouter_class");
210	MessageRouter message_router = null;
211	if (mr_name == null)
212	{ // just use the normal MR
213	message_router = new MessageRouter();
214	}
215	else
216	{ // try the specified one
217	try
218	{
219	message_router = (MessageRouter) Class.forName("org.greenstone.gsdl3.core." + mr_name).newInstance();
220	}
221	catch (Exception e)
222	{ // cant use this new one, so use normal one
223	System.err.println("LibraryServlet configure exception when trying to use a new MessageRouter " + mr_name + ": " + e.getMessage());
224	e.printStackTrace();
225	message_router = new MessageRouter();
226	}
227	}
228
229	message_router.setSiteName(site_name);
230	message_router.setLibraryName(library_name);
231	message_router.configure();
232	this.recept.setMessageRouter(message_router);
233	}
234	else
235	{
236	// talking to a remote site, create a communicator
237	Communicator communicator = null;
238	// we need to create the XML to configure the communicator
239	Document doc = XMLConverter.newDOM();
240	Element site_elem = doc.createElement(GSXML.SITE_ELEM);
241	site_elem.setAttribute(GSXML.TYPE_ATT, remote_site_type);
242	site_elem.setAttribute(GSXML.NAME_ATT, remote_site_name);
243	site_elem.setAttribute(GSXML.ADDRESS_ATT, remote_site_address);
244
245	if (remote_site_type.equals(GSXML.COMM_TYPE_SOAP_JAVA))
246	{
247	communicator = new SOAPCommunicator();
248	}
249	else
250	{
251	System.err.println("LibraryServlet.init Error: invalid Communicator type: " + remote_site_type);
252	System.exit(1);
253	}
254
255	if (!communicator.configure(site_elem))
256	{
257	System.err.println("LibraryServlet.init Error: Couldn't configure communicator");
258	System.exit(1);
259	}
260	this.recept.setMessageRouter(communicator);
261	}
262
263	// the params arg thingy
264
265	String params_name = (String) config.getInitParameter("params_class");
266	if (params_name == null)
267	{
268	this.params = new GSParams();
269	}
270	else
271	{
272	try
273	{
274	this.params = (GSParams) Class.forName("org.greenstone.gsdl3.util." + params_name).newInstance();
275	}
276	catch (Exception e)
277	{
278	System.err.println("LibraryServlet configure exception when trying to use a new params thing " + params_name + ": " + e.getMessage());
279	e.printStackTrace();
280	this.params = new GSParams();
281	}
282	}
283	// pass it to the receptionist
284	this.recept.setParams(this.params);
285	this.recept.configure();
286
287	//Allow the message router and the document to be accessed from anywhere in this servlet context
288	this.getServletContext().setAttribute("GSRouter", this.recept.getMessageRouter());
289	//this.getServletContext().setAttribute("GSDocument", this.doc);
290	}
291
292	private void logUsageInfo(HttpServletRequest request)
293	{
294	String usageInfo = "";
295
296	//session-info: get params stored in the session
297	HttpSession session = request.getSession(true);
298	Enumeration attributeNames = session.getAttributeNames();
299	while (attributeNames.hasMoreElements())
300	{
301	String name = (String) attributeNames.nextElement();
302	usageInfo += name + "=" + session.getAttribute(name) + " ";
303	}
304
305	//logged info = general-info + session-info
306	usageInfo = request.getServletPath() + " " + //serlvet
307	"[" + request.getQueryString() + "]" + " " + //the query string
308	"[" + usageInfo.trim() + "]" + " " + // params stored in a session
309	request.getRemoteAddr() + " " + //remote address
310	request.getRequestedSessionId() + " " + //session id
311	request.getHeader("user-agent") + " "; //the remote brower info
312
313	logger.info(usageInfo);
314
315	}
316
317	public class UserSessionCache implements HttpSessionBindingListener
318	{
319	String session_id = "";
320
321	/**
322	* a hash that maps the session ID to a hashtable that maps the
323	* coll_name to its parameters coll_name -> Hashtable (param_name ->
324	* param_value)
325	*/
326	protected Hashtable<String, Hashtable<String, String>> coll_name_params_table = null;
327
328	public UserSessionCache(String id, Hashtable<String, Hashtable<String, String>> table)
329	{
330	session_id = id;
331	coll_name_params_table = (table == null) ? new Hashtable() : table;
332	}
333
334	protected void cleanupCache(String coll_name)
335	{
336	if (coll_name_params_table.containsKey(coll_name))
