Example usage for javax.servlet.http HttpServletResponse encodeRedirectUrl

List of usage examples for javax.servlet.http HttpServletResponse encodeRedirectUrl

Introduction

In this page you can find the example usage for javax.servlet.http HttpServletResponse encodeRedirectUrl.

Prototype

@Deprecated
public String encodeRedirectUrl(String url);

Source Link

Usage

From source file:org.josso.servlet.agent.JossoFilter.java

public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain)
        throws IOException, ServletException {
    HttpServletRequest hreq = (HttpServletRequest) request;

    HttpServletResponse hres = (HttpServletResponse) response;
    debug = 1;//from  w w  w. ja  v  a  2s  .  c o m
    if (debug == 1)
        log.debug("Processing : " + hreq.getContextPath());

    try {
        // ------------------------------------------------------------------
        // Check with the agent if this context should be processed.
        // ------------------------------------------------------------------
        String contextPath = hreq.getContextPath();
        String vhost = hreq.getServerName();
        //_agent.setCatalinaContainer(container);
        // In catalina, the empty context is considered the root context
        if ("".equals(contextPath))
            contextPath = "/";

        // T1 si l'appli n'est pas partenaire alors pas de SSO on continue
        if (!_agent.isPartnerApp(vhost, contextPath)) {
            filterChain.doFilter(hreq, hres);
            logg("T1 Context is not a josso partner app : " + hreq.getContextPath());
            hres.sendError(hres.SC_UNAUTHORIZED, "vrifier config agent ajouter le contexte");
            return;
        } else {
            logg("T1 Context IS a josso partner app =" + hreq.getContextPath());
        }

        //T2
        // ------------------------------------------------------------------
        // Check some basic HTTP handling
        // ------------------------------------------------------------------
        // P3P Header for IE 6+ compatibility when embedding JOSSO in a IFRAME
        SSOPartnerAppConfig cfg = _agent.getPartnerAppConfig(vhost, contextPath);
        if (cfg.isSendP3PHeader() && !hres.isCommitted()) {
            hres.setHeader("P3P", cfg.getP3PHeaderValue());
        }

        //T9
        // ------------------------------------------------------------------
        // Check if this URI is subject to SSO protection
        // ------------------------------------------------------------------
        if (_agent.isResourceIgnored(cfg, hreq)) {
            logg("T9 ressource non ssois (accs libre)");
            filterChain.doFilter(hreq, hres);
            return;
        }

        // Get our session ...
        HttpSession session = hreq.getSession(true);

        testCookieSession(hreq);
        //TA1 pas de cookie et on trouve la page de login attendue dans la dclaration du contexte agent
        logg("TA1 uri=" + hreq.getRequestURI() + " se termine par " + cfg.getLoginPage() + " rep="
                + hreq.getRequestURI().endsWith(cfg.getLoginPage()) + " test cookie="
                + testCookie2Session(hreq, session.getId()));
        if (!testCookie2Session(hreq, session.getId()) && hreq.getRequestURI().endsWith(cfg.getLoginPage())) {
            logg("TA1 on demande l'authentification locale on switche vers Josso");
            Cookie gato = newJossoCookie2(hreq.getContextPath(), session.getId(), COOKIE_LOGIN);
            hres.addCookie(gato);
            String loginUrl = _agent.buildLoginUrl(hreq);
            hres.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
            //response.setHeader("Location", jeVeux);
            hres.sendRedirect(loginUrl);
            return;
        }
        //T3 on revient aprs authentification russie et pour finalisation
        if (_agent.isSSOIDloged(jossoSessionId)) {
            iBoucle++;
            logg("T3 Info retour authentifi pour " + jossoSessionId + " faire retour vers " + theOriginal);
            SSOAgentRequest r = doMakeSSOAgentRequest(SSOAgentRequest.ACTION_ESTABLISH_SECURITY_CONTEXT,
                    jossoSessionId, localSession, null, hreq, hres);
            SingleSignOnEntry entry = _agent.processRequest(r);

            if (debug == 1)
                log.debug("Executed agent.");

            // Get session map for this servlet context.
            Map sessionMap = (Map) hreq.getSession().getServletContext().getAttribute(KEY_SESSION_MAP);
            if (sessionMap.get(localSession.getWrapped()) == null) {
                // the local session is new so, make the valve listen for its events so that it can
                // map them to local session events.
                // Not supported : session.addSessionListener(this);
                sessionMap.put(session, localSession);
            }

            // ------------------------------------------------------------------
            // Has a valid user already been authenticated?
            // ------------------------------------------------------------------
            if (debug == 1)
                log.debug("Process request for '" + hreq.getRequestURI() + "'");

            if (entry != null) {
                if (debug == 1)
                    log.debug("Principal '" + entry.principal + "' has already been authenticated");
                // TODO : Not supported
                // (request).setAuthType(entry.authType);
                // (request).setUserPrincipal(entry.principal);
            } else {
                log.info("No Valid SSO Session, attempt an optional login?");
                // This is a standard anonymous request!

                if (cookie != null) {
                    // cookie is not valid
                    cookie = _agent.newJossoCookie(hreq.getContextPath(), "-");
                    hres.addCookie(cookie);
                }

                if (cookie != null
                        || (getSavedRequestURL(session) == null && _agent.isAutomaticLoginRequired(hreq))) {

                    if (debug == 1)
                        log.debug("SSO Session is not valid, attempting automatic login");

                    // Save current request, so we can co back to it later ...
                    saveRequestURL(hreq, session);
                    String loginUrl = _agent.buildLoginOptionalUrl(hreq);

                    if (debug == 1)
                        log.debug("Redirecting to login url '" + loginUrl + "'");

                    //set non cache headers
                    _agent.prepareNonCacheResponse(hres);
                    hres.sendRedirect(hres.encodeRedirectURL(loginUrl));
                    return;
                } else {
                    if (debug == 1)
                        log.debug("SSO cookie is not present, but login optional process is not required");
                }

            }
            try {
                logg("Avant sur webProgrammaticLogin -------------" + iBoucle);

                if (!WebProgrammaticLogin.login(jossoSessionId, assertionId, "jossoRealm", hreq, hres)) {
                    logg("Erreur sur webProgrammaticLogin");
                } else {
                    logg("Russite sur webProgrammaticLogin");
                }
                logg("Aprs sur webProgrammaticLogin-------------" + iBoucle);
            } catch (Exception err) {
                logg("SSOAgentValve Erreur2 finalisation contexte securit", err);
                throw new ServletException(err);
            }

            // propagate the login and logout URLs to
            // partner applications.
            hreq.setAttribute("org.josso.agent.gateway-login-url", _agent.getGatewayLoginUrl());
            hreq.setAttribute("org.josso.agent.gateway-logout-url", _agent.getGatewayLogoutUrl());
            hreq.setAttribute("org.josso.agent.ssoSessionid", jossoSessionId);

            // ------------------------------------------------------------------
            // Invoke the next Valve in our pipeline
            // ------------------------------------------------------------------
            filterChain.doFilter(hreq, hres);
        }

        //T4
        // ------------------------------------------------------------------
        // Check if the partner application required the login form
        // ------------------------------------------------------------------
        if (debug == 1)
            log.debug("T4 Checking if its a josso_login_request for '" + hreq.getRequestURI() + "'");

        if (hreq.getRequestURI().endsWith(_agent.getJOSSOLoginUri())
                || hreq.getRequestURI().endsWith(_agent.getJOSSOUserLoginUri())) {

            if (debug == 1)
                log.debug("T4 josso_login_request received for uri '" + hreq.getRequestURI() + "'");

            //save referer url in case the user clicked on Login from some public resource (page)
            //so agent can redirect the user back to that page after successful login
            if (hreq.getRequestURI().endsWith(_agent.getJOSSOUserLoginUri())) {
                saveLoginBackToURL(hreq, session, true);
            } else {
                saveLoginBackToURL(hreq, session, false);
            }

            String loginUrl = _agent.buildLoginUrl(hreq);

            if (debug == 1)
                log.debug("T4 Redirecting to login url '" + loginUrl + "'");

            //set non cache headers
            _agent.prepareNonCacheResponse(hres);
            hres.sendRedirect(hres.encodeRedirectURL(loginUrl));

            return;

        }

        //T5
        // ------------------------------------------------------------------
        // Check if the partner application required a logout
        // ------------------------------------------------------------------
        if (debug == 1)
            log.debug("T5 Checking if its a josso_logout request for '" + hreq.getRequestURI() + "'");

        if (hreq.getRequestURI().endsWith(_agent.getJOSSOLogoutUri())) {

            if (debug == 1)
                log.debug("T5 josso_logout request received for uri '" + hreq.getRequestURI() + "'");

            String logoutUrl = _agent.buildLogoutUrl(hreq, cfg);

            if (debug == 1)
                log.debug("T5 Redirecting to logout url '" + logoutUrl + "'");

            // Clear previous COOKIE ...
            Cookie ssoCookie = _agent.newJossoCookie(hreq.getContextPath(), "-");
            hres.addCookie(ssoCookie);

            // invalidate session (unbind josso security context)
            session.invalidate();

            //set non cache headers
            _agent.prepareNonCacheResponse(hres);
            hres.sendRedirect(hres.encodeRedirectURL(logoutUrl));

            return;

        }

        //T6
        testCookieSession(hreq);
        //T7
        // ------------------------------------------------------------------
        // Check if the partner application submitted custom login form
        // ------------------------------------------------------------------

        if (debug == 1) {
            log.debug("T7 Checking if its a josso_authentication for '" + hreq.getRequestURI() + "'");
        }
        if (hreq.getRequestURI().endsWith(_agent.getJOSSOAuthenticationUri())) {

            if (debug == 1) {
                log.debug("T7 josso_authentication received for uri '" + hreq.getRequestURI() + "'");
            }

            GenericServletSSOAgentRequest customAuthRequest = (GenericServletSSOAgentRequest) doMakeSSOAgentRequest(
                    SSOAgentRequest.ACTION_CUSTOM_AUTHENTICATION, jossoSessionId, localSession, null, hreq,
                    hres);

            _agent.processRequest(customAuthRequest);

            return;
        }
        //T8
        // si pas de cookie de session SSO
        if (cookie == null || cookie.getValue().equals("-")) {

            // ------------------------------------------------------------------
            // Trigger LOGIN OPTIONAL if required
            // ------------------------------------------------------------------

            if (debug == 1)
                log.debug("T8 SSO cookie is not present, verifying optional login process ");

            // We have no cookie, remember me is enabled and a security check without assertion was received ...
            // This means that the user could not be identified ... go back to the original resource
            if (hreq.getRequestURI().endsWith(_agent.getJOSSOSecurityCheckUri())
                    && hreq.getParameter("josso_assertion_id") == null) {

                if (debug == 1)
                    log.debug("T8-1 " + _agent.getJOSSOSecurityCheckUri()
                            + " received without assertion.  Login Optional Process failed");

                String requestURI = getSavedRequestURL(session);
                _agent.prepareNonCacheResponse(hres);
                hres.sendRedirect(hres.encodeRedirectURL(requestURI));
                return;

            }

            // This is a standard anonymous request!
            if (!hreq.getRequestURI().endsWith(_agent.getJOSSOSecurityCheckUri())) {

                if (!_agent.isResourceIgnored(cfg, hreq) && _agent.isAutomaticLoginRequired(hreq)) {

                    if (debug == 1)
                        log.debug("T8-2 SSO cookie is not present, attempting automatic login");

                    // Save current request, so we can co back to it later ...
                    saveRequestURL(hreq, session);
                    String loginUrl = _agent.buildLoginOptionalUrl(hreq);

                    if (debug == 1)
                        log.debug("T8-2 Redirecting to login url '" + loginUrl + "'");

                    //set non cache headers
                    _agent.prepareNonCacheResponse(hres);
                    hres.sendRedirect(hres.encodeRedirectURL(loginUrl));
                    return;
                } else {
                    if (debug == 1)
                        log.debug("T8-2 SSO cookie is not present, but login optional process is not required");
                }
            }

            if (debug == 1)
                log.debug("T8-3 SSO cookie is not present, checking for outbound relaying");

            if (!(hreq.getRequestURI().endsWith(_agent.getJOSSOSecurityCheckUri())
                    && hreq.getParameter("josso_assertion_id") != null)) {
                log.debug("T8-3 SSO cookie not present and relaying was not requested, skipping");
                filterChain.doFilter(hreq, hres);
                return;
            }

        }

        // This URI should be protected by SSO, go on ...
        if (debug == 1)
            log.debug("Session is: " + session);

        // ------------------------------------------------------------------
        // Invoke the SSO Agent
        // ------------------------------------------------------------------
        if (debug == 1)
            log.debug("Executing agent...");
        //T10  /josso_security_check
        // ------------------------------------------------------------------
        // Check if a user has been authenitcated and should be checked by the agent.
        // ------------------------------------------------------------------
        if (debug == 1)
            log.debug("T10 Checking if its a josso_security_check for '" + hreq.getRequestURI() + "'");

        if (hreq.getRequestURI().endsWith(_agent.getJOSSOSecurityCheckUri())
                && hreq.getParameter("josso_assertion_id") != null) {

            if (debug == 1)
                log.debug("T10 josso_security_check received for uri '" + hreq.getRequestURI()
                        + "' assertion id '" + hreq.getParameter("josso_assertion_id"));

            assertionId = hreq.getParameter(Constants.JOSSO_ASSERTION_ID_PARAMETER);

            GenericServletSSOAgentRequest relayRequest;

            if (debug == 1)
                log.debug("T10 Outbound relaying requested for assertion id [" + assertionId + "]");

            relayRequest = (GenericServletSSOAgentRequest) doMakeSSOAgentRequest(SSOAgentRequest.ACTION_RELAY,
                    null, localSession, assertionId, hreq, hres);

            SingleSignOnEntry entry = _agent.processRequest(relayRequest);
            if (entry == null) {
                // This is wrong! We should have an entry here!
                log.error("T10-1 Outbound relaying failed for assertion id [" + assertionId
                        + "], no Principal found.");
                // Throw an exception and let the container send the INERNAL SERVER ERROR
                throw new ServletException("No Principal found. Verify your SSO Agent Configuration!");
            }

            if (debug == 1)
                log.debug("T10-2 Outbound relaying succesfull for assertion id [" + assertionId + "]");

            if (debug == 1)
                log.debug("T10-2 Assertion id [" + assertionId + "] mapped to SSO session id [" + entry.ssoId
                        + "]");

            // The cookie is valid to for the partner application only ... in the future each partner app may
            // store a different auth. token (SSO SESSION) value
            cookie = _agent.newJossoCookie(hreq.getContextPath(), entry.ssoId);
            hres.addCookie(cookie);

            // Redirect the user to the original request URI (which will cause
            // the original request to be restored)
            String requestURI = getSavedSplashResource(session);
            if (requestURI == null) {
                requestURI = getSavedRequestURL(session);
                if (requestURI == null) {

                    if (cfg.getDefaultResource() != null) {
                        requestURI = cfg.getDefaultResource();
                    } else {
                        // If no saved request is found, redirect to the partner app root :
                        requestURI = hreq.getRequestURI().substring(0,
                                (hreq.getRequestURI().length() - _agent.getJOSSOSecurityCheckUri().length()));
                    }

                    // If we're behind a reverse proxy, we have to alter the URL ... this was not necessary on tomcat 5.0 ?!
                    String singlePointOfAccess = _agent.getSinglePointOfAccess();
                    if (singlePointOfAccess != null) {
                        requestURI = singlePointOfAccess + requestURI;
                    } else {
                        String reverseProxyHost = hreq
                                .getHeader(org.josso.gateway.Constants.JOSSO_REVERSE_PROXY_HEADER);
                        if (reverseProxyHost != null) {
                            requestURI = reverseProxyHost + requestURI;
                        }
                    }

                    if (debug == 1)
                        log.debug("T10 No saved request found, using : '" + requestURI + "'");
                }
            }

            clearSavedRequestURLs(session);
            _agent.clearAutomaticLoginReferer(hreq);
            _agent.prepareNonCacheResponse(hres);

            // Check if we have a post login resource :
            String postAuthURI = cfg.getPostAuthenticationResource();
            if (postAuthURI != null) {
                String postAuthURL = _agent.buildPostAuthUrl(hres, requestURI, postAuthURI);
                if (debug == 1)
                    log.debug("T10 Redirecting to post-auth-resource '" + postAuthURL + "'");
                hres.sendRedirect(postAuthURL);
            } else {
                if (debug == 1)
                    log.debug("T10 Redirecting to original '" + requestURI + "'");
                hres.sendRedirect(hres.encodeRedirectURL(requestURI));
            }
            _agent.addEntrySSOIDsuccessed(entry.ssoId, entry.getPrincipal().getName());
            return;
        }

    } finally {
        if (debug == 1)
            log.debug("Processed : " + hreq.getContextPath());
    }
}

From source file:eu.eidas.node.service.IdPResponseServlet.java

private String handleExecute(HttpServletRequest request, HttpServletResponse response) throws ServletException {

    IdPResponseBean controllerService = (IdPResponseBean) getApplicationContext()
            .getBean(NodeBeanNames.IdP_RESPONSE.toString());

    ISpecificProxyService specificProxyService = controllerService.getSpecificProxyService();
    ILightResponse lightResponse;/*from w w w . j a v  a2  s .c o  m*/
    try {
        lightResponse = specificProxyService.processResponse(request, response);
    } catch (SpecificException e) {
        getLogger().error("SpecificException" + e, e);
        // Illegal state: no error AND no success response received from the specific
        throw new ServletException("Unable to process specific response: " + e, e);
    }
    if (null == lightResponse) {
        getLogger().error("SpecificException: Missing specific response");
        // Illegal state: no error AND no success response received from the specific
        throw new ServletException("Missing specific response: no error and no success");
    }

    HttpSession session = request.getSession();
    SessionHolder.setId(session);
    session.setAttribute(EidasParameterKeys.SAML_PHASE.toString(), EIDASValues.EIDAS_SERVICE_RESPONSE);

    // This is not the specific Map
    CorrelationMap<StoredAuthenticationRequest> requestCorrelationMap = controllerService
            .getProxyServiceRequestCorrelationMap();
    StoredAuthenticationRequest storedAuthenticationRequest = requestCorrelationMap
            .remove(lightResponse.getInResponseToId());

    if (null == storedAuthenticationRequest) {
        // send the error back:
        if (LOG.isErrorEnabled()) {
            LOG.error("Could not correlate any eIDAS request to the received specific IdP response: "
                    + lightResponse);
        }
        throw new ServletException(
                "Could not correlate specific response ID: " + lightResponse.getId() + " to any eIDAS request");
    }

    IAuthenticationRequest originalRequest = storedAuthenticationRequest.getRequest();

    WebRequest webRequest = new IncomingRequest(request);

    String retVal;

    IResponseStatus responseStatus = lightResponse.getStatus();
    if (responseStatus.isFailure()) {

        String statusCode = responseStatus.getStatusCode();
        String errorMessage = responseStatus.getStatusMessage();
        String errorSubCode = responseStatus.getSubStatusCode();

        // send the error back:
        if (LOG.isErrorEnabled()) {
            LOG.error("Received failed authentication from Specific Idp: errorMessage=\"" + errorMessage
                    + "\", statusCode=\"" + statusCode + "\", subCode=\"" + errorSubCode + "\"");
        }
        retVal = NodeViewNames.EIDAS_CONNECTOR_REDIRECT.toString();

        getLogger()
                .trace("Generate SAMLTokenFail because of authentication failure received from specific IdP");
        String samlTokenFail = controllerService.getProxyService().generateSamlTokenFail(originalRequest,
                statusCode, null, errorSubCode, errorMessage, webRequest.getRemoteIpAddress(), false);

        request.setAttribute(NodeParameterNames.SAML_TOKEN_FAIL.toString(), samlTokenFail);
    } else {

        // generate the eIDAS response with the ProxyService and send it back to the Connector:
        if (controllerService.isAskConsentValue()) {
            getLogger().trace("consent-value");
            retVal = NodeViewNames.EIDAS_SERVICE_CITIZEN_CONSENT.toString();

            // TODO: DO NOT generate this in advance!
            getLogger().trace(
                    "Generate SAMLTokenFail proactively in case of future consent refusal by the citizen");
            String samlTokenFail = controllerService.getProxyService().generateSamlTokenFail(originalRequest,
                    EIDASStatusCode.REQUESTER_URI.toString(), EidasErrorKey.CITIZEN_NO_CONSENT_MANDATORY,
                    webRequest.getRemoteIpAddress());

            request.setAttribute(NodeParameterNames.SAML_TOKEN_FAIL.toString(), samlTokenFail);

        } else {
            getLogger().trace("no-consent-value");
            retVal = NodeViewNames.EIDAS_CONNECTOR_REDIRECT.toString();
        }

        IResponseMessage responseMessage = controllerService.getProxyService().processIdpResponse(webRequest,
                storedAuthenticationRequest, lightResponse);

        String samlToken = EidasStringUtil.encodeToBase64(responseMessage.getMessageBytes());

        request.setAttribute(NodeParameterNames.SAML_TOKEN.toString(), samlToken);

        IAuthenticationResponse authnResponse = responseMessage.getResponse();

        ImmutableAttributeMap responseAttributeMap = authnResponse.getAttributes();

        ImmutableAttributeMap.Builder attrMapBuilder = new ImmutableAttributeMap.Builder();
        ProtocolProcessorI extProx = controllerService.getProxyService().getSamlService().getSamlEngine()
                .getProtocolProcessor();
        for (AttributeDefinition attrDef : responseAttributeMap.getAttributeMap().keySet()) {
            // filter out non file-registry attributes = dynamic, additional ones, where value must not be displayed
            if (extProx.getAttributeDefinitionNullable(attrDef.getNameUri().toString()) != null
                    && extProx.getAdditionalAttributes().getByName(attrDef.getNameUri().toString()) == null) {
                attrMapBuilder.put(attrDef,
                        responseAttributeMap.getAttributeValuesByNameUri(attrDef.getNameUri()));
            }
        }
        request.setAttribute(NodeParameterNames.PAL.toString(), attrMapBuilder.build().getAttributeMap());

        boolean hasEidasAttributes = false;
        for (final AttributeDefinition attributeDefinition : responseAttributeMap.getAttributeMap().keySet()) {
            if (EidasSpec.REGISTRY.contains(attributeDefinition)) {
                hasEidasAttributes = true;
                break;
            }
        }
        request.setAttribute(NodeParameterNames.EIDAS_ATTRIBUTES_PARAM.toString(),
                Boolean.valueOf(hasEidasAttributes));

        if (StringUtils.isNotBlank(authnResponse.getLevelOfAssurance())) {
            request.setAttribute(NodeParameterNames.LOA_VALUE.toString(),
                    EidasAttributesUtil.getUserFriendlyLoa(authnResponse.getLevelOfAssurance()));
        }
    }

    // Prevent cookies from being accessed through client-side script.
    setHTTPOnlyHeaderToSession(false, request, response);

    // Gets the attributes from Attribute Providers and validates mandatory
    // attributes.

