[3309] | 1 | package org.greenstone.gsdl3;
|
---|
| 2 |
|
---|
[27617] | 3 | import java.io.File;
|
---|
[25717] | 4 | import java.io.IOException;
|
---|
| 5 | import java.io.PrintWriter;
|
---|
| 6 | import java.io.Serializable;
|
---|
| 7 | import java.lang.reflect.Type;
|
---|
| 8 | import java.util.ArrayList;
|
---|
| 9 | import java.util.Enumeration;
|
---|
| 10 | import java.util.HashMap;
|
---|
| 11 | import java.util.Hashtable;
|
---|
| 12 | import java.util.Iterator;
|
---|
| 13 | import java.util.List;
|
---|
| 14 | import java.util.Map;
|
---|
| 15 |
|
---|
| 16 | import javax.servlet.ServletConfig;
|
---|
| 17 | import javax.servlet.ServletException;
|
---|
| 18 | import javax.servlet.http.Cookie;
|
---|
| 19 | import javax.servlet.http.HttpServletRequest;
|
---|
| 20 | import javax.servlet.http.HttpServletResponse;
|
---|
| 21 | import javax.servlet.http.HttpSession;
|
---|
| 22 | import javax.servlet.http.HttpSessionBindingEvent;
|
---|
| 23 | import javax.servlet.http.HttpSessionBindingListener;
|
---|
| 24 |
|
---|
[27617] | 25 | import org.apache.commons.fileupload.FileItem;
|
---|
| 26 | import org.apache.commons.fileupload.disk.DiskFileItemFactory;
|
---|
| 27 | import org.apache.commons.fileupload.servlet.ServletFileUpload;
|
---|
[25717] | 28 | import org.apache.commons.lang3.StringUtils;
|
---|
| 29 | import org.apache.log4j.Logger;
|
---|
| 30 | import org.greenstone.gsdl3.action.PageAction;
|
---|
| 31 | import org.greenstone.gsdl3.comms.Communicator;
|
---|
| 32 | import org.greenstone.gsdl3.comms.SOAPCommunicator;
|
---|
| 33 | import org.greenstone.gsdl3.core.DefaultReceptionist;
|
---|
| 34 | import org.greenstone.gsdl3.core.MessageRouter;
|
---|
| 35 | import org.greenstone.gsdl3.core.Receptionist;
|
---|
[25257] | 36 | import org.greenstone.gsdl3.service.Authentication;
|
---|
[25717] | 37 | import org.greenstone.gsdl3.util.GSConstants;
|
---|
| 38 | import org.greenstone.gsdl3.util.GSParams;
|
---|
| 39 | import org.greenstone.gsdl3.util.GSXML;
|
---|
| 40 | import org.greenstone.gsdl3.util.UserContext;
|
---|
| 41 | import org.greenstone.gsdl3.util.XMLConverter;
|
---|
[27617] | 42 | import org.greenstone.util.GlobalProperties;
|
---|
[27073] | 43 | import org.json.JSONObject;
|
---|
[3652] | 44 | import org.w3c.dom.Document;
|
---|
| 45 | import org.w3c.dom.Element;
|
---|
[16374] | 46 | import org.w3c.dom.Node;
|
---|
[4259] | 47 | import org.w3c.dom.NodeList;
|
---|
[25635] | 48 |
|
---|
[24052] | 49 | import com.google.gson.Gson;
|
---|
| 50 | import com.google.gson.reflect.TypeToken;
|
---|
| 51 |
|
---|
[24753] | 52 | /**
|
---|
| 53 | * a servlet to serve the greenstone library - we are using servlets instead of
|
---|
| 54 | * cgi the init method is called only once - the first time the servlet classes
|
---|
| 55 | * are loaded. Each time a request comes in to the servlet, the session() method
|
---|
| 56 | * is called in a new thread (calls doGet/doPut etc) takes the a=p&p=home type
|
---|
| 57 | * args and builds a simple request to send to its receptionist, which returns a
|
---|
| 58 | * result in html, cos output=html is set in the request
|
---|
| 59 | *
|
---|
| 60 | * 18/Jul/07 xiao modify to make the cached parameters collection-specific. Most
|
---|
| 61 | * of the work is done in doGet(), except adding an inner class
|
---|
| 62 | * UserSessionCache.
|
---|
| 63 | *
|
---|
| 64 | * @see Receptionist
|
---|
| 65 | */
|
---|
[25717] | 66 | public class LibraryServlet extends BaseGreenstoneServlet
|
---|
[24753] | 67 | {
|
---|
[24019] | 68 | /** the receptionist to send messages to */
|
---|
[24753] | 69 | protected Receptionist recept = null;
|
---|
[18223] | 70 |
|
---|
[24753] | 71 | /**
|
---|
| 72 | * the default language - is specified by setting a servlet param, otherwise
|
---|
| 73 | * DEFAULT_LANG is used
|
---|
| 74 | */
|
---|
| 75 | protected String default_lang = null;
|
---|
[18223] | 76 |
|
---|
[28295] | 77 | /** We record the library name for later */
|
---|
| 78 | protected String library_name = null;
|
---|
[24019] | 79 | /** Whether or not client-side XSLT support should be exposed */
|
---|
| 80 | protected boolean supports_client_xslt = false;
|
---|
[18223] | 81 |
|
---|
[24753] | 82 | /**
|
---|
| 83 | * The default default - used if a default lang is not specified in the
|
---|
| 84 | * servlet params
|
---|
| 85 | */
|
---|
[24019] | 86 | protected final String DEFAULT_LANG = "en";
|
---|
[18223] | 87 |
|
---|
[24753] | 88 | /**
|
---|
| 89 | * the cgi stuff - the Receptionist can add new args to this
|
---|
| 90 | *
|
---|
| 91 | * its used by the servlet to determine what args to save
|
---|
| 92 | */
|
---|
[24019] | 93 | protected GSParams params = null;
|
---|
[12021] | 94 |
|
---|
[24753] | 95 | /**
|
---|
| 96 | * user id - new one per session. This doesn't work if session state is
|
---|
| 97 | * saved between restarts - this requires this value to be saved too.
|
---|
| 98 | */
|
---|
[24019] | 99 | protected int next_user_id = 0;
|
---|
[18223] | 100 |
|
---|
[24753] | 101 | /**
|
---|
| 102 | * a hash that contains all the active session IDs mapped to the cached
|
---|
| 103 | * items It is updated whenever the whole site or a particular collection is
|
---|
| 104 | * reconfigured using the command a=s&sa=c or a=s&sa=c&c=xxx It is in the
|
---|
| 105 | * form: sid -> (UserSessionCache object)
|
---|
| 106 | */
|
---|
[25635] | 107 | protected Hashtable<String, UserSessionCache> session_ids_table = new Hashtable<String, UserSessionCache>();
|
---|
[25128] | 108 |
|
---|
[24753] | 109 | /**
|
---|
| 110 | * the maximum interval that the cached info remains in session_ids_table
|
---|
| 111 | * (in seconds) This is set in web.xml
|
---|
| 112 | */
|
---|
[24019] | 113 | protected int session_expiration = 1800;
|
---|
[13122] | 114 |
|
---|
[24019] | 115 | static Logger logger = Logger.getLogger(org.greenstone.gsdl3.LibraryServlet.class.getName());
|
---|
[18223] | 116 |
|
---|
[24753] | 117 | /** initialise the servlet */
|
---|
| 118 | public void init(ServletConfig config) throws ServletException
|
---|
| 119 | {
|
---|
[24019] | 120 | // always call super.init;
|
---|
| 121 | super.init(config);
|
---|
| 122 | // disable preferences - does this work anyway??
|
---|
| 123 | //System.setProperty("java.util.prefs.PreferencesFactory", "org.greenstone.gsdl3.util.DisabledPreferencesFactory");
|
---|
[24753] | 124 |
|
---|
[32327] | 125 | // Look through all the init params
|
---|
| 126 | // these are the ones we are expecting
|
---|
| 127 | String interface_name = null;
|
---|
| 128 | String useXslt = null;
|
---|
| 129 | String sess_expire = null;
|
---|
| 130 | String site_name = null;
|
---|
| 131 | String recept_name = null;
|
---|
[24753] | 132 |
|
---|
[32327] | 133 | // may have these instead of site_name
|
---|
| 134 | String remote_site_name = null;
|
---|
| 135 | String remote_site_type = null;
|
---|
| 136 | String remote_site_address = null;
|
---|
[24753] | 137 |
|
---|
[32327] | 138 | // the stored config params
|
---|
| 139 | HashMap<String, Object> config_params = new HashMap<String, Object>();
|
---|
| 140 | Enumeration<String> params = config.getInitParameterNames();
|
---|
| 141 | while (params.hasMoreElements()) {
|
---|
| 142 | String name = params.nextElement();
|
---|
| 143 | String value = config.getInitParameter(name);
|
---|
| 144 | switch(name) {
|
---|
| 145 | case GSConstants.LIBRARY_NAME: library_name = value;
|
---|
| 146 | break;
|
---|
| 147 | case GSConstants.INTERFACE_NAME: interface_name = value;
|
---|
| 148 | break;
|
---|
| 149 | case GSConstants.USE_CLIENT_SIDE_XSLT: useXslt = value;
|
---|
| 150 | break;
|
---|
| 151 | case GSConstants.DEFAULT_LANG: this.default_lang = value;
|
---|
| 152 | break;
|
---|
| 153 | case GSXML.SESSION_EXPIRATION: sess_expire = value;
|
---|
| 154 | break;
|
---|
| 155 | case GSConstants.SITE_NAME: site_name = value;
|
---|
| 156 | break;
|
---|
| 157 | case GSConstants.REMOTE_SITE_NAME: remote_site_name = value;
|
---|
| 158 | break;
|
---|
| 159 | case GSConstants.REMOTE_SITE_TYPE: remote_site_type = value;
|
---|
| 160 | break;
|
---|
| 161 | case GSConstants.REMOTE_SITE_ADDRESS: remote_site_address = value;
|
---|
| 162 | break;
|
---|
| 163 | case GSConstants.RECEPTIONIST_CLASS: recept_name = value;
|
---|
| 164 | break;
|
---|
| 165 | // default - just add to config params
|
---|
| 166 | default: config_params.put(name, value);
|
---|
| 167 | break;
|
---|
| 168 | }
|
---|
| 169 | }
|
---|
[24753] | 170 |
|
---|
[32327] | 171 | if (library_name == null || interface_name == null) {
|
---|
| 172 |
|
---|
| 173 | // must have these
|
---|
| 174 | System.err.println("initialisation parameters not all set!");
|
---|
| 175 | System.err.println(" you must have libraryname and interfacename");
|
---|
| 176 | System.exit(1);
|
---|
[24019] | 177 | }
|
---|
[24753] | 178 |
|
---|
[32327] | 179 | // If we don't have a site, then we must be using a Communicator, and all the remote params must be set
|
---|
| 180 | if (site_name == null && (remote_site_name == null || remote_site_type == null || remote_site_address == null)) {
|
---|
| 181 |
|
---|
| 182 | System.err.println("initialisation paramters not all set!");
|
---|
| 183 | System.err.println("if site_name is not set, then you must have remote_site_name, remote_site_type and remote_site_address set");
|
---|
| 184 | System.exit(1);
|
---|
[24019] | 185 | }
|
---|
[32327] | 186 |
|
---|
| 187 | supports_client_xslt = useXslt != null && useXslt.equals("true");
|
---|
| 188 | if (sess_expire != null && !sess_expire.equals(""))
|
---|
[24753] | 189 | {
|
---|
[32327] | 190 | this.session_expiration = Integer.parseInt(sess_expire);
|
---|
[24019] | 191 | }
|
---|
[24753] | 192 | if (this.default_lang == null)
|
---|
| 193 | {
|
---|
[24019] | 194 | // choose english
|
---|
| 195 | this.default_lang = DEFAULT_LANG;
|
---|
| 196 | }
|
---|
[24753] | 197 |
|
---|
[24019] | 198 | config_params.put(GSConstants.LIBRARY_NAME, library_name);
|
---|
[24753] | 199 | config_params.put(GSConstants.INTERFACE_NAME, interface_name);
|
---|
[30477] | 200 | config_params.put(GSConstants.USE_CLIENT_SIDE_XSLT, supports_client_xslt);
|
---|
[24753] | 201 |
|
---|
| 202 | if (site_name != null)
|
---|
| 203 | {
|
---|
[24019] | 204 | config_params.put(GSConstants.SITE_NAME, site_name);
|
---|
| 205 | }
|
---|
[24753] | 206 |
|
---|
[24019] | 207 | // the receptionist -the servlet will talk to this
|
---|
[24753] | 208 | if (recept_name == null)
|
---|
| 209 | {
|
---|
[24019] | 210 | this.recept = new DefaultReceptionist();
|
---|
[24753] | 211 | }
|
---|
| 212 | else
|
---|
| 213 | {
|
---|
| 214 | try
|
---|
| 215 | {
|
---|
| 216 | this.recept = (Receptionist) Class.forName("org.greenstone.gsdl3.core." + recept_name).newInstance();
|
---|
| 217 | }
|
---|
| 218 | catch (Exception e)
|
---|
| 219 | { // cant use this new one, so use normal one
|
---|
| 220 | System.err.println("LibraryServlet configure exception when trying to use a new Receptionist " + recept_name + ": " + e.getMessage());
|
---|
[24019] | 221 | e.printStackTrace();
|
---|
| 222 | this.recept = new DefaultReceptionist();
|
---|
| 223 | }
|
---|
| 224 | }
|
---|
| 225 | this.recept.setConfigParams(config_params);
|
---|
[24753] | 226 |
|
---|
[32327] | 227 | // the receptionist uses a MessageRouter or Communicator to send its requests to. We either create a MessageRouter here for the designated site (if site_name set), or we create a Communicator for a remote site. The is given to the Receptionist, and the servlet never talks to it again directly.
|
---|
[24753] | 228 | if (site_name != null)
|
---|
| 229 | {
|
---|
| 230 | String mr_name = (String) config.getInitParameter("messagerouter_class");
|
---|
[24019] | 231 | MessageRouter message_router = null;
|
---|
[24753] | 232 | if (mr_name == null)
|
---|
| 233 | { // just use the normal MR
|
---|
[24019] | 234 | message_router = new MessageRouter();
|
---|
[24753] | 235 | }
|
---|
| 236 | else
|
---|
| 237 | { // try the specified one
|
---|
| 238 | try
|
---|
| 239 | {
|
---|
| 240 | message_router = (MessageRouter) Class.forName("org.greenstone.gsdl3.core." + mr_name).newInstance();
|
---|
| 241 | }
|
---|
| 242 | catch (Exception e)
|
---|
| 243 | { // cant use this new one, so use normal one
|
---|
| 244 | System.err.println("LibraryServlet configure exception when trying to use a new MessageRouter " + mr_name + ": " + e.getMessage());
|
---|
[24019] | 245 | e.printStackTrace();
|
---|
| 246 | message_router = new MessageRouter();
|
---|
| 247 | }
|
---|
| 248 | }
|
---|
[24753] | 249 |
|
---|
[24019] | 250 | message_router.setSiteName(site_name);
|
---|
| 251 | message_router.setLibraryName(library_name);
|
---|
| 252 | message_router.configure();
|
---|
| 253 | this.recept.setMessageRouter(message_router);
|
---|
[24753] | 254 | }
|
---|
| 255 | else
|
---|
| 256 | {
|
---|
[24019] | 257 | // talking to a remote site, create a communicator
|
---|
| 258 | Communicator communicator = null;
|
---|
| 259 | // we need to create the XML to configure the communicator
|
---|
[28972] | 260 | Document doc = XMLConverter.newDOM();
|
---|
| 261 | Element site_elem = doc.createElement(GSXML.SITE_ELEM);
|
---|
[24019] | 262 | site_elem.setAttribute(GSXML.TYPE_ATT, remote_site_type);
|
---|
| 263 | site_elem.setAttribute(GSXML.NAME_ATT, remote_site_name);
|
---|
| 264 | site_elem.setAttribute(GSXML.ADDRESS_ATT, remote_site_address);
|
---|
[24753] | 265 |
|
---|
| 266 | if (remote_site_type.equals(GSXML.COMM_TYPE_SOAP_JAVA))
|
---|
| 267 | {
|
---|
[24019] | 268 | communicator = new SOAPCommunicator();
|
---|
[24753] | 269 | }
|
---|
| 270 | else
|
---|
| 271 | {
|
---|
| 272 | System.err.println("LibraryServlet.init Error: invalid Communicator type: " + remote_site_type);
|
---|
[24019] | 273 | System.exit(1);
|
---|
| 274 | }
|
---|
[24753] | 275 |
|
---|
| 276 | if (!communicator.configure(site_elem))
|
---|
| 277 | {
|
---|
[24019] | 278 | System.err.println("LibraryServlet.init Error: Couldn't configure communicator");
|
---|
| 279 | System.exit(1);
|
---|
| 280 | }
|
---|
| 281 | this.recept.setMessageRouter(communicator);
|
---|
| 282 | }
|
---|
[24753] | 283 |
|
---|
[24019] | 284 | // the params arg thingy
|
---|
[24753] | 285 |
|
---|
| 286 | String params_name = (String) config.getInitParameter("params_class");
|
---|
| 287 | if (params_name == null)
|
---|
| 288 | {
|
---|
[24019] | 289 | this.params = new GSParams();
|
---|
[24753] | 290 | }
|
---|
| 291 | else
|
---|
| 292 | {
|
---|
| 293 | try
|
---|
| 294 | {
|
---|
| 295 | this.params = (GSParams) Class.forName("org.greenstone.gsdl3.util." + params_name).newInstance();
|
---|
| 296 | }
|
---|
| 297 | catch (Exception e)
|
---|
| 298 | {
|
---|
| 299 | System.err.println("LibraryServlet configure exception when trying to use a new params thing " + params_name + ": " + e.getMessage());
|
---|
[24019] | 300 | e.printStackTrace();
|
---|
| 301 | this.params = new GSParams();
|
---|
| 302 | }
|
---|
| 303 | }
|
---|
| 304 | // pass it to the receptionist
|
---|
| 305 | this.recept.setParams(this.params);
|
---|
| 306 | this.recept.configure();
|
---|
[24753] | 307 |
|
---|
[25257] | 308 | //Allow the message router and the document to be accessed from anywhere in this servlet context
|
---|
| 309 | this.getServletContext().setAttribute("GSRouter", this.recept.getMessageRouter());
|
---|
[24019] | 310 | }
|
---|
[18223] | 311 |
|
---|
[24753] | 312 | private void logUsageInfo(HttpServletRequest request)
|
---|
| 313 | {
|
---|
| 314 | String usageInfo = "";
|
---|
[14524] | 315 |
|
---|
[24019] | 316 | //session-info: get params stored in the session
|
---|
| 317 | HttpSession session = request.getSession(true);
|
---|
| 318 | Enumeration attributeNames = session.getAttributeNames();
|
---|
[24753] | 319 | while (attributeNames.hasMoreElements())
|
---|
| 320 | {
|
---|
| 321 | String name = (String) attributeNames.nextElement();
|
---|
| 322 | usageInfo += name + "=" + session.getAttribute(name) + " ";
|
---|
[24019] | 323 | }
|
---|
[24753] | 324 |
|
---|
[24019] | 325 | //logged info = general-info + session-info
|
---|
[24753] | 326 | usageInfo = request.getServletPath() + " " + //serlvet
|
---|
| 327 | "[" + request.getQueryString() + "]" + " " + //the query string
|
---|
| 328 | "[" + usageInfo.trim() + "]" + " " + // params stored in a session
|
---|
| 329 | request.getRemoteAddr() + " " + //remote address
|
---|
| 330 | request.getRequestedSessionId() + " " + //session id
|
---|
| 331 | request.getHeader("user-agent") + " "; //the remote brower info
|
---|
| 332 |
|
---|
[24019] | 333 | logger.info(usageInfo);
|
---|
[24753] | 334 |
|
---|
[24019] | 335 | }
|
---|
[23790] | 336 |
|
---|
[24753] | 337 | public class UserSessionCache implements HttpSessionBindingListener
|
---|
| 338 | {
|
---|
[24019] | 339 | String session_id = "";
|
---|
[24753] | 340 |
|
---|
| 341 | /**
|
---|
| 342 | * a hash that maps the session ID to a hashtable that maps the
|
---|
| 343 | * coll_name to its parameters coll_name -> Hashtable (param_name ->
|
---|
| 344 | * param_value)
|
---|
| 345 | */
|
---|
[25635] | 346 | protected Hashtable<String, Hashtable<String, String>> coll_name_params_table = null;
|
---|
[24753] | 347 |
|
---|
[25635] | 348 | public UserSessionCache(String id, Hashtable<String, Hashtable<String, String>> table)
|
---|
[24753] | 349 | {
|
---|
| 350 | session_id = id;
|
---|
| 351 | coll_name_params_table = (table == null) ? new Hashtable() : table;
|
---|
[24019] | 352 | }
|
---|
[23790] | 353 |
|
---|
[24753] | 354 | protected void cleanupCache(String coll_name)
|
---|
| 355 | {
|
---|
| 356 | if (coll_name_params_table.containsKey(coll_name))
|
---|
| 357 | {
|
---|
[24019] | 358 | coll_name_params_table.remove(coll_name);
|
---|
| 359 | }
|
---|
| 360 | }
|
---|
| 361 |
|
---|
[25635] | 362 | protected Hashtable<String, Hashtable<String, String>> getParamsTable()
|
---|
[24753] | 363 | {
|
---|
[24019] | 364 | return coll_name_params_table;
|
---|
| 365 | }
|
---|
| 366 |
|
---|
[24753] | 367 | public void valueBound(HttpSessionBindingEvent event)
|
---|
| 368 | {
|
---|
[24019] | 369 | // Do nothing
|
---|
| 370 | }
|
---|
| 371 |
|
---|
[24753] | 372 | public void valueUnbound(HttpSessionBindingEvent event)
|
---|
| 373 | {
|
---|
| 374 | if (session_ids_table.containsKey(session_id))
|
---|
| 375 | {
|
---|
[24019] | 376 | session_ids_table.remove(session_id);
|
---|
| 377 | }
|
---|
| 378 | }
|
---|
| 379 |
|
---|
[24753] | 380 | public int tableSize()
|
---|
| 381 | {
|
---|
| 382 | return (coll_name_params_table == null) ? 0 : coll_name_params_table.size();
|
---|
[24019] | 383 | }
|
---|
| 384 | }
|
---|
[26210] | 385 |
|
---|
[25761] | 386 | public void destroy()
|
---|
| 387 | {
|
---|
| 388 | recept.cleanUp();
|
---|
| 389 | }
|
---|
[24019] | 390 |
|
---|
[27617] | 391 | public void doGetOrPost(HttpServletRequest request, HttpServletResponse response, Map<String, String[]> queryMap) throws ServletException, IOException
|
---|
[24753] | 392 | {
|
---|
| 393 | logUsageInfo(request);
|
---|
[25092] | 394 |
|
---|
[25054] | 395 | if (queryMap != null)
|
---|
[24753] | 396 | {
|
---|
[25054] | 397 | Iterator<String> queryIter = queryMap.keySet().iterator();
|
---|
[24019] | 398 | boolean redirect = false;
|
---|
| 399 | String href = null;
|
---|
| 400 | String rl = null;
|
---|
[25304] | 401 | String el = null;
|
---|
[27617] | 402 |
|
---|
[25054] | 403 | while (queryIter.hasNext())
|
---|
[24753] | 404 | {
|
---|
[25054] | 405 | String q = queryIter.next();
|
---|
[25304] | 406 | if (q.equals(GSParams.EXTERNAL_LINK_TYPE))
|
---|
[24753] | 407 | {
|
---|
[25351] | 408 | el = queryMap.get(q)[0];
|
---|
[24753] | 409 | }
|
---|
[25304] | 410 | else if (q.equals(GSParams.HREF))
|
---|
[24753] | 411 | {
|
---|
[25054] | 412 | href = queryMap.get(q)[0];
|
---|
[24019] | 413 | href = StringUtils.replace(href, "%2f", "/");
|
---|
| 414 | href = StringUtils.replace(href, "%7e", "~");
|
---|
| 415 | href = StringUtils.replace(href, "%3f", "?");
|
---|
| 416 | href = StringUtils.replace(href, "%3A", "\\:");
|
---|
| 417 | }
|
---|
[25304] | 418 | else if (q.equals(GSParams.RELATIVE_LINK))
|
---|
[24753] | 419 | {
|
---|
[25054] | 420 | rl = queryMap.get(q)[0];
|
---|
[24753] | 421 | }
|
---|
[24019] | 422 | }
|
---|
| 423 |
|
---|
[25304] | 424 | //if query_string contains "el=direct", an href is specified, and its not a relative link, then the web page will be redirected to the external URl, otherwise a greenstone page with an external URL will be displayed
|
---|
[24019] | 425 | //"rl=0" this is an external link
|
---|
| 426 | //"rl=1" this is an internal link
|
---|
[25304] | 427 | if ((href != null) && (rl.equals("0")))
|
---|
| 428 | {// This is an external link,
|
---|
| 429 |
|
---|
[25351] | 430 | if (el.equals("framed"))
|
---|
| 431 | {
|
---|
| 432 | //TODO **** how best to change to a=p&sa=html&c=collection&url=href
|
---|
| 433 | // response.setContentType("text/xml");
|
---|
| 434 | //response.sendRedirect("http://localhost:8383/greenstone3/gs3library?a=p&sa=html&c=external&url="+href);
|
---|
| 435 | }
|
---|
| 436 | else
|
---|
| 437 | {
|
---|
| 438 | // el = '' or direct
|
---|
| 439 | //the web page is re-directed to the external URL (&el=&rl=0&href="http://...")
|
---|
| 440 | response.setContentType("text/xml");
|
---|
| 441 | response.sendRedirect(href);
|
---|
| 442 | }
|
---|
[24019] | 443 | }
|
---|
| 444 | }
|
---|
[24753] | 445 |
|
---|
[24019] | 446 | // Nested Diagnostic Configurator to identify the client for
|
---|
[24753] | 447 | HttpSession session = request.getSession(true);
|
---|
[24019] | 448 | session.setMaxInactiveInterval(session_expiration);
|
---|
[24753] | 449 | String uid = (String) session.getAttribute(GSXML.USER_ID_ATT);
|
---|
| 450 | if (uid == null)
|
---|
| 451 | {
|
---|
| 452 | uid = "" + getNextUserId();
|
---|
| 453 | session.setAttribute(GSXML.USER_ID_ATT, uid);
|
---|
[24019] | 454 | }
|
---|
[24962] | 455 |
|
---|
[24753] | 456 | request.setCharacterEncoding("UTF-8");
|
---|
| 457 | response.setContentType("text/html;charset=UTF-8");
|
---|
| 458 | PrintWriter out = response.getWriter();
|
---|
| 459 |
|
---|
[27617] | 460 | String lang = getFirstParam(GSParams.LANGUAGE, queryMap);
|
---|
[24753] | 461 | if (lang == null || lang.equals(""))
|
---|
| 462 | {
|
---|
[24019] | 463 | // try the session cached lang
|
---|
[24753] | 464 | lang = (String) session.getAttribute(GSParams.LANGUAGE);
|
---|
| 465 | if (lang == null || lang.equals(""))
|
---|
| 466 | {
|
---|
[24019] | 467 | // still not set, use the default
|
---|
| 468 | lang = this.default_lang;
|
---|
| 469 | }
|
---|
| 470 | }
|
---|
[24993] | 471 | UserContext userContext = new UserContext();
|
---|
| 472 | userContext.setLanguage(lang);
|
---|
| 473 | userContext.setUserID(uid);
|
---|
[24753] | 474 |
|
---|
[27074] | 475 | if (request.getAuthType() != null)
|
---|
| 476 | {
|
---|
[27617] | 477 | //Get the username
|
---|
| 478 | userContext.setUsername(request.getUserPrincipal().getName());
|
---|
| 479 |
|
---|
[27074] | 480 | //Get the groups for the user
|
---|
[28972] | 481 | Document msg_doc = XMLConverter.newDOM();
|
---|
| 482 | Element acquireGroupMessage = msg_doc.createElement(GSXML.MESSAGE_ELEM);
|
---|
| 483 | Element acquireGroupRequest = GSXML.createBasicRequest(msg_doc, GSXML.REQUEST_TYPE_PROCESS, "GetUserInformation", userContext);
|
---|
[27074] | 484 | acquireGroupMessage.appendChild(acquireGroupRequest);
|
---|
| 485 |
|
---|
[28972] | 486 | Element paramList = msg_doc.createElement(GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
|
---|
[27074] | 487 | acquireGroupRequest.appendChild(paramList);
|
---|
[28972] | 488 | paramList.appendChild(GSXML.createParameter(msg_doc, GSXML.USERNAME_ATT, request.getUserPrincipal().getName()));
|
---|
[27074] | 489 |
|
---|
| 490 | Element aquireGroupsResponseMessage = (Element) this.recept.process(acquireGroupMessage);
|
---|
| 491 | Element aquireGroupsResponse = (Element) GSXML.getChildByTagName(aquireGroupsResponseMessage, GSXML.RESPONSE_ELEM);
|
---|
| 492 | Element param_list = (Element) GSXML.getChildByTagName(aquireGroupsResponse, GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
|
---|
| 493 |
|
---|
| 494 | if (param_list != null)
|
---|
| 495 | {
|
---|
| 496 | HashMap<String, Serializable> params = GSXML.extractParams(param_list, false);
|
---|
| 497 | String groups = (String) params.get("groups");
|
---|
| 498 | userContext.setGroups(groups.split(","));
|
---|
| 499 | }
|
---|
| 500 | }
|
---|
| 501 |
|
---|
[24019] | 502 | // set the lang in the session
|
---|
[24753] | 503 | session.setAttribute(GSParams.LANGUAGE, lang);
|
---|
| 504 |
|
---|
[27617] | 505 | String output = getFirstParam(GSParams.OUTPUT, queryMap);
|
---|
[24753] | 506 | if (output == null || output.equals(""))
|
---|
| 507 | {
|
---|
[24019] | 508 | output = "html"; // uses html by default
|
---|
| 509 | }
|
---|
[24753] | 510 |
|
---|
[24019] | 511 | // If server output, force a switch to traditional interface
|
---|
| 512 | //output = (output.equals("server")) ? "html" : output;
|
---|
[24753] | 513 |
|
---|
[24019] | 514 | // Force change the output mode if client-side XSLT is supported - server vs. client
|
---|
| 515 | // BUT only if the library allows client-side transforms
|
---|
[24753] | 516 | if (supports_client_xslt)
|
---|
| 517 | {
|
---|
[24019] | 518 | // MUST be done before the xml_message is built
|
---|
| 519 | Cookie[] cookies = request.getCookies();
|
---|
| 520 | Cookie xsltCookie = null;
|
---|
[24753] | 521 |
|
---|
[24019] | 522 | // The client has cookies enabled and a value set - use it!
|
---|
[24753] | 523 | if (cookies != null)
|
---|
| 524 | {
|
---|
| 525 | for (Cookie c : cookies)
|
---|
| 526 | {
|
---|
| 527 | if (c.getName().equals("supportsXSLT"))
|
---|
| 528 | {
|
---|
[24019] | 529 | xsltCookie = c;
|
---|
| 530 | break;
|
---|
| 531 | }
|
---|
[23790] | 532 | }
|
---|
[24019] | 533 | output = (xsltCookie != null && xsltCookie.getValue().equals("true") && output.equals("html")) ? "xsltclient" : output;
|
---|
[23790] | 534 | }
|
---|
| 535 | }
|
---|
[24753] | 536 |
|
---|
[24019] | 537 | // the request to the receptionist
|
---|
[28972] | 538 | Document msg_doc = XMLConverter.newDOM();
|
---|
| 539 | Element xml_message = msg_doc.createElement(GSXML.MESSAGE_ELEM);
|
---|
| 540 | Element xml_request = GSXML.createBasicRequest(msg_doc, GSXML.REQUEST_TYPE_PAGE, "", userContext);
|
---|
[24753] | 541 | xml_request.setAttribute(GSXML.OUTPUT_ATT, output);
|
---|
| 542 |
|
---|
| 543 | xml_message.appendChild(xml_request);
|
---|
| 544 |
|
---|
[27617] | 545 | String action = getFirstParam(GSParams.ACTION, queryMap);
|
---|
| 546 | String subaction = getFirstParam(GSParams.SUBACTION, queryMap);
|
---|
| 547 | String collection = getFirstParam(GSParams.COLLECTION, queryMap);
|
---|
| 548 | String document = getFirstParam(GSParams.DOCUMENT, queryMap);
|
---|
| 549 | String service = getFirstParam(GSParams.SERVICE, queryMap);
|
---|
[13122] | 550 |
|
---|
[24019] | 551 | // We clean up the cache session_ids_table if system
|
---|
| 552 | // commands are issued (and also don't need to do caching for this request)
|
---|
| 553 | boolean should_cache = true;
|
---|
[29831] | 554 | if (action != null && action.equals(GSParams.SYSTEM_ACTION)
|
---|
[29841] | 555 | && !subaction.equals(GSXML.SYSTEM_TYPE_PING)
|
---|
| 556 | && !subaction.equals(GSXML.SYSTEM_TYPE_AUTHENTICATED_PING)) // don't 'clean' anything on a mere ping
|
---|
[24753] | 557 | {
|
---|
[24019] | 558 | should_cache = false;
|
---|
[16938] | 559 |
|
---|
[24019] | 560 | // we may want to remove all collection cache info, or just a specific collection
|
---|
[24753] | 561 | boolean clean_all = true;
|
---|
[24019] | 562 | String clean_collection = null;
|
---|
| 563 | // system commands are to activate/deactivate stuff
|
---|
| 564 | // collection param is in the sc parameter.
|
---|
| 565 | // don't like the fact that it is hard coded here
|
---|
[27617] | 566 | String coll = getFirstParam(GSParams.SYSTEM_CLUSTER, queryMap);
|
---|
[24753] | 567 | if (coll != null && !coll.equals(""))
|
---|
| 568 | {
|
---|
[24019] | 569 | clean_all = false;
|
---|
| 570 | clean_collection = coll;
|
---|
[24753] | 571 | }
|
---|
| 572 | else
|
---|
| 573 | {
|
---|
[24019] | 574 | // check other system types
|
---|
[24753] | 575 | if (subaction.equals("a") || subaction.equals("d"))
|
---|
| 576 | {
|
---|
[27617] | 577 | String module_name = getFirstParam("sn", queryMap);
|
---|
[24753] | 578 | if (module_name != null && !module_name.equals(""))
|
---|
| 579 | {
|
---|
[24019] | 580 | clean_all = false;
|
---|
| 581 | clean_collection = module_name;
|
---|
| 582 | }
|
---|
| 583 | }
|
---|
| 584 | }
|
---|
[24753] | 585 | if (clean_all)
|
---|
| 586 | {
|
---|
[29831] | 587 | // TODO
|
---|
[25635] | 588 | session_ids_table = new Hashtable<String, UserSessionCache>();
|
---|
[29831] | 589 | session.removeAttribute(GSXML.USER_SESSION_CACHE_ATT); // triggers valueUnbound(), which removes the session id from the session_ids_table
|
---|
[24753] | 590 | }
|
---|
| 591 | else
|
---|
| 592 | {
|
---|
[24019] | 593 | // just clean up info for clean_collection
|
---|
[25635] | 594 | ArrayList<UserSessionCache> cache_list = new ArrayList<UserSessionCache>(session_ids_table.values());
|
---|
[24753] | 595 | for (int i = 0; i < cache_list.size(); i++)
|
---|
| 596 | {
|
---|
[25635] | 597 | UserSessionCache cache = cache_list.get(i);
|
---|
[24019] | 598 | cache.cleanupCache(clean_collection);
|
---|
| 599 | }
|
---|
[24753] | 600 |
|
---|
[24019] | 601 | }
|
---|
| 602 | }
|
---|
[24753] | 603 |
|
---|
[24019] | 604 | // cache_key is the collection name, or service name
|
---|
| 605 | String cache_key = collection;
|
---|
[24753] | 606 | if (cache_key == null || cache_key.equals(""))
|
---|
| 607 | {
|
---|
[24019] | 608 | cache_key = service;
|
---|
| 609 | }
|
---|
[24753] | 610 |
|
---|
[24019] | 611 | // logger.info("should_cache= " + should_cache);
|
---|
[16938] | 612 |
|
---|
[24019] | 613 | //clear the collection-specific cache in the session, since we have no way to know whether this session is
|
---|
| 614 | //about the same collection as the last session or not.
|
---|
| 615 | Enumeration attributeNames = session.getAttributeNames();
|
---|
[24753] | 616 | while (attributeNames.hasMoreElements())
|
---|
| 617 | {
|
---|
| 618 | String name = (String) attributeNames.nextElement();
|
---|
| 619 | if (!name.equals(GSXML.USER_SESSION_CACHE_ATT) && !name.equals(GSParams.LANGUAGE) && !name.equals(GSXML.USER_ID_ATT))
|
---|
| 620 | {
|
---|
[24019] | 621 | session.removeAttribute(name);
|
---|
| 622 | }
|
---|
| 623 | }
|
---|
[24753] | 624 |
|
---|
[24019] | 625 | UserSessionCache session_cache = null;
|
---|
[25635] | 626 | Hashtable<String, Hashtable<String, String>> param_table = null;
|
---|
| 627 | Hashtable<String, String> table = null;
|
---|
[24019] | 628 | String sid = session.getId();
|
---|
[24753] | 629 | if (should_cache == true && cache_key != null && !cache_key.equals(""))
|
---|
| 630 | {
|
---|
| 631 | if (session_ids_table.containsKey(sid))
|
---|
| 632 | {
|
---|
[25635] | 633 | session_cache = session_ids_table.get(sid);
|
---|
[24019] | 634 | param_table = session_cache.getParamsTable();
|
---|
| 635 | logger.info("collections in table: " + tableToString(param_table));
|
---|
[24753] | 636 | if (param_table.containsKey(cache_key))
|
---|
| 637 | {
|
---|
[24019] | 638 | //logger.info("existing table: " + collection);
|
---|
[25635] | 639 | table = param_table.get(cache_key);
|
---|
[24753] | 640 | }
|
---|
| 641 | else
|
---|
| 642 | {
|
---|
[25635] | 643 | table = new Hashtable<String, String>();
|
---|
[24019] | 644 | param_table.put(cache_key, table);
|
---|
| 645 | //logger.info("new table: " + collection);
|
---|
| 646 | }
|
---|
[24753] | 647 | }
|
---|
| 648 | else
|
---|
| 649 | {
|
---|
[25635] | 650 | param_table = new Hashtable<String, Hashtable<String, String>>();
|
---|
| 651 | table = new Hashtable<String, String>();
|
---|
[24019] | 652 | param_table.put(cache_key, table);
|
---|
| 653 | session_cache = new UserSessionCache(sid, param_table);
|
---|
| 654 | session_ids_table.put(sid, session_cache);
|
---|
| 655 | session.setAttribute(GSXML.USER_SESSION_CACHE_ATT, session_cache);
|
---|
| 656 | //logger.info("new session id");
|
---|
| 657 | }
|
---|
| 658 | }
|
---|
[6301] | 659 |
|
---|
[24753] | 660 | if (action == null || action.equals(""))
|
---|
| 661 | {
|
---|
[24019] | 662 | // should we do all the following stuff if using default page?
|
---|
| 663 | // display the home page - the default page
|
---|
[24753] | 664 | xml_request.setAttribute(GSXML.ACTION_ATT, "p");
|
---|
| 665 | xml_request.setAttribute(GSXML.SUBACTION_ATT, PageAction.HOME_PAGE);
|
---|
[24019] | 666 | }
|
---|
[24753] | 667 | else
|
---|
| 668 | {
|
---|
| 669 | xml_request.setAttribute(GSXML.ACTION_ATT, action);
|
---|
| 670 | if (subaction != null)
|
---|
| 671 | {
|
---|
| 672 | xml_request.setAttribute(GSXML.SUBACTION_ATT, subaction);
|
---|
[24019] | 673 | }
|
---|
[24753] | 674 |
|
---|
[24019] | 675 | // create the param list for the greenstone request - includes
|
---|
| 676 | // the params from the current request and any others from the saved session
|
---|
[28972] | 677 | Element xml_param_list = msg_doc.createElement(GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
|
---|
[24753] | 678 | xml_request.appendChild(xml_param_list);
|
---|
[31185] | 679 |
|
---|
| 680 | if (queryMap.containsKey("s1.collection") || queryMap.containsKey("s1.group")){
|
---|
| 681 | table.remove("s1.collection");
|
---|
| 682 | table.remove("s1.group");
|
---|
| 683 | }
|
---|
[25257] | 684 | for (String name : queryMap.keySet())
|
---|
[24753] | 685 | {
|
---|
| 686 | if (!name.equals(GSParams.ACTION) && !name.equals(GSParams.SUBACTION) && !name.equals(GSParams.LANGUAGE) && !name.equals(GSParams.OUTPUT))
|
---|
| 687 | {// we have already dealt with these
|
---|
| 688 |
|
---|
| 689 | String value = "";
|
---|
[27617] | 690 | String[] values = queryMap.get(name);
|
---|
[24019] | 691 | value = values[0];
|
---|
[24753] | 692 | if (values.length > 1)
|
---|
| 693 | {
|
---|
| 694 | for (int i = 1; i < values.length; i++)
|
---|
| 695 | {
|
---|
| 696 | value += "," + values[i];
|
---|
[24019] | 697 | }
|
---|
| 698 | }
|
---|
| 699 | // either add it to the param list straight away, or save it to the session and add it later
|
---|
[24753] | 700 | if (this.params.shouldSave(name) && table != null)
|
---|
| 701 | {
|
---|
[24019] | 702 | table.put(name, value);
|
---|
| 703 | }
|
---|
[24753] | 704 | else
|
---|
| 705 | {
|
---|
[28972] | 706 | Element param = msg_doc.createElement(GSXML.PARAM_ELEM);
|
---|
[24753] | 707 | param.setAttribute(GSXML.NAME_ATT, name);
|
---|
| 708 | param.setAttribute(GSXML.VALUE_ATT, GSXML.xmlSafe(value));
|
---|
| 709 | xml_param_list.appendChild(param);
|
---|
| 710 | }
|
---|
[24019] | 711 | }
|
---|
| 712 | }
|
---|
| 713 | //put everything in the table into the session
|
---|
| 714 | // do we need to do this? why not just put from table into param list
|
---|
[24753] | 715 | if (table != null)
|
---|
| 716 | {
|
---|
[25635] | 717 | Enumeration<String> keys = table.keys();
|
---|
[24753] | 718 | while (keys.hasMoreElements())
|
---|
| 719 | {
|
---|
[25635] | 720 | String name = keys.nextElement();
|
---|
| 721 | session.setAttribute(name, table.get(name));
|
---|
[24019] | 722 | }
|
---|
| 723 | }
|
---|
[24753] | 724 |
|
---|
[24019] | 725 | // put in all the params from the session cache
|
---|
[25257] | 726 | Enumeration params = session.getAttributeNames();
|
---|
[24753] | 727 | while (params.hasMoreElements())
|
---|
| 728 | {
|
---|
| 729 | String name = (String) params.nextElement();
|
---|
[18223] | 730 |
|
---|
[24753] | 731 | if (!name.equals(GSXML.USER_SESSION_CACHE_ATT) && !name.equals(GSParams.LANGUAGE) && !name.equals(GSXML.USER_ID_ATT))
|
---|
| 732 | {
|
---|
| 733 |
|
---|
[24019] | 734 | // lang and uid are stored but we dont want it in the param list cos its already in the request
|
---|
[28972] | 735 | Element param = msg_doc.createElement(GSXML.PARAM_ELEM);
|
---|
[24753] | 736 | param.setAttribute(GSXML.NAME_ATT, name);
|
---|
| 737 | String value = GSXML.xmlSafe((String) session.getAttribute(name));
|
---|
[18223] | 738 |
|
---|
[24019] | 739 | // ugly hack to undo : escaping
|
---|
| 740 | value = StringUtils.replace(value, "%3A", "\\:");
|
---|
[24753] | 741 | param.setAttribute(GSXML.VALUE_ATT, value);
|
---|
| 742 | xml_param_list.appendChild(param);
|
---|
[24019] | 743 | }
|
---|
| 744 | }
|
---|
| 745 | }
|
---|
[24753] | 746 |
|
---|
[27073] | 747 | if (output.equals("json"))
|
---|
| 748 | {
|
---|
| 749 | response.setContentType("application/json");
|
---|
[26507] | 750 | }
|
---|
| 751 | else if (!output.equals("html") && !output.equals("server") && !output.equals("xsltclient"))
|
---|
[24753] | 752 | {
|
---|
| 753 | response.setContentType("text/xml"); // for now use text
|
---|
[24019] | 754 | }
|
---|
[24753] | 755 |
|
---|
[24019] | 756 | //Add custom HTTP headers if requested
|
---|
[27617] | 757 | String httpHeadersParam = getFirstParam(GSParams.HTTP_HEADER_FIELDS, queryMap);
|
---|
[24118] | 758 | if (httpHeadersParam != null && httpHeadersParam.length() > 0)
|
---|
| 759 | {
|
---|
| 760 | Gson gson = new Gson();
|
---|
[24753] | 761 | Type type = new TypeToken<List<Map<String, String>>>()
|
---|
| 762 | {
|
---|
| 763 | }.getType();
|
---|
| 764 | List<Map<String, String>> httpHeaders = gson.fromJson(httpHeadersParam, type);
|
---|
| 765 | if (httpHeaders != null && httpHeaders.size() > 0)
|
---|
| 766 | {
|
---|
| 767 |
|
---|
| 768 | for (int j = 0; j < httpHeaders.size(); j++)
|
---|
[24019] | 769 | {
|
---|
[25635] | 770 | Map nameValueMap = httpHeaders.get(j);
|
---|
[24753] | 771 | String name = (String) nameValueMap.get("name");
|
---|
| 772 | String value = (String) nameValueMap.get("value");
|
---|
| 773 |
|
---|
| 774 | if (name != null && value != null)
|
---|
[24118] | 775 | {
|
---|
| 776 | response.setHeader(name, value);
|
---|
| 777 | }
|
---|
[24019] | 778 | }
|
---|
| 779 | }
|
---|
| 780 | }
|
---|
[25310] | 781 |
|
---|
[25257] | 782 | String requestedURL = request.getRequestURL().toString();
|
---|
[25351] | 783 | String baseURL = "";
|
---|
[28295] | 784 | if (requestedURL.indexOf(library_name) != -1)
|
---|
[25351] | 785 | {
|
---|
[28295] | 786 | baseURL = requestedURL.substring(0, requestedURL.indexOf(library_name));
|
---|
[25351] | 787 | xml_request.setAttribute("baseURL", baseURL);
|
---|
| 788 | }
|
---|
| 789 | String fullURL;
|
---|
| 790 | if (request.getQueryString() != null)
|
---|
| 791 | {
|
---|
| 792 | fullURL = requestedURL + "?" + request.getQueryString();
|
---|
| 793 | }
|
---|
| 794 | else
|
---|
| 795 | {
|
---|
| 796 | fullURL = requestedURL;
|
---|
| 797 | }
|
---|
| 798 |
|
---|
[25257] | 799 | xml_request.setAttribute("remoteAddress", request.getRemoteAddr());
|
---|
[25351] | 800 | xml_request.setAttribute("fullURL", fullURL.replace("&", "&"));
|
---|
[25310] | 801 |
|
---|
[27617] | 802 | if (!runSecurityChecks(request, xml_request, userContext, out, baseURL, collection, document, queryMap))
|
---|
[25257] | 803 | {
|
---|
| 804 | return;
|
---|
| 805 | }
|
---|
[24753] | 806 |
|
---|
[25257] | 807 | Node xml_result = this.recept.process(xml_message);
|
---|
| 808 | encodeURLs(xml_result, response);
|
---|
| 809 |
|
---|
[28972] | 810 | String xml_string = XMLConverter.getPrettyString(xml_result);
|
---|
[30477] | 811 |
|
---|
[27073] | 812 | if (output.equals("json"))
|
---|
| 813 | {
|
---|
| 814 | try
|
---|
| 815 | {
|
---|
| 816 | JSONObject json_obj = org.json.XML.toJSONObject(xml_string);
|
---|
| 817 |
|
---|
| 818 | out.println(json_obj.toString());
|
---|
| 819 | }
|
---|
| 820 | catch (Exception e)
|
---|
| 821 | {
|
---|
| 822 | e.printStackTrace();
|
---|
| 823 | out.println("Error: failed to convert output XML to JSON format");
|
---|
| 824 | }
|
---|
[26507] | 825 | }
|
---|
[27073] | 826 | else
|
---|
| 827 | {
|
---|
| 828 | out.println(xml_string);
|
---|
[26507] | 829 | }
|
---|
| 830 |
|
---|
[25257] | 831 | displaySize(session_ids_table);
|
---|
[27617] | 832 | }
|
---|
[25257] | 833 |
|
---|
[27617] | 834 | public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
|
---|
| 835 | {
|
---|
| 836 | doGetOrPost(request, response, request.getParameterMap());
|
---|
[25257] | 837 | } //end of doGet(HttpServletRequest, HttpServletResponse)
|
---|
| 838 |
|
---|
[27617] | 839 | private boolean runSecurityChecks(HttpServletRequest request, Element xml_request, UserContext userContext, PrintWriter out, String baseURL, String collection, String document, Map<String, String[]> queryMap) throws ServletException
|
---|
[25257] | 840 | {
|
---|
[25092] | 841 | //Check if we need to login or logout
|
---|
[27617] | 842 | String username = getFirstParam("username", queryMap);
|
---|
| 843 | String password = getFirstParam("password", queryMap);
|
---|
| 844 | String logout = getFirstParam("logout", queryMap);
|
---|
[25092] | 845 |
|
---|
| 846 | if (logout != null)
|
---|
| 847 | {
|
---|
| 848 | request.logout();
|
---|
| 849 | }
|
---|
| 850 |
|
---|
| 851 | if (username != null && password != null)
|
---|
| 852 | {
|
---|
[25310] | 853 | //We are changing to another user, so log out first
|
---|
[25092] | 854 | if (request.getAuthType() != null)
|
---|
| 855 | {
|
---|
| 856 | request.logout();
|
---|
| 857 | }
|
---|
[25257] | 858 |
|
---|
[27617] | 859 | //This try/catch block catches when the login request fails (e.g. The user enters an incorrect password).
|
---|
[25129] | 860 | try
|
---|
| 861 | {
|
---|
[27617] | 862 | //Try a global login first
|
---|
| 863 | password = Authentication.hashPassword(password);
|
---|
| 864 | request.login(username, password);
|
---|
[25129] | 865 | }
|
---|
[25257] | 866 | catch (Exception ex)
|
---|
[25129] | 867 | {
|
---|
[27617] | 868 | try
|
---|
| 869 | {
|
---|
| 870 | //If the global login fails then try a site-level login
|
---|
| 871 | String siteName = (String) this.recept.getConfigParams().get(GSConstants.SITE_NAME);
|
---|
| 872 | request.login(siteName + "-" + username, password);
|
---|
| 873 | }
|
---|
| 874 | catch (Exception exc)
|
---|
| 875 | {
|
---|
| 876 | //The user entered in either the wrong username or the wrong password
|
---|
[28972] | 877 | Document loginPageDoc = XMLConverter.newDOM();
|
---|
| 878 | Element loginPageMessage = loginPageDoc.createElement(GSXML.MESSAGE_ELEM);
|
---|
| 879 | Element loginPageRequest = GSXML.createBasicRequest(loginPageDoc, GSXML.REQUEST_TYPE_PAGE, "", userContext);
|
---|
[27617] | 880 | loginPageRequest.setAttribute(GSXML.ACTION_ATT, "p");
|
---|
| 881 | loginPageRequest.setAttribute(GSXML.SUBACTION_ATT, "login");
|
---|
| 882 | loginPageRequest.setAttribute(GSXML.OUTPUT_ATT, "html");
|
---|
| 883 | loginPageRequest.setAttribute(GSXML.BASE_URL, baseURL);
|
---|
| 884 | loginPageMessage.appendChild(loginPageRequest);
|
---|
[25129] | 885 |
|
---|
[28972] | 886 | Element paramList = loginPageDoc.createElement(GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
|
---|
[27617] | 887 | loginPageRequest.appendChild(paramList);
|
---|
[25129] | 888 |
|
---|
[28972] | 889 | Element messageParam = loginPageDoc.createElement(GSXML.PARAM_ELEM);
|
---|
[27617] | 890 | messageParam.setAttribute(GSXML.NAME_ATT, "loginMessage");
|
---|
| 891 | messageParam.setAttribute(GSXML.VALUE_ATT, "Either your username or password was incorrect, please try again.");
|
---|
| 892 | paramList.appendChild(messageParam);
|
---|
[25129] | 893 |
|
---|
[28972] | 894 | Element urlParam = loginPageDoc.createElement(GSXML.PARAM_ELEM);
|
---|
[27617] | 895 | urlParam.setAttribute(GSXML.NAME_ATT, "redirectURL");
|
---|
| 896 | String queryString = "";
|
---|
| 897 | if (request.getQueryString() != null)
|
---|
| 898 | {
|
---|
| 899 | queryString = "?" + request.getQueryString().replace("&", "&");
|
---|
| 900 | }
|
---|
[28295] | 901 | urlParam.setAttribute(GSXML.VALUE_ATT, library_name + queryString);
|
---|
[27617] | 902 | paramList.appendChild(urlParam);
|
---|
[25129] | 903 |
|
---|
[27617] | 904 | Node loginPageResponse = this.recept.process(loginPageMessage);
|
---|
[28972] | 905 | out.println(XMLConverter.getPrettyString(loginPageResponse));
|
---|
[25129] | 906 |
|
---|
[27617] | 907 | return false;
|
---|
| 908 | }
|
---|
[25129] | 909 | }
|
---|
[25092] | 910 | }
|
---|
[25128] | 911 |
|
---|
[25129] | 912 | //If a user is logged in
|
---|
[25128] | 913 | if (request.getAuthType() != null)
|
---|
[25092] | 914 | {
|
---|
[28972] | 915 | Element userInformation = xml_request.getOwnerDocument().createElement(GSXML.USER_INFORMATION_ELEM);
|
---|
[27617] | 916 | userInformation.setAttribute(GSXML.USERNAME_ATT, request.getUserPrincipal().getName());
|
---|
[25128] | 917 |
|
---|
[28972] | 918 | Document msg_doc = XMLConverter.newDOM();
|
---|
| 919 | Element userInfoMessage = msg_doc.createElement(GSXML.MESSAGE_ELEM);
|
---|
| 920 | Element userInfoRequest = GSXML.createBasicRequest(msg_doc, GSXML.REQUEST_TYPE_SECURITY, "GetUserInformation", userContext);
|
---|
[25128] | 921 | userInfoMessage.appendChild(userInfoRequest);
|
---|
| 922 |
|
---|
[28972] | 923 | Element paramList = msg_doc.createElement(GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
|
---|
[25128] | 924 | userInfoRequest.appendChild(paramList);
|
---|
| 925 |
|
---|
[28972] | 926 | Element param = msg_doc.createElement(GSXML.PARAM_ELEM);
|
---|
[25257] | 927 | param.setAttribute(GSXML.NAME_ATT, GSXML.USERNAME_ATT);
|
---|
[25128] | 928 | param.setAttribute(GSXML.VALUE_ATT, request.getUserPrincipal().getName());
|
---|
| 929 | paramList.appendChild(param);
|
---|
| 930 |
|
---|
| 931 | Element userInformationResponse = (Element) GSXML.getChildByTagName(this.recept.process(userInfoMessage), GSXML.RESPONSE_ELEM);
|
---|
| 932 | Element responseParamList = (Element) GSXML.getChildByTagName(userInformationResponse, GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
|
---|
| 933 | if (responseParamList == null)
|
---|
| 934 | {
|
---|
| 935 | logger.error("Can't get the groups for user " + request.getUserPrincipal().getName());
|
---|
| 936 | }
|
---|
[25257] | 937 | else
|
---|
| 938 | {
|
---|
[25635] | 939 | HashMap<String, Serializable> responseParams = GSXML.extractParams(responseParamList, true);
|
---|
[25257] | 940 | String groups = (String) responseParams.get(GSXML.GROUPS_ATT);
|
---|
[28233] | 941 | String editEnabled = (String) responseParams.get("editEnabled");
|
---|
[25128] | 942 |
|
---|
[25257] | 943 | userInformation.setAttribute(GSXML.GROUPS_ATT, groups);
|
---|
[28233] | 944 | userInformation.setAttribute("editEnabled", (editEnabled != null) ? editEnabled : "false");
|
---|
[25257] | 945 | xml_request.appendChild(userInformation);
|
---|
| 946 | }
|
---|
[25092] | 947 | }
|
---|
| 948 |
|
---|
| 949 | //If we are in a collection-related page then make sure this user is allowed to access it
|
---|
| 950 | if (collection != null && !collection.equals(""))
|
---|
| 951 | {
|
---|
| 952 | //Get the security info for this collection
|
---|
[28972] | 953 | Document msg_doc = XMLConverter.newDOM();
|
---|
| 954 | Element securityMessage = msg_doc.createElement(GSXML.MESSAGE_ELEM);
|
---|
| 955 | Element securityRequest = GSXML.createBasicRequest(msg_doc, GSXML.REQUEST_TYPE_SECURITY, collection, userContext);
|
---|
[25092] | 956 | securityMessage.appendChild(securityRequest);
|
---|
| 957 | if (document != null && !document.equals(""))
|
---|
| 958 | {
|
---|
[25257] | 959 | securityRequest.setAttribute(GSXML.NODE_OID, document);
|
---|
[25092] | 960 | }
|
---|
| 961 |
|
---|
| 962 | Element securityResponse = (Element) GSXML.getChildByTagName(this.recept.process(securityMessage), GSXML.RESPONSE_ELEM);
|
---|
[26210] | 963 | if (securityResponse == null)
|
---|
| 964 | {
|
---|
| 965 | return false;
|
---|
| 966 | }
|
---|
| 967 |
|
---|
[25092] | 968 | ArrayList<String> groups = GSXML.getGroupsFromSecurityResponse(securityResponse);
|
---|
| 969 |
|
---|
| 970 | //If guests are not allowed to access this page then check to see if the user is in a group that is allowed to access the page
|
---|
| 971 | if (!groups.contains(""))
|
---|
| 972 | {
|
---|
| 973 | boolean found = false;
|
---|
| 974 | for (String group : groups)
|
---|
| 975 | {
|
---|
| 976 | if (request.isUserInRole(group))
|
---|
| 977 | {
|
---|
| 978 | found = true;
|
---|
| 979 | break;
|
---|
| 980 | }
|
---|
| 981 | }
|
---|
| 982 |
|
---|
| 983 | //The current user is not allowed to access the page so produce a login page
|
---|
| 984 | if (!found)
|
---|
| 985 | {
|
---|
[28972] | 986 | Document loginPageDoc = XMLConverter.newDOM();
|
---|
| 987 | Element loginPageMessage = loginPageDoc.createElement(GSXML.MESSAGE_ELEM);
|
---|
| 988 | Element loginPageRequest = GSXML.createBasicRequest(loginPageDoc, GSXML.REQUEST_TYPE_PAGE, "", userContext);
|
---|
[25092] | 989 | loginPageRequest.setAttribute(GSXML.ACTION_ATT, "p");
|
---|
| 990 | loginPageRequest.setAttribute(GSXML.SUBACTION_ATT, "login");
|
---|
| 991 | loginPageRequest.setAttribute(GSXML.OUTPUT_ATT, "html");
|
---|
[25257] | 992 | loginPageRequest.setAttribute(GSXML.BASE_URL, baseURL);
|
---|
[25092] | 993 | loginPageMessage.appendChild(loginPageRequest);
|
---|
| 994 |
|
---|
[28972] | 995 | Element paramList = loginPageDoc.createElement(GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
|
---|
[25092] | 996 | loginPageRequest.appendChild(paramList);
|
---|
[25128] | 997 |
|
---|
[28972] | 998 | Element messageParam = loginPageDoc.createElement(GSXML.PARAM_ELEM);
|
---|
[25092] | 999 | messageParam.setAttribute(GSXML.NAME_ATT, "loginMessage");
|
---|
[25128] | 1000 | if (request.getAuthType() == null)
|
---|
[25092] | 1001 | {
|
---|
| 1002 | messageParam.setAttribute(GSXML.VALUE_ATT, "Please log in to view this page");
|
---|
| 1003 | }
|
---|
| 1004 | else
|
---|
| 1005 | {
|
---|
[25128] | 1006 | messageParam.setAttribute(GSXML.VALUE_ATT, "You are not in the correct group to view this page, would you like to log in as a different user?");
|
---|
[25092] | 1007 | }
|
---|
| 1008 | paramList.appendChild(messageParam);
|
---|
[25128] | 1009 |
|
---|
[28972] | 1010 | Element urlParam = loginPageDoc.createElement(GSXML.PARAM_ELEM);
|
---|
[25092] | 1011 | urlParam.setAttribute(GSXML.NAME_ATT, "redirectURL");
|
---|
[25351] | 1012 | if (request.getQueryString() != null && request.getQueryString().length() > 0)
|
---|
| 1013 | {
|
---|
[25425] | 1014 | urlParam.setAttribute(GSXML.VALUE_ATT, request.getRequestURL() + "?" + request.getQueryString().replace("&", "&"));
|
---|
[25351] | 1015 | }
|
---|
| 1016 | else
|
---|
| 1017 | {
|
---|
[25425] | 1018 | urlParam.setAttribute(GSXML.VALUE_ATT, request.getRequestURL().toString());
|
---|
[25351] | 1019 | }
|
---|
[25092] | 1020 | paramList.appendChild(urlParam);
|
---|
| 1021 |
|
---|
| 1022 | Node loginPageResponse = this.recept.process(loginPageMessage);
|
---|
[28972] | 1023 | out.println(XMLConverter.getPrettyString(loginPageResponse));
|
---|
[25092] | 1024 |
|
---|
[25257] | 1025 | return false;
|
---|
[25092] | 1026 | }
|
---|
| 1027 | }
|
---|
| 1028 | }
|
---|
[25257] | 1029 | return true;
|
---|
| 1030 | }
|
---|
[25310] | 1031 |
|
---|
[24019] | 1032 | //a debugging method
|
---|
[25635] | 1033 | private void displaySize(Hashtable<String, UserSessionCache> table)
|
---|
[24753] | 1034 | {
|
---|
| 1035 | if (table == null)
|
---|
| 1036 | {
|
---|
[24019] | 1037 | logger.info("cached table is null");
|
---|
| 1038 | return;
|
---|
| 1039 | }
|
---|
[24753] | 1040 | if (table.size() == 0)
|
---|
| 1041 | {
|
---|
[24019] | 1042 | logger.info("cached table size is zero");
|
---|
| 1043 | return;
|
---|
| 1044 | }
|
---|
| 1045 | int num_cached_coll = 0;
|
---|
[25635] | 1046 | ArrayList<UserSessionCache> cache_list = new ArrayList<UserSessionCache>(table.values());
|
---|
[24753] | 1047 | for (int i = 0; i < cache_list.size(); i++)
|
---|
| 1048 | {
|
---|
[25635] | 1049 | num_cached_coll += cache_list.get(i).tableSize();
|
---|
[24019] | 1050 | }
|
---|
| 1051 | logger.info("Number of sessions : total number of cached collection info = " + table.size() + " : " + num_cached_coll);
|
---|
| 1052 | }
|
---|
[18223] | 1053 |
|
---|
[24019] | 1054 | /** merely a debugging method! */
|
---|
[25635] | 1055 | private String tableToString(Hashtable<String, Hashtable<String, String>> table)
|
---|
[24753] | 1056 | {
|
---|
[24019] | 1057 | String str = "";
|
---|
[25635] | 1058 | Enumeration<String> keys = table.keys();
|
---|
[24753] | 1059 | while (keys.hasMoreElements())
|
---|
| 1060 | {
|
---|
[25635] | 1061 | String name = keys.nextElement();
|
---|
[24019] | 1062 | str += name + ", ";
|
---|
| 1063 | }
|
---|
| 1064 | return str;
|
---|
| 1065 | }
|
---|
[6301] | 1066 |
|
---|
[24753] | 1067 | /**
|
---|
| 1068 | * this goes through each URL and adds in a session id if needed-- its
|
---|
| 1069 | * needed if the browser doesn't accept cookies also escapes things if
|
---|
| 1070 | * needed
|
---|
| 1071 | */
|
---|
| 1072 | protected void encodeURLs(Node dataNode, HttpServletResponse response)
|
---|
| 1073 | {
|
---|
| 1074 | if (dataNode == null)
|
---|
| 1075 | {
|
---|
[24019] | 1076 | return;
|
---|
| 1077 | }
|
---|
[16515] | 1078 |
|
---|
[24753] | 1079 | Element data = null;
|
---|
[16515] | 1080 |
|
---|
[24019] | 1081 | short nodeType = dataNode.getNodeType();
|
---|
[24753] | 1082 | if (nodeType == Node.DOCUMENT_NODE)
|
---|
| 1083 | {
|
---|
| 1084 | Document docNode = (Document) dataNode;
|
---|
| 1085 | data = docNode.getDocumentElement();
|
---|
[24019] | 1086 | }
|
---|
[24753] | 1087 | else
|
---|
| 1088 | {
|
---|
| 1089 | data = (Element) dataNode;
|
---|
[24019] | 1090 | }
|
---|
[16515] | 1091 |
|
---|
[24753] | 1092 | if (data != null)
|
---|
| 1093 | {
|
---|
[19984] | 1094 |
|
---|
[24019] | 1095 | // get all the <a> elements
|
---|
| 1096 | NodeList hrefs = data.getElementsByTagName("a");
|
---|
| 1097 | // Instead of calculating each iteration...
|
---|
| 1098 | int hrefscount = hrefs.getLength();
|
---|
[23790] | 1099 |
|
---|
[24753] | 1100 | for (int i = 0; hrefs != null && i < hrefscount; i++)
|
---|
| 1101 | {
|
---|
| 1102 | Element a = (Element) hrefs.item(i);
|
---|
[24019] | 1103 | // ugly hack to get rid of : in the args - interferes with session handling
|
---|
| 1104 | String href = a.getAttribute("href");
|
---|
[24753] | 1105 | if (!href.equals(""))
|
---|
| 1106 | {
|
---|
| 1107 | if (href.indexOf("?") != -1)
|
---|
| 1108 | {
|
---|
[24019] | 1109 | String[] parts = StringUtils.split(href, "\\?", -1);
|
---|
| 1110 | if (parts.length == 1)
|
---|
| 1111 | {
|
---|
| 1112 | parts[0] = StringUtils.replace(parts[0], ":", "%3A");
|
---|
[24753] | 1113 | href = "?" + parts[0];
|
---|
[24019] | 1114 | }
|
---|
| 1115 | else
|
---|
| 1116 | {
|
---|
| 1117 | parts[1] = StringUtils.replace(parts[1], ":", "%3A");
|
---|
[24753] | 1118 | href = parts[0] + "?" + parts[1];
|
---|
[24019] | 1119 | }
|
---|
[24753] | 1120 |
|
---|
[24019] | 1121 | }
|
---|
| 1122 | a.setAttribute("href", response.encodeURL(href));
|
---|
| 1123 | }
|
---|
| 1124 | }
|
---|
[24753] | 1125 |
|
---|
[24019] | 1126 | // now find any submit bits - get all the <form> elements
|
---|
| 1127 | NodeList forms = data.getElementsByTagName("form");
|
---|
| 1128 | int formscount = forms.getLength();
|
---|
[24753] | 1129 | for (int i = 0; forms != null && i < formscount; i++)
|
---|
| 1130 | {
|
---|
| 1131 | Element form = (Element) forms.item(i);
|
---|
[24019] | 1132 | form.setAttribute("action", response.encodeURL(form.getAttribute("action")));
|
---|
| 1133 | }
|
---|
| 1134 | // are these the only cases where URLs occur??
|
---|
| 1135 | // we should only do this for greenstone urls?
|
---|
[19984] | 1136 | }
|
---|
[24753] | 1137 |
|
---|
[19984] | 1138 | }
|
---|
[18223] | 1139 |
|
---|
[27617] | 1140 | protected String getFirstParam(String name, Map<String, String[]> map)
|
---|
| 1141 | {
|
---|
| 1142 | String[] val = map.get(name);
|
---|
| 1143 | if (val == null || val.length == 0)
|
---|
| 1144 | {
|
---|
| 1145 | return null;
|
---|
| 1146 | }
|
---|
| 1147 |
|
---|
| 1148 | return val[0];
|
---|
| 1149 | }
|
---|
| 1150 |
|
---|
[24753] | 1151 | synchronized protected int getNextUserId()
|
---|
| 1152 | {
|
---|
[24019] | 1153 | next_user_id++;
|
---|
| 1154 | return next_user_id;
|
---|
| 1155 | }
|
---|
[18223] | 1156 |
|
---|
[24753] | 1157 | public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
|
---|
| 1158 | {
|
---|
[27617] | 1159 | //Check if we need to process a file upload
|
---|
| 1160 | if (ServletFileUpload.isMultipartContent(request))
|
---|
| 1161 | {
|
---|
| 1162 | DiskFileItemFactory fileItemFactory = new DiskFileItemFactory();
|
---|
| 1163 |
|
---|
| 1164 | int sizeLimit = System.getProperties().containsKey("servlet.upload.filesize.limit") ? Integer.parseInt(System.getProperty("servlet.upload.filesize.limit")) : 100 * 1024 * 1024;
|
---|
| 1165 |
|
---|
| 1166 | File tempDir = new File(GlobalProperties.getGSDL3Home() + File.separator + "tmp");
|
---|
| 1167 | if (!tempDir.exists())
|
---|
| 1168 | {
|
---|
| 1169 | tempDir.mkdirs();
|
---|
| 1170 | }
|
---|
| 1171 |
|
---|
| 1172 | //We want all files to be stored on disk (hence the 0)
|
---|
| 1173 | fileItemFactory.setSizeThreshold(0);
|
---|
| 1174 | fileItemFactory.setRepository(tempDir);
|
---|
| 1175 |
|
---|
| 1176 | ServletFileUpload uploadHandler = new ServletFileUpload(fileItemFactory);
|
---|
| 1177 | uploadHandler.setFileSizeMax(sizeLimit);
|
---|
| 1178 |
|
---|
| 1179 | HashMap<String, String[]> queryMap = new HashMap<String, String[]>();
|
---|
| 1180 | try
|
---|
| 1181 | {
|
---|
| 1182 | List items = uploadHandler.parseRequest(request);
|
---|
| 1183 | Iterator iter = items.iterator();
|
---|
| 1184 | while (iter.hasNext())
|
---|
| 1185 | {
|
---|
| 1186 | FileItem current = (FileItem) iter.next();
|
---|
| 1187 | if (current.isFormField())
|
---|
| 1188 | {
|
---|
| 1189 | queryMap.put(current.getFieldName(), new String[] { current.getString() });
|
---|
| 1190 | }
|
---|
| 1191 | else if (current.getName() != null && !current.getName().equals(""))
|
---|
| 1192 | {
|
---|
| 1193 | File file = new File(tempDir, current.getName());
|
---|
| 1194 | current.write(file);
|
---|
[27719] | 1195 |
|
---|
| 1196 | queryMap.put("md___ex.Filesize", new String[] { "" + file.length() });
|
---|
| 1197 | queryMap.put("md___ex.Filename", new String[] { "" + current.getName() });
|
---|
[27617] | 1198 | }
|
---|
| 1199 | }
|
---|
| 1200 | }
|
---|
| 1201 | catch (Exception e)
|
---|
| 1202 | {
|
---|
| 1203 | e.printStackTrace();
|
---|
| 1204 | }
|
---|
| 1205 |
|
---|
| 1206 | doGetOrPost(request, response, queryMap);
|
---|
| 1207 | }
|
---|
| 1208 | else
|
---|
| 1209 | {
|
---|
| 1210 | doGetOrPost(request, response, request.getParameterMap());
|
---|
| 1211 | }
|
---|
[24019] | 1212 | }
|
---|
[3309] | 1213 | }
|
---|