source: main/trunk/greenstone3/src/java/org/greenstone/gsdl3/core/URLFilter.java@ 33619

Last change on this file since 33619 was 33619, checked in by kjdon, 4 years ago

need to handle the case where a collection file (eg image) gets library in its url, but its not as assoc file. It doesn't need to go through the security checking, but we do need to remove library from its url
  • Property svn:executable set to *
File size: 24.5 KB
Line 
1package org.greenstone.gsdl3.core;
2
3import java.io.File;
4import java.io.IOException;
5import java.util.ArrayList;
6import java.util.Arrays;
7import java.util.HashMap;
8import java.util.Hashtable;
9import java.util.Map;
10
11import javax.servlet.Filter;
12import javax.servlet.FilterChain;
13import javax.servlet.FilterConfig;
14import javax.servlet.ServletContext;
15import javax.servlet.ServletException;
16import javax.servlet.ServletOutputStream;
17import javax.servlet.ServletRequest;
18import javax.servlet.ServletResponse;
19import javax.servlet.http.HttpSession;
20import javax.servlet.http.HttpServletRequest;
21import javax.servlet.http.HttpServletRequestWrapper;
22import javax.servlet.http.HttpServletResponse;
23
24import java.awt.event.ActionEvent;
25import java.awt.event.ActionListener;
26import javax.swing.Timer;
27
28import org.apache.commons.io.FileUtils;
29import org.apache.commons.lang3.StringUtils;
30
31import org.apache.log4j.Logger;
32import org.greenstone.gsdl3.util.GSParams;
33import org.greenstone.gsdl3.util.GSPath;
34import org.greenstone.gsdl3.util.GSXML;
35import org.greenstone.gsdl3.util.UserContext;
36import org.greenstone.gsdl3.util.XMLConverter;
37import org.greenstone.gsdl3.service.Authentication;
38import org.w3c.dom.Document;
39import org.w3c.dom.Element;
40import org.w3c.dom.NodeList;
41
42public class URLFilter implements Filter
43{
44 private FilterConfig _filterConfig = null;
45 private static Logger logger = Logger.getLogger(org.greenstone.gsdl3.core.URLFilter.class.getName());
46
47 //Restricted URLs
48 protected static final String SITECONFIG_URL = "sites/[^/]+/siteConfig.xml";
49 protected static final String USERS_DB_URL = "etc/usersDB/.*";
50 protected static final ArrayList<String> _restrictedURLs;
51
52 static
53 {
54 ArrayList<String> restrictedURLs = new ArrayList<String>();
55 restrictedURLs.add(SITECONFIG_URL);
56 restrictedURLs.add(USERS_DB_URL);
57 _restrictedURLs = restrictedURLs;
58 }
59
60 //Constants
61 protected static final String DOCUMENT_PATH = "document";
62 protected static final String COLLECTION_PATH = "collection";
63 protected static final String GROUP_PATH = "group";
64 protected static final String PAGE_PATH = "page";
65 protected static final String SYSTEM_PATH = "system";
66 protected static final String BROWSE_PATH = "browse";
67 protected static final String SEARCH_PATH = "search";
68 protected static final ArrayList<String> _keywords;
69
70 static
71 {
72 ArrayList<String> keywords = new ArrayList<String>();
73 keywords.add(PAGE_PATH);
74 keywords.add(BROWSE_PATH);
75 keywords.add(SEARCH_PATH);
76 keywords.add(DOCUMENT_PATH);
77 _keywords = keywords;
78 }
79
80 protected static final String METADATA_RETRIEVAL_SERVICE = "DocumentMetadataRetrieve";
81 protected static final String ASSOCIATED_FILE_PATH = "/index/assoc/";
82 protected static final String COLLECTION_FILE_PATH = "/collect/";
83 protected static final String INTERFACE_PATH = "/interfaces/";
84 protected static final String SITES_PATH = "/sites/";
85
86 protected static final String SYSTEM_SUBACTION_CONFIGURE = "configure";
87 protected static final String SYSTEM_SUBACTION_RECONFIGURE = "reconfigure";
88 protected static final String SYSTEM_SUBACTION_ACTIVATE = "activate";
89 protected static final String SYSTEM_SUBACTION_DEACTIVATE = "deactivate";
90
91 // if we are showing terms and conditions to user, this remembers who has
92 // accepted already
93 protected Hashtable<String, UserTimer> verifiedUserMap = null;
94 protected static final int verifiedUserTimeout = 24 * 60 * 60 * 1000;
95
96 public void init(FilterConfig filterConfig) throws ServletException
97 {
98 this._filterConfig = filterConfig;
99 }
100
101 public void destroy()
102 {
103 this._filterConfig = null;
104 }
105
106 @SuppressWarnings("deprecation")
107 public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException
108 {
109 if (!(request instanceof HttpServletRequest)) {
110 // Can this ever happen?
111 logger.error("The request was not an HttpServletRequest");
112 return;
113 }
114
115
116 HttpServletRequest hRequest = ((HttpServletRequest) request);
117 HttpSession hSession = hRequest.getSession();
118 ServletContext context = hSession.getServletContext();
119
120 GSHttpServletRequestWrapper gRequest = new GSHttpServletRequestWrapper(hRequest);
121
122 // this is the part before the ?
123 String url = hRequest.getRequestURI().toString();
124 if (isURLRestricted(url)) {
125
126 // TODO - should we make this a proper HTML page?
127 response.getWriter().println("ERROR: Access to this page is forbidden.");
128 return;
129 }
130
131 // Run security checks on files requested from a collection's index/assoc folder
132 if (url.contains(ASSOCIATED_FILE_PATH)) {
133 // we need to do security checking here in case the documents are private
134 // or if there is a terms and conditions page to be shown.
135 // Also, assoc files urls now contain the library name in them.
136 // e.g. greenstone3/library/sites/localsite/collect/collname/index/assoc/Hashxxx/doc.pdf
137 // so they are not a true link to a file. We remove the
138 // 'library' then forward the request to the new url.
139 securityCheckAssocFiles(url, hRequest, response);
140 return;
141 }
142
143 //
144 if (url.contains(SITES_PATH)) {
145 // there are some site/collection images that are not associated files.
146 // these dont need to be security checked, but we need to remove the library name from the url if its there
147 String context_path = context.getContextPath();
148 String regex = context_path+"/.+"+SITES_PATH+".*";
149 if (url.matches(regex)) {
150 // a forward doesn't want the context path
151 String new_url = url.substring(url.indexOf(SITES_PATH));
152 request.getRequestDispatcher(new_url).forward(request, response);
153 return;
154 }
155 // else if it doesn't match, ie the url was /greenstone3/sites/...
156 // we don't do anything and just let it continue
157 }
158
159
160
161 // if we are asking for an interface file, and it doesn't exist, then
162 // try loading up the interfaceConfig file to find out what the base
163 // interface was, then try looking in that interface for the file.
164 if (url.contains(INTERFACE_PATH))
165 {
166 String fileURL = url.replaceFirst(context.getContextPath(), "");
167 File requestedFile = new File(context.getRealPath(fileURL));
168
169 if (!requestedFile.exists()) {
170 String baseURL = getFileInBaseInterface(fileURL, context);
171 if (baseURL != null) {
172 File baseInterfaceFile = new File(context.getRealPath(baseURL));
173 if (baseInterfaceFile.exists()) {
174 request.getRequestDispatcher(baseURL).forward(request, response);
175 // ServletOutputStream out = response.getOutputStream();
176 // out.write(FileUtils.readFileToByteArray(baseInterfaceFile));
177 // out.flush();
178 // out.close();
179 return;
180 }
181 }
182 }
183 }
184 else
185 {
186 //If we have a jsessionid on the end of our URL we want to ignore it
187 int index;
188 if ((index = url.indexOf(";jsessionid")) != -1)
189 {
190 url = url.substring(0, index);
191 }
192 String[] segments = url.split("/");
193 for (int i = 0; i < segments.length; i++)
194 {
195 String[] additionalParameters = null;
196 String[] defaultParamValues = null;
197 //COLLECTION
198 if (segments[i].equals(COLLECTION_PATH) && (i + 1) < segments.length) {
199 int j=i+1;
200 while(j+1 < segments.length && !_keywords.contains(segments[j+1])) {
201 j++;
202 }
203
204 if (j>i+1) {
205 // we had a group part
206 String [] groups = Arrays.copyOfRange(segments, i+1, j);
207 String group = StringUtils.join(groups, "/");
208 gRequest.setParameter(GSParams.GROUP, group);
209 }
210 gRequest.setParameter(GSParams.COLLECTION, segments[j]);
211 }
212 // GROUP
213 else if(segments[i].equals(GROUP_PATH) && (i + 1) < segments.length)
214 {
215 // assume for now, no other path parts for group links
216 int j= segments.length - 1;
217 String group;
218 if (j==i+1) {
219 group = segments[j];
220 } else {
221 String [] groups = Arrays.copyOfRange(segments, i+1, j+1);
222 group = StringUtils.join(groups, "/");
223 }
224 gRequest.setParameter(GSParams.GROUP, group);
225 gRequest.setParameter(GSParams.ACTION, "p");
226 gRequest.setParameter(GSParams.SUBACTION, "home");
227
228 }
229 //DOCUMENT
230 else if (segments[i].equals(DOCUMENT_PATH) && (i + 1) < segments.length)
231 {
232 gRequest.setParameter(GSParams.DOCUMENT, segments[i + 1]);
233
234 additionalParameters = new String[] { GSParams.ACTION };
235 defaultParamValues = new String[] { "d" };
236 if ((i+2) < segments.length && segments[i+2].equals("print")) {
237 gRequest.setParameter(GSParams.SUBACTION, "print");
238 gRequest.setParameter("ed", "1");
239
240 }
241
242 }
243 //PAGE
244 else if (segments[i].equals(PAGE_PATH) && (i + 1) < segments.length)
245 {
246 gRequest.setParameter(GSParams.SUBACTION, segments[i + 1]);
247
248 additionalParameters = new String[] { GSParams.ACTION };
249 defaultParamValues = new String[] { "p" };
250 }
251 //SYSTEM
252 else if (segments[i].equals(SYSTEM_PATH) && (i + 1) < segments.length)
253 {
254 String sa = segments[i + 1];
255 if (sa.equals(SYSTEM_SUBACTION_CONFIGURE) || sa.equals(SYSTEM_SUBACTION_RECONFIGURE))
256 {
257 sa = "c";
258 }
259 else if (sa.equals(SYSTEM_SUBACTION_ACTIVATE))
260 {
261 sa = "a";
262 }
263 else if (sa.equals(SYSTEM_SUBACTION_DEACTIVATE))
264 {
265 sa = "d";
266 }
267
268 if (sa.equals("c") && (i + 2) < segments.length)
269 {
270 gRequest.setParameter(GSParams.SYSTEM_CLUSTER, segments[i + 2]);
271 }
272
273 if (sa.equals("a") && (i + 2) < segments.length)
274 {
275 gRequest.setParameter(GSParams.SYSTEM_MODULE_TYPE, "collection");
276 gRequest.setParameter(GSParams.SYSTEM_MODULE_NAME, segments[i + 2]);
277 }
278
279 if (sa.equals("d") && (i + 2) < segments.length)
280 {
281 gRequest.setParameter(GSParams.SYSTEM_CLUSTER, segments[i + 2]);
282 }
283
284 gRequest.setParameter(GSParams.SUBACTION, sa);
285
286 additionalParameters = new String[] { GSParams.ACTION };
287 defaultParamValues = new String[] { "s" };
288 }
289 //ADMIN
290 else if (segments[i].equals("admin") && (i + 1) < segments.length)
291 {
292 String pageName = segments[i + 1];
293
294 gRequest.setParameter("s1.authpage", pageName);
295
296 additionalParameters = new String[] { GSParams.ACTION, GSParams.REQUEST_TYPE, GSParams.SUBACTION, GSParams.SERVICE };
297 defaultParamValues = new String[] { "g", "r", "authen", "Authentication" };
298 }
299 //BROWSE
300 else if (segments[i].equals(BROWSE_PATH) && (i + 1) < segments.length)
301 {
302 String cl = "";
303 for (int j = 1; (i + j) < segments.length; j++)
304 {
305 String currentSegment = segments[i + j].replace("CL", "").replace("cl", "");
306 if (currentSegment.contains("."))
307 {
308 String[] subsegments = currentSegment.split("\\.");
309 for (String subsegment : subsegments)
310 {
311 subsegment = subsegment.replace("CL", "").replace("cl", "");
312
313 if (cl.length() > 0)
314 {
315 cl += ".";
316 }
317
318 if (subsegment.length() > 0)
319 {
320 cl += subsegment;
321 }
322 }
323 continue;
324 }
325 if (!currentSegment.matches("^(CL|cl)?\\d+$"))
326 {
327 continue;
328 }
329
330 if (cl.length() > 0)
331 {
332 cl += ".";
333 }
334
335 cl += currentSegment;
336 }
337
338 gRequest.setParameter("cl", "CL" + cl);
339
340 additionalParameters = new String[] { GSParams.ACTION, GSParams.REQUEST_TYPE, GSParams.SERVICE };
341 defaultParamValues = new String[] { "b", "s", "ClassifierBrowse" };
342 }
343 //QUERY
344 else if (segments[i].equals(SEARCH_PATH))
345 {
346 String serviceName = "";
347 if ((i + 1) < segments.length)
348 {
349 serviceName = segments[i + 1];
350 gRequest.setParameter("s", serviceName);
351
352 additionalParameters = new String[] { GSParams.ACTION, GSParams.SUBACTION, GSParams.REQUEST_TYPE };
353 defaultParamValues = new String[] { "q", "", "d" };
354 }
355 if ((i + 2) < segments.length)
356 {
357 if (serviceName.equals("TextQuery") || serviceName.equals("RawQuery"))
358 {
359
360 gRequest.setParameter("s1.query", segments[i + 2]);
361 }
362 else if (serviceName.equals("FieldQuery"))
363 {
364 gRequest.setParameter("s1.fqv", segments[i + 2]);
365 }
366 else if (serviceName.equals("AdvancedFieldQuery"))
367 {
368 gRequest.setParameter("s1.fqv", segments[i + 2]);
369 }
370 }
371 }
372 if (additionalParameters != null)
373 {
374 for (int j = 0; j < additionalParameters.length; j++)
375 {
376 if (gRequest.getParameter(additionalParameters[j]) == null)
377 {
378 gRequest.setParameter(additionalParameters[j], defaultParamValues[j]);
379 }
380 }
381 }
382 }
383 }
384
385 chain.doFilter(gRequest, response);
386 }
387
388 private boolean isURLRestricted(String url)
389 {
390 for (String restrictedURL : _restrictedURLs)
391 {
392 if (url.matches(".*" + restrictedURL + ".*"))
393 {
394 return true;
395 }
396 }
397
398 return false;
399 }
400
401 private String getFileInBaseInterface(String fileURL, ServletContext context) {
402 int interfaceNameStart = fileURL.indexOf(INTERFACE_PATH) + INTERFACE_PATH.length();
403 int interfaceNameEnd = fileURL.indexOf("/", interfaceNameStart);
404 String interfaceName = fileURL.substring(interfaceNameStart, interfaceNameEnd);
405 String interfacesDir = fileURL.substring(0, interfaceNameStart);
406 File interfaceConfigFile = new File(context.getRealPath(interfacesDir + interfaceName + "/interfaceConfig.xml"));
407
408 if (interfaceConfigFile.exists()) {
409
410 Document interfaceConfigDoc = XMLConverter.getDOM(interfaceConfigFile);
411
412 String baseInterface = interfaceConfigDoc.getDocumentElement().getAttribute("baseInterface");
413 if (baseInterface.length() > 0)
414 {
415 return fileURL.replace("/" + interfaceName + "/", "/" + baseInterface + "/");
416 }
417 }
418 return null;
419 }
420
421
422 private void securityCheckAssocFiles(String url, HttpServletRequest request, ServletResponse response) throws IOException, ServletException {
423 HttpSession session = request.getSession();
424 String session_id = session.getId();
425 ServletContext context = session.getServletContext();
426
427 // now we need to get library name from the path, which is like
428 // /greenstone3/library/sites/localsite/collect/collname/index/assoc/...
429 String library_name = url.replaceFirst(context.getContextPath(), "");
430 library_name = library_name.substring(0, library_name.indexOf(SITES_PATH));
431 if (library_name.equals("")) {
432 response.getWriter().println("ERROR: Assoc file paths must now contain the library name");
433 return;
434 }
435 // remove initial '/'
436 library_name = library_name.substring(1);
437
438 MessageRouter gsRouter = (MessageRouter) context.getAttribute(library_name+"Router");
439
440 if (gsRouter == null) {
441 logger.error("Receptionist is null, stopping filter");
442 return;
443 }
444 // Sometimes we have a // before the filename - that mucks up the following code, so lets remove them
445 url = url.replaceAll("//","/");
446
447 String dir = null;
448 int dirStart = url.indexOf(ASSOCIATED_FILE_PATH) + ASSOCIATED_FILE_PATH.length();
449 int dirEnd = -1;
450 if (dirStart < url.length() && url.indexOf("/", dirStart) != -1)
451 {
452 dirEnd = url.lastIndexOf("/");
453 }
454 if (dirEnd != -1)
455 {
456 dir = url.substring(dirStart, dirEnd);
457 }
458 if (dir == null)
459 {
460 return;
461 }
462
463 String collection = null;
464 int colStart = url.indexOf(COLLECTION_FILE_PATH) + COLLECTION_FILE_PATH.length();
465 int colEnd = -1;
466 if (colStart < url.length() && url.indexOf("/", colStart) != -1)
467 {
468 colEnd = url.indexOf("/", colStart);
469 }
470 if (colEnd != -1)
471 {
472 collection = url.substring(colStart, colEnd);
473 }
474 if (collection == null)
475 {
476 return;
477 }
478
479 String file_name = url.substring(url.lastIndexOf("/")+1);
480 // if there is ;jsessionid=xxx in the request, it is still here at this stage!!!
481 int semicol = file_name.indexOf(';');
482 if(semicol != -1) {
483 file_name = file_name.substring(0, semicol);
484 }
485
486 // Query the MR with a request for the contains metadata for node "dir" - where dir is the assocfilepath
487 // In the jdbm db, have entries like
488 // [HASH1552e]
489 // <contains>HASH1552e3sdlkjf7sdfsdfk
490 // mapping assocfilepath to doc id
491 String document = queryMRforDOCID(gsRouter, collection, dir);
492 if (document == null) {
493 response.getWriter().println("ERROR: Couldn't find the document associated with assocfilepath: "+dir);
494 return;
495 }
496
497 //Query the MR for the security info for this document - can we show it? Or do we need to be logged in?
498 // Or do we need to throw up the verify page?