    // Setting internal variables, to be included by the Struts on the JSP
    getLogger().trace("setting internal variables");

    String redirectUrl = originalRequest.getAssertionConsumerServiceURL();
    getLogger().debug("redirectUrl: " + redirectUrl);

    // These attributes are used by citizenConsent.jsp
    request.setAttribute(NodeParameterNames.REDIRECT_URL.toString(), response.encodeRedirectURL(redirectUrl)); // Correct URl redirect cookie implementation
    request.setAttribute(EidasParameterKeys.SP_ID.toString(), originalRequest.getProviderName());
    if (originalRequest instanceof IStorkAuthenticationRequest) {
        request.setAttribute(NodeParameterNames.QAA_LEVEL.toString(),
                ((IStorkAuthenticationRequest) originalRequest).getQaa());
    }

    String relayState = storedAuthenticationRequest.getRelayState();
    if (StringUtils.isNotBlank(relayState)) {
        getLogger().debug("Relay State ProxyService " + relayState);
        request.setAttribute(NodeParameterNames.RELAY_STATE.toString(), relayState);
    }

    return retVal;
}

From source file:org.jahia.bin.Render.java

private void doAction(HttpServletRequest req, HttpServletResponse resp, URLResolver urlResolver,
        RenderContext renderContext, Resource resource, Action action, Map<String, List<String>> parameters)
        throws Exception {
    final String requestWith = req.getHeader("x-requested-with");
    boolean isAjaxRequest = req.getHeader("accept") != null
            && req.getHeader("accept").contains("application/json") && requestWith != null
            && requestWith.equals("XMLHttpRequest");

    final Action originalAction = action;

    int tokenResult = TokenChecker.NO_TOKEN;
    if (!isWebflowRequest(req)) {
        tokenResult = TokenChecker.checkToken(req, resp, parameters);
    }/*from   w  w  w . ja va  2s  .c o m*/

    switch (tokenResult) {
    case TokenChecker.NO_TOKEN:
        break;
    case TokenChecker.INVALID_TOKEN:
        throw new AccessDeniedException("Invalid token.");
    case TokenChecker.INVALID_CAPTCHA:
        Map<String, String[]> formDatas = new HashMap<String, String[]>();
        Set<Map.Entry<String, List<String>>> set = parameters.entrySet();
        for (Map.Entry<String, List<String>> params : set) {
            formDatas.put(params.getKey(), params.getValue().toArray(new String[params.getValue().size()]));
        }
        String errorMessage = Messages.getInternal("failure.captcha", urlResolver.getLocale(),
                "Your captcha is invalid");
        if (!isAjaxRequest) {
            req.getSession().setAttribute("formDatas", formDatas);
            req.getSession().setAttribute("formError", errorMessage);
            performRedirect(renderContext.getMainResource().getNode().getPath(), urlResolver.getPath(), req,
                    resp, parameters, true);
        } else {
            resp.setContentType("application/json; charset=UTF-8");
            Map<String, String> res = new HashMap<String, String>();
            res.put("status", errorMessage);
            new JSONObject(res).write(resp.getWriter());
        }
        return;
    case TokenChecker.INVALID_HIDDEN_FIELDS:
        throw new AccessDeniedException();
    case TokenChecker.VALID_TOKEN:
        action = new SystemAction() {
            @Override
            public ActionResult doExecuteAsSystem(HttpServletRequest req, RenderContext renderContext,
                    JCRSessionWrapper systemSession, Resource resource, Map<String, List<String>> parameters,
                    URLResolver urlResolver) throws Exception {
                return originalAction.doExecute(req, renderContext, resource, systemSession, parameters,
                        urlResolver);
            }
        };
    }

    if (!(action instanceof SystemAction)) {
        if (action.getRequiredWorkspace() != null
                && !action.getRequiredWorkspace().equals(urlResolver.getWorkspace())) {
            throw new PathNotFoundException("Action is not supported for this workspace");
        }
        if (action.isRequireAuthenticatedUser() && !renderContext.isLoggedIn()) {
            throw new AccessDeniedException("Action '" + action.getName() + "' requires an authenticated user");
        }
        if (!action.isPermitted(urlResolver.getNode())) {
            throw new AccessDeniedException("Action '" + action.getName() + "' requires '"
                    + action.getRequiredPermission() + "' permission.");
        }
    } else if (originalAction instanceof LicensedAction) {
        LicensedAction licensedAction = (LicensedAction) originalAction;
        if (!licensedAction.isAllowedByLicense()) {
            logger.error(
                    "Action '{}' requires a licene feature '{}'"
                            + " which is not allowed by the current license terms",
                    originalAction.getName(), licensedAction.getLicenseFeature());
            throw new AccessDeniedException("Action '" + action.getName() + "' requires a licene feature '"
                    + licensedAction.getLicenseFeature()
                    + "' which is not allowed by the current license terms");
        }
    }

    JCRSessionWrapper session = null;
    if (resource != null) {
        session = resource.getNode().getSession();
    } else {
        session = JCRSessionFactory.getInstance().getCurrentUserSession(urlResolver.getWorkspace(),
                urlResolver.getLocale());
    }
    ActionResult result;
    try {
        result = action.doExecute(req, renderContext, resource, session, parameters, urlResolver);
    } catch (Exception e) {
        logger.error("An error occurs when executing action {}", action.getName(), e);
        throw e;
    }
    if (result != null) {
        boolean returnJSON = "json".equals(
                parameters.get(RETURN_CONTENTTYPE) != null ? parameters.get(RETURN_CONTENTTYPE).get(0) : "")
                || req.getHeader("accept") != null && req.getHeader("accept").contains("application/json");
        if (result.getResultCode() < 300 || returnJSON) {
            resp.setStatus(result.getResultCode());
            addCookie(req, resp);
            if (result.getJson() != null && returnJSON) {
                try {
                    String contentType = parameters.get(RETURN_CONTENTTYPE_OVERRIDE) != null
                            ? StringUtils.defaultIfEmpty(parameters.get(RETURN_CONTENTTYPE_OVERRIDE).get(0),
                                    null)
                            : null;
                    if (contentType == null) {
                        contentType = "application/json; charset=UTF-8";
                    } else if (!contentType.toLowerCase().contains("charset")) {
                        // append the charset
                        contentType += "; charset=UTF-8";
                    }
                    resp.setContentType(contentType);
                    result.getJson().write(resp.getWriter());
                } catch (JSONException e) {
                    logger.error(e.getMessage(), e);
                }
            } else {
                if (!result.isAbsoluteUrl()) {
                    performRedirect(result.getUrl(), urlResolver.getPath(), req, resp, parameters, false);
                } else {
                    resp.sendRedirect(resp.encodeRedirectURL(result.getUrl()));
                }
            }
        } else {
            resp.sendError(result.getResultCode());
        }
    }
}

From source file:gov.nih.nci.evs.browser.servlet.AjaxServlet.java

public static void search_value_set(HttpServletRequest request, HttpServletResponse response) {
    String selectValueSetSearchOption = HTTPUtils
            .cleanXSS((String) request.getParameter("selectValueSetSearchOption"));
    request.getSession().setAttribute("selectValueSetSearchOption", selectValueSetSearchOption);

    String algorithm = HTTPUtils.cleanXSS((String) request.getParameter("valueset_search_algorithm"));
    request.getSession().setAttribute("valueset_search_algorithm", algorithm);

    // check if any checkbox is checked.
    String contextPath = request.getContextPath();
    String view_str = HTTPUtils.cleanXSS((String) request.getParameter("view"));
    String vsd_uri = HTTPUtils.cleanXSS((String) request.getParameter("vsd_uri"));
    String root_vsd_uri = HTTPUtils.cleanXSS((String) request.getParameter("root_vsd_uri"));

    int view = Constants.STANDARD_VIEW;
    boolean isInteger = DataUtils.isInteger(view_str);
    if (isInteger) {
        view = Integer.parseInt(view_str);
    }// w  w  w .  j  a va  2 s . co m

    if (vsd_uri != null && root_vsd_uri == null) {
        root_vsd_uri = vsd_uri;
    }

    String msg = null;
    request.getSession().removeAttribute("checked_vocabularies");
    String checked_vocabularies = HTTPUtils.cleanXSS((String) request.getParameter("checked_vocabularies"));
    request.getSession().removeAttribute("partial_checked_vocabularies");
    String matchText = HTTPUtils.cleanXSS((String) request.getParameter("matchText"));
    if (DataUtils.isNull(matchText)) {
        matchText = "";
    } else {
        matchText = matchText.trim();
    }
    request.getSession().setAttribute("matchText", matchText);

    String ontology_display_name = HTTPUtils.cleanXSS((String) request.getParameter("ontology_display_name"));
    String ontology_version = HTTPUtils.cleanXSS((String) request.getParameter("ontology_version"));

    if (matchText.compareTo("") == 0) {
        msg = "Please enter a search string.";
        request.getSession().setAttribute("message", msg);
        if (!DataUtils.isNull(ontology_display_name) && !DataUtils.isNull(ontology_version)) {
            create_vs_tree(request, response, view, ontology_display_name, ontology_version);
        } else {
            create_vs_tree(request, response, view);
        }
        return;
    }

    if (checked_vocabularies == null || (checked_vocabularies.compareTo("") == 0)) {
        msg = "No value set definition is selected.";
        request.getSession().setAttribute("message", msg);
        if (!DataUtils.isNull(ontology_display_name) && !DataUtils.isNull(ontology_version)) {
            create_vs_tree(request, response, view, ontology_display_name, ontology_version);
        } else {
            vsd_uri = HTTPUtils.cleanXSS((String) request.getParameter("vsd_uri"));
            if (DataUtils.isNull(vsd_uri)) {
                create_vs_tree(request, response, view);
            } else {
                create_vs_tree(request, response, view, vsd_uri);
            }
        }
    } else {
        try {
            String retstr = valueSetSearchAction(request);
            //KLO, 041312
            if (retstr.compareTo("message") == 0) {
                if (!DataUtils.isNull(ontology_display_name) && !DataUtils.isNull(ontology_version)) {
                    create_vs_tree(request, response, view, ontology_display_name, ontology_version);
                } else {
                    create_vs_tree(request, response, view);
                }
                return;
            }

            //Vector matched_vsds = (Vector) request.getSession().getAttribute("matched_vsds");

            //String destination = contextPath + "/pages/value_set_search_results.jsf";

            String destination = contextPath + "/pages/value_set_entity_search_results.jsf";

            if (!DataUtils.isNull(vsd_uri)) {
                destination = contextPath
                        + "/pages/value_set_entity_search_results.jsf?value_set_tab=false&root_vsd_uri="
                        + root_vsd_uri;
            }

            response.sendRedirect(response.encodeRedirectURL(destination));
            //request.getSession().setAttribute("checked_vocabularies", checked_vocabularies);
        } catch (Exception ex) {
            ex.printStackTrace();
        }
    }
}

From source file:org.wso2.carbon.identity.application.authenticator.duoauth.DuoAuthenticator.java

@Override
protected void initiateAuthenticationRequest(HttpServletRequest request, HttpServletResponse response,
        AuthenticationContext context) throws AuthenticationFailedException {

    String username = null;/*from w w  w.  j  a v a 2 s .co m*/
    String loginPage = ConfigurationFacade.getInstance().getAuthenticationEndpointURL();
    AKEY = DuoAuthenticatorConstants.stringGenerator();

    for (int i = context.getSequenceConfig().getStepMap().size() - 1; i > 0; i--) {

        //Getting the last authenticated local user
        if (context.getSequenceConfig().getStepMap().get(i).getAuthenticatedUser() != null
                && context.getSequenceConfig().getStepMap().get(i).getAuthenticatedAutenticator()
                        .getApplicationAuthenticator() instanceof LocalApplicationAuthenticator) {

            username = context.getSequenceConfig().getStepMap().get(i).getAuthenticatedUser();
            if (log.isDebugEnabled()) {
                log.debug("username :" + username);
            }
            break;

        }
    }

    String mobile = null;

    if (username != null) {

        int tenantId = 0;
        try {

            tenantId = IdentityUtil.getTenantIdOFUser(username);
            UserRealm userRealm = DuoAuthenticatorServiceComponent.getRealmService()
                    .getTenantUserRealm(tenantId);

            username = MultitenantUtils.getTenantAwareUsername(username);

            if (userRealm != null) {

                UserStoreManager userStoreManager = (UserStoreManager) userRealm.getUserStoreManager();

                mobile = userStoreManager.getUserClaimValue(username, DuoAuthenticatorConstants.MOBILE_CLAIM,
                        null);

            } else {
                throw new AuthenticationFailedException(
                        "Cannot find the user realm for the given tenant: " + tenantId);
            }
        } catch (IdentityException e) {
            if (log.isDebugEnabled()) {
                log.debug(DuoAuthenticatorConstants.DuoErrors.ERROR_GETTING_PHONE);
            }
            throw new AuthenticationFailedException(DuoAuthenticatorConstants.DuoErrors.ERROR_GETTING_PHONE, e);
        } catch (UserStoreException e) {
            if (log.isDebugEnabled()) {
                log.debug(DuoAuthenticatorConstants.DuoErrors.ERROR_GETTING_PHONE);
            }
            throw new AuthenticationFailedException(DuoAuthenticatorConstants.DuoErrors.ERROR_GETTING_PHONE, e);
        }

        if (log.isDebugEnabled()) {
            log.debug("mobile number : " + mobile);
        }

        Object result = null;
        if (mobile != null) {

            //Initiate Duo API request to get the user
            Http duoRequest = new Http(DuoAuthenticatorConstants.HTTP_GET,
                    getAuthenticatorConfig().getParameterMap().get(DuoAuthenticatorConstants.HOST),
                    DuoAuthenticatorConstants.API_USER);

            duoRequest.addParam(DuoAuthenticatorConstants.DUO_USERNAME, username);

            try {

                duoRequest.signRequest(
                        getAuthenticatorConfig().getParameterMap().get(DuoAuthenticatorConstants.ADMIN_IKEY),
                        getAuthenticatorConfig().getParameterMap().get(DuoAuthenticatorConstants.ADMIN_SKEY));

            } catch (UnsupportedEncodingException e) {

                if (log.isDebugEnabled()) {
                    log.debug(DuoAuthenticatorConstants.DuoErrors.ERROR_SIGN_REQUEST);
                }

                throw new AuthenticationFailedException(DuoAuthenticatorConstants.DuoErrors.ERROR_SIGN_REQUEST,
                        e);
            }

            try {
                //Execute Duo API request
                result = duoRequest.executeRequest();

            } catch (Exception e) {

                if (log.isDebugEnabled()) {
                    log.debug(DuoAuthenticatorConstants.DuoErrors.ERROR_EXECUTE_REQUEST);
                }

                throw new AuthenticationFailedException(
                        DuoAuthenticatorConstants.DuoErrors.ERROR_EXECUTE_REQUEST, e);
            }

            if (result != null) {
                if (log.isDebugEnabled()) {
                    log.debug(result.toString());
                }

                try {
                    JSONArray array = new JSONArray(result.toString());

                    if (array.length() == 0) {

                        if (log.isDebugEnabled()) {
                            log.debug(DuoAuthenticatorConstants.DuoErrors.ERROR_USER_NOT_FOUND);
                        }

                        throw new AuthenticationFailedException(
                                DuoAuthenticatorConstants.DuoErrors.ERROR_USER_NOT_FOUND);

                    } else {
                        JSONArray phoneArray;

                        JSONObject object = array.getJSONObject(0);
                        phoneArray = (JSONArray) object.get(DuoAuthenticatorConstants.DUO_PHONES);

                        if (phoneArray.length() == 0) {

                            if (log.isDebugEnabled()) {
                                log.debug(DuoAuthenticatorConstants.DuoErrors.ERROR_NUMBER_INVALID);
                            }

                            throw new AuthenticationFailedException(
                                    DuoAuthenticatorConstants.DuoErrors.ERROR_NUMBER_INVALID);

                        } else {
                            String number = ((JSONObject) phoneArray.get(0))
                                    .getString(DuoAuthenticatorConstants.DUO_NUMBER);

                            if (mobile.equals(number)) {

                                String sig_request = DuoWeb.signRequest(
                                        getAuthenticatorConfig().getParameterMap()
                                                .get(DuoAuthenticatorConstants.IKEY),
                                        getAuthenticatorConfig().getParameterMap()
                                                .get(DuoAuthenticatorConstants.SKEY),
                                        AKEY, username);

                                String DuoUrl = loginPage + "?" + FrameworkConstants.RequestParams.AUTHENTICATOR
                                        + "=" + getName() + ":" + FrameworkConstants.LOCAL_IDP_NAME + "&"
                                        + FrameworkConstants.RequestParams.TYPE + "="
                                        + DuoAuthenticatorConstants.RequestParams.DUO + "&"
                                        + DuoAuthenticatorConstants.RequestParams.SIG_REQUEST + "="
                                        + sig_request + "&" + FrameworkConstants.SESSION_DATA_KEY + "="
                                        + context.getContextIdentifier() + "&"
                                        + DuoAuthenticatorConstants.RequestParams.DUO_HOST + "="
                                        + getAuthenticatorConfig().getParameterMap()
                                                .get(DuoAuthenticatorConstants.HOST);

                                try {
                                    //Redirect to Duo Authentication page
                                    response.sendRedirect(response.encodeRedirectURL(DuoUrl));
                                } catch (IOException e) {

                                    if (log.isDebugEnabled()) {
                                        log.debug(DuoAuthenticatorConstants.DuoErrors.ERROR_REDIRECTING);
                                    }

                                    throw new AuthenticationFailedException(
                                            DuoAuthenticatorConstants.DuoErrors.ERROR_REDIRECTING, e);
                                }

                            } else {

                                if (log.isDebugEnabled()) {
                                    log.debug(DuoAuthenticatorConstants.DuoErrors.ERROR_NUMBER_MISMATCH);
                                }

