Revision 4295
Added by daigle over 15 years ago
| src/edu/ucsb/nceas/metacat/MetaCatServlet.java | ||
|---|---|---|
| 56 | 56 |
import javax.servlet.ServletContext; |
| 57 | 57 |
import javax.servlet.ServletException; |
| 58 | 58 |
import javax.servlet.ServletOutputStream; |
| 59 |
import javax.servlet.http.Cookie; |
|
| 59 | 60 |
import javax.servlet.http.HttpServlet; |
| 60 | 61 |
import javax.servlet.http.HttpServletRequest; |
| 61 | 62 |
import javax.servlet.http.HttpServletResponse; |
| ... | ... | |
| 605 | 606 |
|
| 606 | 607 |
// Decode the docid and mouse click information |
| 607 | 608 |
// THIS IS OBSOLETE -- I THINK -- REMOVE THIS BLOCK |
| 608 |
// 4/12/2007 |
|
| 609 |
// 4/12/2007d
|
|
| 609 | 610 |
// MBJ |
| 610 | 611 |
if (name.endsWith(".y")) {
|
| 611 | 612 |
docid[0] = name.substring(0, name.length() - 2); |
| ... | ... | |
| 643 | 644 |
// This block handles session management for the servlet |
| 644 | 645 |
// by looking up the current session information for all actions |
| 645 | 646 |
// other than "login" and "logout" |
| 646 |
String username = null;
|
|
| 647 |
String userName = null;
|
|
| 647 | 648 |
String password = null; |
| 648 |
String[] groupnames = null;
|
|
| 649 |
String sess_id = null;
|
|
| 649 |
String[] groupNames = null;
|
|
| 650 |
String sessionId = null;
|
|
| 650 | 651 |
name = null; |
| 651 | 652 |
|
| 652 | 653 |
// handle login action |
| ... | ... | |
| 683 | 684 |
|
| 684 | 685 |
// aware of session expiration on every request |
| 685 | 686 |
} else {
|
| 686 |
// TODO MCD take a closer look at this |
|
| 687 |
HttpSession sess = request.getSession(true); |
|
| 688 |
SessionData sessionData = null; |
|
| 689 |
logMetacat.info("session.isnew: " + sess.isNew()
|
|
| 690 |
+ " params.hassessid: " + params.containsKey("sessionid"));
|
|
| 691 |
if (sess.isNew() && !params.containsKey("sessionid")) {
|
|
| 692 |
// session expired or has not been stored b/w user |
|
| 693 |
// requests |
|
| 694 |
logMetacat.info("The session is new or no sessionid is assigned. "
|
|
| 695 |
+ "The user is public"); |
|
| 696 |
sessionData = new SessionData(sess.getId(), "public", null, null); |
|
| 697 |
SessionService.registerSession(sessionData); |
|
| 698 |
} else {
|
|
| 699 |
logMetacat.info("The session is either old or "
|
|
| 700 |
+ "has sessionid parameter"); |
|
| 701 |
try {
|
|
| 702 |
|
|
| 703 |
if (params.containsKey("sessionid")) {
|
|
| 704 |
sess_id = ((String[]) params.get("sessionid"))[0];
|
|
| 705 |
logMetacat.info("in has sessionid " + sess_id);
|
|
| 706 |
if (SessionService.isSessionRegistered(sess_id)) {
|
|
| 707 |
logMetacat.info("find the id " + sess_id
|
|
| 708 |
+ " in hash table"); |
|
| 709 |
sessionData = SessionService.getRegisteredSession(sess_id); |
|
| 710 |
} |
|
| 711 |
} else {
|
|
| 712 |
// this makes sure there is a session object for |
|
| 713 |
// public sessions |
|
| 714 |
sess_id = sess.getId(); |
|
| 715 |
sessionData = new SessionData(sess.getId(), |
|
| 716 |
(String) sess.getAttribute("username"),
|
|
| 717 |
(String[]) sess.getAttribute("groups"),
|
|
| 718 |
(String) sess.getAttribute("password"));
|
|
| 719 |
SessionService.registerSession(sessionData); |
|
| 720 |
} |
|
| 721 |
} catch (IllegalStateException ise) {
|
|
| 722 |
logMetacat.error("Error in handleGetOrPost: this shouldn't "
|
|
| 723 |
+ "happen: the session should be valid: " |
|
| 724 |
+ ise.getMessage()); |
|
| 725 |
} |
|
| 687 |
SessionData sessionData = RequestUtil.getSessionData(request); |
|
| 688 |
|
|
| 689 |
userName = sessionData.getUserName(); |
|
| 690 |
password = sessionData.getPassword(); |
|
| 691 |
groupNames = sessionData.getGroupNames(); |
|
| 726 | 692 |
|
| 727 |
username = (String) sess.getAttribute("username");
|
|
| 728 |
logMetacat.info("The user name from session is: " + username);
|
|
| 729 |
password = (String) sess.getAttribute("password");
|
|
| 730 |
groupnames = (String[]) sess.getAttribute("groupnames");
|
|
| 731 |
// name = (String) sess.getAttribute("name");
|
|
| 732 |
} |
|
| 733 |
|
|
| 734 |
// make user user username should be public |
|
| 735 |
if (username == null || (username.trim().equals(""))) {
|
|
| 736 |
username = "public"; |
|
| 737 |
} |
|
| 738 |
logMetacat.info("The user is : " + username);
|
|
| 693 |
logMetacat.info("The user is : " + userName);
|
|
| 739 | 694 |
} |
| 740 | 695 |
// Now that we know the session is valid, we can delegate the |
| 741 |
// request |
|
| 742 |
// to a particular action handler |
|
| 696 |
// request to a particular action handler |
|
| 743 | 697 |
if (action.equals("query")) {
|
| 744 | 698 |
ServletOutputStream streamOut = response.getOutputStream(); |
| 745 | 699 |
PrintWriter out = new PrintWriter(streamOut); |
| 746 |
handleQuery(out, params, response, username, groupnames, sess_id);
|
|
| 700 |
handleQuery(out, params, response, userName, groupNames, sessionId);
|
|
| 747 | 701 |
out.close(); |
| 748 | 702 |
} else if (action.equals("squery")) {
|
| 749 | 703 |
ServletOutputStream streamOut = response.getOutputStream(); |
| 750 | 704 |
PrintWriter out = new PrintWriter(streamOut); |
| 751 | 705 |
if (params.containsKey("query")) {
|
| 752 |
handleSQuery(out, params, response, username, groupnames, sess_id);
|
|
| 706 |
handleSQuery(out, params, response, userName, groupNames, sessionId);
|
|
| 753 | 707 |
out.close(); |
| 754 | 708 |
} else {
|
| 755 | 709 |
out.println("Illegal action squery without \"query\" parameter");
|
| ... | ... | |
| 761 | 715 |
.debug("******************* SPATIAL QUERY ********************");
|
| 762 | 716 |
ServletOutputStream streamOut = response.getOutputStream(); |
| 763 | 717 |
PrintWriter out = new PrintWriter(streamOut); |
| 764 |
handleSpatialQuery(out, params, response, username, groupnames,
|
|
| 765 |
sess_id);
|
|
| 718 |
handleSpatialQuery(out, params, response, userName, groupNames,
|
|
| 719 |
sessionId);
|
|
| 766 | 720 |
out.close(); |
| 767 | 721 |
|
| 768 | 722 |
} |
| ... | ... | |
| 770 | 724 |
|
| 771 | 725 |
logMetacat |
| 772 | 726 |
.debug("******************* DATA QUERY ********************");
|
| 773 |
handleDataquery(params, response, sess_id);
|
|
| 727 |
handleDataquery(params, response, sessionId);
|
|
| 774 | 728 |
} |
| 775 | 729 |
else if (action.equals("export")) {
|
| 776 | 730 |
|
| 777 |
handleExportAction(params, response, username, groupnames, password);
|
|
| 731 |
handleExportAction(params, response, userName, groupNames, password);
|
|
| 778 | 732 |
} else if (action.equals("read")) {
|
| 779 |
handleReadAction(params, request, response, username, password,
|
|
| 780 |
groupnames);
|
|
| 733 |
handleReadAction(params, request, response, userName, password,
|
|
| 734 |
groupNames);
|
|
| 781 | 735 |
} else if (action.equals("readinlinedata")) {
|
| 782 |
handleReadInlineDataAction(params, request, response, username,
|
|
| 783 |
password, groupnames);
|
|
| 736 |
handleReadInlineDataAction(params, request, response, userName,
|
|
| 737 |
password, groupNames);
|
|
| 784 | 738 |
} else if (action.equals("insert") || action.equals("update")) {
|
| 785 | 739 |
PrintWriter out = response.getWriter(); |
| 786 |
if ((username != null) && !username.equals("public")) {
|
|
| 740 |
if ((userName != null) && !userName.equals("public")) {
|
|
| 787 | 741 |
handleInsertOrUpdateAction(request, response, out, params, |
| 788 |
username, groupnames);
|
|
| 742 |
userName, groupNames);
|
|
| 789 | 743 |
} else {
|
| 790 | 744 |
response.setContentType("text/xml");
|
| 791 | 745 |
out.println("<?xml version=\"1.0\"?>");
|
| 792 | 746 |
out.println("<error>");
|
| 793 |
out.println("Permission denied for user " + username + " "
|
|
| 747 |
out.println("Permission denied for user " + userName + " "
|
|
| 794 | 748 |
+ action); |
| 795 | 749 |
out.println("</error>");
|
| 796 | 750 |
} |
| 797 | 751 |
out.close(); |
| 798 | 752 |
} else if (action.equals("delete")) {
|
| 799 | 753 |
PrintWriter out = response.getWriter(); |
| 800 |
if ((username != null) && !username.equals("public")) {
|
|
| 801 |
handleDeleteAction(out, params, request, response, username,
|
|
| 802 |
groupnames);
|
|
| 754 |
if ((userName != null) && !userName.equals("public")) {
|
|
| 755 |
handleDeleteAction(out, params, request, response, userName,
|
|
| 756 |
groupNames);
|
|
| 803 | 757 |
} else {
|
| 804 | 758 |
response.setContentType("text/xml");
|
| 805 | 759 |
out.println("<?xml version=\"1.0\"?>");
|
| ... | ... | |
| 814 | 768 |
out.close(); |
| 815 | 769 |
} else if (action.equals("setaccess")) {
|
| 816 | 770 |
PrintWriter out = response.getWriter(); |
| 817 |
handleSetAccessAction(out, params, username);
|
|
| 771 |
handleSetAccessAction(out, params, userName);
|
|
| 818 | 772 |
out.close(); |
| 819 | 773 |
} else if (action.equals("getaccesscontrol")) {
|
| 820 | 774 |
PrintWriter out = response.getWriter(); |
| 821 |
handleGetAccessControlAction(out, params, response, username,
|
|
| 822 |
groupnames);
|
|
| 775 |
handleGetAccessControlAction(out, params, response, userName,
|
|
| 776 |
groupNames);
|
|
| 823 | 777 |
out.close(); |
| 824 | 778 |
} else if (action.equals("getprincipals")) {
|
| 825 | 779 |
PrintWriter out = response.getWriter(); |
| 826 |
handleGetPrincipalsAction(out, username, password);
|
|
| 780 |
handleGetPrincipalsAction(out, userName, password);
|
|
| 827 | 781 |
out.close(); |
| 828 | 782 |
} else if (action.equals("getdoctypes")) {
|
| 829 | 783 |
PrintWriter out = response.getWriter(); |
| ... | ... | |
| 855 | 809 |
out.println(MetaCatVersion.getVersionAsXml()); |
| 856 | 810 |
out.close(); |
| 857 | 811 |
} else if (action.equals("getlog")) {
|
| 858 |
handleGetLogAction(params, request, response, username, groupnames);
|
|
| 812 |
handleGetLogAction(params, request, response, userName, groupNames);
|
|
| 859 | 813 |
} else if (action.equals("getloggedinuserinfo")) {
|
| 860 | 814 |
PrintWriter out = response.getWriter(); |
| 861 | 815 |
response.setContentType("text/xml");
|
| 862 | 816 |
out.println("<?xml version=\"1.0\"?>");
|
| 863 | 817 |
out.println("\n<user>\n");
|
| 864 | 818 |
out.println("\n<username>\n");
|
| 865 |
out.println(username);
|
|
| 819 |
out.println(userName);
|
|
| 866 | 820 |
out.println("\n</username>\n");
|
| 867 | 821 |
if (name != null) {
|
| 868 | 822 |
out.println("\n<name>\n");
|
| 869 | 823 |
out.println(name); |
| 870 | 824 |
out.println("\n</name>\n");
|
| 871 | 825 |
} |
| 872 |
if (LDAPUtil.isAdministrator(username, groupnames)) {
|
|
| 826 |
if (LDAPUtil.isAdministrator(userName, groupNames)) {
|
|
| 873 | 827 |
out.println("<isAdministrator></isAdministrator>\n");
|
| 874 | 828 |
} |
| 875 |
if (LDAPUtil.isModerator(username, groupnames)) {
|
|
| 829 |
if (LDAPUtil.isModerator(userName, groupNames)) {
|
|
| 876 | 830 |
out.println("<isModerator></isModerator>\n");
|
| 877 | 831 |
} |
| 878 | 832 |
out.println("\n</user>\n");
|
| 879 | 833 |
out.close(); |
| 880 | 834 |
} else if (action.equals("buildindex")) {
|
| 881 |
handleBuildIndexAction(params, request, response, username,
|
|
| 882 |
groupnames);
|
|
| 835 |
handleBuildIndexAction(params, request, response, userName,
|
|
| 836 |
groupNames);
|
|
| 883 | 837 |
} else if (action.equals("login") || action.equals("logout")) {
|
| 884 | 838 |
/* |
| 885 | 839 |
* } else if (action.equals("protocoltest")) { String
|
| ... | ... | |
| 1142 | 1096 |
+ " into hash in login method"); |
| 1143 | 1097 |
SessionService.registerSession(id, |
| 1144 | 1098 |
(String) session.getAttribute("username"),
|
| 1145 |
(String[]) session.getAttribute("groups"),
|
|
| 1099 |
(String[]) session.getAttribute("groupnames"),
|
|
| 1146 | 1100 |
(String) session.getAttribute("password"));
|
| 1147 | 1101 |
} |
| 1148 | 1102 |
|
| ... | ... | |
| 1187 | 1141 |
+ sess.getAttribute("username")
|
| 1188 | 1142 |
+ " will be invalidate in logout action"); |
| 1189 | 1143 |
sess.invalidate(); |
| 1144 |
SessionService.unRegisterSession(sess.getId()); |
|
| 1190 | 1145 |
} |
| 1191 | 1146 |
|
| 1192 | 1147 |
// produce output |
Also available in: Unified diff
Get session information from RequestUtil. Change some variable names to camel case.