337	{
338	coll_name_params_table.remove(coll_name);
339	}
340	}
341
342	protected Hashtable<String, Hashtable<String, String>> getParamsTable()
343	{
344	return coll_name_params_table;
345	}
346
347	public void valueBound(HttpSessionBindingEvent event)
348	{
349	// Do nothing
350	}
351
352	public void valueUnbound(HttpSessionBindingEvent event)
353	{
354	if (session_ids_table.containsKey(session_id))
355	{
356	session_ids_table.remove(session_id);
357	}
358	}
359
360	public int tableSize()
361	{
362	return (coll_name_params_table == null) ? 0 : coll_name_params_table.size();
363	}
364	}
365
366	public void destroy()
367	{
368	recept.cleanUp();
369	}
370
371	public void doGetOrPost(HttpServletRequest request, HttpServletResponse response, Map<String, String[]> queryMap) throws ServletException, IOException
372	{
373	logUsageInfo(request);
374
375	if (queryMap != null)
376	{
377	Iterator<String> queryIter = queryMap.keySet().iterator();
378	boolean redirect = false;
379	String href = null;
380	String rl = null;
381	String el = null;
382
383	while (queryIter.hasNext())
384	{
385	String q = queryIter.next();
386	if (q.equals(GSParams.EXTERNAL_LINK_TYPE))
387	{
388	el = queryMap.get(q)[0];
389	}
390	else if (q.equals(GSParams.HREF))
391	{
392	href = queryMap.get(q)[0];
393	href = StringUtils.replace(href, "%2f", "/");
394	href = StringUtils.replace(href, "%7e", "~");
395	href = StringUtils.replace(href, "%3f", "?");
396	href = StringUtils.replace(href, "%3A", "\\:");
397	}
398	else if (q.equals(GSParams.RELATIVE_LINK))
399	{
400	rl = queryMap.get(q)[0];
401	}
402	}
403
404	//if query_string contains "el=direct", an href is specified, and its not a relative link, then the web page will be redirected to the external URl, otherwise a greenstone page with an external URL will be displayed
405	//"rl=0" this is an external link
406	//"rl=1" this is an internal link
407	if ((href != null) && (rl.equals("0")))
408	{// This is an external link,
409
410	if (el.equals("framed"))
411	{
412	//TODO **** how best to change to a=p&sa=html&c=collection&url=href
413	// response.setContentType("text/xml");
414	//response.sendRedirect("http://localhost:8383/greenstone3/gs3library?a=p&sa=html&c=external&url="+href);
415	}
416	else
417	{
418	// el = '' or direct
419	//the web page is re-directed to the external URL (&el=&rl=0&href="http://...")
420	response.setContentType("text/xml");
421	response.sendRedirect(href);
422	}
423	}
424	}
425
426	// Nested Diagnostic Configurator to identify the client for
427	HttpSession session = request.getSession(true);
428	session.setMaxInactiveInterval(session_expiration);
429	String uid = (String) session.getAttribute(GSXML.USER_ID_ATT);
430	if (uid == null)
431	{
432	uid = "" + getNextUserId();
433	session.setAttribute(GSXML.USER_ID_ATT, uid);
434	}
435
436	request.setCharacterEncoding("UTF-8");
437	response.setContentType("text/html;charset=UTF-8");
438	PrintWriter out = response.getWriter();
439
440	String lang = getFirstParam(GSParams.LANGUAGE, queryMap);
441	if (lang == null \|\| lang.equals(""))
442	{
443	// try the session cached lang
444	lang = (String) session.getAttribute(GSParams.LANGUAGE);
445	if (lang == null \|\| lang.equals(""))
446	{
447	// still not set, use the default
448	lang = this.default_lang;
449	}
450	}
451	UserContext userContext = new UserContext();
452	userContext.setLanguage(lang);
453	userContext.setUserID(uid);
454
455	if (request.getAuthType() != null)
456	{
457	//Get the username
458	userContext.setUsername(request.getUserPrincipal().getName());
459
460	//Get the groups for the user
461	Document msg_doc = XMLConverter.newDOM();
462	Element acquireGroupMessage = msg_doc.createElement(GSXML.MESSAGE_ELEM);
463	Element acquireGroupRequest = GSXML.createBasicRequest(msg_doc, GSXML.REQUEST_TYPE_PROCESS, "GetUserInformation", userContext);
464	acquireGroupMessage.appendChild(acquireGroupRequest);
465
466	Element paramList = msg_doc.createElement(GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
467	acquireGroupRequest.appendChild(paramList);
468	paramList.appendChild(GSXML.createParameter(msg_doc, GSXML.USERNAME_ATT, request.getUserPrincipal().getName()));
469
470	Element aquireGroupsResponseMessage = (Element) this.recept.process(acquireGroupMessage);