                                throw new AuthenticationFailedException(
                                        DuoAuthenticatorConstants.DuoErrors.ERROR_NUMBER_MISMATCH);
                            }
                        }

                    }
                } catch (JSONException e) {

                    if (log.isDebugEnabled()) {
                        log.debug(DuoAuthenticatorConstants.DuoErrors.ERROR_JSON);
                    }

                    throw new AuthenticationFailedException(DuoAuthenticatorConstants.DuoErrors.ERROR_JSON, e);
                }

            }

        } else {

            if (log.isDebugEnabled()) {
                log.debug(DuoAuthenticatorConstants.DuoErrors.ERROR_NUMBER_NOT_FOUND);
            }

            throw new AuthenticationFailedException(DuoAuthenticatorConstants.DuoErrors.ERROR_NUMBER_NOT_FOUND);
        }
    } else {

        if (log.isDebugEnabled()) {
            log.debug("No local user found");
        }

        throw new AuthenticationFailedException("Duo authenticator failed to initialize");
    }
}

From source file:org.wso2.carbon.identity.authenticator.emailotp.EmailOTPAuthenticator.java

/**
 * Initiate the authentication request/*from  ww  w. j ava  2s  . com*/
 */
@Override
protected void initiateAuthenticationRequest(HttpServletRequest request, HttpServletResponse response,
        AuthenticationContext context) throws AuthenticationFailedException {
    try {
        Map<String, String> authenticatorProperties = context.getAuthenticatorProperties();
        Map<String, String> emailOTPParameters = getAuthenticatorConfig().getParameterMap();
        if (!context.isRetrying()
                || (context.isRetrying()
                        && StringUtils.isEmpty(request.getParameter(EmailOTPAuthenticatorConstants.RESEND)))
                || (context.isRetrying()
                        && Boolean.parseBoolean(request.getParameter(EmailOTPAuthenticatorConstants.RESEND)))) {
            String username = null;
            String email = null;
            for (Integer stepMap : context.getSequenceConfig().getStepMap().keySet()) {
                if (context.getSequenceConfig().getStepMap().get(stepMap).getAuthenticatedUser() != null
                        && context.getSequenceConfig().getStepMap().get(stepMap).getAuthenticatedAutenticator()
                                .getApplicationAuthenticator() instanceof LocalApplicationAuthenticator) {
                    username = String.valueOf(
                            context.getSequenceConfig().getStepMap().get(stepMap).getAuthenticatedUser());
                    break;
                }
            }
            if (StringUtils.isNotEmpty(username)) {
                UserRealm userRealm = null;
                String tenantDomain = MultitenantUtils.getTenantDomain(username);
                int tenantId = IdentityTenantUtil.getTenantId(tenantDomain);
                RealmService realmService = IdentityTenantUtil.getRealmService();
                try {
                    userRealm = (UserRealm) realmService.getTenantUserRealm(tenantId);
                } catch (org.wso2.carbon.user.api.UserStoreException e) {
                    throw new AuthenticationFailedException("Cannot find the user realm", e);
                }
                username = MultitenantUtils.getTenantAwareUsername(String.valueOf(username));
                if (userRealm != null) {
                    email = userRealm.getUserStoreManager().getUserClaimValue(username,
                            EmailOTPAuthenticatorConstants.EMAIL_CLAIM, null);
                    if (StringUtils.isEmpty(email)) {
                        log.error("Receiver's email ID can not be null.");
                        throw new AuthenticationFailedException("Receiver's email ID can not be null.");
                    } else {
                        context.setProperty(EmailOTPAuthenticatorConstants.RECEIVER_EMAIL, email);
                    }

                }
            }
            OneTimePassword token = new OneTimePassword();
            String secret = OneTimePassword.getRandomNumber(EmailOTPAuthenticatorConstants.SECRET_KEY_LENGTH);
            String myToken = token.generateToken(secret, "" + EmailOTPAuthenticatorConstants.NUMBER_BASE,
                    EmailOTPAuthenticatorConstants.NUMBER_DIGIT);
            context.setProperty(EmailOTPAuthenticatorConstants.OTP_TOKEN, myToken);

            if (authenticatorProperties != null) {
                if (StringUtils.isNotEmpty(myToken)) {
                    if (isSMTP(emailOTPParameters, authenticatorProperties)) {
                        sendOTP(username, myToken, email);
                    } else if (StringUtils.isNotEmpty(email)) {
                        String failureString = null;
                        if (isAccessTokenRequired(emailOTPParameters, authenticatorProperties)) {
                            String tokenResponse = sendTokenRequest(authenticatorProperties,
                                    emailOTPParameters);
                            if (StringUtils.isEmpty(tokenResponse)
                                    || tokenResponse.startsWith(EmailOTPAuthenticatorConstants.FAILED)) {
                                log.error("Unable to get the access token");
                                throw new AuthenticationFailedException("Unable to get the access token");
                            } else {
                                JSONObject tokenObj = new JSONObject(tokenResponse);
                                String accessToken = tokenObj
                                        .getString(EmailOTPAuthenticatorConstants.EMAILOTP_ACCESS_TOKEN);
                                context.getAuthenticatorProperties()
                                        .put(EmailOTPAuthenticatorConstants.EMAILOTP_ACCESS_TOKEN, accessToken);
                                authenticatorProperties = context.getAuthenticatorProperties();
                            }
                        }
                        String payload = preparePayload(authenticatorProperties, emailOTPParameters, email,
                                myToken);
                        String formData = prepareFormData(authenticatorProperties, emailOTPParameters, email,
                                myToken);
                        String urlParams = prepareURLParams(authenticatorProperties, emailOTPParameters, email,
                                myToken);
                        String sendCodeResponse = sendMailUsingAPIs(authenticatorProperties, emailOTPParameters,
                                urlParams, payload, formData);
                        String api = getAPI(authenticatorProperties);
                        if (emailOTPParameters.containsKey(api + EmailOTPAuthenticatorConstants.FAILURE)) {
                            failureString = emailOTPParameters
                                    .get(api + EmailOTPAuthenticatorConstants.FAILURE);
                        }
                        if (StringUtils.isEmpty(sendCodeResponse)
                                || sendCodeResponse.startsWith(EmailOTPAuthenticatorConstants.FAILED)
                                || (StringUtils.isNotEmpty(failureString)
                                        && sendCodeResponse.contains(failureString))) {
                            log.error("Unable to send the code");
                            throw new AuthenticationFailedException("Unable to send the code");
                        }
                    }
                }
            } else {
                log.error("Error while retrieving properties. Authenticator Properties cannot be null");
                throw new AuthenticationFailedException(
                        "Error while retrieving properties. Authenticator Properties cannot be null");
            }
        }
        if (context.isRetrying()
                || StringUtils.isEmpty(request.getParameter(EmailOTPAuthenticatorConstants.RESEND))) {
            String emailOTPPage = ConfigurationFacade.getInstance().getAuthenticationEndpointURL().replace(
                    EmailOTPAuthenticatorConstants.LOGIN_PAGE, EmailOTPAuthenticatorConstants.EMILOTP_PAGE);
            String queryParams = FrameworkUtils.getQueryStringWithFrameworkContextId(context.getQueryParams(),
                    context.getCallerSessionKey(), context.getContextIdentifier());
            String retryParam = "";
            if (context.isRetrying()) {
                retryParam = EmailOTPAuthenticatorConstants.RETRY_PARAMS;
            }
            try {
                response.sendRedirect(response.encodeRedirectURL(emailOTPPage + ("?" + queryParams))
                        + EmailOTPAuthenticatorConstants.AUTHENTICATORS + getName() + ":"
                        + EmailOTPAuthenticatorConstants.LOCAL + retryParam);
            } catch (IOException e) {
                log.error("Authentication failed: " + e.getMessage(), e);
                throw new AuthenticationFailedException(e.getMessage(), e);
            }
        }
    } catch (UserStoreException e) {
        log.error("Cannot find the user claim for email", e);
        throw new AuthenticationFailedException("Cannot find the user claim for email " + e.getMessage(), e);
    } catch (AuthenticationFailedException e) {
        log.error(e.getMessage(), e);
        throw new AuthenticationFailedException(e.getMessage(), e);
    }
}

From source file:com.exedio.cope.live.Bar.java

void doRequest(final HttpServletRequest request, final HttpSession httpSession,
        final HttpServletResponse response, final Anchor anchor) throws IOException {
    if (!Cop.isPost(request)) {
        try {/*from w ww  . j  a  va 2 s  .  c  om*/
            startTransaction("redirectHome");
            anchor.redirectHome(request, response);
            model.commit();
        } finally {
            model.rollbackIfNotCommitted();
        }
        return;
    }

    final String referer;

    if (isMultipartContent(request)) {
        final HashMap<String, String> fields = new HashMap<String, String>();
        final HashMap<String, FileItem> files = new HashMap<String, FileItem>();
        final FileItemFactory factory = new DiskFileItemFactory();
        final ServletFileUpload upload = new ServletFileUpload(factory);
        upload.setHeaderEncoding(UTF_8.name());
        try {
            for (final Iterator<?> i = upload.parseRequest(request).iterator(); i.hasNext();) {
                final FileItem item = (FileItem) i.next();
                if (item.isFormField())
                    fields.put(item.getFieldName(), item.getString(UTF_8.name()));
                else
                    files.put(item.getFieldName(), item);
            }
        } catch (final FileUploadException e) {
            throw new RuntimeException(e);
        }

        final String featureID = fields.get(FEATURE);
        if (featureID == null)
            throw new NullPointerException();

        final Media feature = (Media) model.getFeature(featureID);
        if (feature == null)
            throw new NullPointerException(featureID);

        final String itemID = fields.get(ITEM);
        if (itemID == null)
            throw new NullPointerException();

        final FileItem file = files.get(FILE);

        try {
            startTransaction("publishFile(" + featureID + ',' + itemID + ')');

            final Item item = model.getItem(itemID);

            if (fields.get(PUBLISH_NOW) != null) {
                for (final History history : History.getHistories(item.getCopeType())) {
                    final History.Event event = history.createEvent(item, anchor.getHistoryAuthor(), false);
                    event.createFeature(feature, feature.getName(),
                            feature.isNull(item) ? null
                                    : ("file type=" + feature.getContentType(item) + " size="
                                            + feature.getLength(item)),
                            "file name=" + file.getName() + " type=" + file.getContentType() + " size="
                                    + file.getSize());
                }

                // TODO use more efficient setter with File or byte[]
                feature.set(item, file.getInputStream(), file.getContentType());
            } else {
                anchor.modify(file, feature, item);
            }

            model.commit();
        } catch (final NoSuchIDException e) {
            throw new RuntimeException(e);
        } finally {
            model.rollbackIfNotCommitted();
        }

        referer = fields.get(REFERER);
    } else // isMultipartContent
    {
        if (request.getParameter(BORDERS_ON) != null || request.getParameter(BORDERS_ON_IMAGE) != null) {
            anchor.borders = true;
        } else if (request.getParameter(BORDERS_OFF) != null
                || request.getParameter(BORDERS_OFF_IMAGE) != null) {
            anchor.borders = false;
        } else if (request.getParameter(CLOSE) != null || request.getParameter(CLOSE_IMAGE) != null) {
            httpSession.removeAttribute(LoginServlet.ANCHOR);
        } else if (request.getParameter(SWITCH_TARGET) != null) {
            anchor.setTarget(servlet.getTarget(request.getParameter(SWITCH_TARGET)));
        } else if (request.getParameter(SAVE_TARGET) != null) {
            try {
                startTransaction("saveTarget");
                anchor.getTarget().save(anchor);
                model.commit();
            } finally {
                model.rollbackIfNotCommitted();
            }
            anchor.notifyPublishedAll();
        } else {
            final String featureID = request.getParameter(FEATURE);
            if (featureID == null)
                throw new NullPointerException();

            final Feature featureO = model.getFeature(featureID);
            if (featureO == null)
                throw new NullPointerException(featureID);

            final String itemID = request.getParameter(ITEM);
            if (itemID == null)
                throw new NullPointerException();

            if (featureO instanceof StringField) {
                final StringField feature = (StringField) featureO;
                final String value = request.getParameter(TEXT);

                try {
                    startTransaction("barText(" + featureID + ',' + itemID + ')');

                    final Item item = model.getItem(itemID);

                    if (request.getParameter(PUBLISH_NOW) != null) {
                        String v = value;
                        if ("".equals(v))
                            v = null;
                        for (final History history : History.getHistories(item.getCopeType())) {
                            final History.Event event = history.createEvent(item, anchor.getHistoryAuthor(),
                                    false);
                            event.createFeature(feature, feature.getName(), feature.get(item), v);
                        }
                        feature.set(item, v);
                        anchor.notifyPublished(feature, item);
                    } else {
                        anchor.modify(value, feature, item);
                    }

                    model.commit();
                } catch (final NoSuchIDException e) {
                    throw new RuntimeException(e);
                } finally {
                    model.rollbackIfNotCommitted();
                }
            } else {
                final IntegerField feature = (IntegerField) featureO;
                final String itemIDFrom = request.getParameter(ITEM_FROM);
                if (itemIDFrom == null)
                    throw new NullPointerException();

                try {
                    startTransaction("swapPosition(" + featureID + ',' + itemIDFrom + ',' + itemID + ')');

                    final Item itemFrom = model.getItem(itemIDFrom);
                    final Item itemTo = model.getItem(itemID);

                    final Integer positionFrom = feature.get(itemFrom);
                    final Integer positionTo = feature.get(itemTo);
                    feature.set(itemFrom, feature.getMinimum());
                    feature.set(itemTo, positionFrom);
                    feature.set(itemFrom, positionTo);

                    for (final History history : History.getHistories(itemFrom.getCopeType())) {
                        final History.Event event = history.createEvent(itemFrom, anchor.getHistoryAuthor(),
                                false);
                        event.createFeature(feature, feature.getName(), positionFrom, positionTo);
                    }
                    for (final History history : History.getHistories(itemTo.getCopeType())) {
                        final History.Event event = history.createEvent(itemTo, anchor.getHistoryAuthor(),
                                false);
                        event.createFeature(feature, feature.getName(), positionTo, positionFrom);
                    }

                    model.commit();
                } catch (final NoSuchIDException e) {
                    throw new RuntimeException(e);
                } finally {
                    model.rollbackIfNotCommitted();
                }
            }
        }

        referer = request.getParameter(REFERER);
    }

    if (referer != null)
        response.sendRedirect(response.encodeRedirectURL(referer));
}

From source file:at.gv.egovernment.moa.id.protocols.pvp2x.SingleLogOutAction.java

@Override
public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq,
        HttpServletResponse httpResp, IAuthData authData) throws MOAIDException {

    PVPTargetConfiguration pvpReq = (PVPTargetConfiguration) req;

    if (pvpReq.getRequest() instanceof MOARequest
            && ((MOARequest) pvpReq.getRequest()).getSamlRequest() instanceof LogoutRequest) {
        Logger.debug("Process Single LogOut request");
        MOARequest samlReq = (MOARequest) pvpReq.getRequest();
        LogoutRequest logOutReq = (LogoutRequest) samlReq.getSamlRequest();

        AuthenticationSession session = AuthenticationSessionStoreage.searchMOASessionWithNameIDandOAID(
                logOutReq.getIssuer().getValue(), logOutReq.getNameID().getValue());

        if (session == null) {
            Logger.warn("Can not find active SSO session with nameID " + logOutReq.getNameID().getValue()
                    + " and OA " + logOutReq.getIssuer().getValue());
            Logger.info("Search active SSO session with SSO session cookie");
            SSOManager ssomanager = SSOManager.getInstance();
            String ssoID = ssomanager.getSSOSessionID(httpReq);
            if (MiscUtil.isEmpty(ssoID)) {
                Logger.warn("Can not find active Session. Single LogOut not possible!");
                SingleLogoutService sloService = SingleLogOutBuilder.getResponseSLODescriptor(pvpReq);
                //LogoutResponse message = SingleLogOutBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI);
                LogoutResponse message = SingleLogOutBuilder.buildSLOResponseMessage(sloService, pvpReq, null);
                Logger.info("Sending SLO success message to requester ...");
                SingleLogOutBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp,
                        samlReq.getRelayState());
                return null;

            } else {
                String moasession = ssomanager.getMOASession(ssoID);
                try {
                    session = AuthenticationSessionStoreage.getSession(moasession);

                } catch (MOADatabaseException e) {
                    Logger.warn("Can not find active Session. Single LogOut not possible!");
                    SingleLogoutService sloService = SingleLogOutBuilder.getResponseSLODescriptor(pvpReq);
                    //LogoutResponse message = SingleLogOutBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI);
                    LogoutResponse message = SingleLogOutBuilder.buildSLOResponseMessage(sloService, pvpReq,
                            null);//from w w w.  j a  v  a 2  s. co m
                    Logger.info("Sending SLO success message to requester ...");
                    SingleLogOutBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp,
                            samlReq.getRelayState());
                    return null;

                }
            }
        }

        AuthenticationManager authManager = AuthenticationManager.getInstance();
        authManager.performSingleLogOut(httpReq, httpResp, session, pvpReq);

    } else if (pvpReq.getRequest() instanceof MOAResponse
            && ((MOAResponse) pvpReq.getRequest()).getResponse() instanceof LogoutResponse) {
        Logger.debug("Process Single LogOut response");
        LogoutResponse logOutResp = (LogoutResponse) ((MOAResponse) pvpReq.getRequest()).getResponse();

        Transaction tx = null;

        try {
            String relayState = pvpReq.getRequest().getRelayState();
            if (MiscUtil.isEmpty(relayState)) {
                Logger.warn(
                        "SLO Response from " + logOutResp.getIssuer().getValue() + " has no SAML2 RelayState.");
                throw new SLOException("pvp2.19", null);

            }

            Session session = MOASessionDBUtils.getCurrentSession();
            boolean storageSuccess = false;
            int counter = 0;

            //TODO: add counter to prevent deadlock

            while (!storageSuccess) {
                tx = session.beginTransaction();

                List result;
                Query query = session.getNamedQuery("getAssertionWithArtifact");
                query.setParameter("artifact", relayState);
                result = query.list();
                Logger.trace("Found entries: " + result.size());

                //Assertion requires an unique artifact
                if (result.size() != 1) {
                    Logger.trace("No entries found.");
                    throw new MOADatabaseException("No sessioninformation found with this ID");
                }

                AssertionStore element = (AssertionStore) result.get(0);
                Object data = SerializationUtils.deserialize(element.getAssertion());

                if (data instanceof SLOInformationContainer) {
                    SLOInformationContainer sloContainer = (SLOInformationContainer) data;

                    //check status
                    SingleLogOutBuilder.checkStatusCode(sloContainer, logOutResp);

                    if (sloContainer.hasFrontChannelOA()) {
                        try {
                            //some response are open
                            byte[] serializedSLOContainer = SerializationUtils
                                    .serialize((Serializable) sloContainer);
                            element.setAssertion(serializedSLOContainer);
                            element.setType(sloContainer.getClass().getName());

                            session.saveOrUpdate(element);
                            tx.commit();

                            //sloContainer could be stored to database
                            storageSuccess = true;

                        } catch (HibernateException e) {
                            tx.rollback();

                            counter++;
                            Logger.debug(
                                    "SLOContainter could not stored to database. Wait some time and restart storage process ... ");
                            java.util.Random rand = new java.util.Random();

                            try {
                                Thread.sleep(rand.nextInt(20) * 10);

                            } catch (InterruptedException e1) {
                                Logger.warn("Thread could not stopped. ReStart storage process immediately",
                                        e1);
                            }
                        }

                    } else {
                        //last response received.
                        try {
                            session.delete(element);
                            tx.commit();

                        } catch (HibernateException e) {
                            tx.rollback();
                            Logger.error("SLOContainter could not deleted from database. ");

                        }

                        storageSuccess = true;
                        String redirectURL = null;
                        if (sloContainer.getSloRequest() != null) {
                            //send SLO response to SLO request issuer
                            SingleLogoutService sloService = SingleLogOutBuilder
                                    .getResponseSLODescriptor(sloContainer.getSloRequest());
                            LogoutResponse message = SingleLogOutBuilder.buildSLOResponseMessage(sloService,
                                    sloContainer.getSloRequest(), sloContainer.getSloFailedOAs());
                            redirectURL = SingleLogOutBuilder.getFrontChannelSLOMessageURL(sloService, message,
                                    httpReq, httpResp,
                                    sloContainer.getSloRequest().getRequest().getRelayState());

                        } else {
                            //print SLO information directly
                            redirectURL = AuthConfigurationProvider.getInstance().getPublicURLPrefix()
                                    + "/idpSingleLogout";

                            String artifact = Random.nextRandom();

                            String statusCode = null;
                            if (sloContainer.getSloFailedOAs() == null
                                    || sloContainer.getSloFailedOAs().size() == 0)
                                statusCode = SLOSTATUS_SUCCESS;
                            else
                                statusCode = SLOSTATUS_ERROR;

                            AssertionStorage.getInstance().put(artifact, statusCode);
                            redirectURL = addURLParameter(redirectURL, PARAM_SLOSTATUS, artifact);

                        }
                        //redirect to Redirect Servlet
                        String url = AuthConfigurationProvider.getInstance().getPublicURLPrefix()
                                + "/RedirectServlet";
                        url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL,
                                URLEncoder.encode(redirectURL, "UTF-8"));
                        url = httpResp.encodeRedirectURL(url);

                        httpResp.setContentType("text/html");
                        httpResp.setStatus(302);
                        httpResp.addHeader("Location", url);

                    }
                } else {
                    Logger.warn("Sessioninformation Cast-Exception by using Artifact=" + relayState);
                    throw new MOADatabaseException("Sessioninformation Cast-Exception");

                }
            }

        } catch (MOADatabaseException e) {
            Logger.error("MOA AssertionDatabase ERROR", e);
            throw new SLOException("pvp2.19", null);

        } catch (UnsupportedEncodingException e) {
            Logger.error("Finale SLO redirct not possible.", e);
            throw new AuthenticationException("pvp2.13", new Object[] {});

        } finally {
            if (tx != null && !tx.wasCommitted()) {
                tx.commit();

            }
        }

    } else {
        Logger.error("Process SingleLogOutAction but request is NOT of type LogoutRequest or LogoutResponse.");
        throw new MOAIDException("pvp2.13", null);

    }

    return null;
}

From source file:at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorWithLocalSigningServlet.java

private void handleSAMLResponse(HttpServletRequest request, HttpServletResponse response) {
    Logger.info("handleSAMLResponse started");
    String pendingRequestID = null;

    try {/*from w ww  . jav a  2  s  .com*/
        Logger.info("PEPSConnector Servlet invoked, expecting C-PEPS message.");
        Logger.debug("This ACS endpoint is: " + HTTPUtils.getBaseURL(request));

        super.setNoCachingHeadersInHttpRespone(request, response);
        Logger.trace("No Caching headers set for HTTP response");

        //check if https or only http
        super.checkIfHTTPisAllowed(request.getRequestURL().toString());

        Logger.debug("Beginning to extract SAMLResponse out of HTTP Request");

        //extract STORK Response from HTTP Request
        //Decodes SAML Response
        byte[] decSamlToken;
        try {
            decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLResponse"));
            Logger.debug("SAMLResponse: " + new String(decSamlToken));

        } catch (NullPointerException e) {
            Logger.error("Unable to retrieve STORK Response", e);
            throw new MOAIDException("stork.04", null);
        }

        //Get SAMLEngine instance
        STORKSAMLEngine engine = STORKSAMLEngine.getInstance("outgoing");

        STORKAuthnResponse authnResponse = null;
        try {
            //validate SAML Token
            Logger.debug("Starting validation of SAML response");
            authnResponse = engine.validateSTORKAuthnResponse(decSamlToken, (String) request.getRemoteHost());
            Logger.info("SAML response succesfully verified!");
        } catch (STORKSAMLEngineException e) {
            Logger.error("Failed to verify STORK SAML Response", e);
            throw new MOAIDException("stork.05", null);
        }

        Logger.info("STORK SAML Response message succesfully extracted");
        Logger.debug("STORK response: ");
        Logger.debug(authnResponse.toString());

        Logger.debug("Trying to find MOA Session-ID ...");
        //String moaSessionID = request.getParameter(PARAM_SESSIONID);
        //first use SAML2 relayState 
        String moaSessionID = request.getParameter("RelayState");

        // escape parameter strings
        moaSessionID = StringEscapeUtils.escapeHtml(moaSessionID);

        //check if SAML2 relaystate includes a MOA sessionID
        if (StringUtils.isEmpty(moaSessionID)) {
            //if relaystate is emtpty, use SAML response -> inResponseTo element as session identifier

            moaSessionID = authnResponse.getInResponseTo();
            moaSessionID = StringEscapeUtils.escapeHtml(moaSessionID);

            if (StringUtils.isEmpty(moaSessionID)) {
                //No authentication session has been started before
                Logger.error("MOA-SessionID was not found, no previous AuthnRequest had been started");
                Logger.debug("PEPSConnectorURL was: " + request.getRequestURL());
                throw new AuthenticationException("auth.02", new Object[] { moaSessionID });

            } else
                Logger.trace(
                        "Use MOA SessionID " + moaSessionID + " from AuthnResponse->inResponseTo attribute.");

        } else
            //Logger.trace("MOA SessionID " + moaSessionID + " is found in http GET parameter.");
            Logger.trace("MOA SessionID " + moaSessionID + " is found in SAML2 relayState.");

        /*INFO!!!!
         * SAML message IDs has an different format then MOASessionIDs
         * This is only a workaround because many PEPS does not support SAML2 relayState or
         * MOASessionID as AttributConsumerServiceURL GET parameter
         */
        //            if (!ParamValidatorUtils.isValidSessionID(moaSessionID))
        //                throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_SESSIONID, "auth.12");

        pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moaSessionID);

        //load MOASession from database
        AuthenticationSession moaSession = AuthenticationServer.getSession(moaSessionID);
        //change MOASessionID
        moaSessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);

        Logger.info("Found MOA sessionID: " + moaSessionID);

        String statusCodeValue = authnResponse.getStatusCode();

        if (!statusCodeValue.equals(StatusCode.SUCCESS_URI)) {
            Logger.error("Received ErrorResponse from PEPS: " + statusCodeValue);
            throw new MOAIDException("stork.06", new Object[] { statusCodeValue });
        }

        Logger.info("Got SAML response with authentication success message.");

        Logger.debug("MOA session is still valid");

        STORKAuthnRequest storkAuthnRequest = moaSession.getStorkAuthnRequest();

        if (storkAuthnRequest == null) {
            Logger.error(
                    "Could not find any preceeding STORK AuthnRequest to this MOA session: " + moaSessionID);
            throw new MOAIDException("stork.07", null);
        }

        Logger.debug("Found a preceeding STORK AuthnRequest to this MOA session: " + moaSessionID);

        ////////////// incorporate gender from parameters if not in stork response

        IPersonalAttributeList attributeList = authnResponse.getPersonalAttributeList();

        // but first, check if we have a representation case
        if (STORKResponseProcessor.hasAttribute("mandateContent", attributeList)
                || STORKResponseProcessor.hasAttribute("representative", attributeList)
                || STORKResponseProcessor.hasAttribute("represented", attributeList)) {
            // in a representation case...
            moaSession.setUseMandate("true");

            // and check if we have the gender value
            PersonalAttribute gender = attributeList.get("gender");
            if (null == gender) {
                String gendervalue = (String) request.getParameter("gender");
                if (null != gendervalue) {
                    gender = new PersonalAttribute();
                    gender.setName("gender");
                    ArrayList<String> tmp = new ArrayList<String>();
                    tmp.add(gendervalue);
                    gender.setValue(tmp);

                    authnResponse.getPersonalAttributeList().add(gender);
                }
            }
        }

        //////////////////////////////////////////////////////////////////////////

        Logger.debug("Starting extraction of signedDoc attribute");
        //extract signed doc element and citizen signature
        String citizenSignature = null;
        try {
            PersonalAttribute signedDoc = authnResponse.getPersonalAttributeList().get("signedDoc");
            String signatureInfo = null;
            if (signedDoc != null) {
                signatureInfo = signedDoc.getValue().get(0);
                //should not occur
            } else {

                //store SAMLResponse
                moaSession.setSAMLResponse(request.getParameter("SAMLResponse"));
                //store authnResponse

                //moaSession.setAuthnResponse(authnResponse);//not serializable
                moaSession.setAuthnResponseGetPersonalAttributeList(authnResponse.getPersonalAttributeList());

                String authnContextClassRef = null;
                try {
                    authnContextClassRef = authnResponse.getAssertions().get(0).getAuthnStatements().get(0)
                            .getAuthnContext().getAuthnContextClassRef().getAuthnContextClassRef();
                } catch (Throwable e) {
                    Logger.warn(
                            "STORK QAA-Level is not found in AuthnResponse. Set QAA Level to requested level");
                }

                moaSession.setAuthnContextClassRef(authnContextClassRef);
                moaSession.setReturnURL(request.getRequestURL());

                //load signedDoc
                String signRequest = moaSession.getSignedDoc();

                //session is implicit stored in changeSessionID!!!!
                String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);

                //set return url to PEPSConnectorWithLocalSigningServlet and add newMOASessionID 
                //signRequest

                String issuerValue = AuthConfigurationProvider.getInstance().getPublicURLPrefix();
                String acsURL = issuerValue
                        + PEPSConnectorWithLocalSigningServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN;

                String url = acsURL + "?moaSessionID=" + newMOASessionID;
                //redirect to OASIS module and sign there

                boolean found = false;
                try {
                    List<AttributeProviderPlugin> aps = AuthConfigurationProvider.getInstance()
                            .getOnlineApplicationParameter(moaSession.getPublicOAURLPrefix()).getStorkAPs();
                    Logger.info("Found AttributeProviderPlugins:" + aps.size());
                    for (AttributeProviderPlugin ap : aps) {
                        Logger.info("Found AttributeProviderPlugin attribute:" + ap.getAttributes());
                        if (ap.getAttributes().equalsIgnoreCase("signedDoc")) {
                            // FIXME[tlenz]: A servlet's class field is not thread safe.
                            oasisDssWebFormURL = ap.getUrl();
                            found = true;
                            Logger.info("Loaded signedDoc attribute provider url from config:"
                                    + oasisDssWebFormURL);
                            break;
                        }
                    }
                } catch (Exception e) {
                    e.printStackTrace();
                    Logger.error("Loading the signedDoc attribute provider url from config failed");
                }
                if (!found) {
                    Logger.error("Failed to load the signedDoc attribute provider url from config");
                }
                performRedirect(url, request, response, signRequest);

                return;
            }
            SignResponse dssSignResponse = (SignResponse) ApiUtils
                    .unmarshal(new StreamSource(new java.io.StringReader(signatureInfo)));

            citizenSignature = getCitizienSignatureFromSignResponse(dssSignResponse);

            // memorize signature into authblock
            moaSession.setAuthBlock(citizenSignature);

            X509Certificate cert = getSignerCertificate(citizenSignature);
            moaSession.setSignerCertificate(cert);
            moaSession.setForeigner(true);

        } catch (Throwable e) {
            Logger.error("Could not extract citizen signature from C-PEPS", e);
            throw new MOAIDException("stork.09", null);
        }

        try {
            SZRGInsertion(moaSession, authnResponse.getPersonalAttributeList(),
                    authnResponse.getAssertions().get(0).getAuthnStatements().get(0).getAuthnContext()
                            .getAuthnContextClassRef().getAuthnContextClassRef(),
                    citizenSignature);
        } catch (STORKException e) {
            // this is really nasty but we work against the system here. We are supposed to get the gender attribute from
            // stork. If we do not, we cannot register the person in the ERnP - we have to have the
            // gender for the represented person. So here comes the dirty hack. 
            if (e.getCause() instanceof STORKException
                    && e.getCause().getMessage().equals("gender not found in response")) {
                try {
                    Logger.trace("Initialize VelocityEngine...");

                    VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine();
                    Template template = velocityEngine.getTemplate("/resources/templates/fetchGender.html");
                    VelocityContext context = new VelocityContext();
                    context.put("SAMLResponse", request.getParameter("SAMLResponse"));
                    context.put("action", request.getRequestURL());

                    StringWriter writer = new StringWriter();
                    template.merge(context, writer);

                    response.getOutputStream().write(writer.toString().getBytes("UTF-8"));
                } catch (Exception e1) {
                    Logger.error("Error sending gender retrival form.", e1);
                    //                  httpSession.invalidate();
                    throw new MOAIDException("stork.10", null);
                }

                return;
            }

            Logger.error("Error connecting SZR Gateway", e);
            throw new MOAIDException("stork.10", null);
        }

        Logger.debug("Add full STORK AuthnResponse to MOA session");
        moaSession.setStorkAuthnResponse(request.getParameter("SAMLResponse"));//TODO ask Florian/Thomas authnResponse?

        //session is implicit stored in changeSessionID!!!!
        String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);

        Logger.info("Changed MOASession " + moaSessionID + " to Session " + newMOASessionID);

        //redirect
        String redirectURL = null;
        redirectURL = new DataURLBuilder().buildDataURL(moaSession.getAuthURL(),
                ModulUtils.buildAuthURL(moaSession.getModul(), moaSession.getAction(), pendingRequestID),
                newMOASessionID);
        redirectURL = response.encodeRedirectURL(redirectURL);

        response.setContentType("text/html");
        response.setStatus(302);
        response.addHeader("Location", redirectURL);
        Logger.info("REDIRECT TO: " + redirectURL);

    } catch (AuthenticationException e) {
        handleError(null, e, request, response, pendingRequestID);

    } catch (MOAIDException e) {
        handleError(null, e, request, response, pendingRequestID);

    } catch (Exception e) {
        Logger.error("PEPSConnector has an interal Error.", e);
    }

    finally {
        ConfigurationDBUtils.closeSession();
    }

}

From source file:org.akaza.openclinica.control.submit.DataEntryServlet.java

@Override
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws Exception {
    //JN:The following were the the global variables, moved as local.
    locale = LocaleResolver.getLocale(request);
    EventCRFBean ecb = (EventCRFBean) request.getAttribute(INPUT_EVENT_CRF);
    SectionBean sb = (SectionBean) request.getAttribute(SECTION_BEAN);
    ItemDataDAO iddao = new ItemDataDAO(getDataSource(), locale);
    HttpSession session = request.getSession();
    StudyBean currentStudy = (StudyBean) session.getAttribute("study");
    StudyUserRoleBean currentRole = (StudyUserRoleBean) session.getAttribute("userRole");
    SectionDAO sdao = new SectionDAO(getDataSource());
    /**//from   w  ww.  j  a  va2s. c  om
     * Determines whether the form was submitted. Calculated once in processRequest. The reason we don't use the normal means to determine if the form was
     * submitted (ie FormProcessor.isSubmitted) is because when we use forwardPage, Java confuses the inputs from the just-processed form with the inputs for
     * the forwarded-to page. This is a problem since frequently we're forwarding from one (submitted) section to the next (unsubmitted) section. If we use the
     * normal means, Java will always think that the unsubmitted section is, in fact, submitted. This member is guaranteed to be calculated before
     * shouldLoadDBValues() is called.
     */
    boolean isSubmitted = false;
    boolean hasGroup = false;

    EventCRFDAO ecdao = null;
    FormProcessor fp = new FormProcessor(request);
    logMe("Enterting DataEntry Servlet" + System.currentTimeMillis());
    EventDefinitionCRFDAO edcdao = new EventDefinitionCRFDAO(getDataSource());

    FormDiscrepancyNotes discNotes;

    panel.setStudyInfoShown(false);
    String age = "";
    UserAccountBean ub = (UserAccountBean) request.getSession().getAttribute(USER_BEAN_NAME);
    String instantAtt = CV_INSTANT_META + ecb.getCRFVersionId();

    //for 11958: repeating groups rows appear if validation returns to the same section
    int isFirstTimeOnSection = fp.getInt("isFirstTimeOnSection");
    request.setAttribute("isFirstTimeOnSection", isFirstTimeOnSection + "");

    if (fp.getString(GO_EXIT).equals("") && !isSubmitted && fp.getString("tabId").equals("")
            && fp.getString("sectionId").equals("")) {
        //HashMap unavailableCRF = getUnavailableCRFList();
        if (getCrfLocker().isLocked(ecb.getId())) {
            int userId = getCrfLocker().getLockOwner(ecb.getId());
            UserAccountDAO udao = new UserAccountDAO(getDataSource());
            UserAccountBean ubean = (UserAccountBean) udao.findByPK(userId);
            addPageMessage(resword.getString("CRF_unavailable") + " " + ubean.getName() + " "
                    + resword.getString("Currently_entering_data") + " " + resword.getString("Leave_the_CRF"),
                    request);

            forwardPage(Page.LIST_STUDY_SUBJECTS_SERVLET, request, response);
        } else {
            getCrfLocker().lock(ecb.getId(), ub.getId());
        }
    }

    if (!ecb.isActive()) {
        throw new InconsistentStateException(Page.LIST_STUDY_SUBJECTS_SERVLET,
                resexception.getString("event_not_exists"));
    }

    logMe("Enterting DataEntry Get the status/number of item discrepancy notes" + System.currentTimeMillis());
    // Get the status/number of item discrepancy notes
    DiscrepancyNoteDAO dndao = new DiscrepancyNoteDAO(getDataSource());
    ArrayList<DiscrepancyNoteBean> allNotes = new ArrayList<DiscrepancyNoteBean>();
    List<DiscrepancyNoteBean> eventCrfNotes = new ArrayList<DiscrepancyNoteBean>();
    List<DiscrepancyNoteThread> noteThreads = new ArrayList<DiscrepancyNoteThread>();
    // BWP: this try block is not necessary try {
    dndao = new DiscrepancyNoteDAO(getDataSource());
    allNotes = dndao.findAllTopNotesByEventCRF(ecb.getId());
    eventCrfNotes = dndao.findOnlyParentEventCRFDNotesFromEventCRF(ecb);
    if (!eventCrfNotes.isEmpty()) {
        allNotes.addAll(eventCrfNotes);

    }
    logMe("Entering DataEntry Create disc note threads out of the various notes" + System.currentTimeMillis());
    // Create disc note threads out of the various notes
    DiscrepancyNoteUtil dNoteUtil = new DiscrepancyNoteUtil();
    noteThreads = dNoteUtil.createThreadsOfParents(allNotes, getDataSource(), currentStudy, null, -1, true);
    // variables that provide values for the CRF discrepancy note header
    int updatedNum = 0;
    int openNum = 0;
    int closedNum = 0;
    int resolvedNum = 0;
    int notAppNum = 0;
    DiscrepancyNoteBean tempBean;

    for (DiscrepancyNoteThread dnThread : noteThreads) {
        /*
         * 3014: do not count parent beans, only the last child disc note of the thread.
         */
        tempBean = dnThread.getLinkedNoteList().getLast();
        if (tempBean != null) {
            if (ResolutionStatus.UPDATED.equals(tempBean.getResStatus())) {
                updatedNum++;
            } else if (ResolutionStatus.OPEN.equals(tempBean.getResStatus())) {
                openNum++;
            } else if (ResolutionStatus.CLOSED.equals(tempBean.getResStatus())) {
                // if (dn.getParentDnId() > 0){
                closedNum++;
                // }
            } else if (ResolutionStatus.RESOLVED.equals(tempBean.getResStatus())) {
                // if (dn.getParentDnId() > 0){
                resolvedNum++;
                // }
            } else if (ResolutionStatus.NOT_APPLICABLE.equals(tempBean.getResStatus())) {
                notAppNum++;
            }
        }

    }
    logMe("Entering DataEntry Create disc note threads out of the various notes DONE"
            + System.currentTimeMillis());
    request.setAttribute("updatedNum", updatedNum + "");
    request.setAttribute("openNum", openNum + "");
    request.setAttribute("closedNum", closedNum + "");
    request.setAttribute("resolvedNum", resolvedNum + "");
    request.setAttribute("notAppNum", notAppNum + "");

    String fromViewNotes = fp.getString("fromViewNotes");
    if (fromViewNotes != null && "1".equals(fromViewNotes)) {
        request.setAttribute("fromViewNotes", fromViewNotes);
    }

    logMe("Entering Create studySubjDao.. ++++stuff" + System.currentTimeMillis());
    StudySubjectDAO ssdao = new StudySubjectDAO(getDataSource());
    StudySubjectBean ssb = (StudySubjectBean) ssdao.findByPK(ecb.getStudySubjectId());
    // YW 11-07-2007, data entry could not be performed if its study subject
    // has been removed.
    // Notice: ViewSectionDataEntryServelet, ViewSectionDataEntryPreview,
    // PrintCRFServlet and PrintDataEntryServlet, have theirs own
    // processRequest
    Status s = ssb.getStatus();
    if ("removed".equalsIgnoreCase(s.getName()) || "auto-removed".equalsIgnoreCase(s.getName())) {
        addPageMessage(respage.getString("you_may_not_perform_data_entry_on_a_CRF")
                + respage.getString("study_subject_has_been_deleted"), request);
        request.setAttribute("id", new Integer(ecb.getStudySubjectId()).toString());
        session.removeAttribute(instantAtt);
        forwardPage(Page.VIEW_STUDY_SUBJECT_SERVLET, request, response);
    }
    // YW >>

    HashMap<String, String> newUploadedFiles = (HashMap<String, String>) session
            .getAttribute("newUploadedFiles");
    if (newUploadedFiles == null) {
        newUploadedFiles = new HashMap<String, String>();
    }
    request.setAttribute("newUploadedFiles", newUploadedFiles);
    if (!fp.getString("exitTo").equals("")) {
        request.setAttribute("exitTo", fp.getString("exitTo"));
    }
    //some EVENT CRF CHECK
    logMe("Entering some EVENT CRF CHECK" + System.currentTimeMillis());
    if (!fp.getString(GO_EXIT).equals("")) {
        session.removeAttribute(GROUP_HAS_DATA);
        session.removeAttribute("to_create_crf");
        session.removeAttribute("mayProcessUploading");
        //Removing the user and EventCRF from the locked CRF List
        getCrfLocker().unlock(ecb.getId());
        if (newUploadedFiles.size() > 0) {
            if (this.unloadFiles(newUploadedFiles)) {

            } else {
                String missed = "";
                Iterator iter = newUploadedFiles.keySet().iterator();
                while (iter.hasNext()) {
                    missed += " " + newUploadedFiles.get(iter.next());
                }
                addPageMessage(respage.getString("uploaded_files_not_deleted_or_not_exist") + ": " + missed,
                        request);
            }
        }
        session.removeAttribute("newUploadedFiles");
        addPageMessage(respage.getString("exit_without_saving"), request);
        // addPageMessage("You chose to exit the data entry page.");
        // changed bu jxu 03/06/2007- we should use redirection to go to
        // another servlet
        if (fromViewNotes != null && "1".equals(fromViewNotes)) {
            String viewNotesURL = (String) session.getAttribute("viewNotesURL");
            if (viewNotesURL != null && viewNotesURL.length() > 0) {
                response.sendRedirect(response.encodeRedirectURL(viewNotesURL));
            }
            return;
        }
        String fromResolvingNotes = fp.getString("fromResolvingNotes", true);
        String winLocation = (String) session.getAttribute(ViewNotesServlet.WIN_LOCATION);
        session.removeAttribute(instantAtt);
        if (!StringUtil.isBlank(fromResolvingNotes) && !StringUtil.isBlank(winLocation)) {
            response.sendRedirect(response.encodeRedirectURL(winLocation));
        } else {
            if (!fp.getString("exitTo").equals("")) {
                response.sendRedirect(response.encodeRedirectURL(fp.getString("exitTo")));
            } else
                response.sendRedirect(response.encodeRedirectURL("ListStudySubjects"));
        }
        // forwardPage(Page.SUBMIT_DATA_SERVLET);
        return;
    }
    logMe("Entering some EVENT CRF CHECK DONE" + System.currentTimeMillis());
    // checks if the section has items in item group
    // for repeating items
    // hasGroup = getInputBeans();
    hasGroup = checkGroups(fp, ecb);

    Boolean b = (Boolean) request.getAttribute(INPUT_IGNORE_PARAMETERS);
    isSubmitted = fp.isSubmitted() && b == null;
    // variable is used for fetching any null values like "not applicable"
    int eventDefinitionCRFId = 0;
    if (fp != null) {
        eventDefinitionCRFId = fp.getInt("eventDefinitionCRFId");
    }

    StudyBean study = (StudyBean) session.getAttribute("study");
    // constructs the list of items used on UI
    // tbh>>
    // logger.trace("trying event def crf id: "+eventDefinitionCRFId);
    logMe("Entering some EVENT DEF CRF CHECK " + System.currentTimeMillis());

    if (eventDefinitionCRFId <= 0) {
        // TODO we have to get that id before we can continue
        EventDefinitionCRFBean edcBean = edcdao.findByStudyEventIdAndCRFVersionId(study, ecb.getStudyEventId(),
                ecb.getCRFVersionId());
        eventDefinitionCRFId = edcBean.getId();
    }

    logMe("Entering some EVENT DEF CRF CHECK DONE " + System.currentTimeMillis());
    logMe("Entering some Study EVENT DEF CRF CHECK  " + System.currentTimeMillis());
    StudyEventDAO seDao = new StudyEventDAO(getDataSource());
    EventDefinitionCRFBean edcBean = (EventDefinitionCRFBean) edcdao.findByPK(eventDefinitionCRFId);
    EventDefinitionCRFBean edcb = (EventDefinitionCRFBean) edcdao.findByPK(eventDefinitionCRFId);
    request.setAttribute(EVENT_DEF_CRF_BEAN, edcb);//JN:Putting the event_def_crf_bean in the request attribute.

    StudyEventBean studyEventBean = (StudyEventBean) seDao.findByPK(ecb.getStudyEventId());
    edcBean.setId(eventDefinitionCRFId);

    StudyEventDefinitionDAO seddao = new StudyEventDefinitionDAO(getDataSource());
    StudyEventDefinitionBean studyEventDefinition = (StudyEventDefinitionBean) seddao
            .findByPK(edcBean.getStudyEventDefinitionId());

    CRFVersionDAO cvdao = new CRFVersionDAO(getDataSource());
    CRFVersionBean crfVersionBean = (CRFVersionBean) cvdao.findByPK(ecb.getCRFVersionId());

    Phase phase2 = Phase.INITIAL_DATA_ENTRY;
    if (getServletPage(request).equals(Page.DOUBLE_DATA_ENTRY_SERVLET)) {
        phase2 = Phase.DOUBLE_DATA_ENTRY;
    } else if (getServletPage(request).equals(Page.ADMIN_EDIT_SERVLET)) {
        phase2 = Phase.ADMIN_EDITING;
    }
    logMe("Entering ruleSets::: CreateAndInitializeRuleSet:::" + Thread.currentThread());
    logMe("Entering ruleSets::: CreateAndInitializeRuleSet:::" + Thread.currentThread() + "currentStudy?"
            + currentStudy + "studyEventDefinition" + studyEventDefinition + "crfVersionBean" + crfVersionBean
            + "studyEventBean" + studyEventBean + "ecb" + ecb);
    //  List<RuleSetBean> ruleSets = createAndInitializeRuleSet(currentStudy, studyEventDefinition, crfVersionBean, studyEventBean, ecb, true, request, response);
    // boolean shouldRunRules = getRuleSetService(request).shouldRunRulesForRuleSets(ruleSets, phase2);
    logMe("Entering getDisplayBean:::::Thread::::" + Thread.currentThread());
    DisplaySectionBean section = getDisplayBean(hasGroup, false, request, isSubmitted);
    //hasSCDItem has been initialized in getDisplayBean() which is online above

    VariableSubstitutionHelper.replaceVariables(section, study, ssb, studyEventDefinition, studyEventBean,
            dataSource);

    if (section.getSection().hasSCDItem()) {
        SimpleConditionalDisplayService cds0 = (SimpleConditionalDisplayService) SpringServletAccess
                .getApplicationContext(getServletContext()).getBean("simpleConditionalDisplayService");
        section = cds0.initConditionalDisplays(section);
    }
    logMe("Entering  Find out the id of the section's first field " + System.currentTimeMillis());

    // 2790: Find out the id of the section's first field
    String firstFieldId = getSectionFirstFieldId(section.getSection().getId());
    request.setAttribute("formFirstField", firstFieldId);

    // logger.trace("now trying event def crf id: "+eventDefinitionCRFId);
    // above is necessary to give us null values during DDE
    // ironically, this only covers vertical null value result sets
    // horizontal ones are covered in FormBeanUtil, tbh 112007
    logMe("Entering  displayItemWithGroups " + System.currentTimeMillis());
    //@pgawade 30-May-2012 Fix for issue 13963 - added an extra parameter 'isSubmitted' to method createItemWithGroups
    List<DisplayItemWithGroupBean> displayItemWithGroups = createItemWithGroups(section, hasGroup,
            eventDefinitionCRFId, request, isSubmitted);
    logMe("Entering  displayItemWithGroups end " + System.currentTimeMillis());
    this.getItemMetadataService().updateGroupDynamicsInSection(displayItemWithGroups,
            section.getSection().getId(), ecb);
    section.setDisplayItemGroups(displayItemWithGroups);
    DisplayTableOfContentsBean toc = TableOfContentsServlet.getDisplayBeanWithShownSections(getDataSource(),
            (DisplayTableOfContentsBean) request.getAttribute(TOC_DISPLAY),
            (DynamicsMetadataService) SpringServletAccess.getApplicationContext(getServletContext())
                    .getBean("dynamicsMetadataService"));
    request.setAttribute(TOC_DISPLAY, toc);
    LinkedList<Integer> sectionIdsInToc = TableOfContentsServlet.sectionIdsInToc(toc);

    // why do we get previousSec and nextSec here, rather than in
    // getDisplayBeans?
    // so that we can use them in forwarding the user to the previous/next
    // section
    // if the validation was successful
    logMe("Entering  displayItemWithGroups sdao.findPrevious  " + System.currentTimeMillis());
    int sIndex = TableOfContentsServlet.sectionIndexInToc(section.getSection(), toc, sectionIdsInToc);
    SectionBean previousSec = this.prevSection(section.getSection(), ecb, toc, sIndex);
    logMe("Entering  displayItemWithGroups sdao.findPrevious  end " + System.currentTimeMillis());
    SectionBean nextSec = this.nextSection(section.getSection(), ecb, toc, sIndex);
    section.setFirstSection(!previousSec.isActive());
    section.setLastSection(!nextSec.isActive());

    // this is for generating side info panel
    // and the information panel under the Title
    SubjectDAO subjectDao = new SubjectDAO(getDataSource());
    StudyDAO studydao = new StudyDAO(getDataSource());
    SubjectBean subject = (SubjectBean) subjectDao.findByPK(ssb.getSubjectId());

    // Get the study then the parent study
    logMe("Entering  Get the study then the parent study   " + System.currentTimeMillis());
    if (study.getParentStudyId() > 0) {
        // this is a site,find parent
        StudyBean parentStudy = (StudyBean) studydao.findByPK(study.getParentStudyId());
        request.setAttribute("studyTitle", parentStudy.getName());
        request.setAttribute("siteTitle", study.getName());
    } else {
        request.setAttribute("studyTitle", study.getName());
    }

    logMe("Entering  Get the study then the parent study end  " + System.currentTimeMillis());
    // Let us process the age
    if (currentStudy.getStudyParameterConfig().getCollectDob().equals("1")) {
        // YW 11-16-2007 erollment-date is used for calculating age.
        Date enrollmentDate = ssb.getEnrollmentDate();
        age = Utils.getInstacne().processAge(enrollmentDate, subject.getDateOfBirth());
    }
    //ArrayList beans = ViewStudySubjectServlet.getDisplayStudyEventsForStudySubject(ssb, getDataSource(), ub, currentRole);
    request.setAttribute("studySubject", ssb);
    request.setAttribute("subject", subject);
    //request.setAttribute("beans", beans);
    request.setAttribute("eventCRF", ecb);
    request.setAttribute("age", age);
    request.setAttribute("decryptedPassword",
            ((SecurityManager) SpringServletAccess.getApplicationContext(getServletContext())
                    .getBean("securityManager")).encrytPassword("root", getUserDetails()));

    // set up interviewer name and date
    fp.addPresetValue(INPUT_INTERVIEWER, ecb.getInterviewerName());

    if (ecb.getDateInterviewed() != null) {
        DateFormat local_df = new SimpleDateFormat(resformat.getString("date_format_string"),
                ResourceBundleProvider.getLocale());
        String idateFormatted = local_df.format(ecb.getDateInterviewed());
        fp.addPresetValue(INPUT_INTERVIEW_DATE, idateFormatted);
    } else {
        fp.addPresetValue(INPUT_INTERVIEW_DATE, "");
    }
    setPresetValues(fp.getPresetValues(), request);
    logMe("Entering Checks !submitted  " + System.currentTimeMillis());
    if (!isSubmitted) {
        // TODO: prevent data enterer from seeing results of first round of
        // data
        // entry, if this is second round
        // FLAG--SLOW HERE WHEN LOADING
        logMe("Entering Checks !submitted entered  " + System.currentTimeMillis());
        long t = System.currentTimeMillis();
        request.setAttribute(BEAN_DISPLAY, section);
        request.setAttribute(BEAN_ANNOTATIONS, getEventCRFAnnotations(request));
        session.setAttribute("shouldRunValidation", null);
        session.setAttribute("rulesErrors", null);
        session.setAttribute(DataEntryServlet.NOTE_SUBMITTED, null);

        discNotes = new FormDiscrepancyNotes();

        //            discNotes = (FormDiscrepancyNotes) session.getAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME);
        //            if (discNotes == null) {
        //                discNotes = new FormDiscrepancyNotes();
        //            }
        // << tbh 01/2010

        section = populateNotesWithDBNoteCounts(discNotes, section, request);
        populateInstantOnChange(request.getSession(), ecb, section);
        LOGGER.debug(
                "+++ just ran populateNotes, printing field notes: " + discNotes.getFieldNotes().toString());
        LOGGER.debug("found disc notes: " + discNotes.getNumExistingFieldNotes().toString());
        session.setAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME, discNotes);

        if (section.getSection().hasSCDItem()) {
            section = SCDItemDisplayInfo.generateSCDDisplayInfo(section,
                    this.getServletPage(request).equals(Page.INITIAL_DATA_ENTRY)
                            || this.getServletPage(request).equals(Page.ADMIN_EDIT_SERVLET)
                                    && !this.isAdminForcedReasonForChange(request));
        }

        int keyId = ecb.getId();
        session.removeAttribute(DoubleDataEntryServlet.COUNT_VALIDATE + keyId);

        setUpPanel(section);
        if (newUploadedFiles.size() > 0) {
            if (this.unloadFiles(newUploadedFiles)) {

            } else {
                String missed = "";
                Iterator iter = newUploadedFiles.keySet().iterator();
                while (iter.hasNext()) {
                    missed += " " + newUploadedFiles.get(iter.next());
                }
                addPageMessage(respage.getString("uploaded_files_not_deleted_or_not_exist") + ": " + missed,
                        request);
            }
        }
        logMe("Entering Checks !submitted entered end forwarding page " + System.currentTimeMillis());
        logMe("Time Took for this block" + (System.currentTimeMillis() - t));
        forwardPage(getJSPPage(), request, response);
        return;
    } else {
        logMe("Entering Checks !submitted not entered  " + System.currentTimeMillis());
        //
        // VALIDATION / LOADING DATA
        //
        // If validation is required for this round, we will go through
        // each item and add an appropriate validation to the Validator
        //
        // Otherwise, we will just load the data into the DisplayItemBean
        // so that we can write to the database later.
        //
        // Validation is required if two conditions are met:
        // 1. The user clicked a "Save" button, not a "Confirm" button
        // 2. In this type of data entry servlet, when the user clicks
        // a Save button, the inputs are validated
        //

        boolean validate = fp.getBoolean(INPUT_CHECK_INPUTS) && validateInputOnFirstRound();
        // did the user click a "Save" button?
        // is validation required in this type of servlet when the user
        // clicks
        // "Save"?
        // We can conclude that the user is trying to save data; therefore,
        // set a request
        // attribute indicating that default values for items shouldn't be
        // displayed
        // in the application UI that will subsequently be displayed
        // TODO: find a better, less random place for this
        // session.setAttribute(HAS_DATA_FLAG, true);

        // section.setCheckInputs(fp.getBoolean(INPUT_CHECK_INPUTS));
        errors = new HashMap();
        // ArrayList items = section.getItems();

        discNotes = (FormDiscrepancyNotes) session
                .getAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME);
        if (discNotes == null) {
            discNotes = new FormDiscrepancyNotes();
        }

        // populateNotesWithDBNoteCounts(discNotes, section);

        // all items- inlcude items in item groups and other single items
        List<DisplayItemWithGroupBean> allItems = section.getDisplayItemGroups();
        String attachedFilePath = Utils.getAttachedFilePath(currentStudy);

        DiscrepancyValidator v = new DiscrepancyValidator(request, discNotes);
        RuleValidator ruleValidator = new RuleValidator(request);
        LOGGER.debug("SZE 1  :: " + allItems.size());
        logMe("Looping inside !submitted  " + System.currentTimeMillis());
        for (int i = 0; i < allItems.size(); i++) {
            LOGGER.trace("===itering through items: " + i);
            DisplayItemWithGroupBean diwg = allItems.get(i);
            if (diwg.isInGroup()) {
                // for the items in groups
                DisplayItemGroupBean dgb = diwg.getItemGroup();
                List<DisplayItemGroupBean> dbGroups = diwg.getDbItemGroups();
                //dbGroups = diwg.getItemGroups();
                List<DisplayItemGroupBean> formGroups = new ArrayList<DisplayItemGroupBean>();
                LOGGER.debug("got db item group size " + dbGroups.size());

                if (validate) {
                    // int manualGroups = getManualRows(dbGroups2);
                    // logger.debug("+++ found manual rows from db group 2: " + manualGroups);
                    LOGGER.debug("===IF VALIDATE NOT A SINGLE ITEM: got to this part in the validation loop: "
                            + dgb.getGroupMetaBean().getName());
                    // TODO next marker tbh 112007
                    // formGroups = validateDisplayItemGroupBean(v,
                    // dgb,dbGroups, formGroups,
                    // ruleValidator,groupOrdinalPLusItemOid);
                    formGroups = validateDisplayItemGroupBean(v, dgb, dbGroups, formGroups, request, response);
                    LOGGER.debug("form group size after validation " + formGroups.size());
                } else {
                    LOGGER.debug("+++ELSE NOT A SINGLE ITEM: got to this part in the validation loop: "
                            + dgb.getGroupMetaBean().getName());
                    formGroups = loadFormValueForItemGroup(dgb, dbGroups, formGroups, eventDefinitionCRFId,
                            request);
                    LOGGER.debug("form group size without validation " + formGroups.size());
                }

                diwg.setItemGroup(dgb);
                diwg.setItemGroups(formGroups);

                allItems.set(i, diwg);

            } else {// other single items
                DisplayItemBean dib = diwg.getSingleItem();
                // dib = (DisplayItemBean) allItems.get(i);
                if (validate) {
                    // generate input name here?
                    // DisplayItemGroupBean dgb = diwg.getItemGroup();
                    String itemName = getInputName(dib);
                    // no Item group for single item, so just use blank
                    // string as parameter for inputName

                    dib = validateDisplayItemBean(v, dib, "", request);// this
                    // should be
                    // used,
                    // otherwise,
                    // DDE not
                    // working-jxu

                    LOGGER.debug("&&& found name: " + itemName);
                    LOGGER.debug("input VALIDATE " + itemName + ": " + fp.getString(itemName));
                    // dib.loadFormValue(fp.getString(itemName));
                    LOGGER.debug("input " + itemName + " has a response set of "
                            + dib.getMetadata().getResponseSet().getOptions().size() + " options");
                } else {
                    String itemName = getInputName(dib);
                    LOGGER.debug("input NONVALIDATE " + itemName + ": " + fp.getString(itemName));
                    // dib.loadFormValue(itemName);
                    dib = loadFormValue(dib, request);
                    // String itemName = getInputName(dib);
                    // dib = loadFormValue(itemName);
                }

                ArrayList children = dib.getChildren();
                for (int j = 0; j < children.size(); j++) {
                    DisplayItemBean child = (DisplayItemBean) children.get(j);
                    // DisplayItemGroupBean dgb = diwg.getItemGroup();
                    String itemName = getInputName(child);
                    child.loadFormValue(fp.getString(itemName));
                    if (validate) {
                        // child = validateDisplayItemBean(v, child,
                        // itemName, ruleValidator, groupOrdinalPLusItemOid,
                        // false);
                        child = validateDisplayItemBean(v, child, itemName, request);
                        // was null changed value 092007 tbh
                    } else {
                        // child.loadFormValue(itemName);
                        child = loadFormValue(child, request);
                    }
                    LOGGER.debug("Checking child value for " + itemName + ": " + child.getData().getValue());
                    children.set(j, child);
                }

                dib.setChildren(children);
                diwg.setSingleItem(runDynamicsItemCheck(dib, null, request));
                // logger.trace("just set single item on line 447:
                // "+dib.getData().getValue());
                // items.set(i, dib);
                LOGGER.debug(" I : " + i);
                allItems.set(i, diwg);

            }
        }
        logMe("Loop ended  " + System.currentTimeMillis());
        //JN: This is the list that contains all the scd-shown items.
        List<ItemBean> itemBeansWithSCDShown = new ArrayList<ItemBean>();
        if (validate && section.getSection().hasSCDItem()) {
            logMe(" Validate and Loop  " + System.currentTimeMillis());

            for (int i = 0; i < allItems.size(); ++i) {
                DisplayItemBean dib = allItems.get(i).getSingleItem();
                ItemFormMetadataBean ifmb = dib.getMetadata();
                if (ifmb.getParentId() == 0) {
                    if (dib.getScdData().getScdSetsForControl().size() > 0) {
                        //for control item
                        //dib has to loadFormValue first. Here loadFormValue has been done in validateDisplayItemBean(v, dib, "")
                        section.setShowSCDItemIds(SimpleConditionalDisplayService
                                .conditionalDisplayToBeShown(dib, section.getShowSCDItemIds()));
                    }
                    if (dib.getScdData().getScdItemMetadataBean().getScdItemFormMetadataId() > 0) {
                        //for scd item
                        //a control item is always before its scd item
                        dib.setIsSCDtoBeShown(
                                section.getShowSCDItemIds().contains(dib.getMetadata().getItemId()));
                        if (dib.getIsSCDtoBeShown())
                            itemBeansWithSCDShown.add(dib.getItem());

                        validateSCDItemBean(v, dib);
                    }
                    ArrayList<DisplayItemBean> children = dib.getChildren();
                    for (int j = 0; j < children.size(); j++) {
                        DisplayItemBean child = children.get(j);
                        if (child.getScdData().getScdSetsForControl().size() > 0) {
                            //for control item
                            //dib has to loadFormValue first. Here loadFormValue has been done in validateDisplayItemBean(v, dib, "")
                            section.setShowSCDItemIds(SimpleConditionalDisplayService
                                    .conditionalDisplayToBeShown(child, section.getShowSCDItemIds()));
                        }
                        if (child.getScdData().getScdItemMetadataBean().getScdItemFormMetadataId() > 0) {
                            //for scd item
                            //a control item is always before its scd item
                            child.setIsSCDtoBeShown(
                                    section.getShowSCDItemIds().contains(child.getMetadata().getItemId()));
                            if (child.getIsSCDtoBeShown())
                                itemBeansWithSCDShown.add(dib.getItem());
                            validateSCDItemBean(v, child);
                        }
                    }
                }
            }
            logMe(" Validate and Loop end  " + System.currentTimeMillis());
        }
        logMe(" Validate and Loop end  " + System.currentTimeMillis());
        //JN:calling again here, for the items with simple conditional display and rules.
        List<RuleSetBean> ruleSets = createAndInitializeRuleSet(currentStudy, studyEventDefinition,
                crfVersionBean, studyEventBean, ecb, true, request, response, itemBeansWithSCDShown);
        boolean shouldRunRules = getRuleSetService(request).shouldRunRulesForRuleSets(ruleSets, phase2);

        // this.getItemMetadataService().resetItemCounter();
        HashMap<String, ArrayList<String>> groupOrdinalPLusItemOid = null;
        groupOrdinalPLusItemOid = runRules(allItems, ruleSets, true, shouldRunRules, MessageType.ERROR, phase2,
                ecb, request);

        logMe("allItems  Loop begin  " + System.currentTimeMillis());
        for (int i = 0; i < allItems.size(); i++) {
            DisplayItemWithGroupBean diwg = allItems.get(i);
            if (diwg.isInGroup()) {
                // for the items in groups
                DisplayItemGroupBean dgb = diwg.getItemGroup();
                List<DisplayItemGroupBean> dbGroups = diwg.getDbItemGroups();
                //dbGroups = diwg.getItemGroups();
                // tbh 01/2010 change the group list?
                List<DisplayItemGroupBean> formGroups = new ArrayList<DisplayItemGroupBean>();
                // List<DisplayItemGroupBean> dbGroups2 = loadFormValueForItemGroup(dgb, dbGroups, formGroups, eventDefinitionCRFId);
                // jxu- this part need to be refined, why need to validate
                // items again?
                if (validate) {
                    // int manualGroups = getManualRows(dbGroups2);
                    // logger.debug("+++ found manual rows for db group2: " + manualGroups);
                    formGroups = validateDisplayItemGroupBean(v, dgb, dbGroups, formGroups, ruleValidator,
                            groupOrdinalPLusItemOid, request, response);
                    // formGroups = validateDisplayItemGroupBean(v, dgb,
                    // dbGroups, formGroups);
                    LOGGER.debug("*** form group size after validation " + formGroups.size());
                }
                diwg.setItemGroup(dgb);
                diwg.setItemGroups(formGroups);

                allItems.set(i, diwg);

            } else {// other single items
                DisplayItemBean dib = diwg.getSingleItem();
                // dib = (DisplayItemBean) allItems.get(i);
                if (validate) {
                    String itemName = getInputName(dib);
                    dib = validateDisplayItemBean(v, dib, "", ruleValidator, groupOrdinalPLusItemOid, false,
                            null, request);//
                    // / dib = validateDisplayItemBean(v, dib, "");// this
                }
                ArrayList children = dib.getChildren();
                for (int j = 0; j < children.size(); j++) {

                    DisplayItemBean child = (DisplayItemBean) children.get(j);
                    // DisplayItemGroupBean dgb = diwg.getItemGroup();
                    String itemName = getInputName(child);
                    child.loadFormValue(fp.getString(itemName));
                    if (validate) {
                        child = validateDisplayItemBean(v, child, "", ruleValidator, groupOrdinalPLusItemOid,
                                false, null, request);
                        // child = validateDisplayItemBean(v, child,
                        // itemName);
                    }
                    children.set(j, child);
                    LOGGER.debug(" J (children): " + j);
                }

                dib.setChildren(children);
                diwg.setSingleItem(runDynamicsItemCheck(dib, null, request));
                LOGGER.debug(" I : " + i);
                allItems.set(i, diwg);
            }
        }
        logMe("allItems  Loop end  " + System.currentTimeMillis());
        // YW, 2-1-2008 <<
        // A map from item name to item bean object.
        HashMap<String, ItemBean> scoreItems = new HashMap<String, ItemBean>();
        HashMap<String, String> scoreItemdata = new HashMap<String, String>();
        HashMap<String, ItemDataBean> oldItemdata = prepareSectionItemdataObject(sb.getId(), request);
        // hold all item names of changed ItemBean in current section
        TreeSet<String> changedItems = new TreeSet<String>();
        // holds complete disply item beans for checking against 'request
        // for change' restriction
        ArrayList<DisplayItemBean> changedItemsList = new ArrayList<DisplayItemBean>();
        // key is repeating item name, value is its display item group bean
        HashMap<String, DisplayItemGroupBean> changedItemsMap = new HashMap<String, DisplayItemGroupBean>();
        // key is itemid, value is set of itemdata-ordinal
        HashMap<Integer, TreeSet<Integer>> itemOrdinals = prepareItemdataOrdinals(request);

        // prepare item data for scoring
        updateDataOrdinals(allItems);
        section.setDisplayItemGroups(allItems);
        scoreItems = prepareScoreItems(request);
        scoreItemdata = prepareScoreItemdata(request);
        logMe("allItems 2 Loop begin  " + System.currentTimeMillis());
        for (int i = 0; i < allItems.size(); i++) {
            DisplayItemWithGroupBean diwb = allItems.get(i);
            if (diwb.isInGroup()) {
                List<DisplayItemGroupBean> dbGroups = diwb.getDbItemGroups();
                for (int j = 0; j < dbGroups.size(); j++) {
                    DisplayItemGroupBean displayGroup = dbGroups.get(j);
                    List<DisplayItemBean> items = displayGroup.getItems();
                    if ("remove".equalsIgnoreCase(displayGroup.getEditFlag())) {
                        for (DisplayItemBean displayItem : items) {
                            int itemId = displayItem.getItem().getId();
                            int ordinal = displayItem.getData().getOrdinal();
                            if (itemOrdinals.containsKey(itemId)) {
                                itemOrdinals.get(itemId).remove(ordinal);
                            }
                            if (scoreItemdata.containsKey(itemId + "_" + ordinal)) {
                                scoreItemdata.remove(itemId + "_" + ordinal);
                            }
                            changedItems.add(displayItem.getItem().getName());
                            changedItemsList.add(displayItem);

                            String formName = displayItem.getItem().getName();
                            // logger.debug("SET: formName:" + formName);
                            if (displayGroup.isAuto()) {
                                formName = getGroupItemInputName(displayGroup,
                                        displayGroup.getFormInputOrdinal(), displayItem);

                                LOGGER.debug("GET: changed formName to " + formName);

                            } else {
                                formName = getGroupItemManualInputName(displayGroup,
                                        displayGroup.getFormInputOrdinal(), displayItem);
                                LOGGER.debug("GET-MANUAL: changed formName to " + formName);
                            }
                            changedItemsMap.put(formName, displayGroup);
                            LOGGER.debug("adding to changed items map: " + formName);
                        }
                    }
                }

                List<DisplayItemGroupBean> dgbs = diwb.getItemGroups();
                int groupsize = dgbs.size();
                HashMap<Integer, Integer> maxOrdinals = new HashMap<Integer, Integer>();
                boolean first = true;
                for (int j = 0; j < dgbs.size(); j++) {
                    DisplayItemGroupBean displayGroup = dgbs.get(j);
                    List<DisplayItemBean> items = displayGroup.getItems();
                    boolean isAdd = "add".equalsIgnoreCase(displayGroup.getEditFlag()) ? true : false;
                    for (DisplayItemBean displayItem : items) {
                        ItemBean ib = displayItem.getItem();
                        String itemName = ib.getName();
                        int itemId = ib.getId();
                        if (first) {
                            maxOrdinals.put(itemId,
                                    iddao.getMaxOrdinalForGroup(ecb, sb, displayGroup.getItemGroupBean()));
                        }
                        ItemDataBean idb = displayItem.getData();
                        String value = idb.getValue();
                        scoreItems.put(itemName, ib);
                        int ordinal = displayItem.getData().getOrdinal();
                        if (isAdd && scoreItemdata.containsKey(itemId + "_" + ordinal)) {
                            int formMax = 1;
                            if (maxOrdinals.containsKey(itemId)) {
                                formMax = maxOrdinals.get(itemId);
                            }
                            int dbMax = iddao.getMaxOrdinalForGroup(ecb, sb, displayGroup.getItemGroupBean());
                            ordinal = ordinal >= dbMax ? formMax + 1 : ordinal;
                            maxOrdinals.put(itemId, ordinal);
                            displayItem.getData().setOrdinal(ordinal);
                            scoreItemdata.put(itemId + "_" + ordinal, value);
                        } else {
                            scoreItemdata.put(itemId + "_" + ordinal, value);
                        }
                        if (itemOrdinals.containsKey(itemId)) {
                            itemOrdinals.get(itemId).add(ordinal);
                        } else {
                            TreeSet<Integer> ordinalSet = new TreeSet<Integer>();
                            ordinalSet.add(ordinal);
                            itemOrdinals.put(itemId, ordinalSet);
                        }
                        if (isChanged(displayItem, oldItemdata, attachedFilePath)) {
                            changedItems.add(itemName);
                            changedItemsList.add(displayItem);
                            String formName = displayItem.getItem().getName();
                            // logger.debug("SET: formName:" + formName);
                            if (displayGroup.isAuto()) {
                                formName = getGroupItemInputName(displayGroup,
                                        displayGroup.getFormInputOrdinal(), displayItem);
                                LOGGER.debug("RESET: formName group-item-input:" + formName);

                            } else {
                                formName = getGroupItemManualInputName(displayGroup,
                                        displayGroup.getFormInputOrdinal(), displayItem);
                                LOGGER.debug("RESET: formName group-item-input-manual:" + formName);
                            }
                            changedItemsMap.put(formName, displayGroup);
                            LOGGER.debug("adding to changed items map: " + formName);
                        }
                    }
                    first = false;
                }
            } else {
                DisplayItemBean dib = diwb.getSingleItem();
                ItemBean ib = dib.getItem();
                ItemDataBean idb = dib.getData();
                int itemId = ib.getId();
                String itemName = ib.getName();
                String value = idb.getValue();
                scoreItems.put(itemName, ib);
                // for items which are not in any group, their ordinal is
                // set as 1
                TreeSet<Integer> ordinalset = new TreeSet<Integer>();
                ordinalset.add(1);
                itemOrdinals.put(itemId, ordinalset);
                scoreItemdata.put(itemId + "_" + 1, value);
                if (isChanged(idb, oldItemdata, dib, attachedFilePath)) {
                    changedItems.add(itemName);
                    changedItemsList.add(dib);
                    // changedItemsMap.put(dib.getItem().getName(), new
                    // DisplayItemGroupBean());
                }

                ArrayList children = dib.getChildren();
                for (int j = 0; j < children.size(); j++) {
                    DisplayItemBean child = (DisplayItemBean) children.get(j);
                    ItemBean cib = child.getItem();
                    scoreItems.put(cib.getName(), cib);
                    TreeSet<Integer> cordinalset = new TreeSet<Integer>();
                    cordinalset.add(1);
                    itemOrdinals.put(itemId, cordinalset);
                    scoreItemdata.put(cib.getId() + "_" + 1, child.getData().getValue());
                    if (isChanged(child.getData(), oldItemdata, child, attachedFilePath)) {
                        changedItems.add(itemName);
                        changedItemsList.add(child);
                        // changedItemsMap.put(itemName, new
                        // DisplayItemGroupBean());
                    }
                }
            }
        }
        logMe("allItems 2 Loop end  " + System.currentTimeMillis());
        // do calculation for 'calculation' and 'group-calculation' type
        // items
        // and write the result in DisplayItemBean's ItemDateBean - data
        ScoreItemValidator sv = new ScoreItemValidator(request, discNotes);
        // *** doing calc here, load it where? ***
        SessionManager sm = (SessionManager) request.getSession().getAttribute("sm");
        ScoreCalculator sc = new ScoreCalculator(sm, ecb, ub);
        logMe("allItems 3 Loop begin  " + System.currentTimeMillis());
        for (int i = 0; i < allItems.size(); i++) {
            DisplayItemWithGroupBean diwb = allItems.get(i);
            if (diwb.isInGroup()) {
                List<DisplayItemGroupBean> dgbs = diwb.getItemGroups();
                for (int j = 0; j < dgbs.size(); j++) {
                    DisplayItemGroupBean displayGroup = dgbs.get(j);

                    List<DisplayItemBean> items = displayGroup.getItems();
                    for (DisplayItemBean displayItem : items) {
                        ItemFormMetadataBean ifmb = displayItem.getMetadata();
                        int responseTypeId = ifmb.getResponseSet().getResponseTypeId();
                        if (responseTypeId == 8 || responseTypeId == 9) {
                            StringBuffer err = new StringBuffer();
                            ResponseOptionBean robBean = (ResponseOptionBean) ifmb.getResponseSet().getOptions()
                                    .get(0);
                            String value = "";

                            String inputName = "";
                            // note that we have to use
                            // getFormInputOrdinal() here, tbh 06/2009
                            if (displayGroup.isAuto()) {
                                inputName = getGroupItemInputName(displayGroup,
                                        displayGroup.getFormInputOrdinal(), displayItem);
                                LOGGER.debug("returning input name: " + inputName);
                            } else {
                                inputName = getGroupItemManualInputName(displayGroup,
                                        displayGroup.getFormInputOrdinal(), displayItem);
                                LOGGER.debug("returning input name: " + inputName);
                            }
                            if (robBean.getValue().startsWith("func: getexternalvalue")
                                    || robBean.getValue().startsWith("func: getExternalValue")) {

                                value = fp.getString(inputName);
                                LOGGER.debug("*** just set " + fp.getString(inputName) + " for line 815 "
                                        + displayItem.getItem().getName() + " with input name " + inputName);

                            } else {
                                value = sc.doCalculation(displayItem, scoreItems, scoreItemdata, itemOrdinals,
                                        err, displayItem.getData().getOrdinal());
                            }
                            displayItem.loadFormValue(value);
                            if (isChanged(displayItem, oldItemdata, attachedFilePath)) {
                                changedItems.add(displayItem.getItem().getName());
                                changedItemsList.add(displayItem);
                            }

                            request.setAttribute(inputName, value);
                            if (validate) {
                                displayItem = validateCalcTypeDisplayItemBean(sv, displayItem, inputName,
                                        request);
                                if (err.length() > 0) {
                                    Validation validation = new Validation(Validator.CALCULATION_FAILED);
                                    validation.setErrorMessage(err.toString());
                                    sv.addValidation(inputName, validation);
                                }
                            }
                        }
                    }
                }
            } else {
                DisplayItemBean dib = diwb.getSingleItem();
                ItemFormMetadataBean ifmb = dib.getMetadata();
                int responseTypeId = ifmb.getResponseSet().getResponseTypeId();
                if (responseTypeId == 8 || responseTypeId == 9) {
                    StringBuffer err = new StringBuffer();
                    ResponseOptionBean robBean = (ResponseOptionBean) ifmb.getResponseSet().getOptions().get(0);
                    String value = "";
                    if (robBean.getValue().startsWith("func: getexternalvalue")
                            || robBean.getValue().startsWith("func: getExternalValue")) {
                        String itemName = getInputName(dib);
                        value = fp.getString(itemName);
                        LOGGER.debug("just set " + fp.getString(itemName) + " for " + dib.getItem().getName());
                        LOGGER.debug("found in fp: " + fp.getString(dib.getItem().getName()));
                        // logger.debug("scoreitemdata: " +
                        // scoreItemdata.toString());
                    } else {
                        value = sc.doCalculation(dib, scoreItems, scoreItemdata, itemOrdinals, err, 1);
                    }
                    dib.loadFormValue(value);
                    if (isChanged(dib.getData(), oldItemdata, dib, attachedFilePath)) {
                        changedItems.add(dib.getItem().getName());
                        changedItemsList.add(dib);
                        // changedItemsMap.put(dib.getItem().getName(), new
                        // DisplayItemGroupBean());
                    }
                    String inputName = getInputName(dib);
                    request.setAttribute(inputName, value);
                    if (validate) {
                        dib = validateCalcTypeDisplayItemBean(sv, dib, "", request);
                        if (err.length() > 0) {
                            Validation validation = new Validation(Validator.CALCULATION_FAILED);
                            validation.setErrorMessage(err.toString());
                            sv.addValidation(inputName, validation);
                        }
                    }
                }

                ArrayList children = dib.getChildren();
                for (int j = 0; j < children.size(); j++) {
                    DisplayItemBean child = (DisplayItemBean) children.get(j);
                    ItemFormMetadataBean cifmb = child.getMetadata();
                    int resTypeId = cifmb.getResponseSet().getResponseTypeId();
                    if (resTypeId == 8 || resTypeId == 9) {
                        StringBuffer cerr = new StringBuffer();
                        child.getDbData().setValue(child.getData().getValue());
                        ResponseOptionBean crobBean = (ResponseOptionBean) cifmb.getResponseSet().getOptions()
                                .get(0);
                        String cvalue = "";
                        if (crobBean.getValue().startsWith("func: getexternalvalue")
                                || crobBean.getValue().startsWith("func: getExternalValue")) {
                            String itemName = getInputName(child);
                            cvalue = fp.getString(itemName);
                            LOGGER.debug(
                                    "just set " + fp.getString(itemName) + " for " + child.getItem().getName());

                        } else {
                            cvalue = sc.doCalculation(child, scoreItems, scoreItemdata, itemOrdinals, cerr, 1);
                        }
                        child.loadFormValue(cvalue);
                        if (isChanged(child.getData(), oldItemdata, child, attachedFilePath)) {
                            changedItems.add(child.getItem().getName());
                            changedItemsList.add(child);
                            // changedItemsMap.put(child.getItem().getName(),
                            // new DisplayItemGroupBean());
                        }
                        String cinputName = getInputName(child);
                        request.setAttribute(cinputName, cvalue);
                        if (validate) {
                            child = validateCalcTypeDisplayItemBean(sv, child, "", request);
                            if (cerr.length() > 0) {
                                Validation cvalidation = new Validation(Validator.CALCULATION_FAILED);
                                cvalidation.setErrorMessage(cerr.toString());
                                sv.addValidation(cinputName, cvalidation);
                            }
                        }
                    }
                    children.set(j, child);
                }
            }
        }

        logMe("allItems 3 Loop end  " + System.currentTimeMillis());
        // YW >>

        // we have to do this since we loaded all the form values into the
        // display
        // item beans above
        // section.setItems(items);
        // setting this AFTER we populate notes - will that make a difference?
        section.setDisplayItemGroups(allItems);

        // logger.debug("+++ try to populate notes");

        section = populateNotesWithDBNoteCounts(discNotes, section, request);
        populateInstantOnChange(request.getSession(), ecb, section);
        // logger.debug("+++ try to populate notes, got count of field notes: " + discNotes.getFieldNotes().toString());

        if (currentStudy.getStudyParameterConfig().getInterviewerNameRequired().equals("yes")) {
            v.addValidation(INPUT_INTERVIEWER, Validator.NO_BLANKS);
        }

        if (currentStudy.getStudyParameterConfig().getInterviewDateRequired().equals("yes")) {
            v.addValidation(INPUT_INTERVIEW_DATE, Validator.NO_BLANKS);
        }

        if (!StringUtil.isBlank(fp.getString(INPUT_INTERVIEW_DATE))) {
            v.addValidation(INPUT_INTERVIEW_DATE, Validator.IS_A_DATE);
            v.alwaysExecuteLastValidation(INPUT_INTERVIEW_DATE);
        }

        if (section.getSection().hasSCDItem()) {
            section = SCDItemDisplayInfo.generateSCDDisplayInfo(section,
                    this.getServletPage(request).equals(Page.INITIAL_DATA_ENTRY)
                            || this.getServletPage(request).equals(Page.ADMIN_EDIT_SERVLET)
                                    && !this.isAdminForcedReasonForChange(request));
        }

        // logger.debug("about to validate: " + v.getKeySet());
        errors = v.validate();

        // tbh >>
        if (this.isAdminForcedReasonForChange(request) && this.isAdministrativeEditing() && errors.isEmpty()) {
            // "You have changed data after this CRF was marked complete. "
            // +
            // "You must provide a Reason For Change discrepancy note for this item before you can save this updated information."
            String error = respage.getString("reason_for_change_error");
            // "Please enter a reason for change discrepancy note before saving."
            // ;
            int nonforcedChanges = 0;
            // change everything here from changed items list to changed
            // items map
            if (changedItemsList.size() > 0) {
                LOGGER.debug("found admin force reason for change: changed items " + changedItems.toString()
                        + " and changed items list: " + changedItemsList.toString() + " changed items map: "
                        + changedItemsMap.toString());
                logMe("DisplayItemBean  Loop begin  " + System.currentTimeMillis());
                for (DisplayItemBean displayItem : changedItemsList) {
                    String formName = getInputName(displayItem);

                    ItemDataBean idb = displayItem.getData();
                    ItemBean item_bean = displayItem.getItem();
                    ItemFormMetadataBean ifmb = displayItem.getMetadata();

                    LOGGER.debug("-- found group label " + ifmb.getGroupLabel());
                    if (!ifmb.getGroupLabel().equalsIgnoreCase("Ungrouped")
                            && !ifmb.getGroupLabel().equalsIgnoreCase(""))

                    {
                        // << tbh 11/2009 sometimes the group label is blank instead of ungrouped???
                        Iterator iter = changedItemsMap.entrySet().iterator();
                        while (iter.hasNext()) {
                            Map.Entry<String, DisplayItemGroupBean> pairs = (Map.Entry) iter.next();
                            String formName2 = pairs.getKey();
                            DisplayItemGroupBean dgb = pairs.getValue();
                            // logger.debug("found auto: " +
                            // dgb.isAuto());
                            String testFormName = "";
                            if (dgb.isAuto()) {
                                // testFormName = getGroupItemInputName(dgb, dgb.getFormInputOrdinal(), getManualRows(dgbs), displayItem);
                                testFormName = getGroupItemInputName(dgb, dgb.getFormInputOrdinal(),
                                        displayItem);
                            } else {
                                testFormName = getGroupItemManualInputName(dgb, dgb.getFormInputOrdinal(),
                                        displayItem);
                            }
                            LOGGER.debug("found test form name: " + testFormName);
                            // if our test is the same with both the display
                            // item and the display group ...
                            // logger.debug("comparing " +
                            // testFormName + " and " + formName2);
                            int existingNotes = dndao.findNumExistingNotesForItem(idb.getId());
                            if (testFormName.equals(formName2)) {
                                formName = formName2;
                                this.setReasonForChangeError(ecb, item_bean, idb, formName, error, request);
                                changedItemsMap.remove(formName2);
                                LOGGER.debug("form name changed: " + formName);
                                break;
                                // .., send it as the form name
                            }
                            // ... otherwise, don't touch it
                            // how to tell vs. manual and just plain input?
                        }

                    } else {
                        this.setReasonForChangeError(ecb, item_bean, idb, formName, error, request);
                        LOGGER.debug("form name added: " + formName);
                    }
                }
                logMe("DisplayItemBean  Loop end  " + System.currentTimeMillis());
            }
            if (nonforcedChanges > 0) {
                // do smething here?
            }
        }
        LOGGER.debug("errors here: " + errors.toString());
        // <<
        logMe("error check  Loop begin  " + System.currentTimeMillis());
        if (errors.isEmpty() && shouldRunRules) {
            LOGGER.debug("Errors was empty");
            if (session.getAttribute("rulesErrors") != null) {
                // rules have already generated errors, Let's compare old
                // error list with new
                // error list, if lists not same show errors.

                HashMap h = ruleValidator.validate();
                Set<String> a = (Set<String>) session.getAttribute("rulesErrors");
                Set<String> ba = h.keySet();
                Boolean showErrors = false;
                for (Object key : ba) {
                    if (!a.contains(key)) {
                        showErrors = true;
                    }
                }
                if (showErrors) {
                    errors = h;
                    if (errors.size() > 0) {
                        session.setAttribute("shouldRunValidation", "1");
                        session.setAttribute("rulesErrors", errors.keySet());
                    } else {
                        session.setAttribute("shouldRunValidation", null);
                        session.setAttribute("rulesErrors", null);
                    }
                } else {
                    session.setAttribute("shouldRunValidation", null);
                    session.setAttribute("rulesErrors", null);

                }

            } else if (session.getAttribute("shouldRunValidation") != null
                    && session.getAttribute("shouldRunValidation").toString().equals("1")) {
                session.setAttribute("shouldRunValidation", null);
                session.setAttribute("rulesErrors", null);
            } else {
                errors = ruleValidator.validate();
                if (errors.size() > 0) {
                    session.setAttribute("shouldRunValidation", "1");
                    session.setAttribute("rulesErrors", errors.keySet());
                }
            }
        }

        if (!errors.isEmpty()) {
            LOGGER.debug("threw an error with data entry...");
            // copying below three lines, tbh 03/2010
            String[] textFields = { INPUT_INTERVIEWER, INPUT_INTERVIEW_DATE };
            fp.setCurrentStringValuesAsPreset(textFields);
            setPresetValues(fp.getPresetValues(), request);
            // YW, 2-4-2008 <<
            logMe("!errors if  Loop begin  " + System.currentTimeMillis());
            HashMap<String, ArrayList<String>> siErrors = sv.validate();

            if (siErrors != null && !siErrors.isEmpty()) {
                Iterator iter = siErrors.keySet().iterator();
                while (iter.hasNext()) {
                    String fieldName = iter.next().toString();
                    errors.put(fieldName, siErrors.get(fieldName));
                }
            }
            // we should 'shift' the names here, tbh 02/2010
            // need: total number of rows, manual rows, all row names
            // plus: error names
            Iterator iter2 = errors.keySet().iterator();
            while (iter2.hasNext()) {
                String fieldName = iter2.next().toString();
                LOGGER.debug("found error " + fieldName);
            }
            //                for (int i = 0; i < allItems.size(); i++) {
            //                    DisplayItemWithGroupBean diwb = allItems.get(i);
            //
            //                    if (diwb.isInGroup()) {
            //                        List<DisplayItemGroupBean> dgbs = diwb.getItemGroups();
            //                        logger.debug("found manual rows " + getManualRows(dgbs) + " and total rows " + dgbs.size() + " from ordinal " + diwb.getOrdinal());
            //                    }
            //                }

            errors = reshuffleErrorGroupNamesKK(errors, allItems, request);
            reshuffleReasonForChangeHashAndDiscrepancyNotes(allItems, request, ecb);
            // reset manual rows, so that we can catch errors correctly
            // but it needs to be set per block of repeating items?  what if there are two or more?

            /*
            int manualRows = 0; // getManualRows(formGroups);
            for (int i = 0; i < allItems.size(); i++) {
            DisplayItemWithGroupBean diwb = allItems.get(i);
                    
            if (diwb.isInGroup()) {
                List<DisplayItemGroupBean> dgbs = diwb.getItemGroups();
                manualRows = getManualRows(dgbs);
            }
            }
            */
            //request.setAttribute("manualRows", new Integer(manualRows));
            Iterator iter3 = errors.keySet().iterator();
            while (iter3.hasNext()) {
                String fieldName = iter3.next().toString();
                LOGGER.debug("found error after shuffle " + fieldName);
            }
            //Mantis Issue: 8116. Parsist the markComplete chebox on error
            request.setAttribute("markComplete", fp.getString(INPUT_MARK_COMPLETE));
            // << tbh, 02/2010
            // YW >>
            // copied
            request.setAttribute(BEAN_DISPLAY, section);
            request.setAttribute(BEAN_ANNOTATIONS, fp.getString(INPUT_ANNOTATIONS));
            setInputMessages(errors, request);
            addPageMessage(respage.getString("errors_in_submission_see_below"), request);
            request.setAttribute("hasError", "true");
            // addPageMessage("To override these errors and keep the data as
            // you
            // entered it, click one of the \"Confirm\" buttons. ");
            // if (section.isCheckInputs()) {
            // addPageMessage("Please notice that you must enter data for
            // the
            // <b>required</b> entries.");
            // }
            // we do not save any DNs if we get here, so we have to set it back into session...
            session.setAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME, discNotes);
            // << tbh 01/2010
            setUpPanel(section);
            forwardPage(getJSPPage(), request, response);
        } else {
            //reshuffleReasonForChangeHashAndDiscrepancyNotes( allItems, request, ecb);
            LOGGER.debug("Do we hit this in save ?????");
            logMe("Do we hit this in save ????  " + System.currentTimeMillis());

            boolean success = true;
            boolean temp = true;

            // save interviewer name and date into DB
            ecb.setInterviewerName(fp.getString(INPUT_INTERVIEWER));
            if (!StringUtil.isBlank(fp.getString(INPUT_INTERVIEW_DATE))) {
                ecb.setDateInterviewed(fp.getDate(INPUT_INTERVIEW_DATE));
            } else {
                ecb.setDateInterviewed(null);
            }

            if (ecdao == null) {
                ecdao = new EventCRFDAO(getDataSource());
            }
            // set validator id for DDE
            DataEntryStage stage = ecb.getStage();
            if (stage.equals(DataEntryStage.INITIAL_DATA_ENTRY_COMPLETE)
                    || stage.equals(DataEntryStage.DOUBLE_DATA_ENTRY)) {
                ecb.setValidatorId(ub.getId());

            }
            /*
             * if(studyEventBean.getSubjectEventStatus().equals(SubjectEventStatus .SIGNED)){ if(edcBean.isDoubleEntry()){
             * ecb.setStage(DataEntryStage.DOUBLE_DATA_ENTRY_COMPLETE); }else{ ecb.setStage(DataEntryStage.INITIAL_DATA_ENTRY_COMPLETE); } }
             */

            // for Administrative editing
            if (studyEventBean.getSubjectEventStatus().equals(SubjectEventStatus.SIGNED)
                    && changedItemsList.size() > 0) {
                studyEventBean.setSubjectEventStatus(SubjectEventStatus.COMPLETED);
                studyEventBean.setUpdater(ub);
                studyEventBean.setUpdatedDate(new Date());
                seDao.update(studyEventBean);
            }

            // If the Study Subject's Satus is signed and we save a section
            // , change status to available
            LOGGER.debug("Status of Study Subject {}", ssb.getStatus().getName());
            if (ssb.getStatus() == Status.SIGNED && changedItemsList.size() > 0) {
                LOGGER.debug("Status of Study Subject is Signed we are updating");
                StudySubjectDAO studySubjectDao = new StudySubjectDAO(getDataSource());
                ssb.setStatus(Status.AVAILABLE);
                ssb.setUpdater(ub);
                ssb.setUpdatedDate(new Date());
                studySubjectDao.update(ssb);
            }
            if (ecb.isSdvStatus() && changedItemsList.size() > 0) {
                LOGGER.debug("Status of Study Subject is SDV we are updating");
                StudySubjectDAO studySubjectDao = new StudySubjectDAO(getDataSource());
                ssb.setStatus(Status.AVAILABLE);
                ssb.setUpdater(ub);
                ssb.setUpdatedDate(new Date());
                studySubjectDao.update(ssb);
                ecb.setSdvStatus(false);
                ecb.setSdvUpdateId(ub.getId());
            }

            ecb = (EventCRFBean) ecdao.update(ecb);

            // save discrepancy notes into DB
            FormDiscrepancyNotes fdn = (FormDiscrepancyNotes) session
                    .getAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME);
            dndao = new DiscrepancyNoteDAO(getDataSource());

            AddNewSubjectServlet.saveFieldNotes(INPUT_INTERVIEWER, fdn, dndao, ecb.getId(), "EventCRF",
                    currentStudy);
            AddNewSubjectServlet.saveFieldNotes(INPUT_INTERVIEW_DATE, fdn, dndao, ecb.getId(), "EventCRF",
                    currentStudy);

            // items = section.getItems();
            allItems = section.getDisplayItemGroups();
            int nextOrdinal = 0;

            LOGGER.debug("all items before saving into DB" + allItems.size());
            this.output(allItems);
            //TODO:Seems longer here, check this
            logMe("DisplayItemWithGroupBean allitems4 " + System.currentTimeMillis());
            for (int i = 0; i < allItems.size(); i++) {
                DisplayItemWithGroupBean diwb = allItems.get(i);

                // we don't write success = success && writeToDB here
                // since the short-circuit mechanism may prevent Java
                // from executing writeToDB.
                if (diwb.isInGroup()) {

                    List<DisplayItemGroupBean> dgbs = diwb.getItemGroups();
                    // using the above gets us the correct number of manual groups, tbh 01/2010
                    List<DisplayItemGroupBean> dbGroups = diwb.getDbItemGroups();
                    LOGGER.debug("item group size: " + dgbs.size());
                    LOGGER.debug("item db-group size: " + dbGroups.size());
                    for (int j = 0; j < dgbs.size(); j++) {
                        DisplayItemGroupBean displayGroup = dgbs.get(j);
                        List<DisplayItemBean> items = displayGroup.getItems();
                        // this ordinal will only useful to create a new
                        // item data
                        // update an item data won't touch its ordinal
                        //  int nextOrdinal = iddao.getMaxOrdinalForGroup(ecb, sb, displayGroup.getItemGroupBean()) + 1;

                        // Determine if any items in this group have data.  If so we need to undelete and previously deleted items.
                        boolean undelete = false;
                        for (DisplayItemBean displayItem : items) {
                            String currItemVal = displayItem.getData().getValue();
                            if (currItemVal != null && !currItemVal.equals("")) {
                                undelete = true;
                                break;
                            }
                        }

                        for (DisplayItemBean displayItem : items) {
                            String fileName = this.addAttachedFilePath(displayItem, attachedFilePath);
                            boolean writeDN = true;
                            displayItem.setEditFlag(displayGroup.getEditFlag());
                            LOGGER.debug("group item value: " + displayItem.getData().getValue());
                            //                if ("add".equalsIgnoreCase(displayItem.getEditFlag()) && fileName.length() > 0 && !newUploadedFiles.containsKey(fileName)) {
                            //                    displayItem.getData().setValue("");
                            //               }

                            //15350, this particular logic, takes into consideration that a DN is created properly as long as the item data record exists and it fails to get created when it doesnt.
                            //so, we are expanding the logic from writeToDb method to avoid creating duplicate records.
                            writeDN = writeDN(displayItem);
                            //pulling from dataset instead of database and correcting the flawed logic of using the database ordinals as max ordinal...
                            nextOrdinal = displayItem.getData().getOrdinal();

                            temp = writeToDB(displayItem, iddao, nextOrdinal, request);
                            LOGGER.debug("just executed writeToDB - 1");
                            LOGGER.debug("next ordinal: " + nextOrdinal);

                            // Undelete item if any item in the repeating group has data.
                            if (undelete && displayItem.getDbData() != null
                                    && displayItem.getDbData().isDeleted()) {
                                iddao.undelete(displayItem.getDbData().getId(), ub.getId());
                            }

                            if (temp && newUploadedFiles.containsKey(fileName)) {
                                newUploadedFiles.remove(fileName);
                            }
                            // maybe put ordinal in the place of j? maybe subtract max rows from next ordinal if j is gt
                            // next ordinal?
                            String inputName = getGroupItemInputName(displayGroup, j, displayItem);
                            // String inputName2 = getGroupItemManualInputName(displayGroup, j, displayItem);
                            if (!displayGroup.isAuto()) {
                                LOGGER.trace("not auto");
                                inputName = this.getGroupItemManualInputName(displayGroup, j, displayItem);

                            }
                            //htaycher last DN is not stored for new rows
                            //                                if (j == dgbs.size() - 1) {
                            //                                    // LAST ONE
                            //                                    logger.trace("last one");
                            //                                    int ordinal = j - this.getManualRows(dgbs);
                            //                                    logger.debug("+++ found manual rows from line 1326: " + ordinal);
                            //                                    inputName = getGroupItemInputName(displayGroup, ordinal, displayItem);
                            //                                }
                            // logger.trace("&&& we get previous looking at input name: " + inputName + " " + inputName2);
                            LOGGER.trace("&&& we get previous looking at input name: " + inputName);
                            // input name 2 removed from below
                            inputName = displayItem.getFieldName();
                            if (writeDN) {
                                AddNewSubjectServlet.saveFieldNotes(inputName, fdn, dndao,
                                        displayItem.getData().getId(), "itemData", currentStudy, ecb.getId());
                            }
                            success = success && temp;
                        }
                    }
                    for (int j = 0; j < dbGroups.size(); j++) {
                        DisplayItemGroupBean displayGroup = dbGroups.get(j);
                        //JN: Since remove button is gone, the following code can be commented out, however it needs to be tested? Can be tackled when handling discrepancy note w/repeating groups issues.
                        if ("remove".equalsIgnoreCase(displayGroup.getEditFlag())) {
                            List<DisplayItemBean> items = displayGroup.getItems();
                            for (DisplayItemBean displayItem : items) {
                                String fileName = this.addAttachedFilePath(displayItem, attachedFilePath);
                                displayItem.setEditFlag(displayGroup.getEditFlag());
                                LOGGER.debug("group item value: " + displayItem.getData().getValue());
                                //               if ("add".equalsIgnoreCase(displayItem.getEditFlag()) && fileName.length() > 0 && !newUploadedFiles.containsKey(fileName)) {
                                //                   displayItem.getData().setValue("");
                                //               }
                                temp = writeToDB(displayItem, iddao, 0, request);
                                LOGGER.debug("just executed writeToDB - 2");
                                if (temp && newUploadedFiles.containsKey(fileName)) {
                                    newUploadedFiles.remove(fileName);
                                }
                                // just use 0 here since update doesn't
                                // touch ordinal
                                success = success && temp;
                            }
                        }
                    }

                } else {
                    DisplayItemBean dib = diwb.getSingleItem();
                    // TODO work on this line

                    //  this.addAttachedFilePath(dib, attachedFilePath);
                    String fileName = addAttachedFilePath(dib, attachedFilePath);
                    boolean writeDN = writeDN(dib);
                    temp = writeToDB(dib, iddao, 1, request);
                    LOGGER.debug("just executed writeToDB - 3");
                    if (temp && (newUploadedFiles.containsKey(dib.getItem().getId() + "")
                            || newUploadedFiles.containsKey(fileName))) {
                        // so newUploadedFiles will contain only failed file
                        // items;
                        newUploadedFiles.remove(dib.getItem().getId() + "");
                        newUploadedFiles.remove(fileName);
                    }

                    String inputName = getInputName(dib);
                    LOGGER.trace("3 - found input name: " + inputName);
                    if (writeDN)
                        AddNewSubjectServlet.saveFieldNotes(inputName, fdn, dndao, dib.getData().getId(),
                                "itemData", currentStudy, ecb.getId());

                    success = success && temp;

                    ArrayList childItems = dib.getChildren();
                    for (int j = 0; j < childItems.size(); j++) {
                        DisplayItemBean child = (DisplayItemBean) childItems.get(j);
                        this.addAttachedFilePath(child, attachedFilePath);
                        writeDN = writeDN(child);
                        temp = writeToDB(child, iddao, 1, request);
                        LOGGER.debug("just executed writeToDB - 4");
                        if (temp && newUploadedFiles.containsKey(child.getItem().getId() + "")) {
                            // so newUploadedFiles will contain only failed
                            // file items;
                            newUploadedFiles.remove(child.getItem().getId() + "");
                        }
                        inputName = getInputName(child);
                        if (writeDN)
                            AddNewSubjectServlet.saveFieldNotes(inputName, fdn, dndao, child.getData().getId(),
                                    "itemData", currentStudy, ecb.getId());
                        success = success && temp;
                    }
                }
            }
            logMe("DisplayItemWithGroupBean allitems4 end " + System.currentTimeMillis());
            LOGGER.debug("running rules: " + phase2.name());
            List<Integer> prevShownDynItemDataIds = shouldRunRules
                    ? this.getItemMetadataService().getDynamicsItemFormMetadataDao()
                            .findShowItemDataIdsInSection(section.getSection().getId(), ecb.getCRFVersionId(),
                                    ecb.getId())
                    : new ArrayList<Integer>();
            logMe("DisplayItemWithGroupBean dryrun  start" + System.currentTimeMillis());
            HashMap<String, ArrayList<String>> rulesPostDryRun = runRules(allItems, ruleSets, false,
                    shouldRunRules, MessageType.WARNING, phase2, ecb, request);

            HashMap<String, ArrayList<String>> errorsPostDryRun = new HashMap<String, ArrayList<String>>();
            // additional step needed, run rules and see if any items are 'shown' AFTER saving data
            logMe("DisplayItemWithGroupBean dryrun  end" + System.currentTimeMillis());
            boolean inSameSection = false;
            logMe("DisplayItemWithGroupBean allitems4 " + System.currentTimeMillis());
            if (!rulesPostDryRun.isEmpty()) {
                // in same section?

                // iterate through the OIDs and see if any of them belong to this section
                Iterator iter3 = rulesPostDryRun.keySet().iterator();
                while (iter3.hasNext()) {
                    String fieldName = iter3.next().toString();
                    LOGGER.debug("found oid after post dry run " + fieldName);
                    // set up a listing of OIDs in the section
                    // BUT: Oids can have the group name in them.
                    int ordinal = -1;
                    String newFieldName = fieldName;
                    String[] fieldNames = fieldName.split("\\.");
                    if (fieldNames.length == 2) {
                        newFieldName = fieldNames[1];
                        // check items in item groups here?
                        if (fieldNames[0].contains("[")) {
                            int p1 = fieldNames[0].indexOf("[");
                            int p2 = fieldNames[0].indexOf("]");
                            try {
                                ordinal = Integer.valueOf(fieldNames[0].substring(p1 + 1, p2));
                            } catch (NumberFormatException e) {
                                ordinal = -1;
                            }
                            fieldNames[0] = fieldNames[0].substring(0, p1);
                        }
                    }
                    List<DisplayItemWithGroupBean> displayGroupsWithItems = section.getDisplayItemGroups();
                    //ArrayList<DisplayItemBean> displayItems = section.getItems();
                    for (int i = 0; i < displayGroupsWithItems.size(); i++) {
                        DisplayItemWithGroupBean itemWithGroup = displayGroupsWithItems.get(i);
                        if (itemWithGroup.isInGroup()) {
                            LOGGER.debug("found group: " + fieldNames[0]);
                            // do something there
                            List<DisplayItemGroupBean> digbs = itemWithGroup.getItemGroups();
                            LOGGER.debug("digbs size: " + digbs.size());
                            for (int j = 0; j < digbs.size(); j++) {
                                DisplayItemGroupBean displayGroup = digbs.get(j);
                                if (displayGroup.getItemGroupBean().getOid().equals(fieldNames[0])
                                        && displayGroup.getOrdinal() == ordinal - 1) {
                                    List<DisplayItemBean> items = displayGroup.getItems();

                                    for (int k = 0; k < items.size(); k++) {
                                        DisplayItemBean dib = items.get(k);
                                        if (dib.getItem().getOid().equals(newFieldName)) {
                                            //inSameSection = true;
                                            if (!dib.getMetadata().isShowItem()) {
                                                LOGGER.debug("found item in group "
                                                        + this.getGroupItemInputName(displayGroup, j, dib)
                                                        + " vs. " + fieldName + " and is show item: "
                                                        + dib.getMetadata().isShowItem());
                                                dib.getMetadata().setShowItem(true);
                                            }
                                            if (prevShownDynItemDataIds == null || !prevShownDynItemDataIds
                                                    .contains(dib.getData().getId())) {
                                                inSameSection = true;
                                                errorsPostDryRun.put(
                                                        this.getGroupItemInputName(displayGroup, j, dib),
                                                        rulesPostDryRun.get(fieldName));
                                            }
                                        }
                                        items.set(k, dib);
                                    }
                                    displayGroup.setItems(items);
                                    digbs.set(j, displayGroup);
                                }
                            }
                            itemWithGroup.setItemGroups(digbs);
                        } else {
                            DisplayItemBean displayItemBean = itemWithGroup.getSingleItem();
                            ItemBean itemBean = displayItemBean.getItem();
                            if (newFieldName.equals(itemBean.getOid())) {
                                //System.out.println("is show item for " + displayItemBean.getItem().getId() + ": " + displayItemBean.getMetadata().isShowItem());
                                //System.out.println("check run dynamics item check " + runDynamicsItemCheck(displayItemBean).getMetadata().isShowItem());
                                if (!displayItemBean.getMetadata().isShowItem()) {
                                    // double check there?
                                    LOGGER.debug("found item " + this.getInputName(displayItemBean) + " vs. "
                                            + fieldName + " and is show item: "
                                            + displayItemBean.getMetadata().isShowItem());
                                    // if is repeating, use the other input name? no

                                    displayItemBean.getMetadata().setShowItem(true);
                                    if (prevShownDynItemDataIds == null || !prevShownDynItemDataIds
                                            .contains(displayItemBean.getData().getId())) {
                                        inSameSection = true;
                                        errorsPostDryRun.put(this.getInputName(displayItemBean),
                                                rulesPostDryRun.get(fieldName));
                                    }
                                }
                            }
                            itemWithGroup.setSingleItem(displayItemBean);
                        }
                        displayGroupsWithItems.set(i, itemWithGroup);
                    }
                    logMe("DisplayItemWithGroupBean allitems4  end,begin" + System.currentTimeMillis());
                    // check groups
                    //List<DisplayItemGroupBean> itemGroups = new ArrayList<DisplayItemGroupBean>();
                    //itemGroups = section.getDisplayFormGroups();
                    //   But in jsp: section.displayItemGroups.itemGroup.groupMetaBean.showGroup
                    List<DisplayItemWithGroupBean> itemGroups = section.getDisplayItemGroups();
                    // List<DisplayItemGroupBean> newItemGroups = new ArrayList<DisplayItemGroupBean>();
                    for (DisplayItemWithGroupBean itemGroup : itemGroups) {
                        DisplayItemGroupBean displayGroup = itemGroup.getItemGroup();
                        if (newFieldName.equals(displayGroup.getItemGroupBean().getOid())) {
                            if (!displayGroup.getGroupMetaBean().isShowGroup()) {
                                inSameSection = true;
                                LOGGER.debug("found itemgroup " + displayGroup.getItemGroupBean().getOid()
                                        + " vs. " + fieldName + " and is show item: "
                                        + displayGroup.getGroupMetaBean().isShowGroup());
                                // hmmm how to set highlighting for a group?
                                errorsPostDryRun.put(displayGroup.getItemGroupBean().getOid(),
                                        rulesPostDryRun.get(fieldName));
                                displayGroup.getGroupMetaBean().setShowGroup(true);
                                // add necessary rows to the display group here????
                                // we have to set the items in the itemGroup for the displayGroup
                                loadItemsWithGroupRows(itemGroup, sb, edcb, ecb, request);

                            }
                        }
                        // newItemGroups.add(displayGroup);
                    }
                    logMe("DisplayItemWithGroupBean allitems4  end,end" + System.currentTimeMillis());
                    // trying to reset the display form groups here, tbh

                    // section.setItems(displayItems);
                    section.setDisplayItemGroups(displayGroupsWithItems);
                    populateInstantOnChange(request.getSession(), ecb, section);

                    // section.setDisplayFormGroups(newDisplayBean.getDisplayFormGroups());

                }
                //
                this.getItemMetadataService().updateGroupDynamicsInSection(displayItemWithGroups,
                        section.getSection().getId(), ecb);
                toc = TableOfContentsServlet.getDisplayBeanWithShownSections(getDataSource(),
                        (DisplayTableOfContentsBean) request.getAttribute(TOC_DISPLAY),
                        (DynamicsMetadataService) SpringServletAccess.getApplicationContext(getServletContext())
                                .getBean("dynamicsMetadataService"));
                request.setAttribute(TOC_DISPLAY, toc);
                sectionIdsInToc = TableOfContentsServlet.sectionIdsInToc(toc);
                sIndex = TableOfContentsServlet.sectionIndexInToc(section.getSection(), toc, sectionIdsInToc);
                previousSec = this.prevSection(section.getSection(), ecb, toc, sIndex);
                nextSec = this.nextSection(section.getSection(), ecb, toc, sIndex);
                section.setFirstSection(!previousSec.isActive());
                section.setLastSection(!nextSec.isActive());
                //
                // we need the following for repeating groups, tbh
                // >> tbh 06/2010
                // List<DisplayItemWithGroupBean> displayItemWithGroups2 = createItemWithGroups(section, hasGroup, eventDefinitionCRFId);

                // section.setDisplayItemGroups(displayItemWithGroups2);

                // if so, stay at this section
                LOGGER.debug(" in same section: " + inSameSection);
                if (inSameSection) {
                    // copy of one line from early on around line 400, forcing a re-show of the items
                    // section = getDisplayBean(hasGroup, true);// include all items, tbh
                    // below a copy of three lines from the if errors = true line, tbh 03/2010
                    String[] textFields = { INPUT_INTERVIEWER, INPUT_INTERVIEW_DATE };
                    fp.setCurrentStringValuesAsPreset(textFields);
                    setPresetValues(fp.getPresetValues(), request);
                    // below essetially a copy except for rulesPostDryRun
                    request.setAttribute(BEAN_DISPLAY, section);
                    request.setAttribute(BEAN_ANNOTATIONS, fp.getString(INPUT_ANNOTATIONS));
                    setInputMessages(errorsPostDryRun, request);
                    addPageMessage(respage.getString("your_answers_activated_hidden_items"), request);
                    request.setAttribute("hasError", "true");
                    request.setAttribute("hasShown", "true");

                    session.setAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME, discNotes);
                    setUpPanel(section);
                    forwardPage(getJSPPage(), request, response);
                }
            }

            if (!inSameSection) {// else if not in same section, progress as usual
                /*
                toc =
                TableOfContentsServlet.getDisplayBeanWithShownSections(getDataSource(), (DisplayTableOfContentsBean) request.getAttribute(TOC_DISPLAY),
                        (DynamicsMetadataService) SpringServletAccess.getApplicationContext(getServletContext()).getBean("dynamicsMetadataService"));
                request.setAttribute(TOC_DISPLAY, toc);
                sectionIdsInToc = TableOfContentsServlet.sectionIdsInToc(toc);
                sIndex = TableOfContentsServlet.sectionIndexInToc(section.getSection(), toc, sectionIdsInToc);
                previousSec = this.prevSection(section.getSection(), ecb, toc, sIndex);
                nextSec = this.nextSection(section.getSection(), ecb, toc, sIndex);
                section.setFirstSection(!previousSec.isActive());
                section.setLastSection(!nextSec.isActive());
                */
                // can we just forward page or do we actually need an ELSE here?
                // yes, we do. tbh 05/03/2010

                ArrayList<String> updateFailedItems = sc.redoCalculations(scoreItems, scoreItemdata,
                        changedItems, itemOrdinals, sb.getId());
                success = updateFailedItems.size() > 0 ? false : true;

                // now check if CRF is marked complete
                boolean markComplete = fp.getString(INPUT_MARK_COMPLETE).equals(VALUE_YES);
                boolean markSuccessfully = false; // if the CRF was marked
                // complete
                // successfully
                if (markComplete && section.isLastSection()) {
                    LOGGER.debug("need to mark CRF as complete");
                    markSuccessfully = markCRFComplete(request);
                    LOGGER.debug("...marked CRF as complete: " + markSuccessfully);
                    if (!markSuccessfully) {
                        request.setAttribute(BEAN_DISPLAY, section);
                        request.setAttribute(BEAN_ANNOTATIONS, fp.getString(INPUT_ANNOTATIONS));
                        setUpPanel(section);
                        forwardPage(getJSPPage(), request, response);
                        return;
                    }
                }

                // now write the event crf bean to the database
                String annotations = fp.getString(INPUT_ANNOTATIONS);
                setEventCRFAnnotations(annotations, request);
                Date now = new Date();
                ecb.setUpdatedDate(now);
                ecb.setUpdater(ub);
                ecb = (EventCRFBean) ecdao.update(ecb);
                success = success && ecb.isActive();

                StudyEventDAO sedao = new StudyEventDAO(getDataSource());
                StudyEventBean seb = (StudyEventBean) sedao.findByPK(ecb.getStudyEventId());
                seb.setUpdatedDate(now);
                seb.setUpdater(ub);
                seb = (StudyEventBean) sedao.update(seb);
                success = success && seb.isActive();

                request.setAttribute(INPUT_IGNORE_PARAMETERS, Boolean.TRUE);

                if (newUploadedFiles.size() > 0) {
                    if (this.unloadFiles(newUploadedFiles)) {

                    } else {
                        String missed = "";
                        Iterator iter = newUploadedFiles.keySet().iterator();
                        while (iter.hasNext()) {
                            missed += " " + newUploadedFiles.get(iter.next());
                        }
                        addPageMessage(
                                respage.getString("uploaded_files_not_deleted_or_not_exist") + ": " + missed,
                                request);
                    }
                }
                if (!success) {
                    // YW, 3-6-2008 <<
                    if (updateFailedItems.size() > 0) {
                        String mess = "";
                        for (String ss : updateFailedItems) {
                            mess += ss + ", ";
                        }
                        mess = mess.substring(0, mess.length() - 2);
                        addPageMessage(resexception.getString("item_save_failed_because_database_error") + mess,
                                request);
                    } else {
                        // YW>>
                        addPageMessage(resexception.getString("database_error"), request);
                    }
                    request.setAttribute(BEAN_DISPLAY, section);
                    session.removeAttribute(GROUP_HAS_DATA);
                    session.removeAttribute(HAS_DATA_FLAG);
                    session.removeAttribute(DDE_PROGESS);
                    session.removeAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME);
                    LOGGER.debug("try to remove to_create_crf");
                    session.removeAttribute("to_create_crf");
                    session.removeAttribute(instantAtt);

                    // forwardPage(Page.SUBMIT_DATA_SERVLET);
                    forwardPage(Page.LIST_STUDY_SUBJECTS_SERVLET, request, response);
                    // >> changed tbh, 06/2009
                } else {
                    boolean forwardingSucceeded = false;

                    if (!fp.getString(GO_PREVIOUS).equals("")) {
                        if (previousSec.isActive()) {
                            forwardingSucceeded = true;
                            request.setAttribute(INPUT_EVENT_CRF, ecb);
                            request.setAttribute(INPUT_SECTION, previousSec);
                            int tabNum = 0;
                            if (fp.getString("tab") == null) {
                                tabNum = 1;
                            } else {
                                tabNum = fp.getInt("tab");
                            }
                            request.setAttribute("tab", new Integer(tabNum - 1).toString());

                            //  forwardPage(getServletPage(request), request, response);
                            getServletContext().getRequestDispatcher(getServletPage(request)).forward(request,
                                    response);
                        }
                    } else if (!fp.getString(GO_NEXT).equals("")) {
                        if (nextSec.isActive()) {
                            forwardingSucceeded = true;
                            request.setAttribute(INPUT_EVENT_CRF, ecb);
                            request.setAttribute(INPUT_SECTION, nextSec);
                            int tabNum = 0;
                            if (fp.getString("tab") == null) {
                                tabNum = 1;
                            } else {
                                tabNum = fp.getInt("tab");
                            }
                            request.setAttribute("tab", new Integer(tabNum + 1).toString());
                            getServletContext().getRequestDispatcher(getServletPage(request)).forward(request,
                                    response);
                            //forwardPage(getServletPage(request), request, response);
                        }
                    }

                    if (!forwardingSucceeded) {
                        // request.setAttribute(TableOfContentsServlet.
                        // INPUT_EVENT_CRF_BEAN,
                        // ecb);
                        if (markSuccessfully) {
                            addPageMessage(respage.getString("data_saved_CRF_marked_complete"), request);
                            session.removeAttribute(AddNewSubjectServlet.FORM_DISCREPANCY_NOTES_NAME);
                            session.removeAttribute(GROUP_HAS_DATA);
                            session.removeAttribute(HAS_DATA_FLAG);
                            session.removeAttribute(DDE_PROGESS);
                            session.removeAttribute("to_create_crf");

                            request.setAttribute("eventId", new Integer(ecb.getStudyEventId()).toString());
                            forwardPage(Page.ENTER_DATA_FOR_STUDY_EVENT_SERVLET, request, response);
                        } else {
                            // use clicked 'save'
                            addPageMessage(respage.getString("data_saved_continue_entering_edit_later"),
                                    request);
                            request.setAttribute(INPUT_EVENT_CRF, ecb);
                            request.setAttribute(INPUT_EVENT_CRF_ID, new Integer(ecb.getId()).toString());
                            // forward to the next section if the previous one
                            // is not the last section
                            if (!section.isLastSection()) {
                                request.setAttribute(INPUT_SECTION, nextSec);
                                request.setAttribute(INPUT_SECTION_ID, new Integer(nextSec.getId()).toString());
                                session.removeAttribute("mayProcessUploading");
                            } else if (section.isLastSection()) { //JN ADDED TO avoid return down
                                // already the last section, should go back to
                                // view event page
                                session.removeAttribute(GROUP_HAS_DATA);
                                session.removeAttribute(HAS_DATA_FLAG);
                                session.removeAttribute(DDE_PROGESS);
                                session.removeAttribute("to_create_crf");
                                session.removeAttribute("mayProcessUploading");

                                request.setAttribute("eventId", new Integer(ecb.getStudyEventId()).toString());
                                if (fromViewNotes != null && "1".equals(fromViewNotes)) {
                                    String viewNotesPageFileName = (String) session
                                            .getAttribute("viewNotesPageFileName");
                                    session.removeAttribute("viewNotesPageFileName");
                                    session.removeAttribute("viewNotesURL");
                                    if (viewNotesPageFileName != null && viewNotesPageFileName.length() > 0) {
                                        // forwardPage(Page.setNewPage(viewNotesPageFileName, "View Notes"), request, response);
                                        getServletContext().getRequestDispatcher(viewNotesPageFileName)
                                                .forward(request, response);
                                    }
                                }
                                session.removeAttribute(instantAtt);
                                forwardPage(Page.ENTER_DATA_FOR_STUDY_EVENT_SERVLET, request, response);
                                return;

                            }

                            int tabNum = 0;
                            if (fp.getString("tab") == null) {
                                tabNum = 1;
                            } else {
                                tabNum = fp.getInt("tab");
                            }
                            if (!section.isLastSection()) {
                                request.setAttribute("tab", new Integer(tabNum + 1).toString());
                            }

                            //  forwardPage(getServletPage(request), request, response);
                            getServletContext().getRequestDispatcher(getServletPage(request)).forward(request,
                                    response);
                        }
                        // session.removeAttribute(AddNewSubjectServlet.
                        // FORM_DISCREPANCY_NOTES_NAME);
                        // forwardPage(Page.SUBMIT_DATA_SERVLET);
                    }
                }
            } // end of if-block for dynamic rules not in same section, tbh 05/2010
        } // end of save
    }

}