Changeset 33993

Show
Ignore:
Timestamp:
02.03.2020 14:10:20 (4 weeks ago)
Author:
kjdon
Message:

when downloading a pdf, browsers seem to make more than one request - getting parts at a time??. New Chrome versions then get stuck and can't load the whole file, as the second request gets redirected to the verify page. Have set usertimer (5secs) for all verified sessions, so that subsequent requests for the same doc will go through without needing additional verification

Files:
1 modified

Legend:

Unmodified
Added
Removed
  • main/trunk/greenstone3/src/java/org/greenstone/gsdl3/core/URLFilter.java

    r33619 r33993  
    9292  // accepted already 
    9393  protected Hashtable<String, UserTimer> verifiedUserMap = null; 
    94   protected static final int verifiedUserTimeout = 24 * 60 * 60 * 1000;  
     94    // timeouts are in millisecs 
     95  protected static final int verifiedUserTimeout = 24 * 60 * 60 * 1000; 
     96    protected static final int tempUserTimeout = 5 * 1000; 
    9597   
    9698  public void init(FilterConfig filterConfig) throws ServletException 
    9799  { 
    98100    this._filterConfig = filterConfig; 
     101    this.verifiedUserMap = new Hashtable<String, UserTimer>(); 
    99102  } 
    100103 
     
    420423 
    421424 
    422   private void securityCheckAssocFiles(String url, HttpServletRequest request, ServletResponse response) throws IOException, ServletException { 
    423     HttpSession session = request.getSession(); 
    424     String session_id = session.getId(); 
    425     ServletContext context = session.getServletContext(); 
    426  
     425    private void securityCheckAssocFiles(String url, HttpServletRequest request, ServletResponse response) throws IOException, ServletException { 
     426    HttpSession session = request.getSession(); 
     427    String session_id = session.getId(); 
     428    ServletContext context = session.getServletContext(); 
     429    logger.info("securityCheck, session id = "+session_id+", url = "+url); 
    427430        // now we need to get library name from the path, which is like 
    428431    // /greenstone3/library/sites/localsite/collect/collname/index/assoc/... 
     
    495498    } 
    496499     
    497     //Query the MR for the security info for this document - can we show it? Or do we need to be logged in? 
    498     // Or do we need to throw up the verify page? 
     500    //Query the MR for the security info for this document 
     501    // - can we show the document? 
     502    // - Or do we need to be logged in? 
     503    // - Or do we need to throw up the verify page? 
    499504     
    500505    // While we are doing this, query the document for its srclinkFile metadata - then we can determine if the 
     
    560565          } 
    561566      } 
     567 
    562568    // if got here have no groups that we need to belong to 
    563569    // do we have human verify thing? 
     
    570576      String hmvf_response = request.getParameter(GSParams.VERIFIED); 
    571577      if (hmvf_response != null && hmvf_response.equals("0")) { 
    572         // manually force the t&c (user has added hmvf=0 to url) 
    573       } else if (verify.equals("once")) { 
    574         // lets check whether they have done it already 
    575  
    576         if (verifiedUserMap == null) { 
    577           // we haven't done this at all, set up the map 
    578           verifiedUserMap = new Hashtable<String, UserTimer>(); 
    579         } else { 
    580           // check this map 
    581           if (verifiedUserMap.containsKey(session_id)) { 
    582         already_verified = true; 
    583           } 
    584         } 
    585       } 
    586        
     578          // manually force the t&c (user has added hmvf=0 to url) 
     579          // whether we have previously verified or not 
     580      } else if (verifiedUserMap.containsKey(session_id)) { 
     581          already_verified = true; 
     582      } 
     583 
    587584      if (!already_verified) { 
    588585          // have we just  done the test? 
     
    602599            String new_url = context.getContextPath()+"/"+ library_name+"?a=p&sa=error&c="+collection+"&ec=recap_fail";              
    603600            ((HttpServletResponse)response).sendRedirect(new_url); 
    604              
    605601            return; 
    606602          } 
     
    610606        } 
    611607        already_verified = true; 
     608        // set up a timer for this verification - standard 24hour if 
     609        // verify==once, 5 sec otherwise (browsers seem to be trying to 
     610        // download prfs twice. Chrome gets stuck if the second time 
     611        // doesn't get verified) 
     612        int delay; 
    612613        if (verify.equals("once")) { 
    613           // store the fact that user has verified 
    614           UserTimer timer = new UserTimer(verifiedUserTimeout, session_id); 
    615           verifiedUserMap.put(session_id, timer); 
    616           timer.start(); 
     614            delay = verifiedUserTimeout; 
     615        } else { 
     616            delay = tempUserTimeout; 
    617617        } 
     618        UserTimer timer = new UserTimer(delay, session_id); 
     619        verifiedUserMap.put(session_id, timer); 
     620        timer.start(); 
     621         
     622           
    618623          } // hmvf = 1 
    619624      } 
     
    623628        // or we have been asked to force the T&C 
    624629        // we need to display the verify page 
     630          logger.info("displaying verify page for url " + url); 
    625631        String new_url = context.getContextPath()+"/"+ library_name+"?a=p&sa=verify&c="+collection+"&url="+url;              
    626632        ((HttpServletResponse)response).sendRedirect(new_url); 
     
    630636    }// end if verifiable file  
    631637     
    632              
     638    logger.info("have passed security checks");      
    633639    // if we got here, we have passed all security checks and just want to view the file. 
    634640    // However, we need to remove the library_name from the URL. As can't change the 
     
    639645    url = url.replaceFirst(context.getContextPath(), ""); 
    640646    url = url.replaceFirst("/"+library_name, ""); 
     647    logger.info("forwarding to url "+url); 
    641648    request.getRequestDispatcher(url).forward(request, response); 
    642649 
     
    691698  { 
    692699    String id = ""; 
    693      
     700 
     701      /* delay in milliseconds */ 
    694702    public UserTimer(int delay, String id) 
    695703    {