471	Element aquireGroupsResponse = (Element) GSXML.getChildByTagName(aquireGroupsResponseMessage, GSXML.RESPONSE_ELEM);
472	Element param_list = (Element) GSXML.getChildByTagName(aquireGroupsResponse, GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
473
474	if (param_list != null)
475	{
476	HashMap<String, Serializable> params = GSXML.extractParams(param_list, false);
477	String groups = (String) params.get("groups");
478	userContext.setGroups(groups.split(","));
479	}
480	}
481
482	// set the lang in the session
483	session.setAttribute(GSParams.LANGUAGE, lang);
484
485	String output = getFirstParam(GSParams.OUTPUT, queryMap);
486	if (output == null \|\| output.equals(""))
487	{
488	output = "html"; // uses html by default
489	}
490
491	// If server output, force a switch to traditional interface
492	//output = (output.equals("server")) ? "html" : output;
493
494	// Force change the output mode if client-side XSLT is supported - server vs. client
495	// BUT only if the library allows client-side transforms
496	if (supports_client_xslt)
497	{
498	// MUST be done before the xml_message is built
499	Cookie[] cookies = request.getCookies();
500	Cookie xsltCookie = null;
501
502	// The client has cookies enabled and a value set - use it!
503	if (cookies != null)
504	{
505	for (Cookie c : cookies)
506	{
507	if (c.getName().equals("supportsXSLT"))
508	{
509	xsltCookie = c;
510	break;
511	}
512	}
513	output = (xsltCookie != null && xsltCookie.getValue().equals("true") && output.equals("html")) ? "xsltclient" : output;
514	}
515	}
516
517	// the request to the receptionist
518	Document msg_doc = XMLConverter.newDOM();
519	Element xml_message = msg_doc.createElement(GSXML.MESSAGE_ELEM);
520	Element xml_request = GSXML.createBasicRequest(msg_doc, GSXML.REQUEST_TYPE_PAGE, "", userContext);
521	xml_request.setAttribute(GSXML.OUTPUT_ATT, output);
522
523	xml_message.appendChild(xml_request);
524
525	String action = getFirstParam(GSParams.ACTION, queryMap);
526	String subaction = getFirstParam(GSParams.SUBACTION, queryMap);
527	String collection = getFirstParam(GSParams.COLLECTION, queryMap);
528	String document = getFirstParam(GSParams.DOCUMENT, queryMap);
529	String service = getFirstParam(GSParams.SERVICE, queryMap);
530
531	// We clean up the cache session_ids_table if system
532	// commands are issued (and also don't need to do caching for this request)
533	boolean should_cache = true;
534	if (action != null && action.equals(GSParams.SYSTEM_ACTION))
535	{
536	should_cache = false;
537
538	// we may want to remove all collection cache info, or just a specific collection
539	boolean clean_all = true;
540	String clean_collection = null;
541	// system commands are to activate/deactivate stuff
542	// collection param is in the sc parameter.
543	// don't like the fact that it is hard coded here
544	String coll = getFirstParam(GSParams.SYSTEM_CLUSTER, queryMap);
545	if (coll != null && !coll.equals(""))
546	{
547	clean_all = false;
548	clean_collection = coll;
549	}
550	else
551	{
552	// check other system types
553	if (subaction.equals("a") \|\| subaction.equals("d"))
554	{
555	String module_name = getFirstParam("sn", queryMap);
556	if (module_name != null && !module_name.equals(""))
557	{
558	clean_all = false;
559	clean_collection = module_name;
560	}
561	}
562	}
563	if (clean_all)
564	{
565	session_ids_table = new Hashtable<String, UserSessionCache>();
566	session.removeAttribute(GSXML.USER_SESSION_CACHE_ATT);
567	}
568	else
569	{
570	// just clean up info for clean_collection
571	ArrayList<UserSessionCache> cache_list = new ArrayList<UserSessionCache>(session_ids_table.values());
572	for (int i = 0; i < cache_list.size(); i++)
573	{
574	UserSessionCache cache = cache_list.get(i);
575	cache.cleanupCache(clean_collection);
576	}
577
578	}
579	}
580
581	// cache_key is the collection name, or service name
582	String cache_key = collection;
583	if (cache_key == null \|\| cache_key.equals(""))
584	{
585	cache_key = service;
586	}
587
588	// logger.info("should_cache= " + should_cache);
589
590	//clear the collection-specific cache in the session, since we have no way to know whether this session is
591	//about the same collection as the last session or not.
