Context Navigation

source: main/trunk/greenstone3/src/java/org/greenstone/gsdl3/LibraryServlet.java@ 27617

Last change on this file since 27617 was 27617, checked in by sjm84, 11 years ago
Various improvements and fixes mostly to do with adding depositor functionality
Property svn:keywords set to `Author Date Id Revision`
File size: 38.0 KB

Line
1	package org.greenstone.gsdl3;
2
3	import java.io.File;
4	import java.io.FileInputStream;
5	import java.io.FileOutputStream;
6	import java.io.IOException;
7	import java.io.PrintWriter;
8	import java.io.Serializable;
9	import java.lang.reflect.Type;
10	import java.nio.channels.FileChannel;
11	import java.util.ArrayList;
12	import java.util.Collection;
13	import java.util.Enumeration;
14	import java.util.HashMap;
15	import java.util.Hashtable;
16	import java.util.Iterator;
17	import java.util.List;
18	import java.util.Map;
19
20	import javax.servlet.ServletConfig;
21	import javax.servlet.ServletException;
22	import javax.servlet.http.Cookie;
23	import javax.servlet.http.HttpServletRequest;
24	import javax.servlet.http.HttpServletResponse;
25	import javax.servlet.http.HttpSession;
26	import javax.servlet.http.HttpSessionBindingEvent;
27	import javax.servlet.http.HttpSessionBindingListener;
28	import javax.servlet.http.Part;
29
30	import org.apache.commons.fileupload.FileItem;
31	import org.apache.commons.fileupload.disk.DiskFileItemFactory;
32	import org.apache.commons.fileupload.servlet.ServletFileUpload;
33	import org.apache.commons.lang3.StringUtils;
34	import org.apache.log4j.Logger;
35	import org.greenstone.gsdl3.action.PageAction;
36	import org.greenstone.gsdl3.comms.Communicator;
37	import org.greenstone.gsdl3.comms.SOAPCommunicator;
38	import org.greenstone.gsdl3.core.DefaultReceptionist;
39	import org.greenstone.gsdl3.core.MessageRouter;
40	import org.greenstone.gsdl3.core.Receptionist;
41	import org.greenstone.gsdl3.service.Authentication;
42	import org.greenstone.gsdl3.util.GSConstants;
43	import org.greenstone.gsdl3.util.GSParams;
44	import org.greenstone.gsdl3.util.GSXML;
45	import org.greenstone.gsdl3.util.UserContext;
46	import org.greenstone.gsdl3.util.XMLConverter;
47	import org.greenstone.util.GlobalProperties;
48	import org.json.JSONObject;
49	import org.w3c.dom.Document;
50	import org.w3c.dom.Element;
51	import org.w3c.dom.Node;
52	import org.w3c.dom.NodeList;
53
54	import com.google.gson.Gson;
55	import com.google.gson.reflect.TypeToken;
56
57	/**
58	* a servlet to serve the greenstone library - we are using servlets instead of
59	* cgi the init method is called only once - the first time the servlet classes
60	* are loaded. Each time a request comes in to the servlet, the session() method
61	* is called in a new thread (calls doGet/doPut etc) takes the a=p&p=home type
62	* args and builds a simple request to send to its receptionist, which returns a
63	* result in html, cos output=html is set in the request
64	*
65	* 18/Jul/07 xiao modify to make the cached parameters collection-specific. Most
66	* of the work is done in doGet(), except adding an inner class
67	* UserSessionCache.
68	*
69	* @see Receptionist
70	*/
71	public class LibraryServlet extends BaseGreenstoneServlet
72	{
73	/** the receptionist to send messages to */
74	protected Receptionist recept = null;
75
76	/**
77	* the default language - is specified by setting a servlet param, otherwise
78	* DEFAULT_LANG is used
79	*/
80	protected String default_lang = null;
81
82	/** Whether or not client-side XSLT support should be exposed */
83	protected boolean supports_client_xslt = false;
84
85	/**
86	* The default default - used if a default lang is not specified in the
87	* servlet params
88	*/
89	protected final String DEFAULT_LANG = "en";
90
91	/** container Document to create XML Nodes */
92	protected Document doc = null;
93
94	/** a converter class to parse XML and create Docs */
95	protected XMLConverter converter = null;
96
97	/**
98	* the cgi stuff - the Receptionist can add new args to this
99	*
100	* its used by the servlet to determine what args to save
101	*/
102	protected GSParams params = null;
103
104	/**
105	* user id - new one per session. This doesn't work if session state is
106	* saved between restarts - this requires this value to be saved too.
107	*/
108	protected int next_user_id = 0;
109
110	/**
111	* a hash that contains all the active session IDs mapped to the cached
112	* items It is updated whenever the whole site or a particular collection is
113	* reconfigured using the command a=s&sa=c or a=s&sa=c&c=xxx It is in the
114	* form: sid -> (UserSessionCache object)
115	*/
116	protected Hashtable<String, UserSessionCache> session_ids_table = new Hashtable<String, UserSessionCache>();
117
118	/**
119	* the maximum interval that the cached info remains in session_ids_table
120	* (in seconds) This is set in web.xml
121	*/
122	protected int session_expiration = 1800;
123
124	static Logger logger = Logger.getLogger(org.greenstone.gsdl3.LibraryServlet.class.getName());
125
126	/** initialise the servlet */
127	public void init(ServletConfig config) throws ServletException
128	{
129	// always call super.init;
130	super.init(config);
131	// disable preferences - does this work anyway??
132	//System.setProperty("java.util.prefs.PreferencesFactory", "org.greenstone.gsdl3.util.DisabledPreferencesFactory");
133
134	String library_name = config.getInitParameter(GSConstants.LIBRARY_NAME);
135	String interface_name = config.getInitParameter(GSConstants.INTERFACE_NAME);
136
137	String allowXslt = (String) config.getInitParameter(GSConstants.ALLOW_CLIENT_SIDE_XSLT);
138	supports_client_xslt = allowXslt != null && allowXslt.equals("true");
139
140	this.default_lang = config.getInitParameter(GSConstants.DEFAULT_LANG);
141	String sess_expire = config.getInitParameter(GSXML.SESSION_EXPIRATION);
142
143	if (sess_expire != null && !sess_expire.equals(""))
144	{
145	this.session_expiration = Integer.parseInt(sess_expire);
146	}
147
148	if (library_name == null \|\| interface_name == null)
149	{
150	// must have this
151	System.err.println("initialisation parameters not all set!");
152	System.err.println(" you must have libraryname and interfacename");
153	System.exit(1);
154	}
155
156	String site_name = config.getInitParameter(GSConstants.SITE_NAME);
157	String remote_site_name = null;
158	String remote_site_type = null;
159	String remote_site_address = null;
160
161	if (site_name == null)
162	{
163	// no site, try for communicator
164	remote_site_name = config.getInitParameter("remote_site_name");
165	remote_site_type = config.getInitParameter("remote_site_type");
166	remote_site_address = config.getInitParameter("remote_site_address");
167	if (remote_site_name == null \|\| remote_site_type == null \|\| remote_site_address == null)
168	{
169	System.err.println("initialisation paramters not all set!");
170	System.err.println("if site_name is not set, then you must have remote_site_name, remote_site_type and remote_site_address set");
171	System.exit(1);
172	}
173	}
174
175	if (this.default_lang == null)
176	{
177	// choose english
178	this.default_lang = DEFAULT_LANG;
179	}
180
181	HashMap<String, Object> config_params = new HashMap<String, Object>();
182
183	config_params.put(GSConstants.LIBRARY_NAME, library_name);
184	config_params.put(GSConstants.INTERFACE_NAME, interface_name);
185	config_params.put(GSConstants.ALLOW_CLIENT_SIDE_XSLT, supports_client_xslt);
186
187	if (site_name != null)
188	{
189	config_params.put(GSConstants.SITE_NAME, site_name);
190	}
191	this.converter = new XMLConverter();
192	this.doc = this.converter.newDOM();
193
194	// the receptionist -the servlet will talk to this
195	String recept_name = (String) config.getInitParameter("receptionist_class");
196	if (recept_name == null)
197	{
198	this.recept = new DefaultReceptionist();
199	}
200	else
201	{
202	try
203	{
204	this.recept = (Receptionist) Class.forName("org.greenstone.gsdl3.core." + recept_name).newInstance();
205	}
206	catch (Exception e)
207	{ // cant use this new one, so use normal one
208	System.err.println("LibraryServlet configure exception when trying to use a new Receptionist " + recept_name + ": " + e.getMessage());
209	e.printStackTrace();
210	this.recept = new DefaultReceptionist();
211	}
212	}
213	this.recept.setConfigParams(config_params);
214
215	// the receptionist uses a MessageRouter or Communicator to send its requests to. We either create a MessageRouter here for the designated site (if site_name set), or we create a Communicator for a remote site. The is given to teh Receptionist, and the servlet never talks to it again.directly.
216	if (site_name != null)
217	{
218	String mr_name = (String) config.getInitParameter("messagerouter_class");
219	MessageRouter message_router = null;
220	if (mr_name == null)
221	{ // just use the normal MR
222	message_router = new MessageRouter();
223	}
224	else
225	{ // try the specified one
226	try
227	{
228	message_router = (MessageRouter) Class.forName("org.greenstone.gsdl3.core." + mr_name).newInstance();
229	}
230	catch (Exception e)
231	{ // cant use this new one, so use normal one
232	System.err.println("LibraryServlet configure exception when trying to use a new MessageRouter " + mr_name + ": " + e.getMessage());
233	e.printStackTrace();
234	message_router = new MessageRouter();
235	}
236	}
237
238	message_router.setSiteName(site_name);
239	message_router.setLibraryName(library_name);
240	message_router.configure();
241	this.recept.setMessageRouter(message_router);
242	}
243	else
244	{
245	// talking to a remote site, create a communicator
246	Communicator communicator = null;
247	// we need to create the XML to configure the communicator
248	Element site_elem = this.doc.createElement(GSXML.SITE_ELEM);
249	site_elem.setAttribute(GSXML.TYPE_ATT, remote_site_type);
250	site_elem.setAttribute(GSXML.NAME_ATT, remote_site_name);
251	site_elem.setAttribute(GSXML.ADDRESS_ATT, remote_site_address);
252
253	if (remote_site_type.equals(GSXML.COMM_TYPE_SOAP_JAVA))
254	{
255	communicator = new SOAPCommunicator();
256	}
257	else
258	{
259	System.err.println("LibraryServlet.init Error: invalid Communicator type: " + remote_site_type);
260	System.exit(1);
261	}
262
263	if (!communicator.configure(site_elem))
264	{
265	System.err.println("LibraryServlet.init Error: Couldn't configure communicator");
266	System.exit(1);
267	}
268	this.recept.setMessageRouter(communicator);
269	}
270
271	// the params arg thingy
272
273	String params_name = (String) config.getInitParameter("params_class");
274	if (params_name == null)
275	{
276	this.params = new GSParams();
277	}
278	else
279	{
280	try
281	{
282	this.params = (GSParams) Class.forName("org.greenstone.gsdl3.util." + params_name).newInstance();
283	}
284	catch (Exception e)
285	{
286	System.err.println("LibraryServlet configure exception when trying to use a new params thing " + params_name + ": " + e.getMessage());
287	e.printStackTrace();
288	this.params = new GSParams();
289	}
290	}
291	// pass it to the receptionist
292	this.recept.setParams(this.params);
293	this.recept.configure();
294
295	//Allow the message router and the document to be accessed from anywhere in this servlet context
296	this.getServletContext().setAttribute("GSRouter", this.recept.getMessageRouter());
297	this.getServletContext().setAttribute("GSDocument", this.doc);
298	}
299
300	private void logUsageInfo(HttpServletRequest request)
301	{
302	String usageInfo = "";
303
304	//session-info: get params stored in the session
305	HttpSession session = request.getSession(true);
306	Enumeration attributeNames = session.getAttributeNames();
307	while (attributeNames.hasMoreElements())
308	{
309	String name = (String) attributeNames.nextElement();
310	usageInfo += name + "=" + session.getAttribute(name) + " ";
311	}
312
313	//logged info = general-info + session-info
314	usageInfo = request.getServletPath() + " " + //serlvet
315	"[" + request.getQueryString() + "]" + " " + //the query string
316	"[" + usageInfo.trim() + "]" + " " + // params stored in a session
317	request.getRemoteAddr() + " " + //remote address
318	request.getRequestedSessionId() + " " + //session id
319	request.getHeader("user-agent") + " "; //the remote brower info
320
321	logger.info(usageInfo);
322
323	}
324
325	public class UserSessionCache implements HttpSessionBindingListener
326	{
327	String session_id = "";
328
329	/**
330	* a hash that maps the session ID to a hashtable that maps the
331	* coll_name to its parameters coll_name -> Hashtable (param_name ->
332	* param_value)
333	*/
334	protected Hashtable<String, Hashtable<String, String>> coll_name_params_table = null;
335
336	public UserSessionCache(String id, Hashtable<String, Hashtable<String, String>> table)
337	{
338	session_id = id;
339	coll_name_params_table = (table == null) ? new Hashtable() : table;
340	}
341
342	protected void cleanupCache(String coll_name)
343	{
344	if (coll_name_params_table.containsKey(coll_name))
345	{
346	coll_name_params_table.remove(coll_name);
347	}
348	}
349
350	protected Hashtable<String, Hashtable<String, String>> getParamsTable()
351	{
352	return coll_name_params_table;
353	}
354
355	public void valueBound(HttpSessionBindingEvent event)
356	{
357	// Do nothing
358	}
359
360	public void valueUnbound(HttpSessionBindingEvent event)
361	{
362	if (session_ids_table.containsKey(session_id))
363	{
364	session_ids_table.remove(session_id);
365	}
366	}
367
368	public int tableSize()
369	{
370	return (coll_name_params_table == null) ? 0 : coll_name_params_table.size();
371	}
372	}
373
374	public void destroy()
375	{
376	recept.cleanUp();
377	}
378
379	public void doGetOrPost(HttpServletRequest request, HttpServletResponse response, Map<String, String[]> queryMap) throws ServletException, IOException
380	{
381	logUsageInfo(request);
382
383	if (queryMap != null)
384	{
385	Iterator<String> queryIter = queryMap.keySet().iterator();
386	boolean redirect = false;
387	String href = null;
388	String rl = null;
389	String el = null;
390
391	while (queryIter.hasNext())
392	{
393	String q = queryIter.next();
394	if (q.equals(GSParams.EXTERNAL_LINK_TYPE))
395	{
396	el = queryMap.get(q)[0];
397	}
398	else if (q.equals(GSParams.HREF))
399	{
400	href = queryMap.get(q)[0];
401	href = StringUtils.replace(href, "%2f", "/");
402	href = StringUtils.replace(href, "%7e", "~");
403	href = StringUtils.replace(href, "%3f", "?");
404	href = StringUtils.replace(href, "%3A", "\\:");
405	}
406	else if (q.equals(GSParams.RELATIVE_LINK))
407	{
408	rl = queryMap.get(q)[0];
409	}
410	}
411
412	//if query_string contains "el=direct", an href is specified, and its not a relative link, then the web page will be redirected to the external URl, otherwise a greenstone page with an external URL will be displayed
413	//"rl=0" this is an external link
414	//"rl=1" this is an internal link
415	if ((href != null) && (rl.equals("0")))
416	{// This is an external link,
417
418	if (el.equals("framed"))
419	{
420	//TODO **** how best to change to a=p&sa=html&c=collection&url=href
421	// response.setContentType("text/xml");
422	//response.sendRedirect("http://localhost:8383/greenstone3/gs3library?a=p&sa=html&c=external&url="+href);
423	}
424	else
425	{
426	// el = '' or direct
427	//the web page is re-directed to the external URL (&el=&rl=0&href="http://...")
428	response.setContentType("text/xml");
429	response.sendRedirect(href);
430	}
431	}
432	}
433
434	// Nested Diagnostic Configurator to identify the client for
435	HttpSession session = request.getSession(true);
436	session.setMaxInactiveInterval(session_expiration);
437	String uid = (String) session.getAttribute(GSXML.USER_ID_ATT);
438	if (uid == null)
439	{
440	uid = "" + getNextUserId();
441	session.setAttribute(GSXML.USER_ID_ATT, uid);
442	}
443
444	request.setCharacterEncoding("UTF-8");
445	response.setContentType("text/html;charset=UTF-8");
446	PrintWriter out = response.getWriter();
447
448	String lang = getFirstParam(GSParams.LANGUAGE, queryMap);
449	if (lang == null \|\| lang.equals(""))
450	{
451	// try the session cached lang
452	lang = (String) session.getAttribute(GSParams.LANGUAGE);
453	if (lang == null \|\| lang.equals(""))
454	{
455	// still not set, use the default
456	lang = this.default_lang;
457	}
458	}
459	UserContext userContext = new UserContext();
460	userContext.setLanguage(lang);
461	userContext.setUserID(uid);
462
463	if (request.getAuthType() != null)
464	{
465	//Get the username
466	userContext.setUsername(request.getUserPrincipal().getName());
467
468	//Get the groups for the user
469	Element acquireGroupMessage = this.doc.createElement(GSXML.MESSAGE_ELEM);
470	Element acquireGroupRequest = GSXML.createBasicRequest(this.doc, GSXML.REQUEST_TYPE_PROCESS, "GetUserInformation", userContext);
471	acquireGroupMessage.appendChild(acquireGroupRequest);
472
473	Element paramList = this.doc.createElement(GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
474	acquireGroupRequest.appendChild(paramList);
475	paramList.appendChild(GSXML.createParameter(this.doc, GSXML.USERNAME_ATT, request.getUserPrincipal().getName()));
476
477	Element aquireGroupsResponseMessage = (Element) this.recept.process(acquireGroupMessage);
478	Element aquireGroupsResponse = (Element) GSXML.getChildByTagName(aquireGroupsResponseMessage, GSXML.RESPONSE_ELEM);
479	Element param_list = (Element) GSXML.getChildByTagName(aquireGroupsResponse, GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
480
481	if (param_list != null)
482	{
483	HashMap<String, Serializable> params = GSXML.extractParams(param_list, false);
484	String groups = (String) params.get("groups");
485	userContext.setGroups(groups.split(","));
486	}
487	}
488
489	// set the lang in the session
490	session.setAttribute(GSParams.LANGUAGE, lang);
491
492	String output = getFirstParam(GSParams.OUTPUT, queryMap);
493	if (output == null \|\| output.equals(""))
494	{
495	output = "html"; // uses html by default
496	}
497
498	// If server output, force a switch to traditional interface
499	//output = (output.equals("server")) ? "html" : output;
500
501	// Force change the output mode if client-side XSLT is supported - server vs. client
502	// BUT only if the library allows client-side transforms
503	if (supports_client_xslt)
504	{
505	// MUST be done before the xml_message is built
506	Cookie[] cookies = request.getCookies();
507	Cookie xsltCookie = null;
508
509	// The client has cookies enabled and a value set - use it!
510	if (cookies != null)
511	{
512	for (Cookie c : cookies)
513	{
514	if (c.getName().equals("supportsXSLT"))
515	{
516	xsltCookie = c;
517	break;
518	}
519	}
520	output = (xsltCookie != null && xsltCookie.getValue().equals("true") && output.equals("html")) ? "xsltclient" : output;
521	}
522	}
523
524	// the request to the receptionist
525	Element xml_message = this.doc.createElement(GSXML.MESSAGE_ELEM);
526	Element xml_request = GSXML.createBasicRequest(this.doc, GSXML.REQUEST_TYPE_PAGE, "", userContext);
527	xml_request.setAttribute(GSXML.OUTPUT_ATT, output);
528
529	xml_message.appendChild(xml_request);
530
531	String action = getFirstParam(GSParams.ACTION, queryMap);
532	String subaction = getFirstParam(GSParams.SUBACTION, queryMap);
533	String collection = getFirstParam(GSParams.COLLECTION, queryMap);
534	String document = getFirstParam(GSParams.DOCUMENT, queryMap);
535	String service = getFirstParam(GSParams.SERVICE, queryMap);
536
537	// We clean up the cache session_ids_table if system
538	// commands are issued (and also don't need to do caching for this request)
539	boolean should_cache = true;
540	if (action != null && action.equals(GSParams.SYSTEM_ACTION))
541	{
542	should_cache = false;
543
544	// we may want to remove all collection cache info, or just a specific collection
545	boolean clean_all = true;
546	String clean_collection = null;
547	// system commands are to activate/deactivate stuff
548	// collection param is in the sc parameter.
549	// don't like the fact that it is hard coded here
550	String coll = getFirstParam(GSParams.SYSTEM_CLUSTER, queryMap);
551	if (coll != null && !coll.equals(""))
552	{
553	clean_all = false;
554	clean_collection = coll;
555	}
556	else
557	{
558	// check other system types
559	if (subaction.equals("a") \|\| subaction.equals("d"))
560	{
561	String module_name = getFirstParam("sn", queryMap);
562	if (module_name != null && !module_name.equals(""))
563	{
564	clean_all = false;
565	clean_collection = module_name;
566	}
567	}
568	}
569	if (clean_all)
570	{
571	session_ids_table = new Hashtable<String, UserSessionCache>();
572	session.removeAttribute(GSXML.USER_SESSION_CACHE_ATT);
573	}
574	else
575	{
576	// just clean up info for clean_collection
577	ArrayList<UserSessionCache> cache_list = new ArrayList<UserSessionCache>(session_ids_table.values());
578	for (int i = 0; i < cache_list.size(); i++)
579	{
580	UserSessionCache cache = cache_list.get(i);
581	cache.cleanupCache(clean_collection);
582	}
583
584	}
585	}
586
587	// cache_key is the collection name, or service name
588	String cache_key = collection;
589	if (cache_key == null \|\| cache_key.equals(""))
590	{
591	cache_key = service;
592	}
593
594	// logger.info("should_cache= " + should_cache);
595
596	//clear the collection-specific cache in the session, since we have no way to know whether this session is
597	//about the same collection as the last session or not.
598	Enumeration attributeNames = session.getAttributeNames();
599	while (attributeNames.hasMoreElements())
600	{
601	String name = (String) attributeNames.nextElement();
602	if (!name.equals(GSXML.USER_SESSION_CACHE_ATT) && !name.equals(GSParams.LANGUAGE) && !name.equals(GSXML.USER_ID_ATT))
603	{
604	session.removeAttribute(name);
605	}
606	}
607
608	UserSessionCache session_cache = null;
609	Hashtable<String, Hashtable<String, String>> param_table = null;
610	Hashtable<String, String> table = null;
611	String sid = session.getId();
612	if (should_cache == true && cache_key != null && !cache_key.equals(""))
613	{
614	if (session_ids_table.containsKey(sid))
615	{
616	session_cache = session_ids_table.get(sid);
617	param_table = session_cache.getParamsTable();
618	logger.info("collections in table: " + tableToString(param_table));
619	if (param_table.containsKey(cache_key))
620	{
621	//logger.info("existing table: " + collection);
622	table = param_table.get(cache_key);
623	}
624	else
625	{
626	table = new Hashtable<String, String>();
627	param_table.put(cache_key, table);
628	//logger.info("new table: " + collection);
629	}
630	}
631	else
632	{
633	param_table = new Hashtable<String, Hashtable<String, String>>();
634	table = new Hashtable<String, String>();
635	param_table.put(cache_key, table);
636	session_cache = new UserSessionCache(sid, param_table);
637	session_ids_table.put(sid, session_cache);
638	session.setAttribute(GSXML.USER_SESSION_CACHE_ATT, session_cache);
639	//logger.info("new session id");
640	}
641	}
642
643	if (action == null \|\| action.equals(""))
644	{
645	// should we do all the following stuff if using default page?
646	// display the home page - the default page
647	xml_request.setAttribute(GSXML.ACTION_ATT, "p");
648	xml_request.setAttribute(GSXML.SUBACTION_ATT, PageAction.HOME_PAGE);
649	}
650	else
651	{
652	xml_request.setAttribute(GSXML.ACTION_ATT, action);
653	if (subaction != null)
654	{
655	xml_request.setAttribute(GSXML.SUBACTION_ATT, subaction);
656	}
657
658	// create the param list for the greenstone request - includes
659	// the params from the current request and any others from the saved session
660	Element xml_param_list = this.doc.createElement(GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
661	xml_request.appendChild(xml_param_list);
662
663	for (String name : queryMap.keySet())
664	{
665	if (!name.equals(GSParams.ACTION) && !name.equals(GSParams.SUBACTION) && !name.equals(GSParams.LANGUAGE) && !name.equals(GSParams.OUTPUT))
666	{// we have already dealt with these
667
668	String value = "";
669	String[] values = queryMap.get(name);
670	value = values[0];
671	if (values.length > 1)
672	{
673	for (int i = 1; i < values.length; i++)
674	{
675	value += "," + values[i];
676	}
677	}
678	// either add it to the param list straight away, or save it to the session and add it later
679	if (this.params.shouldSave(name) && table != null)
680	{
681	table.put(name, value);
682	}
683	else
684	{
685	Element param = this.doc.createElement(GSXML.PARAM_ELEM);
686	param.setAttribute(GSXML.NAME_ATT, name);
687	param.setAttribute(GSXML.VALUE_ATT, GSXML.xmlSafe(value));
688	xml_param_list.appendChild(param);
689	}
690	}
691	}
692	//put everything in the table into the session
693	// do we need to do this? why not just put from table into param list
694	if (table != null)
695	{
696	Enumeration<String> keys = table.keys();
697	while (keys.hasMoreElements())
698	{
699	String name = keys.nextElement();
700	session.setAttribute(name, table.get(name));
701	}
702	}
703
704	// put in all the params from the session cache
705	Enumeration params = session.getAttributeNames();
706	while (params.hasMoreElements())
707	{
708	String name = (String) params.nextElement();
709
710	if (!name.equals(GSXML.USER_SESSION_CACHE_ATT) && !name.equals(GSParams.LANGUAGE) && !name.equals(GSXML.USER_ID_ATT))
711	{
712
713	// lang and uid are stored but we dont want it in the param list cos its already in the request
714	Element param = this.doc.createElement(GSXML.PARAM_ELEM);
715	param.setAttribute(GSXML.NAME_ATT, name);
716	String value = GSXML.xmlSafe((String) session.getAttribute(name));
717
718	// ugly hack to undo : escaping
719	value = StringUtils.replace(value, "%3A", "\\:");
720	param.setAttribute(GSXML.VALUE_ATT, value);
721	xml_param_list.appendChild(param);
722	}
723	}
724	}
725
726	if (output.equals("json"))
727	{
728	response.setContentType("application/json");
729	}
730	else if (!output.equals("html") && !output.equals("server") && !output.equals("xsltclient"))
731	{
732	response.setContentType("text/xml"); // for now use text
733	}
734
735	//Add custom HTTP headers if requested
736	String httpHeadersParam = getFirstParam(GSParams.HTTP_HEADER_FIELDS, queryMap);
737	if (httpHeadersParam != null && httpHeadersParam.length() > 0)
738	{
739	Gson gson = new Gson();
740	Type type = new TypeToken<List<Map<String, String>>>()
741	{
742	}.getType();
743	List<Map<String, String>> httpHeaders = gson.fromJson(httpHeadersParam, type);
744	if (httpHeaders != null && httpHeaders.size() > 0)
745	{
746
747	for (int j = 0; j < httpHeaders.size(); j++)
748	{
749	Map nameValueMap = httpHeaders.get(j);
750	String name = (String) nameValueMap.get("name");
751	String value = (String) nameValueMap.get("value");
752
753	if (name != null && value != null)
754	{
755	response.setHeader(name, value);
756	}
757	}
758	}
759	}
760
761	String requestedURL = request.getRequestURL().toString();
762	String baseURL = "";
763	if (requestedURL.indexOf(this.getServletName()) != -1)
764	{
765	baseURL = requestedURL.substring(0, requestedURL.indexOf(this.getServletName()));
766	xml_request.setAttribute("baseURL", baseURL);
767	}
768
769	String fullURL;
770	if (request.getQueryString() != null)
771	{
772	fullURL = requestedURL + "?" + request.getQueryString();
773	}
774	else
775	{
776	fullURL = requestedURL;
777	}
778
779	xml_request.setAttribute("remoteAddress", request.getRemoteAddr());
780	xml_request.setAttribute("fullURL", fullURL.replace("&", "&"));
781
782	if (!runSecurityChecks(request, xml_request, userContext, out, baseURL, collection, document, queryMap))
783	{
784	return;
785	}
786
787	Node xml_result = this.recept.process(xml_message);
788	encodeURLs(xml_result, response);
789
790	String xml_string = this.converter.getPrettyString(xml_result);
791
792	if (output.equals("json"))
793	{
794	try
795	{
796	JSONObject json_obj = org.json.XML.toJSONObject(xml_string);
797
798	out.println(json_obj.toString());
799	}
800	catch (Exception e)
801	{
802	e.printStackTrace();
803	out.println("Error: failed to convert output XML to JSON format");
804	}
805	}
806	else
807	{
808	out.println(xml_string);
809	}
810
811	displaySize(session_ids_table);
812	}
813
814	public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
815	{
816	doGetOrPost(request, response, request.getParameterMap());
817	} //end of doGet(HttpServletRequest, HttpServletResponse)
818
819	private boolean runSecurityChecks(HttpServletRequest request, Element xml_request, UserContext userContext, PrintWriter out, String baseURL, String collection, String document, Map<String, String[]> queryMap) throws ServletException
820	{
821	//Check if we need to login or logout
822	String username = getFirstParam("username", queryMap);
823	String password = getFirstParam("password", queryMap);
824	String logout = getFirstParam("logout", queryMap);
825
826	if (logout != null)
827	{
828	request.logout();
829	}
830
831	if (username != null && password != null)
832	{
833	//We are changing to another user, so log out first
834	if (request.getAuthType() != null)
835	{
836	request.logout();
837	}
838
839	//This try/catch block catches when the login request fails (e.g. The user enters an incorrect password).
840	try
841	{
842	//Try a global login first
843	password = Authentication.hashPassword(password);
844	request.login(username, password);
845	}
846	catch (Exception ex)
847	{
848	try
849	{
850	//If the global login fails then try a site-level login
851	String siteName = (String) this.recept.getConfigParams().get(GSConstants.SITE_NAME);
852	request.login(siteName + "-" + username, password);
853	}
854	catch (Exception exc)
855	{
856	//The user entered in either the wrong username or the wrong password
857	Element loginPageMessage = this.doc.createElement(GSXML.MESSAGE_ELEM);
858	Element loginPageRequest = GSXML.createBasicRequest(this.doc, GSXML.REQUEST_TYPE_PAGE, "", userContext);
859	loginPageRequest.setAttribute(GSXML.ACTION_ATT, "p");
860	loginPageRequest.setAttribute(GSXML.SUBACTION_ATT, "login");
861	loginPageRequest.setAttribute(GSXML.OUTPUT_ATT, "html");
862	loginPageRequest.setAttribute(GSXML.BASE_URL, baseURL);
863	loginPageMessage.appendChild(loginPageRequest);
864
865	Element paramList = this.doc.createElement(GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
866	loginPageRequest.appendChild(paramList);
867
868	Element messageParam = this.doc.createElement(GSXML.PARAM_ELEM);
869	messageParam.setAttribute(GSXML.NAME_ATT, "loginMessage");
870	messageParam.setAttribute(GSXML.VALUE_ATT, "Either your username or password was incorrect, please try again.");
871	paramList.appendChild(messageParam);
872
873	Element urlParam = this.doc.createElement(GSXML.PARAM_ELEM);
874	urlParam.setAttribute(GSXML.NAME_ATT, "redirectURL");
875	String queryString = "";
876	if (request.getQueryString() != null)
877	{
878	queryString = "?" + request.getQueryString().replace("&", "&");
879	}
880	urlParam.setAttribute(GSXML.VALUE_ATT, this.getServletName() + queryString);
881	paramList.appendChild(urlParam);
882
883	Node loginPageResponse = this.recept.process(loginPageMessage);
884	out.println(this.converter.getPrettyString(loginPageResponse));
885
886	return false;
887	}
888	}
889	}
890
891	//If a user is logged in
892	if (request.getAuthType() != null)
893	{
894	Element userInformation = this.doc.createElement(GSXML.USER_INFORMATION_ELEM);
895	userInformation.setAttribute(GSXML.USERNAME_ATT, request.getUserPrincipal().getName());
896
897	Element userInfoMessage = this.doc.createElement(GSXML.MESSAGE_ELEM);
898	Element userInfoRequest = GSXML.createBasicRequest(this.doc, GSXML.REQUEST_TYPE_SECURITY, "GetUserInformation", userContext);
899	userInfoMessage.appendChild(userInfoRequest);
900
901	Element paramList = this.doc.createElement(GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
902	userInfoRequest.appendChild(paramList);
903
904	Element param = this.doc.createElement(GSXML.PARAM_ELEM);
905	param.setAttribute(GSXML.NAME_ATT, GSXML.USERNAME_ATT);
906	param.setAttribute(GSXML.VALUE_ATT, request.getUserPrincipal().getName());
907	paramList.appendChild(param);
908
909	Element userInformationResponse = (Element) GSXML.getChildByTagName(this.recept.process(userInfoMessage), GSXML.RESPONSE_ELEM);
910	Element responseParamList = (Element) GSXML.getChildByTagName(userInformationResponse, GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
911	if (responseParamList == null)
912	{
913	logger.error("Can't get the groups for user " + request.getUserPrincipal().getName());
914	}
915	else
916	{
917	HashMap<String, Serializable> responseParams = GSXML.extractParams(responseParamList, true);
918	String groups = (String) responseParams.get(GSXML.GROUPS_ATT);
919
920	userInformation.setAttribute(GSXML.GROUPS_ATT, groups);
921	xml_request.appendChild(userInformation);
922	}
923	}
924
925	//If we are in a collection-related page then make sure this user is allowed to access it
926	if (collection != null && !collection.equals(""))
927	{
928	//Get the security info for this collection
929	Element securityMessage = this.doc.createElement(GSXML.MESSAGE_ELEM);
930	Element securityRequest = GSXML.createBasicRequest(this.doc, GSXML.REQUEST_TYPE_SECURITY, collection, userContext);
931	securityMessage.appendChild(securityRequest);
932	if (document != null && !document.equals(""))
933	{
934	securityRequest.setAttribute(GSXML.NODE_OID, document);
935	}
936
937	Element securityResponse = (Element) GSXML.getChildByTagName(this.recept.process(securityMessage), GSXML.RESPONSE_ELEM);
938	if (securityResponse == null)
939	{
940	return false;
941	}
942
943	ArrayList<String> groups = GSXML.getGroupsFromSecurityResponse(securityResponse);
944
945	//If guests are not allowed to access this page then check to see if the user is in a group that is allowed to access the page
946	if (!groups.contains(""))
947	{
948	boolean found = false;
949	for (String group : groups)
950	{
951	if (request.isUserInRole(group))
952	{
953	found = true;
954	break;
955	}
956	}
957
958	//The current user is not allowed to access the page so produce a login page
959	if (!found)
960	{
961	Element loginPageMessage = this.doc.createElement(GSXML.MESSAGE_ELEM);
962	Element loginPageRequest = GSXML.createBasicRequest(this.doc, GSXML.REQUEST_TYPE_PAGE, "", userContext);
963	loginPageRequest.setAttribute(GSXML.ACTION_ATT, "p");
964	loginPageRequest.setAttribute(GSXML.SUBACTION_ATT, "login");
965	loginPageRequest.setAttribute(GSXML.OUTPUT_ATT, "html");
966	loginPageRequest.setAttribute(GSXML.BASE_URL, baseURL);
967	loginPageMessage.appendChild(loginPageRequest);
968
969	Element paramList = this.doc.createElement(GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
970	loginPageRequest.appendChild(paramList);
971
972	Element messageParam = this.doc.createElement(GSXML.PARAM_ELEM);
973	messageParam.setAttribute(GSXML.NAME_ATT, "loginMessage");
974	if (request.getAuthType() == null)
975	{
976	messageParam.setAttribute(GSXML.VALUE_ATT, "Please log in to view this page");
977	}
978	else
979	{
980	messageParam.setAttribute(GSXML.VALUE_ATT, "You are not in the correct group to view this page, would you like to log in as a different user?");
981	}
982	paramList.appendChild(messageParam);
983
984	Element urlParam = this.doc.createElement(GSXML.PARAM_ELEM);
985	urlParam.setAttribute(GSXML.NAME_ATT, "redirectURL");
986	if (request.getQueryString() != null && request.getQueryString().length() > 0)
987	{
988	urlParam.setAttribute(GSXML.VALUE_ATT, request.getRequestURL() + "?" + request.getQueryString().replace("&", "&"));
989	}
990	else
991	{
992	urlParam.setAttribute(GSXML.VALUE_ATT, request.getRequestURL().toString());
993	}
994	paramList.appendChild(urlParam);
995
996	Node loginPageResponse = this.recept.process(loginPageMessage);
997	out.println(this.converter.getPrettyString(loginPageResponse));
998
999	return false;
1000	}
1001	}
1002	}
1003	return true;
1004	}
1005
1006	//a debugging method
1007	private void displaySize(Hashtable<String, UserSessionCache> table)
1008	{
1009	if (table == null)
1010	{
1011	logger.info("cached table is null");
1012	return;
1013	}
1014	if (table.size() == 0)
1015	{
1016	logger.info("cached table size is zero");
1017	return;
1018	}
1019	int num_cached_coll = 0;
1020	ArrayList<UserSessionCache> cache_list = new ArrayList<UserSessionCache>(table.values());
1021	for (int i = 0; i < cache_list.size(); i++)
1022	{
1023	num_cached_coll += cache_list.get(i).tableSize();
1024	}
1025	logger.info("Number of sessions : total number of cached collection info = " + table.size() + " : " + num_cached_coll);
1026	}
1027
1028	/** merely a debugging method! */
1029	private String tableToString(Hashtable<String, Hashtable<String, String>> table)
1030	{
1031	String str = "";
1032	Enumeration<String> keys = table.keys();
1033	while (keys.hasMoreElements())
1034	{
1035	String name = keys.nextElement();
1036	str += name + ", ";
1037	}
1038	return str;
1039	}
1040
1041	/**
1042	* this goes through each URL and adds in a session id if needed-- its
1043	* needed if the browser doesn't accept cookies also escapes things if
1044	* needed
1045	*/
1046	protected void encodeURLs(Node dataNode, HttpServletResponse response)
1047	{
1048	if (dataNode == null)
1049	{
1050	return;
1051	}
1052
1053	Element data = null;
1054
1055	short nodeType = dataNode.getNodeType();
1056	if (nodeType == Node.DOCUMENT_NODE)
1057	{
1058	Document docNode = (Document) dataNode;
1059	data = docNode.getDocumentElement();
1060	}
1061	else
1062	{
1063	data = (Element) dataNode;
1064	}
1065
1066	if (data != null)
1067	{
1068
1069	// get all the <a> elements
1070	NodeList hrefs = data.getElementsByTagName("a");
1071	// Instead of calculating each iteration...
1072	int hrefscount = hrefs.getLength();
1073
1074	for (int i = 0; hrefs != null && i < hrefscount; i++)
1075	{
1076	Element a = (Element) hrefs.item(i);
1077	// ugly hack to get rid of : in the args - interferes with session handling
1078	String href = a.getAttribute("href");
1079	if (!href.equals(""))
1080	{
1081	if (href.indexOf("?") != -1)
1082	{
1083	String[] parts = StringUtils.split(href, "\\?", -1);
1084	if (parts.length == 1)
1085	{
1086	parts[0] = StringUtils.replace(parts[0], ":", "%3A");
1087	href = "?" + parts[0];
1088	}
1089	else
1090	{
1091	parts[1] = StringUtils.replace(parts[1], ":", "%3A");
1092	href = parts[0] + "?" + parts[1];
1093	}
1094
1095	}
1096	a.setAttribute("href", response.encodeURL(href));
1097	}
1098	}
1099
1100	// now find any submit bits - get all the <form> elements
1101	NodeList forms = data.getElementsByTagName("form");
1102	int formscount = forms.getLength();
1103	for (int i = 0; forms != null && i < formscount; i++)
1104	{
1105	Element form = (Element) forms.item(i);
1106	form.setAttribute("action", response.encodeURL(form.getAttribute("action")));
1107	}
1108	// are these the only cases where URLs occur??
1109	// we should only do this for greenstone urls?
1110	}
1111
1112	}
1113
1114	protected String getFirstParam(String name, Map<String, String[]> map)
1115	{
1116	String[] val = map.get(name);
1117	if (val == null \|\| val.length == 0)
1118	{
1119	return null;
1120	}
1121
1122	return val[0];
1123	}
1124
1125	synchronized protected int getNextUserId()
1126	{
1127	next_user_id++;
1128	return next_user_id;
1129	}
1130
1131	public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
1132	{
1133	//Check if we need to process a file upload
1134	if (ServletFileUpload.isMultipartContent(request))
1135	{
1136	DiskFileItemFactory fileItemFactory = new DiskFileItemFactory();
1137
1138	int sizeLimit = System.getProperties().containsKey("servlet.upload.filesize.limit") ? Integer.parseInt(System.getProperty("servlet.upload.filesize.limit")) : 100 * 1024 * 1024;
1139
1140	File tempDir = new File(GlobalProperties.getGSDL3Home() + File.separator + "tmp");
1141	if (!tempDir.exists())
1142	{
1143	tempDir.mkdirs();
1144	}
1145
1146	//We want all files to be stored on disk (hence the 0)
1147	fileItemFactory.setSizeThreshold(0);
1148	fileItemFactory.setRepository(tempDir);
1149
1150	ServletFileUpload uploadHandler = new ServletFileUpload(fileItemFactory);
1151	uploadHandler.setFileSizeMax(sizeLimit);
1152
1153	HashMap<String, String[]> queryMap = new HashMap<String, String[]>();
1154	try
1155	{
1156	List items = uploadHandler.parseRequest(request);
1157	Iterator iter = items.iterator();
1158	while (iter.hasNext())
1159	{
1160	FileItem current = (FileItem) iter.next();
1161	if (current.isFormField())
1162	{
1163	queryMap.put(current.getFieldName(), new String[] { current.getString() });
1164	}
1165	else if (current.getName() != null && !current.getName().equals(""))
1166	{
1167	File file = new File(tempDir, current.getName());
1168	current.write(file);
1169	}
1170	}
1171	}
1172	catch (Exception e)
1173	{
1174	e.printStackTrace();
1175	}
1176
1177	doGetOrPost(request, response, queryMap);
1178	}
1179	else
1180	{
1181	doGetOrPost(request, response, request.getParameterMap());
1182	}
1183	}
1184	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: