List of usage examples for javax.servlet.http HttpServletRequest getHeaderNames
public Enumeration<String> getHeaderNames();
From source file:org.josso.gl2.gateway.reverseproxy.ReverseProxyValve.java
/** * Intercepts Http request and redirects it to the configured SSO partner application. * * @param request The servlet request to be processed * @param response The servlet response to be created * @exception IOException if an input/output error occurs * @exception javax.servlet.ServletException if a servlet error occurs *///from w w w . j ava 2 s. c om public int invoke(Request request, Response response) throws IOException, ServletException { if (debug >= 1) log("ReverseProxyValve Acting."); ProxyContextConfig[] contexts = _rpc.getProxyContexts(); // Create an instance of HttpClient. HttpClient client = new HttpClient(); HttpServletRequest hsr = (HttpServletRequest) request.getRequest(); String uri = hsr.getRequestURI(); String uriContext = null; StringTokenizer st = new StringTokenizer(uri.substring(1), "/"); while (st.hasMoreTokens()) { String token = st.nextToken(); uriContext = "/" + token; break; } if (uriContext == null) uriContext = uri; // Obtain the target host from the String proxyForwardHost = null; String proxyForwardUri = null; for (int i = 0; i < contexts.length; i++) { if (contexts[i].getContext().equals(uriContext)) { log("Proxy context mapped to host/uri: " + contexts[i].getForwardHost() + contexts[i].getForwardUri()); proxyForwardHost = contexts[i].getForwardHost(); proxyForwardUri = contexts[i].getForwardUri(); break; } } if (proxyForwardHost == null) { log("URI '" + uri + "' can't be mapped to host"); //valveContext.invokeNext(request, response); return Valve.INVOKE_NEXT; } if (proxyForwardUri == null) { // trim the uri context before submitting the http request int uriTrailStartPos = uri.substring(1).indexOf("/") + 1; proxyForwardUri = uri.substring(uriTrailStartPos); } else { int uriTrailStartPos = uri.substring(1).indexOf("/") + 1; proxyForwardUri = proxyForwardUri + uri.substring(uriTrailStartPos); } // log ("Proxy request mapped to " + "http://" + proxyForwardHost + proxyForwardUri); HttpMethod method; // to be moved to a builder which instantiates and build concrete methods. if (hsr.getMethod().equals(METHOD_GET)) { // Create a method instance. HttpMethod getMethod = new GetMethod(proxyForwardHost + proxyForwardUri + (hsr.getQueryString() != null ? ("?" + hsr.getQueryString()) : "")); method = getMethod; } else if (hsr.getMethod().equals(METHOD_POST)) { // Create a method instance. PostMethod postMethod = new PostMethod(proxyForwardHost + proxyForwardUri + (hsr.getQueryString() != null ? ("?" + hsr.getQueryString()) : "")); postMethod.setRequestBody(hsr.getInputStream()); method = postMethod; } else if (hsr.getMethod().equals(METHOD_HEAD)) { // Create a method instance. HeadMethod headMethod = new HeadMethod(proxyForwardHost + proxyForwardUri + (hsr.getQueryString() != null ? ("?" + hsr.getQueryString()) : "")); method = headMethod; } else if (hsr.getMethod().equals(METHOD_PUT)) { method = new PutMethod(proxyForwardHost + proxyForwardUri + (hsr.getQueryString() != null ? ("?" + hsr.getQueryString()) : "")); } else throw new java.lang.UnsupportedOperationException("Unknown method : " + hsr.getMethod()); // copy incoming http headers to reverse proxy request Enumeration hne = hsr.getHeaderNames(); while (hne.hasMoreElements()) { String hn = (String) hne.nextElement(); // Map the received host header to the target host name // so that the configured virtual domain can // do the proper handling. if (hn.equalsIgnoreCase("host")) { method.addRequestHeader("Host", proxyForwardHost); continue; } Enumeration hvals = hsr.getHeaders(hn); while (hvals.hasMoreElements()) { String hv = (String) hvals.nextElement(); method.addRequestHeader(hn, hv); } } // Add Reverse-Proxy-Host header String reverseProxyHost = getReverseProxyHost(request); method.addRequestHeader(Constants.JOSSO_REVERSE_PROXY_HEADER, reverseProxyHost); if (debug >= 1) log("Sending " + Constants.JOSSO_REVERSE_PROXY_HEADER + " " + reverseProxyHost); // DO NOT follow redirects ! method.setFollowRedirects(false); // By default the httpclient uses HTTP v1.1. We are downgrading it // to v1.0 so that the target server doesn't set a reply using chunked // transfer encoding which doesn't seem to be handled properly. // Check how to make chunked transfer encoding work. client.getParams().setVersion(new HttpVersion(1, 0)); // Execute the method. int statusCode = -1; try { // execute the method. statusCode = client.executeMethod(method); } catch (HttpRecoverableException e) { log("A recoverable exception occurred " + e.getMessage()); } catch (IOException e) { log("Failed to connect."); e.printStackTrace(); } // Check that we didn't run out of retries. if (statusCode == -1) { log("Failed to recover from exception."); } // Read the response body. byte[] responseBody = method.getResponseBody(); // Release the connection. method.releaseConnection(); HttpServletResponse sres = (HttpServletResponse) response.getResponse(); // First thing to do is to copy status code to response, otherwise // catalina will do it as soon as we set a header or some other part of the response. sres.setStatus(method.getStatusCode()); // copy proxy response headers to client response Header[] responseHeaders = method.getResponseHeaders(); for (int i = 0; i < responseHeaders.length; i++) { Header responseHeader = responseHeaders[i]; String name = responseHeader.getName(); String value = responseHeader.getValue(); // Adjust the URL in the Location, Content-Location and URI headers on HTTP redirect responses // This is essential to avoid by-passing the reverse proxy because of HTTP redirects on the // backend servers which stay behind the reverse proxy switch (method.getStatusCode()) { case HttpStatus.SC_MOVED_TEMPORARILY: case HttpStatus.SC_MOVED_PERMANENTLY: case HttpStatus.SC_SEE_OTHER: case HttpStatus.SC_TEMPORARY_REDIRECT: if ("Location".equalsIgnoreCase(name) || "Content-Location".equalsIgnoreCase(name) || "URI".equalsIgnoreCase(name)) { // Check that this redirect must be adjusted. if (value.indexOf(proxyForwardHost) >= 0) { String trail = value.substring(proxyForwardHost.length()); value = getReverseProxyHost(request) + trail; if (debug >= 1) log("Adjusting redirect header to " + value); } } break; } //end of switch sres.addHeader(name, value); } // Sometimes this is null, when no body is returned ... if (responseBody != null && responseBody.length > 0) sres.getOutputStream().write(responseBody); sres.getOutputStream().flush(); if (debug >= 1) log("ReverseProxyValve finished."); return Valve.END_PIPELINE; }
From source file:org.infoscoop.web.ProxyCredentialManageServlet.java
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String command = request.getParameter("command"); String uid = (String) request.getSession().getAttribute("Uid"); try {//from w w w . j a v a2 s .c o m if ("list".equals(command)) { response.setHeader("Content-Type", "text/xml; charset=UTF-8"); List<AuthCredential> credentialList = AuthCredentialDAO.newInstance().select(uid); List<OAuthConsumerProp> consumers = OAuthConsumerDAO.newInstance().getConsumersByUid(uid); List<String> idList = new ArrayList<String>(); try { JSONArray json = new JSONArray(); for (Iterator<AuthCredential> it = credentialList.iterator(); it.hasNext();) { AuthCredential c = (AuthCredential) it.next(); json.put(c.toJSON()); } JSONObject oauthJSON; for (Iterator<OAuthConsumerProp> i = consumers.iterator(); i.hasNext();) { oauthJSON = new JSONObject(); OAuthConsumerProp consumerProp = i.next(); String id = consumerProp.getId(); if (idList.contains(id)) continue; oauthJSON.put("service_name", consumerProp.getServiceName()); oauthJSON.put("authType", "OAuth"); oauthJSON.put("description", consumerProp.getDescription()); Set<OAuthGadgetUrl> gadgetUrls = consumerProp.getOAuthGadgetUrl(); JSONArray gadgetUrlArr = new JSONArray(); for (Iterator<OAuthGadgetUrl> j = gadgetUrls.iterator(); j.hasNext();) { gadgetUrlArr.put(j.next().getGadgetUrl()); } oauthJSON.put("gadget_urls", gadgetUrlArr); idList.add(id); json.put(oauthJSON); } response.getWriter().write(json.toString()); response.getWriter().flush(); } catch (JSONException e) { log.error("", e); response.sendError(500); } } else if ("try".equals(command)) { response.setHeader("Content-Type", "text/xml; charset=UTF-8"); String url = request.getParameter("url"); String authType = request.getParameter("authType"); String authCredentialId = AuthCredentialService.getHandle().detectCredential(uid, authType, url); if (authCredentialId != null) { response.getWriter().write(authCredentialId); } else { response.getWriter().write("cannot_detect_credential"); } response.getWriter().flush(); } else if ("add".equals(command)) { response.setHeader("Content-Type", "text/xml; charset=UTF-8"); String authType = request.getParameter("authType"); String authUid = request.getParameter("authUid"); String authPasswd = request.getParameter("authPasswd"); String authDomain = request.getParameter("authDomain"); String url = request.getParameter("url"); MultiHashMap headerMap = new MultiHashMap(); Enumeration<String> headerNames = request.getHeaderNames(); while (headerNames.hasMoreElements()) { String headerName = headerNames.nextElement(); Enumeration<String> headers = request.getHeaders(headerName); while (headers.hasMoreElements()) { headerMap.put(headerName, headers.nextElement()); } } String authCredentialId = AuthCredentialService.getHandle().addCredential(uid, authType, authUid, authPasswd, authDomain, url, headerMap); if (authCredentialId != null) { response.getWriter().write(authCredentialId); } else { response.getWriter().write("add_credential_failed"); } response.getWriter().flush(); } else if ("rst".equals(command)) { response.setHeader("Content-Type", "text/xml; charset=UTF-8"); String credentialId = request.getParameter("id"); String authPasswd = request.getParameter("authPasswd"); String[] urlList = request.getParameterValues("url"); Collection errorUrlList; errorUrlList = AuthCredentialService.getHandle().resetPassword(uid, credentialId, authPasswd, urlList); JSONArray json = new JSONArray(); for (Iterator it = errorUrlList.iterator(); it.hasNext();) { json.put((String) it.next()); } response.getWriter().write(json.toString()); //response.getWriter().write("reset_password_success"); response.getWriter().flush(); } else if ("frst".equals(command)) { String credentialId = request.getParameter("id"); String authPasswd = request.getParameter("authPasswd"); AuthCredentialService.getHandle().forceResetPassword(uid, credentialId, authPasswd); } else if ("del".equals(command)) { String credentialId = request.getParameter("id"); AuthCredentialService.getHandle().removeCredential(uid, credentialId); } else if ("del_oauth".equals(command)) { String serviceName = request.getParameter("service_name"); if (!OAuthService.getHandle().deleteOAuthTokens(uid, serviceName)) { OAuthService.getHandle().deleteOAuth2Tokens(uid, serviceName); } } else { response.sendError(500); } } catch (Exception e) { log.error("", e); response.sendError(500, e.getMessage()); } }
From source file:org.springframework.extensions.webscripts.connector.RemoteClient.java
/** * Service a remote URL and write the the result into an output stream. * If an InputStream is provided then a POST will be performed with the content * pushed to the url. Otherwise a standard GET will be performed. * //from ww w . j av a 2 s. c o m * @param url The URL to open and retrieve data from * @param in The optional InputStream - if set a POST or similar will be performed * @param out The OutputStream to write result to * @param res Optional HttpServletResponse - to which response headers will be copied - i.e. proxied * @param status The status object to apply the response code too * * @return encoding specified by the source URL - may be null * * @throws IOException */ private String service(URL url, InputStream in, OutputStream out, HttpServletRequest req, HttpServletResponse res, ResponseStatus status) throws IOException { final boolean trace = logger.isTraceEnabled(); final boolean debug = logger.isDebugEnabled(); if (debug) { logger.debug("Executing " + "(" + requestMethod + ") " + url.toString()); if (in != null) logger.debug(" - InputStream supplied - will push..."); if (out != null) logger.debug(" - OutputStream supplied - will stream response..."); if (req != null && res != null) logger.debug(" - Full Proxy mode between servlet request and response..."); } // aquire and configure the HttpClient HttpClient httpClient = createHttpClient(url); URL redirectURL = url; HttpResponse response; HttpRequestBase method = null; int retries = 0; // Only process redirects if we are not processing a 'push' int maxRetries = in == null ? this.maxRedirects : 1; try { do { // Release a previous method that we processed due to a redirect if (method != null) { method.reset(); method = null; } switch (this.requestMethod) { default: case GET: method = new HttpGet(redirectURL.toString()); break; case PUT: method = new HttpPut(redirectURL.toString()); break; case POST: method = new HttpPost(redirectURL.toString()); break; case DELETE: method = new HttpDelete(redirectURL.toString()); break; case HEAD: method = new HttpHead(redirectURL.toString()); break; case OPTIONS: method = new HttpOptions(redirectURL.toString()); break; } // proxy over any headers from the request stream to proxied request if (req != null) { Enumeration<String> headers = req.getHeaderNames(); while (headers.hasMoreElements()) { String key = headers.nextElement(); if (key != null) { key = key.toLowerCase(); if (!this.removeRequestHeaders.contains(key) && !this.requestProperties.containsKey(key) && !this.requestHeaders.containsKey(key)) { method.setHeader(key, req.getHeader(key)); if (trace) logger.trace("Proxy request header: " + key + "=" + req.getHeader(key)); } } } } // apply request properties, allows for the assignment and override of specific header properties // firstly pre-configured headers are applied and overridden/augmented by runtime request properties final Map<String, String> headers = (Map<String, String>) this.requestHeaders.clone(); headers.putAll(this.requestProperties); if (headers.size() != 0) { for (Map.Entry<String, String> entry : headers.entrySet()) { String headerName = entry.getKey(); String headerValue = headers.get(headerName); if (headerValue != null) { method.setHeader(headerName, headerValue); } if (trace) logger.trace("Set request header: " + headerName + "=" + headerValue); } } // Apply cookies if (this.cookies != null && !this.cookies.isEmpty()) { StringBuilder builder = new StringBuilder(128); for (Map.Entry<String, String> entry : this.cookies.entrySet()) { if (builder.length() != 0) { builder.append(';'); } builder.append(entry.getKey()); builder.append('='); builder.append(entry.getValue()); } String cookieString = builder.toString(); if (debug) logger.debug("Setting Cookie header: " + cookieString); method.setHeader(HEADER_COOKIE, cookieString); } // HTTP basic auth support if (this.username != null && this.password != null) { String auth = this.username + ':' + this.password; method.addHeader("Authorization", "Basic " + Base64.encodeBytes(auth.getBytes(), Base64.DONT_BREAK_LINES)); if (debug) logger.debug("Applied HTTP Basic Authorization for user: " + this.username); } // prepare the POST/PUT entity data if input supplied if (in != null) { method.setHeader(HEADER_CONTENT_TYPE, getRequestContentType()); if (debug) logger.debug("Set Content-Type=" + getRequestContentType()); boolean urlencoded = getRequestContentType().startsWith(X_WWW_FORM_URLENCODED); if (!urlencoded) { // apply content-length here if known (i.e. from proxied req) // if this is not set, then the content will be buffered in memory long contentLength = -1L; if (req != null) { String contentLengthStr = req.getHeader(HEADER_CONTENT_LENGTH); if (contentLengthStr != null) { try { long actualContentLength = Long.parseLong(contentLengthStr); if (actualContentLength > 0) { contentLength = actualContentLength; } } catch (NumberFormatException e) { logger.warn("Can't parse 'Content-Length' header from '" + contentLengthStr + "'. The contentLength is set to -1"); } } } if (debug) logger.debug(requestMethod + " entity Content-Length=" + contentLength); // remove the Content-Length header as the setEntity() method will perform this explicitly method.removeHeaders(HEADER_CONTENT_LENGTH); try { // Apache doc for AbstractHttpEntity states: // HttpClient must use chunk coding if the entity content length is unknown (== -1). HttpEntity entity = new InputStreamEntity(in, contentLength); ((HttpEntityEnclosingRequest) method) .setEntity(contentLength == -1L || contentLength > 16384L ? entity : new BufferedHttpEntity(entity)); ((HttpEntityEnclosingRequest) method).setHeader(HTTP.EXPECT_DIRECTIVE, HTTP.EXPECT_CONTINUE); } catch (IOException e) { // During the creation of the BufferedHttpEntity the underlying stream can be closed by the client, // this happens if the request is discarded by the browser - we don't log this IOException as INFO // as that would fill the logs with unhelpful noise - enable DEBUG logging to see these messages. throw new RuntimeException(e.getMessage(), e); } } else { if (req != null) { // apply any supplied request parameters Map<String, String[]> postParams = req.getParameterMap(); if (postParams != null) { List<NameValuePair> params = new ArrayList<NameValuePair>(postParams.size()); for (String key : postParams.keySet()) { String[] values = postParams.get(key); for (int i = 0; i < values.length; i++) { params.add(new BasicNameValuePair(key, values[i])); } } } // ensure that the Content-Length header is not directly proxied - as the underlying // HttpClient will encode the body as appropriate - cannot assume same as the original client sent method.removeHeaders(HEADER_CONTENT_LENGTH); } else { // Apache doc for AbstractHttpEntity states: // HttpClient must use chunk coding if the entity content length is unknown (== -1). HttpEntity entity = new InputStreamEntity(in, -1L); ((HttpEntityEnclosingRequest) method).setEntity(entity); ((HttpEntityEnclosingRequest) method).setHeader(HTTP.EXPECT_DIRECTIVE, HTTP.EXPECT_CONTINUE); } } } ////////////////////////////////////////////////////////////////////////////////////////////////////////////// // Execute the method to get the response response = httpClient.execute(method); redirectURL = processResponse(redirectURL, response); } while (redirectURL != null && ++retries < maxRetries); // record the status code for the internal response object int responseCode = response.getStatusLine().getStatusCode(); if (responseCode >= HttpServletResponse.SC_INTERNAL_SERVER_ERROR && this.exceptionOnError) { buildProxiedServerError(response); } else if (responseCode == HttpServletResponse.SC_SERVICE_UNAVAILABLE) { // Occurs when server is down and likely an ELB response throw new ConnectException(response.toString()); } boolean allowResponseCommit = (responseCode != HttpServletResponse.SC_UNAUTHORIZED || commitResponseOnAuthenticationError); status.setCode(responseCode); if (debug) logger.debug("Response status code: " + responseCode); // walk over headers that are returned from the connection // if we have a servlet response, push the headers back to the existing response object // otherwise, store headers on status Header contentType = null; Header contentLength = null; for (Header header : response.getAllHeaders()) { // NOTE: Tomcat does not appear to be obeying the servlet spec here. // If you call setHeader() the spec says it will "clear existing values" - i.e. not // add additional values to existing headers - but for Server and Transfer-Encoding // if we set them, then two values are received in the response... // In addition handle the fact that the key can be null. final String key = header.getName(); if (key != null) { if (!key.equalsIgnoreCase(HEADER_SERVER) && !key.equalsIgnoreCase(HEADER_TRANSFER_ENCODING)) { if (res != null && allowResponseCommit && !this.removeResponseHeaders.contains(key.toLowerCase())) { res.setHeader(key, header.getValue()); } // store headers back onto status status.setHeader(key, header.getValue()); if (trace) logger.trace("Response header: " + key + "=" + header.getValue()); } // grab a reference to the the content-type header here if we find it if (contentType == null && key.equalsIgnoreCase(HEADER_CONTENT_TYPE)) { contentType = header; // additional optional processing based on the Content-Type header processContentType(url, res, contentType); } // grab a reference to the Content-Length header here if we find it else if (contentLength == null && key.equalsIgnoreCase(HEADER_CONTENT_LENGTH)) { contentLength = header; } } } // locate response encoding from the headers String encoding = null; String ct = null; if (contentType != null) { ct = contentType.getValue(); int csi = ct.indexOf(CHARSETEQUALS); if (csi != -1) { encoding = ct.substring(csi + CHARSETEQUALS.length()); if ((csi = encoding.lastIndexOf(';')) != -1) { encoding = encoding.substring(0, csi); } if (debug) logger.debug("Response charset: " + encoding); } } if (debug) logger.debug("Response encoding: " + contentType); // generate container driven error message response for specific response codes if (res != null && responseCode == HttpServletResponse.SC_UNAUTHORIZED && allowResponseCommit) { res.sendError(responseCode, response.getStatusLine().getReasonPhrase()); } else { // push status to existing response object if required if (res != null && allowResponseCommit) { res.setStatus(responseCode); } // perform the stream write from the response to the output int bufferSize = this.bufferSize; if (contentLength != null) { long length = Long.parseLong(contentLength.getValue()); if (length < bufferSize) { bufferSize = (int) length; } } copyResponseStreamOutput(url, res, out, response, ct, bufferSize); } // if we get here call was successful return encoding; } catch (ConnectTimeoutException | SocketTimeoutException timeErr) { // caught a socket timeout IO exception - apply internal error code logger.info("Exception calling (" + requestMethod + ") " + url.toString()); status.setCode(HttpServletResponse.SC_REQUEST_TIMEOUT); status.setException(timeErr); status.setMessage(timeErr.getMessage()); if (res != null) { //return a Request Timeout error res.setStatus(HttpServletResponse.SC_REQUEST_TIMEOUT, timeErr.getMessage()); } throw timeErr; } catch (UnknownHostException | ConnectException hostErr) { // caught an unknown host IO exception logger.info("Exception calling (" + requestMethod + ") " + url.toString()); status.setCode(HttpServletResponse.SC_SERVICE_UNAVAILABLE); status.setException(hostErr); status.setMessage(hostErr.getMessage()); if (res != null) { // return server error code res.setStatus(HttpServletResponse.SC_SERVICE_UNAVAILABLE, hostErr.getMessage()); } throw hostErr; } catch (IOException ioErr) { // caught a general IO exception - apply generic error code so one gets returned logger.info("Exception calling (" + requestMethod + ") " + url.toString()); status.setCode(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); status.setException(ioErr); status.setMessage(ioErr.getMessage()); if (res != null) { res.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, ioErr.getMessage()); } throw ioErr; } catch (RuntimeException e) { // caught an exception - apply generic error code so one gets returned logger.debug("Exception calling (" + requestMethod + ") " + url.toString()); status.setCode(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); status.setException(e); status.setMessage(e.getMessage()); if (res != null) { res.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); } throw e; } finally { // reset state values if (method != null) { method.releaseConnection(); } setRequestContentType(null); this.requestMethod = HttpMethod.GET; } }
From source file:org.gaul.s3proxy.S3ProxyHandler.java
public final void doHandle(HttpServletRequest baseRequest, HttpServletRequest request, HttpServletResponse response, InputStream is) throws IOException, S3Exception { String method = request.getMethod(); String uri = request.getRequestURI(); if (!this.servicePath.isEmpty()) { if (uri.length() > this.servicePath.length()) { uri = uri.substring(this.servicePath.length()); }/*from ww w .ja va 2s. c o m*/ } logger.debug("request: {}", request); String hostHeader = request.getHeader(HttpHeaders.HOST); if (hostHeader != null && virtualHost.isPresent()) { hostHeader = HostAndPort.fromString(hostHeader).getHostText(); String virtualHostSuffix = "." + virtualHost.get(); if (!hostHeader.equals(virtualHost.get())) { if (hostHeader.endsWith(virtualHostSuffix)) { String bucket = hostHeader.substring(0, hostHeader.length() - virtualHostSuffix.length()); uri = "/" + bucket + uri; } else { String bucket = hostHeader.toLowerCase(); uri = "/" + bucket + uri; } } } boolean hasDateHeader = false; boolean hasXAmzDateHeader = false; for (String headerName : Collections.list(request.getHeaderNames())) { for (String headerValue : Collections.list(request.getHeaders(headerName))) { logger.trace("header: {}: {}", headerName, Strings.nullToEmpty(headerValue)); } if (headerName.equalsIgnoreCase(HttpHeaders.DATE)) { hasDateHeader = true; } else if (headerName.equalsIgnoreCase("x-amz-date")) { hasXAmzDateHeader = true; } } // when access information is not provided in request header, // treat it as anonymous, return all public accessible information if (!anonymousIdentity && (method.equals("GET") || method.equals("HEAD") || method.equals("POST")) && request.getHeader(HttpHeaders.AUTHORIZATION) == null && request.getParameter("X-Amz-Algorithm") == null && request.getParameter("AWSAccessKeyId") == null && defaultBlobStore != null) { doHandleAnonymous(request, response, is, uri, defaultBlobStore); return; } if (!anonymousIdentity && !hasDateHeader && !hasXAmzDateHeader && request.getParameter("X-Amz-Date") == null && request.getParameter("Expires") == null) { throw new S3Exception(S3ErrorCode.ACCESS_DENIED, "AWS authentication requires a valid Date or" + " x-amz-date header"); } // TODO: apply sanity checks to X-Amz-Date if (hasDateHeader) { long date; try { date = request.getDateHeader(HttpHeaders.DATE); } catch (IllegalArgumentException iae) { throw new S3Exception(S3ErrorCode.ACCESS_DENIED, iae); } if (date < 0) { throw new S3Exception(S3ErrorCode.ACCESS_DENIED); } long now = System.currentTimeMillis(); if (now + TimeUnit.DAYS.toMillis(1) < date || now - TimeUnit.DAYS.toMillis(1) > date) { throw new S3Exception(S3ErrorCode.REQUEST_TIME_TOO_SKEWED); } } BlobStore blobStore; String requestIdentity = null; String headerAuthorization = request.getHeader(HttpHeaders.AUTHORIZATION); S3AuthorizationHeader authHeader = null; boolean presignedUrl = false; if (!anonymousIdentity) { if (headerAuthorization == null) { String algorithm = request.getParameter("X-Amz-Algorithm"); if (algorithm == null) { String identity = request.getParameter("AWSAccessKeyId"); String signature = request.getParameter("Signature"); if (identity == null || signature == null) { throw new S3Exception(S3ErrorCode.ACCESS_DENIED); } headerAuthorization = "AWS " + identity + ":" + signature; presignedUrl = true; } else if (algorithm.equals("AWS4-HMAC-SHA256")) { String credential = request.getParameter("X-Amz-Credential"); String signedHeaders = request.getParameter("X-Amz-SignedHeaders"); String signature = request.getParameter("X-Amz-Signature"); if (credential == null || signedHeaders == null || signature == null) { throw new S3Exception(S3ErrorCode.ACCESS_DENIED); } headerAuthorization = "AWS4-HMAC-SHA256" + " Credential=" + credential + ", requestSignedHeaders=" + signedHeaders + ", Signature=" + signature; presignedUrl = true; } } try { authHeader = new S3AuthorizationHeader(headerAuthorization); } catch (IllegalArgumentException iae) { throw new S3Exception(S3ErrorCode.INVALID_ARGUMENT, iae); } requestIdentity = authHeader.identity; } String[] path = uri.split("/", 3); for (int i = 0; i < path.length; i++) { path[i] = URLDecoder.decode(path[i], "UTF-8"); } Map.Entry<String, BlobStore> provider = blobStoreLocator.locateBlobStore(requestIdentity, path.length > 1 ? path[1] : null, path.length > 2 ? path[2] : null); if (anonymousIdentity) { blobStore = provider.getValue(); String contentSha256 = request.getHeader("x-amz-content-sha256"); if ("STREAMING-AWS4-HMAC-SHA256-PAYLOAD".equals(contentSha256)) { is = new ChunkedInputStream(is); } } else if (requestIdentity == null) { throw new S3Exception(S3ErrorCode.ACCESS_DENIED); } else { if (provider == null) { throw new S3Exception(S3ErrorCode.INVALID_ACCESS_KEY_ID); } String credential = provider.getKey(); blobStore = provider.getValue(); String expiresString = request.getParameter("Expires"); if (expiresString != null) { long expires = Long.parseLong(expiresString); long nowSeconds = System.currentTimeMillis() / 1000; if (nowSeconds >= expires) { throw new S3Exception(S3ErrorCode.ACCESS_DENIED); } } String dateString = request.getParameter("X-Amz-Date"); expiresString = request.getParameter("X-Amz-Expires"); if (dateString != null && expiresString != null) { long date = parseIso8601(dateString); long expires = Long.parseLong(expiresString); long nowSeconds = System.currentTimeMillis() / 1000; if (nowSeconds >= date + expires) { throw new S3Exception(S3ErrorCode.ACCESS_DENIED, "Request has expired"); } } switch (authHeader.authenticationType) { case AWS_V2: switch (authenticationType) { case AWS_V2: case AWS_V2_OR_V4: case NONE: break; default: throw new S3Exception(S3ErrorCode.ACCESS_DENIED); } break; case AWS_V4: switch (authenticationType) { case AWS_V4: case AWS_V2_OR_V4: case NONE: break; default: throw new S3Exception(S3ErrorCode.ACCESS_DENIED); } break; case NONE: break; default: throw new IllegalArgumentException("Unhandled type: " + authHeader.authenticationType); } String expectedSignature = null; // When presigned url is generated, it doesn't consider service path String uriForSigning = presignedUrl ? uri : this.servicePath + uri; if (authHeader.hmacAlgorithm == null) { expectedSignature = createAuthorizationSignature(request, uriForSigning, credential); } else { String contentSha256 = request.getHeader("x-amz-content-sha256"); try { byte[] payload; if (request.getParameter("X-Amz-Algorithm") != null) { payload = new byte[0]; } else if ("STREAMING-AWS4-HMAC-SHA256-PAYLOAD".equals(contentSha256)) { payload = new byte[0]; is = new ChunkedInputStream(is); } else if ("UNSIGNED-PAYLOAD".equals(contentSha256)) { payload = new byte[0]; } else { // buffer the entire stream to calculate digest payload = ByteStreams.toByteArray(ByteStreams.limit(is, v4MaxNonChunkedRequestSize + 1)); if (payload.length == v4MaxNonChunkedRequestSize + 1) { throw new S3Exception(S3ErrorCode.MAX_MESSAGE_LENGTH_EXCEEDED); } is = new ByteArrayInputStream(payload); } expectedSignature = createAuthorizationSignatureV4(baseRequest, authHeader, payload, uriForSigning, credential); } catch (InvalidKeyException | NoSuchAlgorithmException e) { throw new S3Exception(S3ErrorCode.INVALID_ARGUMENT, e); } } if (!expectedSignature.equals(authHeader.signature)) { logger.debug("fail to validate signature"); throw new S3Exception(S3ErrorCode.SIGNATURE_DOES_NOT_MATCH); } } for (String parameter : Collections.list(request.getParameterNames())) { if (UNSUPPORTED_PARAMETERS.contains(parameter)) { logger.error("Unknown parameters {} with URI {}", parameter, request.getRequestURI()); throw new S3Exception(S3ErrorCode.NOT_IMPLEMENTED); } } // emit NotImplemented for unknown x-amz- headers for (String headerName : Collections.list(request.getHeaderNames())) { if (ignoreUnknownHeaders) { continue; } if (!headerName.startsWith("x-amz-")) { continue; } if (headerName.startsWith("x-amz-meta-")) { continue; } if (!SUPPORTED_X_AMZ_HEADERS.contains(headerName.toLowerCase())) { logger.error("Unknown header {} with URI {}", headerName, request.getRequestURI()); throw new S3Exception(S3ErrorCode.NOT_IMPLEMENTED); } } String uploadId = request.getParameter("uploadId"); switch (method) { case "DELETE": if (path.length <= 2 || path[2].isEmpty()) { handleContainerDelete(response, blobStore, path[1]); return; } else if (uploadId != null) { handleAbortMultipartUpload(response, blobStore, path[1], path[2], uploadId); return; } else { handleBlobRemove(response, blobStore, path[1], path[2]); return; } case "GET": if (uri.equals("/")) { handleContainerList(response, blobStore); return; } else if (path.length <= 2 || path[2].isEmpty()) { if ("".equals(request.getParameter("acl"))) { handleGetContainerAcl(response, blobStore, path[1]); return; } else if ("".equals(request.getParameter("location"))) { handleContainerLocation(response, blobStore, path[1]); return; } else if ("".equals(request.getParameter("uploads"))) { handleListMultipartUploads(request, response, blobStore, path[1]); return; } handleBlobList(request, response, blobStore, path[1]); return; } else { if ("".equals(request.getParameter("acl"))) { handleGetBlobAcl(response, blobStore, path[1], path[2]); return; } else if (uploadId != null) { handleListParts(request, response, blobStore, path[1], path[2], uploadId); return; } handleGetBlob(request, response, blobStore, path[1], path[2]); return; } case "HEAD": if (path.length <= 2 || path[2].isEmpty()) { handleContainerExists(blobStore, path[1]); return; } else { handleBlobMetadata(request, response, blobStore, path[1], path[2]); return; } case "POST": if ("".equals(request.getParameter("delete"))) { handleMultiBlobRemove(response, is, blobStore, path[1]); return; } else if ("".equals(request.getParameter("uploads"))) { handleInitiateMultipartUpload(request, response, blobStore, path[1], path[2]); return; } else if (uploadId != null && request.getParameter("partNumber") == null) { handleCompleteMultipartUpload(response, is, blobStore, path[1], path[2], uploadId); return; } break; case "PUT": if (path.length <= 2 || path[2].isEmpty()) { if ("".equals(request.getParameter("acl"))) { handleSetContainerAcl(request, response, is, blobStore, path[1]); return; } handleContainerCreate(request, response, is, blobStore, path[1]); return; } else if (uploadId != null) { if (request.getHeader("x-amz-copy-source") != null) { handleCopyPart(request, response, blobStore, path[1], path[2], uploadId); } else { handleUploadPart(request, response, is, blobStore, path[1], path[2], uploadId); } return; } else if (request.getHeader("x-amz-copy-source") != null) { handleCopyBlob(request, response, is, blobStore, path[1], path[2]); return; } else { if ("".equals(request.getParameter("acl"))) { handleSetBlobAcl(request, response, is, blobStore, path[1], path[2]); return; } handlePutBlob(request, response, is, blobStore, path[1], path[2]); return; } default: break; } logger.error("Unknown method {} with URI {}", method, request.getRequestURI()); throw new S3Exception(S3ErrorCode.NOT_IMPLEMENTED); }
From source file:org.wrml.server.WrmlServlet.java
/** * Build the WRML {@link Dimensions} object that, within the WRML runtime, will represent many of the same * "metadata" ideas that HTTP has delcared {@link org.wrml.model.rest.CommonHeader}s. * * @param request The {@link HttpServletRequest} that holds the metadata that is needed for the {@link Dimensions}. * @param method The requested interaction {@link Method}. * @param requestUri The requested resource's id ({@link URI}). * @param api The target REST API ({@link Api}). * @param acceptableMediaTypes The client-specified acceptable {@link MediaType}s. * @return The requested {@link Dimensions} of the desired response entity {@link Model}. *//*from ww w .ja v a 2 s. co m*/ Dimensions buildDimensions(final HttpServletRequest request, final Method method, final URI requestUri, final Api api, final List<MediaType> acceptableMediaTypes) throws ServletException { // Determine the best possible schema URI for the response. final List<URI> acceptableSchemaUriList = getAcceptableResponseEntitySchemaUris(method, requestUri, acceptableMediaTypes); final URI responseModelSchemaUri; if (!acceptableSchemaUriList.isEmpty()) { responseModelSchemaUri = acceptableSchemaUriList.get(0); } else { if (!acceptableMediaTypes.isEmpty()) { throw new ServletException("A 406. The WRML REST API (" + api.getTitle() + ") doesn't define any acceptable representations of the resource identified by: " + requestUri); } if (method == Method.Get) { throw new ServletException("A 403? The WRML REST API (" + api.getTitle() + ") doesn't define any representation of the resource identified by: " + requestUri); } // The interaction may not return anything, (e.g. DELETE) responseModelSchemaUri = null; } final DimensionsBuilder dimensionsBuilder = new DimensionsBuilder(responseModelSchemaUri); if (responseModelSchemaUri != null && !acceptableMediaTypes.isEmpty()) { // It would make sense for this to be the first (and only) media type that a WRML client would pass in the Accept header. final MediaType mediaType = acceptableMediaTypes.get(0); if (mediaType.getFullType().equals(SystemMediaType.MEDIA_TYPE_STRING_WRML)) { // These are communicated to a WRML server as parameters to the WRML media type that is passed in the HTTP Accept header. final String includedSlotNamesStringValue = mediaType .getParameter(SystemMediaType.PARAMETER_NAME_INCLUDE); final List<String> includedSlotNames = dimensionsBuilder.getIncludedSlotNames(); includedSlotNames.addAll(parseMediaTypeParameterList(includedSlotNamesStringValue)); final String excludedSlotNamesStringValue = mediaType .getParameter(SystemMediaType.PARAMETER_NAME_EXCLUDE); final List<String> excludedSlotNames = dimensionsBuilder.getExcludedSlotNames(); excludedSlotNames.addAll(parseMediaTypeParameterList(excludedSlotNamesStringValue)); final String embeddedLinkSlotNamesStringValue = mediaType .getParameter(SystemMediaType.PARAMETER_NAME_EMBED); final List<String> embeddedLinkSlotNames = dimensionsBuilder.getEmbeddedLinkSlotNames(); embeddedLinkSlotNames.addAll(parseMediaTypeParameterList(embeddedLinkSlotNamesStringValue)); } } final Locale locale = request.getLocale(); dimensionsBuilder.setLocale(locale); final SortedMap<String, String> metadata = dimensionsBuilder.getMetadata(); final Enumeration<String> headerNames = request.getHeaderNames(); while (headerNames.hasMoreElements()) { final String headerName = headerNames.nextElement(); final Enumeration<String> headerValues = request.getHeaders(headerName); final StringBuilder headerValueStringBuilder = new StringBuilder(); while (headerValues.hasMoreElements()) { final String partialHeaderValue = headerValues.nextElement(); headerValueStringBuilder.append(partialHeaderValue); if (headerValues.hasMoreElements()) { headerValueStringBuilder.append(", "); } } final String headerValue = headerValueStringBuilder.toString(); metadata.put(headerName, headerValue); final CommonHeader commonHeader = CommonHeader.fromString(headerName); if (commonHeader == null) { continue; } switch (commonHeader) { case REFERER: final URI referrerUri = URI.create(headerValue); dimensionsBuilder.setReferrerUri(referrerUri); break; default: break; } } final SortedMap<String, String> queryParameters = dimensionsBuilder.getQueryParameters(); final Enumeration<String> parameterNames = request.getParameterNames(); while (parameterNames.hasMoreElements()) { final String parameterName = parameterNames.nextElement(); final String[] parameterValues = request.getParameterValues(parameterName); final String parameterValue = StringUtils.join(parameterValues, ", "); queryParameters.put(parameterName, parameterValue); } final Context context = getContext(); final ApiLoader apiLoader = context.getApiLoader(); final Dimensions dimensions = apiLoader.buildDocumentDimensions(method, requestUri, dimensionsBuilder); return dimensions; }
From source file:de.tu_dortmund.ub.api.paia.core.PaiaCoreEndpoint.java
/** * * @param httpServletRequest/* w ww . j a v a 2s . c o m*/ * @param httpServletResponse * @throws ServletException * @throws IOException */ protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException { ObjectMapper mapper = new ObjectMapper(); String format; String language; String redirect_url; this.logger.debug( "[" + config.getProperty("service.name") + "] " + "PathInfo = " + httpServletRequest.getPathInfo()); this.logger.debug("[" + config.getProperty("service.name") + "] " + "QueryString = " + httpServletRequest.getQueryString()); String patronid = ""; String service = ""; String accept = ""; String authorization = ""; String path = httpServletRequest.getPathInfo(); if (path != null) { String[] params = path.substring(1, path.length()).split("/"); if (params.length == 1) { patronid = params[0]; service = "patron"; } else if (params.length == 2) { patronid = params[0]; service = params[1]; } else if (params[1].equals("items") && params.length > 2) { patronid = params[0]; for (int i = 1; i < params.length; i++) { service += params[i]; if (i < params.length - 1) { service += "/"; } } } } if (patronid.equals("patronid")) { patronid = ""; } this.logger.debug("[" + config.getProperty("service.name") + "] " + "Service: " + service); this.logger.debug("[" + config.getProperty("service.name") + "] " + "Patron: " + patronid); format = "html"; if (httpServletRequest.getParameter("format") != null && !httpServletRequest.getParameter("format").equals("")) { format = httpServletRequest.getParameter("format"); } else { Enumeration<String> headerNames = httpServletRequest.getHeaderNames(); while (headerNames.hasMoreElements()) { String headerNameKey = headerNames.nextElement(); if (headerNameKey.equals("Accept")) { this.logger.debug("headerNameKey = " + httpServletRequest.getHeader(headerNameKey)); if (httpServletRequest.getHeader(headerNameKey).contains("text/html")) { format = "html"; } else if (httpServletRequest.getHeader(headerNameKey).contains("application/xml")) { format = "xml"; } else if (httpServletRequest.getHeader(headerNameKey).contains("application/json")) { format = "json"; } } } } this.logger.info("format = " + format); if (format.equals("html") && Lookup.lookupAll(ObjectToHtmlTransformation.class).size() == 0) { this.logger.error("[" + this.config.getProperty("service.name") + "] " + HttpServletResponse.SC_BAD_REQUEST + ": " + "html not implemented!"); // Error handling mit suppress_response_codes=true if (httpServletRequest.getParameter("suppress_response_codes") != null) { httpServletResponse.setStatus(HttpServletResponse.SC_OK); } // Error handling mit suppress_response_codes=false (=default) else { httpServletResponse.setStatus(HttpServletResponse.SC_BAD_REQUEST); } // Json fr Response body RequestError requestError = new RequestError(); requestError.setError( this.config.getProperty("error." + Integer.toString(HttpServletResponse.SC_BAD_REQUEST))); requestError.setCode(HttpServletResponse.SC_BAD_REQUEST); requestError.setDescription(this.config .getProperty("error." + Integer.toString(HttpServletResponse.SC_BAD_REQUEST) + ".description")); requestError.setErrorUri(this.config .getProperty("error." + Integer.toString(HttpServletResponse.SC_BAD_REQUEST) + ".uri")); this.sendRequestError(httpServletResponse, requestError, format, "", ""); } else { // read requestBody StringBuffer jb = new StringBuffer(); String line = null; try { BufferedReader reader = httpServletRequest.getReader(); while ((line = reader.readLine()) != null) jb.append(line); } catch (Exception e) { /*report an error*/ } String requestBody = jb.toString(); // read document list DocumentList documentList = null; try { // read DocumentList documentList = mapper.readValue(requestBody, DocumentList.class); } catch (Exception e) { if (!requestBody.equals("")) { String[] params = requestBody.split("&"); if (params.length > 1) { documentList = new DocumentList(); documentList.setDoc(new ArrayList<Document>()); for (String param : params) { if (param.startsWith("document_id")) { Document document = new Document(); document.setEdition(param.split("=")[1]); documentList.getDoc().add(document); } } } } else if (httpServletRequest.getParameter("document_id") != null && !httpServletRequest.getParameter("document_id").equals("")) { Document document = new Document(); document.setEdition(httpServletRequest.getParameter("document_id")); if (httpServletRequest.getParameter("storage_id") != null && !httpServletRequest.getParameter("storage_id").equals("")) { document.setStorage_id(httpServletRequest.getParameter("storage_id")); } documentList = new DocumentList(); documentList.setDoc(new ArrayList<Document>()); documentList.getDoc().add(document); } else { // if exists cookie with name "PaiaServiceDocumentList": read it Cookie[] cookies = httpServletRequest.getCookies(); if (cookies != null) { for (Cookie cookie : cookies) { if (cookie.getName().equals("PaiaServiceDocumentList")) { if (cookie.getValue() != null && !cookie.getValue().equals("") && !cookie.getValue().equals("null")) { String value = URLDecoder.decode(cookie.getValue(), "UTF-8"); this.logger.info(value); documentList = mapper.readValue(value, DocumentList.class); } break; } } } } } if (patronid.equals("")) { // Authorization this.authorize(httpServletRequest, httpServletResponse, format, documentList); } else { redirect_url = ""; if (httpServletRequest.getParameter("redirect_url") != null && !httpServletRequest.getParameter("redirect_url").equals("")) { redirect_url = httpServletRequest.getParameter("redirect_url"); } this.logger.info("redirect_url = " + redirect_url); language = ""; // PAIA core - function if ((httpServletRequest.getMethod().equals("GET") && (service.equals("patron") || service.equals("fullpatron") || service.equals("items") || service.startsWith("items/ordered") || service.startsWith("items/reserved") || service.startsWith("items/borrowed") || service.startsWith("items/borrowed/ill") || service.startsWith("items/borrowed/renewed") || service.startsWith("items/borrowed/recalled") || service.equals("fees") || service.equals("request"))) || (httpServletRequest.getMethod().equals("POST") && (service.equals("request") || service.equals("renew") || service.equals("cancel")))) { // get 'Accept' and 'Authorization' from Header Enumeration<String> headerNames = httpServletRequest.getHeaderNames(); while (headerNames.hasMoreElements()) { String headerNameKey = (String) headerNames.nextElement(); this.logger.debug( "[" + config.getProperty("service.name") + "] " + "headerNameKey = " + headerNameKey + " / headerNameValue = " + httpServletRequest.getHeader(headerNameKey)); if (headerNameKey.equals("Accept-Language")) { language = httpServletRequest.getHeader(headerNameKey); this.logger.debug("[" + config.getProperty("service.name") + "] " + "Accept-Language: " + language); } if (headerNameKey.equals("Accept")) { accept = httpServletRequest.getHeader(headerNameKey); this.logger .debug("[" + config.getProperty("service.name") + "] " + "Accept: " + accept); } if (headerNameKey.equals("Authorization")) { authorization = httpServletRequest.getHeader(headerNameKey); } } // language if (language.startsWith("de")) { language = "de"; } else if (language.startsWith("en")) { language = "en"; } else if (httpServletRequest.getParameter("l") != null) { language = httpServletRequest.getParameter("l"); } else { language = "de"; } // if not exists token: read request parameter if ((authorization == null || authorization.equals("")) && httpServletRequest.getParameter("access_token") != null && !httpServletRequest.getParameter("access_token").equals("")) { authorization = httpServletRequest.getParameter("access_token"); } // if not exists token if (authorization == null || authorization.equals("")) { // if exists PaiaService-Cookie: read content Cookie[] cookies = httpServletRequest.getCookies(); if (cookies != null) { for (Cookie cookie : cookies) { if (cookie.getName().equals("PaiaService")) { String value = URLDecoder.decode(cookie.getValue(), "UTF-8"); this.logger.info(value); LoginResponse loginResponse = mapper.readValue(value, LoginResponse.class); // A C H T U N G: ggf. andere patronID im Cookie als in Request (UniAccount vs. BibAccount) if (loginResponse.getPatron().equals(patronid)) { authorization = loginResponse.getAccess_token(); } break; } } // if not exists token - search for Shibboleth-Token if (authorization == null || authorization.equals("")) { if (Lookup.lookupAll(AuthorizationInterface.class).size() > 0) { AuthorizationInterface authorizationInterface = Lookup .lookup(AuthorizationInterface.class); // init Authorization Service authorizationInterface.init(this.config); try { authorization = authorizationInterface.getAuthCookies(cookies); } catch (AuthorizationException e) { // TODO correct error handling this.logger.error("[" + config.getProperty("service.name") + "] " + HttpServletResponse.SC_UNAUTHORIZED + "!"); } this.logger.debug("[" + config.getProperty("service.name") + "] " + "Authorization: " + authorization); } } } } httpServletResponse.setHeader("Access-Control-Allow-Origin", config.getProperty("Access-Control-Allow-Origin")); httpServletResponse.setHeader("Cache-Control", config.getProperty("Cache-Control")); // check token ... boolean isAuthorized = false; if (authorization != null && !authorization.equals("")) { if (Lookup.lookupAll(AuthorizationInterface.class).size() > 0) { AuthorizationInterface authorizationInterface = Lookup .lookup(AuthorizationInterface.class); // init Authorization Service authorizationInterface.init(this.config); try { isAuthorized = authorizationInterface.isTokenValid(httpServletResponse, service, patronid, authorization); } catch (AuthorizationException e) { // TODO correct error handling this.logger.error("[" + config.getProperty("service.name") + "] " + HttpServletResponse.SC_UNAUTHORIZED + "!"); } } else { // TODO correct error handling this.logger.error("[" + this.config.getProperty("service.name") + "] " + HttpServletResponse.SC_INTERNAL_SERVER_ERROR + ": " + "Authorization Interface not implemented!"); } } this.logger.debug("[" + config.getProperty("service.name") + "] " + "Authorization: " + authorization + " - " + isAuthorized); if (isAuthorized) { // execute query this.provideService(httpServletRequest, httpServletResponse, patronid, service, format, language, redirect_url, documentList); } else { // Authorization this.authorize(httpServletRequest, httpServletResponse, format, documentList); } } else { this.logger.error("[" + config.getProperty("service.name") + "] " + HttpServletResponse.SC_METHOD_NOT_ALLOWED + ": " + httpServletRequest.getMethod() + " for '" + service + "' not allowed!"); // Error handling mit suppress_response_codes=true if (httpServletRequest.getParameter("suppress_response_codes") != null) { httpServletResponse.setStatus(HttpServletResponse.SC_OK); } // Error handling mit suppress_response_codes=false (=default) else { httpServletResponse.setStatus(HttpServletResponse.SC_METHOD_NOT_ALLOWED); } RequestError requestError = new RequestError(); requestError.setError(this.config .getProperty("error." + Integer.toString(HttpServletResponse.SC_METHOD_NOT_ALLOWED))); requestError.setCode(HttpServletResponse.SC_METHOD_NOT_ALLOWED); requestError.setDescription(this.config.getProperty("error." + Integer.toString(HttpServletResponse.SC_METHOD_NOT_ALLOWED) + ".description")); requestError.setErrorUri(this.config.getProperty( "error." + Integer.toString(HttpServletResponse.SC_METHOD_NOT_ALLOWED) + ".uri")); this.sendRequestError(httpServletResponse, requestError, format, language, redirect_url); } } } }
From source file:de.tu_dortmund.ub.api.daia.DaiaOpenUrlEndpoint.java
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String ip = request.getHeader("X-Forwarded-For"); boolean isTUintern = false; boolean isUBintern = false; boolean is52bIBA = false; try {//from w w w . j a v a 2 s .co m if (ip != null) { String[] ranges = config.getProperty("service.iprange.tu").split("\\|"); for (String range : ranges) { if (ip.matches(range)) { isTUintern = true; break; } } String[] exceptions = config.getProperty("service.iprange.tu.exceptions").split("\\|"); if (isTUintern) { for (String exception : exceptions) { if (ip.matches(exception)) { isTUintern = false; break; } } } ranges = config.getProperty("service.iprange.ub").split("\\|"); for (String range : ranges) { if (ip.matches(range)) { isUBintern = true; break; } } exceptions = config.getProperty("service.iprange.ub.exceptions").split("\\|"); if (isUBintern) { for (String exception : exceptions) { if (ip.matches(exception)) { isUBintern = false; break; } } } ranges = config.getProperty("service.iprange.ub.52bIBAs").split("\\|"); for (String range : ranges) { if (ip.matches(range)) { is52bIBA = true; break; } } } } catch (Exception e) { this.logger.error(e.getMessage(), e.getCause()); } this.logger.debug("Where is it from? " + request.getHeader("X-Forwarded-For") + ", " + isTUintern + ", " + isUBintern); // read query StringBuffer jb = new StringBuffer(); String line = null; try { BufferedReader reader = request.getReader(); while ((line = reader.readLine()) != null) { jb.append(line); } this.logger.debug("POST-INPUT: \n\t" + jb); } catch (Exception e) { this.logger.error(e.getMessage(), e.getCause()); } // format String format = "html"; Enumeration<String> headerNames = request.getHeaderNames(); while (headerNames.hasMoreElements()) { String headerNameKey = headerNames.nextElement(); if (headerNameKey.equals("Accept")) { if (request.getHeader(headerNameKey).contains("text/html")) { format = "html"; } else if (request.getHeader(headerNameKey).contains("application/xml")) { format = "xml"; } else if (request.getHeader(headerNameKey).contains("application/json")) { format = "json"; } } } // read query String queryString = null; if (jb.length() == 0) { if (format.equals("html")) { try { JAXBContext context = JAXBContext.newInstance(Daia.class); Marshaller m = context.createMarshaller(); m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); // Write to HttpResponse org.jdom2.Document doc = new org.jdom2.Document(); doc.setRootElement(new Element("daia")); HashMap<String, String> parameters = new HashMap<String, String>(); parameters.put("lang", "de"); parameters.put("isTUintern", Boolean.toString(isTUintern)); parameters.put("isUBintern", Boolean.toString(isUBintern)); parameters.put("is52bIBA", Boolean.toString(is52bIBA)); String html = htmlOutputter(doc, this.config.getProperty("linkresolver.html.xslt"), parameters); response.setContentType("text/html;charset=UTF-8"); response.setStatus(HttpServletResponse.SC_OK); response.getWriter().println(html); } catch (PropertyException e) { this.logger.error(e.getMessage(), e.getCause()); } catch (JAXBException e) { this.logger.error(e.getMessage(), e.getCause()); } } else { response.sendError(HttpServletResponse.SC_BAD_REQUEST, "Query is empty."); } } else { if (jb.toString().contains("__char_set=latin1") || jb.toString().contains("sid=semantics") || jb.toString().contains("sid=GBI:wiwi")) { this.logger.debug("TEST 'getQueryString': " + URLDecoder.decode(jb.toString(), "ISO-8859-1")); queryString = URLDecoder.decode(jb.toString(), "ISO-8859-1"); } else { queryString = URLDecoder.decode(jb.toString(), "UTF-8"); } HashMap<String, String> latinParameters = new HashMap<String, String>(); for (String param : queryString.split("&")) { String[] tmp = param.split("="); try { latinParameters.put(tmp[0], tmp[1]); } catch (ArrayIndexOutOfBoundsException e) { latinParameters.put(tmp[0], ""); } } if (latinParameters.get("format") != null && !latinParameters.get("format").equals("")) { format = latinParameters.get("format"); } this.logger.debug("format = " + format); // build response response.setHeader("Access-Control-Allow-Origin", config.getProperty("Access-Control-Allow-Origin")); if (format.equals("")) { response.sendError(HttpServletResponse.SC_BAD_REQUEST, "No valid {FORMAT} requested."); } else { this.provideService(request, response, format, latinParameters, isTUintern, isUBintern, is52bIBA); } } }
From source file:org.commoncrawl.service.listcrawler.ProxyServlet2.java
public void service(ServletRequest req, ServletResponse res) throws ServletException, IOException { HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) res; if ("CONNECT".equalsIgnoreCase(request.getMethod())) { handleConnect(request, response); } else {/*from w w w . j a va 2 s . c o m*/ final RequestDetails details = new RequestDetails(); String uri = request.getRequestURI(); if (request.getQueryString() != null) uri += "?" + request.getQueryString(); final URL url = new URL(request.getScheme(), request.getServerName(), request.getServerPort(), uri); if (request.getServerName().equals("proxy")) { serviceProxyInternalRequest(req, res); return; } // context.log("URL="+url); details.url = url; // attempt cache load first ... CacheLoadRequest cacheLoad = new CacheLoadRequest(url); details.log.add("Executing Disk Load Request"); DiskCacheItem cacheItem = cacheLoad.executeRequest(); details.log.add("Disk Load Request Returned:" + cacheItem); // create metadata placeholder CrawlURLMetadata metadata = new CrawlURLMetadata(); NIOHttpHeaders headers = null; boolean revalidate = false; boolean cacheItemValid = true; if (cacheItem != null) { // get headers headers = buildHeaderFromHeaderItems(cacheItem.getHeaderItems()); // set last fetch time in metadata metadata.setLastFetchTimestamp(cacheItem.getFetchTime()); // parse headers HttpHeaderInfoExtractor.parseHeaders(headers, metadata); // ok now validate cache if (HttpCacheUtils.requiresValidation(metadata)) { details.log.add("CACHE Item Present But Needs Revalidation"); revalidate = true; } } // if no cache item or we to revalidate cache item .. if (cacheItem == null || revalidate) { NIOHttpConnection connection = new NIOHttpConnection(url, ProxyServer.getSingleton().getEventLoop().getSelector(), ProxyServer.getSingleton().getEventLoop().getResolver(), _cookieStore); NIOConnectionWrapper wrapper = new NIOConnectionWrapper(connection); // URLConnection connection = url.openConnection(); // connection.setAllowUserInteraction(false); // Set method /* HttpURLConnection http = null; if (connection instanceof HttpURLConnection) { http = (HttpURLConnection)connection; http.setRequestMethod(request.getMethod()); http.setInstanceFollowRedirects(false); } */ connection.setMethod(request.getMethod()); // check connection header String connectionHdr = request.getHeader("Connection"); if (connectionHdr != null) { connectionHdr = connectionHdr.toLowerCase(); if (connectionHdr.equals("keep-alive") || connectionHdr.equals("close")) connectionHdr = null; } // copy headers boolean xForwardedFor = false; boolean hasContent = false; Enumeration enm = request.getHeaderNames(); while (enm.hasMoreElements()) { // TODO could be better than this! String hdr = (String) enm.nextElement(); String lhdr = hdr.toLowerCase(); if (_DontProxyHeaders.contains(lhdr) || lhdr.equals("cookie")) continue; if (connectionHdr != null && connectionHdr.indexOf(lhdr) >= 0) continue; if ("content-type".equals(lhdr)) hasContent = true; Enumeration vals = request.getHeaders(hdr); while (vals.hasMoreElements()) { String val = (String) vals.nextElement(); if (val != null) { connection.getRequestHeaders().set(hdr, val); // connection.addRequestProperty(hdr,val); details.log.add("req header: " + hdr + ": " + val); xForwardedFor |= "X-Forwarded-For".equalsIgnoreCase(hdr); } } } String cookies = _cookieStore.GetCookies(url); if (cookies.length() != 0) { details.log.add("req injected-header: Cookie:" + cookies); connection.getRequestHeaders().set("Cookie", cookies); } // Proxy headers connection.getRequestHeaders().set("Via", "1.1 (jetty)"); // cache headers (if required) if (metadata.isFieldDirty(CrawlURLMetadata.Field_LASTMODIFIEDTIME)) { details.log.add("Sending If-Modified-Since"); connection.getRequestHeaders().set("If-Modified-Since", headers.findValue("Last-Modified")); } if (metadata.isFieldDirty(CrawlURLMetadata.Field_ETAG)) { details.log.add("Sending If-None-Match"); connection.getRequestHeaders().set("If-None-Match", metadata.getETag()); } if (!xForwardedFor) connection.getRequestHeaders().set("X-Forwarded-For", request.getRemoteAddr()); //connection.addRequestProperty("X-Forwarded-For",request.getRemoteAddr()); // a little bit of cache control String cache_control = request.getHeader("Cache-Control"); /* if (cache_control!=null && (cache_control.indexOf("no-cache")>=0 || cache_control.indexOf("no-store")>=0)) connection.setUseCaches(false); */ // customize Connection try { // connection.setDoInput(true); // do input thang! InputStream in = request.getInputStream(); if (hasContent) { //connection.setDoOutput(true); ByteArrayOutputStream stream = new ByteArrayOutputStream(); IO.copy(in, stream); wrapper.setUploadBuffer(stream.toByteArray()); } // Connect connection.open(); } catch (Exception e) { details.log.add(CCStringUtils.stringifyException(e)); } boolean connectionSucceeded = wrapper.waitForCompletion(); InputStream proxy_in = null; // handler status codes etc. int code = 500; if (connectionSucceeded) { // set last fetch time in metadata metadata.setLastFetchTimestamp(System.currentTimeMillis()); code = connection.getResponseHeaders().getHttpResponseCode(); if (revalidate && code != 304) { details.log.add("Item ReValidate FAILED"); cacheItemValid = false; } if (code != 304) { HttpHeaderInfoExtractor.parseHeaders(connection.getResponseHeaders(), metadata); response.setStatus(code, ""); details.log.add("response code:" + code); // clear response defaults. response.setHeader("Date", null); response.setHeader("Server", null); // set response headers int h = 0; String hdr = connection.getResponseHeaders().getKey(h); String val = connection.getResponseHeaders().getValue(h); while (hdr != null || val != null) { String lhdr = hdr != null ? hdr.toLowerCase() : null; if (hdr != null && val != null && !_DontProxyHeaders.contains(lhdr)) response.addHeader(hdr, val); details.log.add("response header:" + hdr + ": " + val); h++; hdr = connection.getResponseHeaders().getKey(h); val = connection.getResponseHeaders().getValue(h); } response.addHeader("Via", "1.1 (jetty)"); response.addHeader("cache-control", "no-cache,no-store"); response.addHeader("Connection", "close"); // IF RESULT IS CACHEABLE ... LifeTimeInfo lifeTimeInfo = HttpCacheUtils.getFreshnessLifetimeInMilliseconds(metadata); details.log.add("getFreshnessLifetime returned:" + lifeTimeInfo._lifetime); details.log.add("getFreshnessLifetime source:" + lifeTimeInfo._source); if (lifeTimeInfo._lifetime != 0) { details.log.add("item is cachable - issuing cache request"); // construct a disk cache item ... final DiskCacheItem cacheItemForWrite = new DiskCacheItem(); // populate cacheItemForWrite.setFetchTime(System.currentTimeMillis()); cacheItemForWrite.setResponseCode(code); // headers .. h = 0; hdr = connection.getResponseHeaders().getKey(h); val = connection.getResponseHeaders().getValue(h); while (hdr != null || val != null) { String lhdr = hdr != null ? hdr.toLowerCase() : null; if (hdr != null && val != null) { if (!hdr.toLowerCase().equals("set-cookie")) { ArcFileHeaderItem item = new ArcFileHeaderItem(); item.setItemKey(hdr); item.setItemValue(val); cacheItemForWrite.getHeaderItems().add(item); } } h++; hdr = connection.getResponseHeaders().getKey(h); val = connection.getResponseHeaders().getValue(h); } if (connection.getContentBuffer().available() != 0) { // copy result to byte array //VERY INEFFICIENT ... BUT ONLY FOR TESTING ... ByteArrayOutputStream tempStream = new ByteArrayOutputStream(); IO.copy(new NIOBufferListInputStream(connection.getContentBuffer()), tempStream); // get the underlying buffer byte[] responseBuffer = tempStream.toByteArray(); // set it into the cache item ... cacheItemForWrite.setContent(new Buffer(responseBuffer)); // and now write out buffer IO.copy(new ByteArrayInputStream(responseBuffer), response.getOutputStream()); } // ok schedule a disk cache write ... _threadPool.execute(new Runnable() { @Override public void run() { LOG.info("Writing Cache Item for URL:" + url); File cacheFileName; try { cacheFileName = cachePathFromURL(url); try { FileOutputStream fileStream = new FileOutputStream(cacheFileName); try { DataOutputStream dataOutputStream = new DataOutputStream( fileStream); cacheItemForWrite.serialize(dataOutputStream, new BinaryProtocol()); } finally { fileStream.close(); } } catch (IOException e) { LOG.error(CCStringUtils.stringifyException(e)); } } catch (MalformedURLException e) { LOG.error(CCStringUtils.stringifyException(e)); } } }); } else { details.log.add("FRESHNESS LIFETIME == 0 - SKIPPING CACHE!"); // no cache direct copy case if (connection.getContentBuffer().available() != 0) { IO.copy(new NIOBufferListInputStream(connection.getContentBuffer()), response.getOutputStream()); } } } } else { response.setStatus(500, "Proxy Request Failed"); details.log.add("Proxy Request Failed"); } } // ok now, if cache item != null and cache-item is still valid if (cacheItem != null && cacheItemValid) { // service request from cache details.log.add("Servicing Request From Disk Cache"); // clear response defaults. response.setHeader("Date", null); response.setHeader("Server", null); // set response code response.setStatus(cacheItem.getResponseCode()); // set response headers for (ArcFileHeaderItem headerItem : cacheItem.getHeaderItems()) { String key = headerItem.getItemKey().toLowerCase(); // if not in don't proxy headers ... if (key.length() != 0) { if (!_DontProxyHeaders.contains(key) && !key.equals("set-cookie")) { response.addHeader(headerItem.getItemKey(), headerItem.getItemValue()); details.log.add("cache response: " + headerItem.getItemKey() + ": " + headerItem.getItemValue()); } else { details.log.add("cache hidden-hdr: " + headerItem.getItemKey() + ": " + headerItem.getItemValue()); } } } response.addHeader("Via", "1.1 (jetty)"); response.addHeader("cache-control", "no-cache,no-store"); response.addHeader("Connection", "close"); if (cacheItem.getContent().getCount() != 0) { response.setHeader("Content-Length", null); response.addHeader("Content-Length", Integer.toString(cacheItem.getContent().getCount())); IO.copy(new ByteArrayInputStream(cacheItem.getContent().getReadOnlyBytes()), response.getOutputStream()); } } LOG.info(details.toString()); } }
From source file:org.infoscoop.web.KeywordRankingServlet.java
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String uid = (String) request.getSession().getAttribute("Uid"); if (log.isInfoEnabled()) { log.info("uid:[" + uid + "]: doPost"); }/* ww w . j av a 2 s .c om*/ response.setHeader("Pragma", "no-cache"); response.setHeader("Cache-Control", "no-cache"); OutputStream out = null; int rankingPeriod; int rankingNum; String endDate; int offset = UserContext.instance().getUserInfo().getClientTimezoneOffset() / 60; String cacheName = "keywordRanking_UTC" + offset; try { String param_baseDate = request.getParameter("baseDate"); // If baseDate is null, it is behavior of TODAY. endDate = (param_baseDate == null) ? TODAY : param_baseDate; Cache cache = CacheDAO.newInstance().getCacheById(cacheName); String rss; // We do cash only in case that appoined "TODAY". if (TODAY.equals(endDate) && cache != null && DateUtility.isToday(cache.getTimestamp())) { List<Header> headerList = cache.getHeaderList(); for (Header header : headerList) { if (header.getName().equalsIgnoreCase("Last-Modified")) { String lastModified = header.getValue(); if (lastModified != null && lastModified.equals(request.getHeader("If-Modified-Since"))) { response.setStatus(304); return; } response.addHeader("Last-Modified", lastModified); } } rss = new String(cache.getBodyBytes(), "UTF-8"); log.info("get keywordRanking from cache."); } else { String param_period = request.getParameter("period"); String param_rankingNum = request.getParameter("rankingNum"); try { rankingPeriod = Integer.parseInt(param_period); } catch (NumberFormatException e) { log.warn("rankingPeriod [" + param_period + "] is not integer !"); rankingPeriod = RANKING_PERIOD_DEFAULT; } try { rankingNum = Integer.parseInt(param_rankingNum); } catch (NumberFormatException e) { log.warn("rankingNum[" + param_rankingNum + "] is not integer !"); rankingNum = RANKING_NUM_DEFAULT; } // check of the maximum rankingPeriod = (rankingPeriod > RANKING_PERIOD_MAX) ? RANKING_PERIOD_MAX : rankingPeriod; rankingNum = (rankingNum > RANKING_NUM_MAX) ? RANKING_NUM_MAX : rankingNum; boolean saveCache = true; SimpleDateFormat sdf = new SimpleDateFormat(DATE_FORMAT); sdf.setTimeZone(TimeZone.getTimeZone("UTC")); if (TODAY.equals(endDate)) { Calendar yesterday = Calendar.getInstance(); yesterday.setTimeZone(TimeZone.getTimeZone("UTC")); yesterday.set(Calendar.HOUR_OF_DAY, 0); endDate = sdf.format(yesterday.getTime()); } else if (NOW.equals(endDate)) { endDate = sdf.format(new Date()); saveCache = false; // When it is appointed "NOW", we don't do cash. } Map countMap = KeywordLogDAO.newInstance().getCountMap(getStartDate(endDate, rankingPeriod), endDate, new Integer(0)); if (countMap.size() == 0) { response.setStatus(204); return; } response.addDateHeader("Last-Modified", new Date().getTime()); rss = makeRss(countMap, rankingPeriod, rankingNum); if (saveCache) insertRss(cacheName, rss); } boolean noProxy = false; Enumeration headers = request.getHeaderNames(); while (headers.hasMoreElements()) { String headerName = (String) headers.nextElement(); if (headerName.equalsIgnoreCase("X-IS-NOPROXY")) { noProxy = true; break; } } byte[] resByte; if (noProxy) { response.setContentType("text/plain; charset=UTF-8"); String requestURL = request.getRequestURL() != null ? request.getRequestURL().toString() : ""; ProxyRequest proxyRequest = new ProxyRequest(requestURL, "RSSReader"); proxyRequest.setPortalUid((String) request.getSession().getAttribute("Uid")); resByte = RssFilter.process(proxyRequest, new ByteArrayInputStream(rss.getBytes("UTF-8"))); } else { response.setContentType("text/xml; charset=UTF-8"); resByte = rss.getBytes("UTF-8"); } out = response.getOutputStream(); out.write(resByte); } catch (Exception e) { log.error("--- unexpected error occurred.", e); response.sendError(500); } finally { if (out != null) { out.flush(); out.close(); } } }