592	Enumeration attributeNames = session.getAttributeNames();
593	while (attributeNames.hasMoreElements())
594	{
595	String name = (String) attributeNames.nextElement();
596	if (!name.equals(GSXML.USER_SESSION_CACHE_ATT) && !name.equals(GSParams.LANGUAGE) && !name.equals(GSXML.USER_ID_ATT))
597	{
598	session.removeAttribute(name);
599	}
600	}
601
602	UserSessionCache session_cache = null;
603	Hashtable<String, Hashtable<String, String>> param_table = null;
604	Hashtable<String, String> table = null;
605	String sid = session.getId();
606	if (should_cache == true && cache_key != null && !cache_key.equals(""))
607	{
608	if (session_ids_table.containsKey(sid))
609	{
610	session_cache = session_ids_table.get(sid);
611	param_table = session_cache.getParamsTable();
612	logger.info("collections in table: " + tableToString(param_table));
613	if (param_table.containsKey(cache_key))
614	{
615	//logger.info("existing table: " + collection);
616	table = param_table.get(cache_key);
617	}
618	else
619	{
620	table = new Hashtable<String, String>();
621	param_table.put(cache_key, table);
622	//logger.info("new table: " + collection);
623	}
624	}
625	else
626	{
627	param_table = new Hashtable<String, Hashtable<String, String>>();
628	table = new Hashtable<String, String>();
629	param_table.put(cache_key, table);
630	session_cache = new UserSessionCache(sid, param_table);
631	session_ids_table.put(sid, session_cache);
632	session.setAttribute(GSXML.USER_SESSION_CACHE_ATT, session_cache);
633	//logger.info("new session id");
634	}
635	}
636
637	if (action == null \|\| action.equals(""))
638	{
639	// should we do all the following stuff if using default page?
640	// display the home page - the default page
641	xml_request.setAttribute(GSXML.ACTION_ATT, "p");
642	xml_request.setAttribute(GSXML.SUBACTION_ATT, PageAction.HOME_PAGE);
643	}
644	else
645	{
646	xml_request.setAttribute(GSXML.ACTION_ATT, action);
647	if (subaction != null)
648	{
649	xml_request.setAttribute(GSXML.SUBACTION_ATT, subaction);
650	}
651
652	// create the param list for the greenstone request - includes
653	// the params from the current request and any others from the saved session
654	Element xml_param_list = msg_doc.createElement(GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
655	xml_request.appendChild(xml_param_list);
656
657	for (String name : queryMap.keySet())
658	{
659	if (!name.equals(GSParams.ACTION) && !name.equals(GSParams.SUBACTION) && !name.equals(GSParams.LANGUAGE) && !name.equals(GSParams.OUTPUT))
660	{// we have already dealt with these
661
662	String value = "";
663	String[] values = queryMap.get(name);
664	value = values[0];
665	if (values.length > 1)
666	{
667	for (int i = 1; i < values.length; i++)
668	{
669	value += "," + values[i];
670	}
671	}
672	// either add it to the param list straight away, or save it to the session and add it later
673	if (this.params.shouldSave(name) && table != null)
674	{
675	table.put(name, value);
676	}
677	else
678	{
679	Element param = msg_doc.createElement(GSXML.PARAM_ELEM);
680	param.setAttribute(GSXML.NAME_ATT, name);
681	param.setAttribute(GSXML.VALUE_ATT, GSXML.xmlSafe(value));
682	xml_param_list.appendChild(param);
683	}
684	}
685	}
686	//put everything in the table into the session
687	// do we need to do this? why not just put from table into param list
688	if (table != null)
689	{
690	Enumeration<String> keys = table.keys();
691	while (keys.hasMoreElements())
692	{
693	String name = keys.nextElement();
694	session.setAttribute(name, table.get(name));
695	}
696	}
697
698	// put in all the params from the session cache
699	Enumeration params = session.getAttributeNames();
700	while (params.hasMoreElements())
701	{
702	String name = (String) params.nextElement();
703
704	if (!name.equals(GSXML.USER_SESSION_CACHE_ATT) && !name.equals(GSParams.LANGUAGE) && !name.equals(GSXML.USER_ID_ATT))
