source: main/trunk/greenstone3/src/java/org/greenstone/gsdl3/core/URLFilter.java

Last change on this file was 38371, checked in by kjdon, 6 months ago

defaulting here to a=p&p=about doesn't work, as sometimes, eg to get table of contents, we are using url .../collection/lucene-demo?a=d&d=b22bue. As the segments finish at the collection name this was triggering setting a=p&p=about, when we don't want it. so removing this code from here, and solving it in the library code
  • Property svn:executable set to *
File size: 26.4 KB
Line 
1package org.greenstone.gsdl3.core;
2
3import java.io.File;
4import java.io.IOException;
5import java.util.ArrayList;
6import java.util.Arrays;
7import java.util.HashMap;
8import java.util.Hashtable;
9import java.util.Map;
10
11import javax.servlet.Filter;
12import javax.servlet.FilterChain;
13import javax.servlet.FilterConfig;
14import javax.servlet.ServletContext;
15import javax.servlet.ServletException;
16import javax.servlet.ServletOutputStream;
17import javax.servlet.ServletRequest;
18import javax.servlet.ServletResponse;
19import javax.servlet.http.HttpSession;
20import javax.servlet.http.HttpServletRequest;
21import javax.servlet.http.HttpServletRequestWrapper;
22import javax.servlet.http.HttpServletResponse;
23
24import java.awt.event.ActionEvent;
25import java.awt.event.ActionListener;
26import javax.swing.Timer;
27
28import org.apache.commons.io.FileUtils;
29import org.apache.commons.lang3.StringUtils;
30
31import org.apache.log4j.Logger;
32import org.greenstone.gsdl3.util.GSParams;
33import org.greenstone.gsdl3.util.GSPath;
34import org.greenstone.gsdl3.util.GSXML;
35import org.greenstone.gsdl3.util.UserContext;
36import org.greenstone.gsdl3.util.XMLConverter;
37import org.greenstone.gsdl3.service.Authentication;
38import org.w3c.dom.Document;
39import org.w3c.dom.Element;
40import org.w3c.dom.NodeList;
41
42public class URLFilter implements Filter
43{
44 private FilterConfig _filterConfig = null;
45 private static Logger logger = Logger.getLogger(org.greenstone.gsdl3.core.URLFilter.class.getName());
46
47 //Restricted URLs
48 protected static final String SITECONFIG_URL = "sites/[^/]+/siteConfig.xml";
49 protected static final String USERS_DB_URL = "etc/usersDB/.*";
50 protected static final ArrayList<String> _restrictedURLs;
51
52 static
53 {
54 ArrayList<String> restrictedURLs = new ArrayList<String>();
55 restrictedURLs.add(SITECONFIG_URL);
56 restrictedURLs.add(USERS_DB_URL);
57 _restrictedURLs = restrictedURLs;
58 }
59
60 //Constants
61 protected static final String DOCUMENT_PATH = "document";
62 protected static final String COLLECTION_PATH = "collection";
63 protected static final String GROUP_PATH = "group";
64 protected static final String PAGE_PATH = "page";
65 protected static final String SYSTEM_PATH = "system";
66 protected static final String BROWSE_PATH = "browse";
67 protected static final String SEARCH_PATH = "search";
68 protected static final ArrayList<String> _keywords;
69
70 static
71 {
72 ArrayList<String> keywords = new ArrayList<String>();
73 keywords.add(PAGE_PATH);
74 keywords.add(BROWSE_PATH);
75 keywords.add(SEARCH_PATH);
76 keywords.add(DOCUMENT_PATH);
77 _keywords = keywords;
78 }
79
80 protected static final String METADATA_RETRIEVAL_SERVICE = "DocumentMetadataRetrieve";
81 protected static final String ASSOCIATED_FILE_PATH = "/index/assoc/";
82 protected static final String COLLECTION_FILE_PATH = "/collect/";
83 protected static final String INTERFACE_PATH = "/interfaces/";
84 protected static final String SITES_PATH = "/sites/";
85
86 protected static final String SYSTEM_SUBACTION_CONFIGURE = "configure";
87 protected static final String SYSTEM_SUBACTION_RECONFIGURE = "reconfigure";
88 protected static final String SYSTEM_SUBACTION_ACTIVATE = "activate";
89 protected static final String SYSTEM_SUBACTION_DEACTIVATE = "deactivate";
90
91 // if we are showing terms and conditions to user, this remembers who has
92 // accepted already
93 protected Hashtable<String, UserTimer> verifiedUserMap = null;
94 // timeouts are in millisecs
95 // this is for if we have verify=once set in collectionConfig - the user will stay
96 // verified for 24 hours
97 protected static final int verifiedUserTimeout = 24 * 60 * 60 * 1000;
98 // this is a per document timeout - Chrome may make several requests to fetch a fastview pdf,
99 // plus another one if the user clicks download. Need to keep a record for a verified document
100 // so it can be fuly viewed and downloaded - get a network error if end up back at verification page.
101 // the user stays verified for the document for 2 hours.
102 protected static final int tempUserTimeout = 2 * 60 * 60 * 1000;
103
104 public void init(FilterConfig filterConfig) throws ServletException
105 {
106 this._filterConfig = filterConfig;
107 this.verifiedUserMap = new Hashtable<String, UserTimer>();
108 }
109
110 public void destroy()
111 {
112 this._filterConfig = null;
113 }
114
115 @SuppressWarnings("deprecation")
116 public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException
117 {
118 if (!(request instanceof HttpServletRequest)) {
119 // Can this ever happen?
120 logger.error("The request was not an HttpServletRequest");
121 return;
122 }
123
124
125 HttpServletRequest hRequest = ((HttpServletRequest) request);
126 HttpSession hSession = hRequest.getSession();
127 ServletContext context = hSession.getServletContext();
128
129 GSHttpServletRequestWrapper gRequest = new GSHttpServletRequestWrapper(hRequest);
130
131 // this is the part before the ?
132 String url = hRequest.getRequestURI().toString();
133 if (isURLRestricted(url)) {
134
135 // TODO - should we make this a proper HTML page?
136 response.getWriter().println("ERROR: Access to this page is forbidden.");
137 return;
138 }
139
140
141 // Run security checks on files requested from a collection's index/assoc folder
142 if (url.contains(ASSOCIATED_FILE_PATH)) {
143 // we need to do security checking here in case the documents are private
144 // or if there is a terms and conditions page to be shown.
145 // Also, assoc files urls now contain the library name in them.
146 // e.g. greenstone3/library/sites/localsite/collect/collname/index/assoc/Hashxxx/doc.pdf
147 // so they are not a true link to a file. We remove the
148 // 'library' then forward the request to the new url.
149 securityCheckAssocFiles(url, hRequest, response);
150 return;
151 }
152
153 //
154 if (url.contains(SITES_PATH)) {
155 // there are some site/collection images that are not associated files.
156 // these dont need to be security checked, but we need to remove the library name from the url if its there
157 String context_path = context.getContextPath();
158 String regex = context_path+"/.+"+SITES_PATH+".*";
159 if (url.matches(regex)) {
160 // a forward doesn't want the context path
161 String new_url = url.substring(url.indexOf(SITES_PATH));
162 request.getRequestDispatcher(new_url).forward(request, response);
163 return;
164 }
165 // else if it doesn't match, ie the url was /greenstone3/sites/...
166 // we don't do anything and just let it continue
167 }
168
169
170
171 // if we are asking for an interface file, and it doesn't exist, then
172 // try loading up the interfaceConfig file to find out what the base
173 // interface was, then try looking in that interface for the file.
174 if (url.contains(INTERFACE_PATH))
175 {
176 String fileURL = url.replaceFirst(context.getContextPath(), "");
177 File requestedFile = new File(context.getRealPath(fileURL));
178
179 if (!requestedFile.exists()) {
180 String baseURL = getFileInBaseInterface(fileURL, context);
181 if (baseURL != null) {
182 File baseInterfaceFile = new File(context.getRealPath(baseURL));
183 if (baseInterfaceFile.exists()) {
184 request.getRequestDispatcher(baseURL).forward(request, response);
185 // ServletOutputStream out = response.getOutputStream();
186 // out.write(FileUtils.readFileToByteArray(baseInterfaceFile));
187 // out.flush();
188 // out.close();
189 return;
190 }
191 }
192 }
193 }
194 else
195 {
196 //If we have a jsessionid on the end of our URL we want to ignore it
197 int index;
198 if ((index = url.indexOf(";jsessionid")) != -1)
199 {
200 url = url.substring(0, index);
201 }
202 String[] segments = url.split("/");
203 for (int i = 0; i < segments.length; i++)
204 {
205 String[] additionalParameters = null;
206 String[] defaultParamValues = null;
207 //COLLECTION
208 if (segments[i].equals(COLLECTION_PATH) && (i + 1) < segments.length) {
209 int j=i+1;
210 while(j+1 < segments.length && !_keywords.contains(segments[j+1])) {
211 j++;
212 }
213
214 if (j>i+1) {
215 // we had a group part
216 String [] groups = Arrays.copyOfRange(segments, i+1, j);
217 String group = StringUtils.join(groups, "/");
218 gRequest.setParameter(GSParams.GROUP, group);
219 }
220 gRequest.setParameter(GSParams.COLLECTION, segments[j]);
221 }
222 // GROUP
223 else if(segments[i].equals(GROUP_PATH) && (i + 1) < segments.length)
224 {
225 // assume for now, no other path parts for group links
226 int j= segments.length - 1;
227 String group;
228 if (j==i+1) {
229 group = segments[j];
230 } else {
231 String [] groups = Arrays.copyOfRange(segments, i+1, j+1);
232 group = StringUtils.join(groups, "/");
233 }
234 gRequest.setParameter(GSParams.GROUP, group);
235 gRequest.setParameter(GSParams.ACTION, "p");
236 gRequest.setParameter(GSParams.SUBACTION, "home");
237
238 }
239 //DOCUMENT
240 else if (segments[i].equals(DOCUMENT_PATH) && (i + 1) < segments.length)
241 {
242 gRequest.setParameter(GSParams.DOCUMENT, segments[i + 1]);
243
244 additionalParameters = new String[] { GSParams.ACTION };
245 defaultParamValues = new String[] { "d" };
246 if ((i+2) < segments.length && segments[i+2].equals("print")) {
247 gRequest.setParameter(GSParams.SUBACTION, "print");
248 gRequest.setParameter("ed", "1");
249
250 }
251
252 }
253 //PAGE
254 else if (segments[i].equals(PAGE_PATH) && (i + 1) < segments.length)
255 {
256 gRequest.setParameter(GSParams.SUBACTION, segments[i + 1]);
257
258 additionalParameters = new String[] { GSParams.ACTION };
259 defaultParamValues = new String[] { "p" };
260 }
261 //SYSTEM
262 else if (segments[i].equals(SYSTEM_PATH) && (i + 1) < segments.length)
263 {
264 String sa = segments[i + 1];
265 if (sa.equals(SYSTEM_SUBACTION_CONFIGURE) || sa.equals(SYSTEM_SUBACTION_RECONFIGURE))
266 {
267 sa = "c";
268 }
269 else if (sa.equals(SYSTEM_SUBACTION_ACTIVATE))
270 {
271 sa = "a";
272 }
273 else if (sa.equals(SYSTEM_SUBACTION_DEACTIVATE))
274 {
275 sa = "d";
276 }
277
278 if (sa.equals("c") && (i + 2) < segments.length)
279 {
280 gRequest.setParameter(GSParams.SYSTEM_CLUSTER, segments[i + 2]);
281 }
282
283 if (sa.equals("a") && (i + 2) < segments.length)
284 {
285 gRequest.setParameter(GSParams.SYSTEM_MODULE_TYPE, "collection");
286 gRequest.setParameter(GSParams.SYSTEM_MODULE_NAME, segments[i + 2]);
287 }
288
289 if (sa.equals("d") && (i + 2) < segments.length)
290 {
291 gRequest.setParameter(GSParams.SYSTEM_CLUSTER, segments[i + 2]);
292 }
293
294 gRequest.setParameter(GSParams.SUBACTION, sa);
295
296 additionalParameters = new String[] { GSParams.ACTION };
297 defaultParamValues = new String[] { "s" };
298 }
299 //ADMIN
300 else if (segments[i].equals("admin") && (i + 1) < segments.length)
301 {
302 String pageName = segments[i + 1];
303
304 gRequest.setParameter("s1.authpage", pageName);
305
306 additionalParameters = new String[] { GSParams.ACTION, GSParams.REQUEST_TYPE, GSParams.SUBACTION, GSParams.SERVICE };
307 defaultParamValues = new String[] { "g", "r", "authen", "Authentication" };
308 }
309 //BROWSE
310 else if (segments[i].equals(BROWSE_PATH) && (i + 1) < segments.length)
311 {
312 String cl = "";
313 for (int j = 1; (i + j) < segments.length; j++)
314 {
315 String currentSegment = segments[i + j].replace("CL", "").replace("cl", "");
316 if (currentSegment.contains("."))
317 {
318 String[] subsegments = currentSegment.split("\\.");
319 for (String subsegment : subsegments)
320 {
321 subsegment = subsegment.replace("CL", "").replace("cl", "");
322
323 if (cl.length() > 0)
324 {
325 cl += ".";
326 }
327
328 if (subsegment.length() > 0)
329 {
330 cl += subsegment;
331 }
332 }
333 continue;
334 }
335 if (!currentSegment.matches("^(CL|cl)?\\d+$"))
336 {
337 continue;
338 }
339
340 if (cl.length() > 0)
341 {
342 cl += ".";
343 }
344
345 cl += currentSegment;
346 }
347
348 gRequest.setParameter("cl", "CL" + cl);
349
350 additionalParameters = new String[] { GSParams.ACTION, GSParams.REQUEST_TYPE, GSParams.SERVICE };
351 defaultParamValues = new String[] { "b", "s", "ClassifierBrowse" };
352 }
353 //QUERY
354 else if (segments[i].equals(SEARCH_PATH))
355 {
356 String serviceName = "";
357 if ((i + 1) < segments.length)
358 {
359 serviceName = segments[i + 1];
360 gRequest.setParameter("s", serviceName);
361
362 additionalParameters = new String[] { GSParams.ACTION, GSParams.SUBACTION, GSParams.REQUEST_TYPE };
363 defaultParamValues = new String[] { "q", "", "d" };
364 }
365 if ((i + 2) < segments.length)
366 {
367 if (serviceName.equals("TextQuery") || serviceName.equals("RawQuery"))
368 {
369
370 gRequest.setParameter("s1.query", segments[i + 2]);
371 }
372 else if (serviceName.equals("FieldQuery"))
373 {
374 gRequest.setParameter("s1.fqv", segments[i + 2]);
375 }
376 else if (serviceName.equals("AdvancedFieldQuery"))
377 {
378 gRequest.setParameter("s1.fqv", segments[i + 2]);
379 }
380 }
381 }
382 if (additionalParameters != null)
383 {
384 for (int j = 0; j < additionalParameters.length; j++)
385 {
386 if (gRequest.getParameter(additionalParameters[j]) == null)
387 {
388 gRequest.setParameter(additionalParameters[j], defaultParamValues[j]);
389 }
390 }
391 }
392 }
393 }
394
395 chain.doFilter(gRequest, response);
396 }
397
398 private boolean isURLRestricted(String url)
399 {
400 for (String restrictedURL : _restrictedURLs)
401 {
402 if (url.matches(".*" + restrictedURL + ".*"))
403 {
404 return true;
405 }
406 }
407
408 return false;
409 }
410
411 private String getFileInBaseInterface(String fileURL, ServletContext context) {
412 int interfaceNameStart = fileURL.indexOf(INTERFACE_PATH) + INTERFACE_PATH.length();
413 int interfaceNameEnd = fileURL.indexOf("/", interfaceNameStart);
414 String interfaceName = fileURL.substring(interfaceNameStart, interfaceNameEnd);
415 String interfacesDir = fileURL.substring(0, interfaceNameStart);
416 File interfaceConfigFile = new File(context.getRealPath(interfacesDir + interfaceName + "/interfaceConfig.xml"));
417
418 if (interfaceConfigFile.exists()) {
419
420 Document interfaceConfigDoc = XMLConverter.getDOM(interfaceConfigFile);
421
422 String baseInterface = interfaceConfigDoc.getDocumentElement().getAttribute("baseInterface");
423 if (baseInterface.length() > 0)
424 {
425 return fileURL.replace("/" + interfaceName + "/", "/" + baseInterface + "/");
426 }
427 }
428 return null;
429 }
430
431
432 private void securityCheckAssocFiles(String url, HttpServletRequest request, ServletResponse response) throws IOException, ServletException {
433 HttpSession session = request.getSession();
434 String session_id = session.getId();
435 ServletContext context = session.getServletContext();
436
437 // now we need to get library name from the path, which is like
438 // /greenstone3/library/sites/localsite/collect/collname/index/assoc/...
439 String library_name = url.replaceFirst(context.getContextPath(), "");
440 library_name = library_name.substring(0, library_name.indexOf(SITES_PATH));
441 if (library_name.equals("")) {
442 response.getWriter().println("ERROR: Assoc file paths must now contain the library name");
443 return;
444 }
445 // remove initial '/'
446 library_name = library_name.substring(1);
447
448 MessageRouter gsRouter = (MessageRouter) context.getAttribute(library_name+"Router");
449
450 if (gsRouter == null) {
451 logger.error("MR is null, stopping filter");
452 return;
453 }
454 // Sometimes we have a // before the filename - that mucks up the following code, so lets remove them
455 url = url.replaceAll("//","/");
456
457 String dir = null;
458 int dirStart = url.indexOf(ASSOCIATED_FILE_PATH) + ASSOCIATED_FILE_PATH.length();
459 int dirEnd = -1;
460 if (dirStart < url.length() && url.indexOf("/", dirStart) != -1)
461 {
462 dirEnd = url.lastIndexOf("/");
463 }
464 if (dirEnd != -1)
465 {
466 dir = url.substring(dirStart, dirEnd);
467 }
468 if (dir == null)
469 {
470 return;
471 }
472
473 String collection = null;
474 int colStart = url.indexOf(COLLECTION_FILE_PATH) + COLLECTION_FILE_PATH.length();
475 int colEnd = -1;
476 if (colStart < url.length() && url.indexOf("/", colStart) != -1)
477 {
478 colEnd = url.indexOf("/", colStart);
479 }
480 if (colEnd != -1)
481 {
482 collection = url.substring(colStart, colEnd);
483 }
484 if (collection == null)
485 {
486 return;
487 }
488
489 String file_name = url.substring(url.lastIndexOf("/")+1);
490 // if there is ;jsessionid=xxx in the request, it is still here at this stage!!!
491 int semicol = file_name.indexOf(';');
492 if(semicol != -1) {
493 file_name = file_name.substring(0, semicol);
494 }
495
496 // Query the MR with a request for the contains metadata for node "dir" - where dir is the assocfilepath
497 // In the jdbm db, have entries like
498 // [HASH1552e]
499 // <contains>HASH1552e3sdlkjf7sdfsdfk
500 // mapping assocfilepath to doc id
501 String document = queryMRforDOCID(gsRouter, collection, dir);
502 if (document == null) {
503 response.getWriter().println("ERROR: Couldn't find the document associated with assocfilepath: "+dir);
504 return;
505 }
506
507 //Query the MR for the security info for this document
508 // - can we show the document?
509 // - Or do we need to be logged in?
510 // - Or do we need to throw up the verify page?
511
512 // While we are doing this, query the document for its srclinkFile metadata - then we can determine if the
513 // file we are being asked for is the main doc (eg pdf) or just a supporting image on the page
514
515 //Get the security info for this collection
516 Document gsDoc = XMLConverter.newDOM();
517 Element securityMessage = gsDoc.createElement(GSXML.MESSAGE_ELEM);
518 Element securityRequest = GSXML.createBasicRequest(gsDoc, GSXML.REQUEST_TYPE_SECURITY, collection, new UserContext());
519
520 securityMessage.appendChild(securityRequest);
521 securityRequest.setAttribute(GSXML.NODE_OID, document);
522
523 // get the srclinkFile for the document
524 Element metadata_request = GSXML.createBasicRequest(gsDoc, GSXML.REQUEST_TYPE_PROCESS, GSPath.appendLink(collection, "DocumentMetadataRetrieve"), new UserContext());
525 Element param_list = gsDoc.createElement(GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
526 GSXML.addParameterToList(param_list, "metadata", "srclinkFile");
527 metadata_request.appendChild(param_list);
528 Element doc_list = gsDoc.createElement(GSXML.DOC_NODE_ELEM + GSXML.LIST_MODIFIER);
529 metadata_request.appendChild(doc_list);
530 Element d = gsDoc.createElement(GSXML.DOC_NODE_ELEM);
531 d.setAttribute(GSXML.NODE_ID_ATT, document);
532 doc_list.appendChild(d);
533 securityMessage.appendChild(metadata_request);
534
535
536 Element mr_response = (Element)gsRouter.process(securityMessage);
537 //logger.debug("security response = "+XMLConverter.getPrettyString(mr_response));
538
539 boolean verifiable_file = true;
540 // TODO check for errors
541
542 Element meta_response = (Element) GSXML.getNamedElement(mr_response, GSXML.RESPONSE_ELEM, GSXML.TYPE_ATT, GSXML.REQUEST_TYPE_PROCESS);
543 Element metadata_list = (Element)meta_response.getElementsByTagName(GSXML.METADATA_ELEM+GSXML.LIST_MODIFIER).item(0);
544 String srcdoc = GSXML.getMetadataValue(metadata_list, "srclinkFile");
545 //logger.debug("srcdoc="+srcdoc+", filename="+file_name+", %20 decoded filename="+file_name.replaceAll("\\%20|\\+", " "));
546 // If file_name is the main file for the document, then it will == srcdoc. Both of these are URL encoded, with the exception of spaces. Spaces will be encoded in file_name, but are not encoded in srcdoc. So need to decode those and check again.
547 // srcdoc.equals(java.net.URLDecoder.decode(file_name, "UTF-8")) - this didn't work as both are URLEncoded except for spaces
548 if (!srcdoc.equals(file_name) && !srcdoc.equals(file_name.replaceAll("\\%20|\\+", " "))){
549 // the specified file is just a supporting file, not the main file.
550 // eg an image in an html doc.
551 verifiable_file = false;
552 }
553
554 Element securityResponse = (Element) GSXML.getNamedElement(mr_response, GSXML.RESPONSE_ELEM, GSXML.TYPE_ATT, GSXML.REQUEST_TYPE_SECURITY);
555 ArrayList<String> groups = GSXML.getGroupsFromSecurityResponse(securityResponse);
556
557 if (!groups.contains(""))
558 {
559 boolean found = false;
560 for (String group : groups)
561 {
562 if (((HttpServletRequest) request).isUserInRole(group))
563 {
564 found = true;
565 break;
566 }
567 }
568
569 if (!found)
570 {
571 // return an error page to the browser
572 String new_url = context.getContextPath()+"/"+ library_name+"?a=p&sa=error&c="+collection+"&ec=wrong_group";
573 ((HttpServletResponse)response).sendRedirect(new_url);
574 return;
575 }
576 }
577
578 // if got here have no groups that we need to belong to
579 // do we have human verify thing?
580 if (verifiable_file) {
581 String verify = securityResponse.getAttribute(GSXML.VERIFY_ATT);
582 if (!verify.equals("")) {
583 // we are asking for the main document, and we have been asked to verify the user
584 // have we done the test previously?
585 String verify_map_key = session_id + ":"+collection;
586 String verify_map_doc_key = verify_map_key + ":" + file_name;
587 boolean already_verified = false;
588 String hmvf_response = request.getParameter(GSParams.VERIFIED);
589 if (hmvf_response != null && hmvf_response.equals("0")) {
590 // manually force the t&c (user has added hmvf=0 to url)
591 // whether we have previously verified or not
592 } else if (verifiedUserMap.containsKey(verify_map_key) || verifiedUserMap.containsKey(verify_map_doc_key)) {
593 already_verified = true;
594 }
595
596 if (!already_verified) {
597 // have we just done the test?
598 // hmvf param will be set by form if the verify page was submitted
599 if (hmvf_response != null && hmvf_response.equals("1")) {
600 if (!securityResponse.getAttribute(GSXML.SITE_KEY_ATT).equals("")) {
601 String recaptcha_response = request.getParameter(Authentication.RECAPTCHA_RESPONSE_PARAM);
602 String secret_key = securityResponse.getAttribute(GSXML.SECRET_KEY_ATT);
603 int result = Authentication.verifyRecaptcha(secret_key, recaptcha_response);
604 if (result == Authentication.NO_ERROR) {
605 already_verified = true;
606 } else {
607 logger.error("something went wrong with recaptcha, error="+result);
608 logger.error(Authentication.getErrorKey(result));
609 // display error page
610 String new_url = context.getContextPath()+"/"+ library_name+"?a=p&sa=error&c="+collection+"&ec=recap_fail";
611 ((HttpServletResponse)response).sendRedirect(new_url);
612 return;
613 }
614 }
615 already_verified = true;
616 // set up a timer for this verification - standard 24hour if
617 // verify==once, short, doc specific one otherwise (browsers seem to be trying to
618 // download prfs twice. Chrome gets stuck if the second time
619 // doesn't get verified. Also Chrome sends a second request if the
620 // user tries to download the document after viewing it. )
621 int delay;
622 String this_key;
623 if (verify.equals("once")) {
624 delay = verifiedUserTimeout;
625 this_key = verify_map_key;
626 } else {
627 delay = tempUserTimeout;
628 this_key = verify_map_doc_key;
629 }
630 UserTimer timer = new UserTimer(delay, this_key);
631 verifiedUserMap.put(this_key, timer);
632 timer.start();
633 // For the verify page, we just return back to the browser, as we have called this
634 // using ajax.
635 return;
636
637 } // hmvf = 1
638 }
639
640 if (!already_verified) {
641 // hmvf param is not set - we haven't shown them the form yet
642 // or we have been asked to force the T&C
643 // we need to display the verify page
644 //Lets encode the url parameter as we need it encoded in the page.
645 String new_url = context.getContextPath()+"/"+ library_name+"?a=p&sa=verify&c="+collection+"&url="+java.net.URLEncoder.encode(url, "UTF-8");
646 ((HttpServletResponse)response).sendRedirect(new_url);
647 return;
648 }
649 } // end verify is set
650 }// end if verifiable file
651
652 // if we got here, we have passed all security checks and just want to view the file.
653 // However, we need to remove the library_name from the URL. As can't change the
654 // existing URL, we need to forward to the new one.
655 // (Can't do redirect as it will come back into this code and fail as there won't be library in the url)
656 // Remove the context and library name parts.
657 // don't know what happens with the rest of the filter chain? Does this bypass that??
658 url = url.replaceFirst(context.getContextPath(), "");
659 url = url.replaceFirst("/"+library_name, "");
660 //logger.info("forwarding to "+url);
661 request.getRequestDispatcher(url).forward(request, response);
662
663 return;
664 }
665
666
667
668
669 private String queryMRforDOCID(MessageRouter gsRouter, String collection, String assocfiledir) {
670 Document gsDoc = XMLConverter.newDOM();
671
672 Element metaMessage = gsDoc.createElement(GSXML.MESSAGE_ELEM);
673 Element metaRequest = GSXML.createBasicRequest(gsDoc, GSXML.REQUEST_TYPE_PROCESS, collection + "/" + METADATA_RETRIEVAL_SERVICE, new UserContext());
674 metaMessage.appendChild(metaRequest);
675
676 Element paramList = gsDoc.createElement(GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
677 metaRequest.appendChild(paramList);
678
679 Element param = gsDoc.createElement(GSXML.PARAM_ELEM);
680 param.setAttribute(GSXML.NAME_ATT, "metadata");
681 param.setAttribute(GSXML.VALUE_ATT, "contains");
682 paramList.appendChild(param);
683
684 Element docList = gsDoc.createElement(GSXML.DOC_NODE_ELEM + GSXML.LIST_MODIFIER);
685 metaRequest.appendChild(docList);
686
687 Element doc = gsDoc.createElement(GSXML.DOC_NODE_ELEM);
688 doc.setAttribute(GSXML.NODE_ID_ATT, assocfiledir);
689 docList.appendChild(doc);
690
691 Element metaResponse = (Element) gsRouter.process(metaMessage);
692
693 NodeList metadataList = metaResponse.getElementsByTagName(GSXML.METADATA_ELEM);
694 if (metadataList.getLength() == 0) {
695
696 logger.error("Could not find the document ID related to this url");
697 return null;
698 }
699
700 Element metadata = (Element) metadataList.item(0);
701 String document = metadata.getTextContent();
702 if (document != null && document.equals("")) {
703 document = null;
704 }
705 return document;
706
707
708 }
709
710 private class UserTimer extends Timer implements ActionListener
711 {
712 String id = "";
713
714 /* delay in milliseconds */
715 public UserTimer(int delay, String id)
716 {
717 super(delay, (ActionListener) null);
718 addActionListener(this);
719 this.id = id;
720 }
721
722 public void actionPerformed(ActionEvent e)
723 {
724 verifiedUserMap.remove(id);
725 stop();
726 }
727
728 }
729
730
731}
Note: See TracBrowser for help on using the repository browser.