499
500 // While we are doing this, query the document for its srclinkFile metadata - then we can determine if the
501 // file we are being asked for is the main doc (eg pdf) or just a supporting image on the page
502
503 //Get the security info for this collection
504 Document gsDoc = XMLConverter.newDOM();
505 Element securityMessage = gsDoc.createElement(GSXML.MESSAGE_ELEM);
506 Element securityRequest = GSXML.createBasicRequest(gsDoc, GSXML.REQUEST_TYPE_SECURITY, collection, new UserContext());
507
508 securityMessage.appendChild(securityRequest);
509 securityRequest.setAttribute(GSXML.NODE_OID, document);
510
511 // get the srclinkFile for the document
512 Element metadata_request = GSXML.createBasicRequest(gsDoc, GSXML.REQUEST_TYPE_PROCESS, GSPath.appendLink(collection, "DocumentMetadataRetrieve"), new UserContext());
513 Element param_list = gsDoc.createElement(GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
514 GSXML.addParameterToList(param_list, "metadata", "srclinkFile");
515 metadata_request.appendChild(param_list);
516 Element doc_list = gsDoc.createElement(GSXML.DOC_NODE_ELEM + GSXML.LIST_MODIFIER);
517 metadata_request.appendChild(doc_list);
518 Element d = gsDoc.createElement(GSXML.DOC_NODE_ELEM);
519 d.setAttribute(GSXML.NODE_ID_ATT, document);
520 doc_list.appendChild(d);
521 securityMessage.appendChild(metadata_request);
522
523
524 Element mr_response = (Element)gsRouter.process(securityMessage);
525 //logger.debug("security response = "+XMLConverter.getPrettyString(mr_response));
526
527 boolean verifiable_file = true;
528 // TODO check for errors
529
530 Element meta_response = (Element) GSXML.getNamedElement(mr_response, GSXML.RESPONSE_ELEM, GSXML.TYPE_ATT, GSXML.REQUEST_TYPE_PROCESS);
531 Element metadata_list = (Element)meta_response.getElementsByTagName(GSXML.METADATA_ELEM+GSXML.LIST_MODIFIER).item(0);
532 String srcdoc = GSXML.getMetadataValue(metadata_list, "srclinkFile");
533 if (!srcdoc.equals(file_name)) {
534 // the specified file is just a supporting file, not the main file.
535 // eg an image in an html doc.
536 verifiable_file = false;
537 }
538
539 Element securityResponse = (Element) GSXML.getNamedElement(mr_response, GSXML.RESPONSE_ELEM, GSXML.TYPE_ATT, GSXML.REQUEST_TYPE_SECURITY);
540 ArrayList<String> groups = GSXML.getGroupsFromSecurityResponse(securityResponse);
541
542 if (!groups.contains(""))
543 {
544 boolean found = false;
545 for (String group : groups)
546 {
547 if (((HttpServletRequest) request).isUserInRole(group))
548 {
549 found = true;
550 break;
551 }
552 }
553
554 if (!found)
555 {
556 // return an error page to the browser
557 String new_url = context.getContextPath()+"/"+ library_name+"?a=p&sa=error&c="+collection+"&ec=wrong_group";
558 ((HttpServletResponse)response).sendRedirect(new_url);
559 return;
560 }
561 }
562 // if got here have no groups that we need to belong to
563 // do we have human verify thing?
564 if (verifiable_file) {
565 String verify = securityResponse.getAttribute(GSXML.VERIFY_ATT);
566 if (!verify.equals("")) {
567 // we are asking for the main document, and we have been asked to verify the user
568 // have we done the test previously?
569 boolean already_verified = false;
570 String hmvf_response = request.getParameter(GSParams.VERIFIED);
571 if (hmvf_response != null && hmvf_response.equals("0")) {
572 // manually force the t&c (user has added hmvf=0 to url)
573 } else if (verify.equals("once")) {
574 // lets check whether they have done it already
575
576 if (verifiedUserMap == null) {
577 // we haven't done this at all, set up the map
578 verifiedUserMap = new Hashtable<String, UserTimer>();
579 } else {
580 // check this map
581 if (verifiedUserMap.containsKey(session_id)) {
582 already_verified = true;
583 }
584 }
585 }
586
587 if (!already_verified) {
588 // have we just done the test?
589 // hmvf param will be set by form if the verify page was submitted
590 if (hmvf_response != null && hmvf_response.equals("1")) {
591 if (!securityResponse.getAttribute(GSXML.SITE_KEY_ATT).equals("")) {
592 String recaptcha_response = request.getParameter(Authentication.RECAPTCHA_RESPONSE_PARAM);
593 String secret_key = securityResponse.getAttribute(GSXML.SECRET_KEY_ATT);
594 int result = Authentication.verifyRecaptcha(secret_key, recaptcha_response);
595 if (result == Authentication.NO_ERROR) {
596 already_verified = true;
597
598 } else {
599 logger.error("something went wrong with recaptcha, error="+result);
600 logger.error(Authentication.getErrorKey(result));
601 // display error page
602 String new_url = context.getContextPath()+"/"+ library_name+"?a=p&sa=error&c="+collection+"&ec=recap_fail";
603 ((HttpServletResponse)response).sendRedirect(new_url);
604
605 return;
606 }
607
608
609
610 }
611 already_verified = true;
612 if (verify.equals("once")) {
613 // store the fact that user has verified
614 UserTimer timer = new UserTimer(verifiedUserTimeout, session_id);
615 verifiedUserMap.put(session_id, timer);
616 timer.start();
617 }
618 } // hmvf = 1
619 }
620
621 if (!already_verified) {
622 // hmvf param is not set - we haven't shown them the form yet
623 // or we have been asked to force the T&C
624 // we need to display the verify page
625 String new_url = context.getContextPath()+"/"+ library_name+"?a=p&sa=verify&c="+collection+"&url="+url;
626 ((HttpServletResponse)response).sendRedirect(new_url);
627 return;
628 }
629 } // end verify is set
630 }// end if verifiable file
631
632
633 // if we got here, we have passed all security checks and just want to view the file.
634 // However, we need to remove the library_name from the URL. As can't change the
635 // existing URL, we need to forward to the new one.
636 // (Can't do redirect as it will come back into this code and fail as there won't be library in the url)
637 // Remove the context and library name parts.
638 // don't know what happens with the rest of the filter chain? Does this bypass that??
639 url = url.replaceFirst(context.getContextPath(), "");
640 url = url.replaceFirst("/"+library_name, "");
641 request.getRequestDispatcher(url).forward(request, response);
642
643 return;
644 }
645
646
647
648
649 private String queryMRforDOCID(MessageRouter gsRouter, String collection, String assocfiledir) {
650 Document gsDoc = XMLConverter.newDOM();
651
652 Element metaMessage = gsDoc.createElement(GSXML.MESSAGE_ELEM);
653 Element metaRequest = GSXML.createBasicRequest(gsDoc, GSXML.REQUEST_TYPE_PROCESS, collection + "/" + METADATA_RETRIEVAL_SERVICE, new UserContext());
654 metaMessage.appendChild(metaRequest);
655
656 Element paramList = gsDoc.createElement(GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
657 metaRequest.appendChild(paramList);
658
659 Element param = gsDoc.createElement(GSXML.PARAM_ELEM);
660 param.setAttribute(GSXML.NAME_ATT, "metadata");
661 param.setAttribute(GSXML.VALUE_ATT, "contains");
662 paramList.appendChild(param);
663
664 Element docList = gsDoc.createElement(GSXML.DOC_NODE_ELEM + GSXML.LIST_MODIFIER);
665 metaRequest.appendChild(docList);
666
667 Element doc = gsDoc.createElement(GSXML.DOC_NODE_ELEM);
668 doc.setAttribute(GSXML.NODE_ID_ATT, assocfiledir);
669 docList.appendChild(doc);
670
671 Element metaResponse = (Element) gsRouter.process(metaMessage);
672
673 NodeList metadataList = metaResponse.getElementsByTagName(GSXML.METADATA_ELEM);
674 if (metadataList.getLength() == 0) {
675
676 logger.error("Could not find the document ID related to this url");
677 return null;
678 }
679
680 Element metadata = (Element) metadataList.item(0);
681 String document = metadata.getTextContent();
682 if (document != null && document.equals("")) {
683 document = null;
684 }
685 return document;
686
687
688 }
689
690 private class UserTimer extends Timer implements ActionListener
691 {
692 String id = "";
693
694 public UserTimer(int delay, String id)
695 {
696 super(delay, (ActionListener) null);
697 addActionListener(this);
698 this.id = id;
699 }
700
701 public void actionPerformed(ActionEvent e)
702 {
703 verifiedUserMap.remove(id);
704 stop();
705 }
706
707 }
708
709
710}
Note: See TracBrowser for help on using the repository browser.