705	{
706
707	// lang and uid are stored but we dont want it in the param list cos its already in the request
708	Element param = msg_doc.createElement(GSXML.PARAM_ELEM);
709	param.setAttribute(GSXML.NAME_ATT, name);
710	String value = GSXML.xmlSafe((String) session.getAttribute(name));
711
712	// ugly hack to undo : escaping
713	value = StringUtils.replace(value, "%3A", "\\:");
714	param.setAttribute(GSXML.VALUE_ATT, value);
715	xml_param_list.appendChild(param);
716	}
717	}
718	}
719
720	if (output.equals("json"))
721	{
722	response.setContentType("application/json");
723	}
724	else if (!output.equals("html") && !output.equals("server") && !output.equals("xsltclient"))
725	{
726	response.setContentType("text/xml"); // for now use text
727	}
728
729	//Add custom HTTP headers if requested
730	String httpHeadersParam = getFirstParam(GSParams.HTTP_HEADER_FIELDS, queryMap);
731	if (httpHeadersParam != null && httpHeadersParam.length() > 0)
732	{
733	Gson gson = new Gson();
734	Type type = new TypeToken<List<Map<String, String>>>()
735	{
736	}.getType();
737	List<Map<String, String>> httpHeaders = gson.fromJson(httpHeadersParam, type);
738	if (httpHeaders != null && httpHeaders.size() > 0)
739	{
740
741	for (int j = 0; j < httpHeaders.size(); j++)
742	{
743	Map nameValueMap = httpHeaders.get(j);
744	String name = (String) nameValueMap.get("name");
745	String value = (String) nameValueMap.get("value");
746
747	if (name != null && value != null)
748	{
749	response.setHeader(name, value);
750	}
751	}
752	}
753	}
754
755	String requestedURL = request.getRequestURL().toString();
756	String baseURL = "";
757	if (requestedURL.indexOf(library_name) != -1)
758	{
759	baseURL = requestedURL.substring(0, requestedURL.indexOf(library_name));
760	xml_request.setAttribute("baseURL", baseURL);
761	}
762	String fullURL;
763	if (request.getQueryString() != null)
764	{
765	fullURL = requestedURL + "?" + request.getQueryString();
766	}
767	else
768	{
769	fullURL = requestedURL;
770	}
771
772	xml_request.setAttribute("remoteAddress", request.getRemoteAddr());
773	xml_request.setAttribute("fullURL", fullURL.replace("&", "&"));
774
775	if (!runSecurityChecks(request, xml_request, userContext, out, baseURL, collection, document, queryMap))
776	{
777	return;
778	}
779
780	Node xml_result = this.recept.process(xml_message);
781	encodeURLs(xml_result, response);
782
783	String xml_string = XMLConverter.getPrettyString(xml_result);
784
785	if (output.equals("json"))
786	{
787	try
788	{
789	JSONObject json_obj = org.json.XML.toJSONObject(xml_string);
790
791	out.println(json_obj.toString());
792	}
793	catch (Exception e)
794	{
795	e.printStackTrace();
796	out.println("Error: failed to convert output XML to JSON format");
797	}
798	}
799	else
800	{
801	out.println(xml_string);
802	}
803
804	displaySize(session_ids_table);
805	}
806
807	public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
808	{
809	doGetOrPost(request, response, request.getParameterMap());
810	} //end of doGet(HttpServletRequest, HttpServletResponse)
811
812	private boolean runSecurityChecks(HttpServletRequest request, Element xml_request, UserContext userContext, PrintWriter out, String baseURL, String collection, String document, Map<String, String[]> queryMap) throws ServletException
813	{
814	//Check if we need to login or logout
815	String username = getFirstParam("username", queryMap);
816	String password = getFirstParam("password", queryMap);
817	String logout = getFirstParam("logout", queryMap);
818
819	if (logout != null)
820	{
821	request.logout();
822	}
823
824	if (username != null && password != null)
825	{
826	//We are changing to another user, so log out first
827	if (request.getAuthType() != null)
828	{
829	request.logout();
830	}
831
832	//This try/catch block catches when the login request fails (e.g. The user enters an incorrect password).
833	try
834	{
835	//Try a global login first
836	password = Authentication.hashPassword(password);
837	request.login(username, password);
838	}
839	catch (Exception ex)
840	{
841	try
842	{
843	//If the global login fails then try a site-level login
844	String siteName = (String) this.recept.getConfigParams().get(GSConstants.SITE_NAME);
845	request.login(siteName + "-" + username, password);
846	}
847	catch (Exception exc)
848	{
849	//The user entered in either the wrong username or the wrong password
850	Document loginPageDoc = XMLConverter.newDOM();
851	Element loginPageMessage = loginPageDoc.createElement(GSXML.MESSAGE_ELEM);
852	Element loginPageRequest = GSXML.createBasicRequest(loginPageDoc, GSXML.REQUEST_TYPE_PAGE, "", userContext);
853	loginPageRequest.setAttribute(GSXML.ACTION_ATT, "p");
854	loginPageRequest.setAttribute(GSXML.SUBACTION_ATT, "login");
855	loginPageRequest.setAttribute(GSXML.OUTPUT_ATT, "html");
856	loginPageRequest.setAttribute(GSXML.BASE_URL, baseURL);
857	loginPageMessage.appendChild(loginPageRequest);
858
859	Element paramList = loginPageDoc.createElement(GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
860	loginPageRequest.appendChild(paramList);
861
862	Element messageParam = loginPageDoc.createElement(GSXML.PARAM_ELEM);
863	messageParam.setAttribute(GSXML.NAME_ATT, "loginMessage");
864	messageParam.setAttribute(GSXML.VALUE_ATT, "Either your username or password was incorrect, please try again.");
865	paramList.appendChild(messageParam);
866
867	Element urlParam = loginPageDoc.createElement(GSXML.PARAM_ELEM);
868	urlParam.setAttribute(GSXML.NAME_ATT, "redirectURL");
869	String queryString = "";
870	if (request.getQueryString() != null)
871	{
872	queryString = "?" + request.getQueryString().replace("&", "&");
873	}
874	urlParam.setAttribute(GSXML.VALUE_ATT, library_name + queryString);
875	paramList.appendChild(urlParam);
876
877	Node loginPageResponse = this.recept.process(loginPageMessage);
878	out.println(XMLConverter.getPrettyString(loginPageResponse));
879
880	return false;
881	}
882	}
883	}
884
885	//If a user is logged in
886	if (request.getAuthType() != null)
887	{
888	Element userInformation = xml_request.getOwnerDocument().createElement(GSXML.USER_INFORMATION_ELEM);
889	userInformation.setAttribute(GSXML.USERNAME_ATT, request.getUserPrincipal().getName());
890
891	Document msg_doc = XMLConverter.newDOM();
892	Element userInfoMessage = msg_doc.createElement(GSXML.MESSAGE_ELEM);
893	Element userInfoRequest = GSXML.createBasicRequest(msg_doc, GSXML.REQUEST_TYPE_SECURITY, "GetUserInformation", userContext);
894	userInfoMessage.appendChild(userInfoRequest);
895
896	Element paramList = msg_doc.createElement(GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
897	userInfoRequest.appendChild(paramList);
898
899	Element param = msg_doc.createElement(GSXML.PARAM_ELEM);
900	param.setAttribute(GSXML.NAME_ATT, GSXML.USERNAME_ATT);
901	param.setAttribute(GSXML.VALUE_ATT, request.getUserPrincipal().getName());
902	paramList.appendChild(param);
903
904	Element userInformationResponse = (Element) GSXML.getChildByTagName(this.recept.process(userInfoMessage), GSXML.RESPONSE_ELEM);
905	Element responseParamList = (Element) GSXML.getChildByTagName(userInformationResponse, GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
906	if (responseParamList == null)
907	{
908	logger.error("Can't get the groups for user " + request.getUserPrincipal().getName());
909	}
910	else
911	{
912	HashMap<String, Serializable> responseParams = GSXML.extractParams(responseParamList, true);
913	String groups = (String) responseParams.get(GSXML.GROUPS_ATT);
914	String editEnabled = (String) responseParams.get("editEnabled");
915
916	userInformation.setAttribute(GSXML.GROUPS_ATT, groups);
917	userInformation.setAttribute("editEnabled", (editEnabled != null) ? editEnabled : "false");
918	xml_request.appendChild(userInformation);
919	}
920	}
921
922	//If we are in a collection-related page then make sure this user is allowed to access it
923	if (collection != null && !collection.equals(""))
924	{
925	//Get the security info for this collection
926	Document msg_doc = XMLConverter.newDOM();
927	Element securityMessage = msg_doc.createElement(GSXML.MESSAGE_ELEM);
928	Element securityRequest = GSXML.createBasicRequest(msg_doc, GSXML.REQUEST_TYPE_SECURITY, collection, userContext);
929	securityMessage.appendChild(securityRequest);
930	if (document != null && !document.equals(""))
931	{
932	securityRequest.setAttribute(GSXML.NODE_OID, document);
933	}
934
935	Element securityResponse = (Element) GSXML.getChildByTagName(this.recept.process(securityMessage), GSXML.RESPONSE_ELEM);
936	if (securityResponse == null)
937	{
938	return false;
939	}
940
941	ArrayList<String> groups = GSXML.getGroupsFromSecurityResponse(securityResponse);
942
943	//If guests are not allowed to access this page then check to see if the user is in a group that is allowed to access the page
944	if (!groups.contains(""))
945	{
946	boolean found = false;
947	for (String group : groups)
948	{
949	if (request.isUserInRole(group))
950	{
951	found = true;
952	break;
953	}
954	}
955
956	//The current user is not allowed to access the page so produce a login page
957	if (!found)
958	{
959	Document loginPageDoc = XMLConverter.newDOM();
960	Element loginPageMessage = loginPageDoc.createElement(GSXML.MESSAGE_ELEM);
961	Element loginPageRequest = GSXML.createBasicRequest(loginPageDoc, GSXML.REQUEST_TYPE_PAGE, "", userContext);
962	loginPageRequest.setAttribute(GSXML.ACTION_ATT, "p");
963	loginPageRequest.setAttribute(GSXML.SUBACTION_ATT, "login");
964	loginPageRequest.setAttribute(GSXML.OUTPUT_ATT, "html");
965	loginPageRequest.setAttribute(GSXML.BASE_URL, baseURL);
966	loginPageMessage.appendChild(loginPageRequest);
967
968	Element paramList = loginPageDoc.createElement(GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
969	loginPageRequest.appendChild(paramList);
970
971	Element messageParam = loginPageDoc.createElement(GSXML.PARAM_ELEM);
972	messageParam.setAttribute(GSXML.NAME_ATT, "loginMessage");
973	if (request.getAuthType() == null)
974	{
975	messageParam.setAttribute(GSXML.VALUE_ATT, "Please log in to view this page");
976	}
977	else
978	{
979	messageParam.setAttribute(GSXML.VALUE_ATT, "You are not in the correct group to view this page, would you like to log in as a different user?");
980	}
981	paramList.appendChild(messageParam);
982
983	Element urlParam = loginPageDoc.createElement(GSXML.PARAM_ELEM);
984	urlParam.setAttribute(GSXML.NAME_ATT, "redirectURL");
985	if (request.getQueryString() != null && request.getQueryString().length() > 0)
986	{
987	urlParam.setAttribute(GSXML.VALUE_ATT, request.getRequestURL() + "?" + request.getQueryString().replace("&", "&"));
988	}
989	else
990	{
991	urlParam.setAttribute(GSXML.VALUE_ATT, request.getRequestURL().toString());
992	}
993	paramList.appendChild(urlParam);
994
995	Node loginPageResponse = this.recept.process(loginPageMessage);
996	out.println(XMLConverter.getPrettyString(loginPageResponse));
997
998	return false;
999	}
1000	}
1001	}
1002	return true;
1003	}
1004
1005	//a debugging method
1006	private void displaySize(Hashtable<String, UserSessionCache> table)
1007	{
1008	if (table == null)
1009	{
1010	logger.info("cached table is null");
1011	return;
1012	}
1013	if (table.size() == 0)
1014	{
1015	logger.info("cached table size is zero");
1016	return;
1017	}
1018	int num_cached_coll = 0;
1019	ArrayList<UserSessionCache> cache_list = new ArrayList<UserSessionCache>(table.values());
1020	for (int i = 0; i < cache_list.size(); i++)
1021	{
1022	num_cached_coll += cache_list.get(i).tableSize();
1023	}
1024	logger.info("Number of sessions : total number of cached collection info = " + table.size() + " : " + num_cached_coll);
1025	}
1026
1027	/** merely a debugging method! */
1028	private String tableToString(Hashtable<String, Hashtable<String, String>> table)
1029	{
1030	String str = "";
1031	Enumeration<String> keys = table.keys();
1032	while (keys.hasMoreElements())
1033	{
1034	String name = keys.nextElement();
1035	str += name + ", ";
1036	}
1037	return str;
1038	}
1039
1040	/**
1041	* this goes through each URL and adds in a session id if needed-- its
1042	* needed if the browser doesn't accept cookies also escapes things if
1043	* needed
1044	*/
1045	protected void encodeURLs(Node dataNode, HttpServletResponse response)
1046	{
1047	if (dataNode == null)
1048	{
1049	return;
1050	}
1051
1052	Element data = null;
1053
1054	short nodeType = dataNode.getNodeType();
1055	if (nodeType == Node.DOCUMENT_NODE)
1056	{
1057	Document docNode = (Document) dataNode;
1058	data = docNode.getDocumentElement();
1059	}
1060	else
1061	{
1062	data = (Element) dataNode;
1063	}
1064
1065	if (data != null)
1066	{
1067
1068	// get all the <a> elements
1069	NodeList hrefs = data.getElementsByTagName("a");
1070	// Instead of calculating each iteration...
1071	int hrefscount = hrefs.getLength();
1072
1073	for (int i = 0; hrefs != null && i < hrefscount; i++)
1074	{
1075	Element a = (Element) hrefs.item(i);
1076	// ugly hack to get rid of : in the args - interferes with session handling
1077	String href = a.getAttribute("href");
1078	if (!href.equals(""))
1079	{
1080	if (href.indexOf("?") != -1)
1081	{
1082	String[] parts = StringUtils.split(href, "\\?", -1);
1083	if (parts.length == 1)
1084	{
1085	parts[0] = StringUtils.replace(parts[0], ":", "%3A");
1086	href = "?" + parts[0];
1087	}
1088	else
1089	{
1090	parts[1] = StringUtils.replace(parts[1], ":", "%3A");
1091	href = parts[0] + "?" + parts[1];
1092	}
1093
1094	}
1095	a.setAttribute("href", response.encodeURL(href));
1096	}
1097	}
1098
1099	// now find any submit bits - get all the <form> elements
1100	NodeList forms = data.getElementsByTagName("form");
1101	int formscount = forms.getLength();
1102	for (int i = 0; forms != null && i < formscount; i++)
1103	{
1104	Element form = (Element) forms.item(i);
1105	form.setAttribute("action", response.encodeURL(form.getAttribute("action")));
1106	}
1107	// are these the only cases where URLs occur??
1108	// we should only do this for greenstone urls?
1109	}
1110
1111	}
1112
1113	protected String getFirstParam(String name, Map<String, String[]> map)
1114	{
1115	String[] val = map.get(name);
1116	if (val == null \|\| val.length == 0)
1117	{
1118	return null;
1119	}
1120
1121	return val[0];
1122	}
1123
1124	synchronized protected int getNextUserId()
1125	{
1126	next_user_id++;
1127	return next_user_id;
1128	}
1129
1130	public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
1131	{
1132	//Check if we need to process a file upload
1133	if (ServletFileUpload.isMultipartContent(request))
1134	{
1135	DiskFileItemFactory fileItemFactory = new DiskFileItemFactory();
1136
1137	int sizeLimit = System.getProperties().containsKey("servlet.upload.filesize.limit") ? Integer.parseInt(System.getProperty("servlet.upload.filesize.limit")) : 100 * 1024 * 1024;
1138
1139	File tempDir = new File(GlobalProperties.getGSDL3Home() + File.separator + "tmp");
1140	if (!tempDir.exists())
1141	{
1142	tempDir.mkdirs();
1143	}
1144
1145	//We want all files to be stored on disk (hence the 0)
1146	fileItemFactory.setSizeThreshold(0);
1147	fileItemFactory.setRepository(tempDir);
1148
1149	ServletFileUpload uploadHandler = new ServletFileUpload(fileItemFactory);
1150	uploadHandler.setFileSizeMax(sizeLimit);
1151
1152	HashMap<String, String[]> queryMap = new HashMap<String, String[]>();
1153	try
1154	{
1155	List items = uploadHandler.parseRequest(request);
1156	Iterator iter = items.iterator();
1157	while (iter.hasNext())
1158	{
1159	FileItem current = (FileItem) iter.next();
1160	if (current.isFormField())
1161	{
1162	queryMap.put(current.getFieldName(), new String[] { current.getString() });
1163	}
1164	else if (current.getName() != null && !current.getName().equals(""))
1165	{
1166	File file = new File(tempDir, current.getName());
1167	current.write(file);
1168
1169	queryMap.put("md___ex.Filesize", new String[] { "" + file.length() });
1170	queryMap.put("md___ex.Filename", new String[] { "" + current.getName() });
1171	}
1172	}
1173	}
1174	catch (Exception e)
1175	{
1176	e.printStackTrace();
1177	}
1178
1179	doGetOrPost(request, response, queryMap);
1180	}
1181	else
1182	{
1183	doGetOrPost(request, response, request.getParameterMap());
1184	}
1185	}
1186	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: