1 files changed, 199 insertions, 0 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java b/id.server/src/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java
new file mode 100644
index 000000000..3fa596c78
--- /dev/null
+++ b/id.server/src/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java
@@ -0,0 +1,199 @@
+package at.gv.egovernment.moa.id.proxy;
+
+import java.io.IOException;
+import java.net.URL;
+import java.net.URLStreamHandler;
+import java.util.Iterator;
+import java.util.Vector;
+
+import javax.net.ssl.SSLSocketFactory;
+import javax.servlet.http.HttpServletRequest;
+
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider;
+import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.BoolUtils;
+
+import com.sun.net.ssl.HostnameVerifier;
+import HTTPClient.HttpURLConnection;
+import HTTPClient.HTTPConnection;
+
+
+/**
+ * Outlook Web Access (OWA) Implementierung von <code>ConnectionBuilder</code>.
+ * uses HTTP(s)Client with IAIK iSaSiLk Patch
+ * @author pdanner
+ */
+public class EnhancedConnectionBuilder implements ConnectionBuilder {
+	  
+	  /** a boolean to disable the HostnameVerification (default = false)*/
+	  private static boolean cbDisableHostnameVerification = false;
+	  
+	  static {
+	    HTTPConnection.setDefaultTimeout(0);
+	    /*
+		String modules = "HTTPClient.RetryModule|" +
+		 //"HTTPClient.CookieModule|" +
+		 "HTTPClient.RedirectionModule|" +
+		 //"HTTPClient.AuthorizationModule|" +
+		 "HTTPClient.DefaultModule|" +
+		 "HTTPClient.TransferEncodingModule|" +
+		 "HTTPClient.ContentMD5Module|" +
+		 "HTTPClient.ContentEncodingModule";
+	    */
+	    try {
+	      HTTPConnection.removeDefaultModule(Class.forName("HTTPClient.AuthorizationModule"));
+	      HTTPConnection.removeDefaultModule(Class.forName("HTTPClient.RedirectionModule"));
+	      HTTPConnection.removeDefaultModule(Class.forName("HTTPClient.CookieModule"));
+	    } catch (ClassNotFoundException e) {
+	    	
+	    }
+	  }
+	  
+	  /**
+	   * Constructor for OWAConnectionBuilder.
+	   * @throws ConfigurationException on any config error
+	   */
+	  public EnhancedConnectionBuilder() throws ConfigurationException {
+	    cbDisableHostnameVerification = BoolUtils.valueOf(
+	      ProxyConfigurationProvider.getInstance().getGenericConfigurationParameter(
+	        "ProxyComponent.DisableHostnameVerification"));
+	      //TODO MOA-ID BRZ undocumented feature
+	    if (cbDisableHostnameVerification)
+	      Logger.warn("ProxyComponent.DisableHostnameVerification: " + cbDisableHostnameVerification);
+	  }
+
+	  /**
+	   * @see at.gv.egovernment.moa.id.proxy.ConnectionBuilder#buildConnection
+	   */
+	  public java.net.HttpURLConnection buildConnection(HttpServletRequest req, String publicURLPrefix, String realURLPrefix, SSLSocketFactory sslSocketFactory, Vector parameters) throws IOException {
+
+	    String requestedURL = req.getRequestURL().toString();
+	    // check whether requested URL starts with publicURLPrefix
+	    
+	    if (! requestedURL.startsWith(publicURLPrefix.substring(0,5)))
+	      throw new IOException(MOAIDMessageProvider.getInstance().getMessage(
+	        "proxy.01", new Object[] {requestedURL, publicURLPrefix}));
+
+	    
+	    
+	    // in case of GET request, append query string to requested URL;
+	    // otherwise, HttpURLConnection would perform a POST request
+	    //FIXME right parameters 
+	    /*
+	    if ("get".equalsIgnoreCase(req.getMethod()) && ! parameters.isEmpty()) {
+	      requestedURL = appendQueryString(requestedURL, parameters);
+	    }
+	    */
+	    /*PeterD
+	    //TODO RSCH check functionality
+	    if (null != req.getQueryString() && 0 != req.getQueryString().length() ) {
+	      String query = req.getQueryString();
+	      requestedURL = requestedURL + "?" + query;
+	      
+	      for (Iterator iter = parameters.keySet().iterator(); iter.hasNext();) {
+	        String parameterKey = (String) iter.next();
+	        if(query.indexOf(parameterKey) >= 0) iter.remove();
+	      }
+	    }
+	    */
+	    
+	    
+	    
+	    if (null != req.getQueryString() && 0 != req.getQueryString().length() ) {
+	      String query = req.getQueryString();
+	      requestedURL = requestedURL + "?" + query;
+
+	      String parameter[] = new String[2];  
+	      for (Iterator iter = parameters.iterator(); iter.hasNext();) {
+  	        parameter = (String[]) iter.next();   	
+	        if(query.indexOf(parameter[0]) >= 0) iter.remove();
+	      }
+	    }
+	    
+	    // build real URL in online application
+	    String realURLString = realURLPrefix + requestedURL.substring(publicURLPrefix.length());
+
+	    // build real URL in online application
+        URLStreamHandler urlStreamHandler = null;
+        
+	    //URL url = new URL(realURLString);
+        if (realURLString.startsWith("https")) {
+        	urlStreamHandler = new HTTPClient.https.Handler();
+        } else{
+        	urlStreamHandler = new HTTPClient.http.Handler();
+        }
+        URL url = new URL(null, realURLString, urlStreamHandler);
+	    Logger.debug("OA Request: " + req.getMethod() + " " + url.toString());
+
+	    HttpURLConnection conn = (HttpURLConnection)url.openConnection();
+	    
+	    conn.setRequestMethod(req.getMethod());
+	    conn.setDoInput(true);
+	    conn.setDoOutput(true);
+	    //conn.setUseCaches(false);
+	    //conn.setAllowUserInteraction(true);
+	    conn.setInstanceFollowRedirects(false);
+
+	    if (realURLString.startsWith("https") && sslSocketFactory != null) {
+	    	conn.setSSLSocketFactory(sslSocketFactory);
+	    	//Not available in HTTPClient
+	    	//if (cbDisableHostnameVerification)
+	        //    conn.setHostnameVerifier(new HostnameNonVerifier());
+	    }
+	    
+	   return conn;
+	    
+	  }
+	  
+	  /**
+	   * Disconnects the HttpURLConnection if necessary.
+	   * The implementation of the Connectionbuilder decides wether 
+	   * if this should be happen or not.
+	   *
+	   * @param con the HttpURLConnection which is normaly to be closed
+	   */	  
+	  public void disconnect(java.net.HttpURLConnection conn) {
+	  	// In HTTPClient there must not be an diconnect!
+	  	// conn.disconnect();
+	  }
+		  
+	  /**
+	   * @param requestedURL
+	   * @param parameters
+	   * @return
+	   */
+	  /*
+	  private String appendQueryString(String requestedURL, Map parameters) {
+	    String newURL = requestedURL;
+	    for (Iterator iter = parameters.keySet().iterator(); iter.hasNext();) {
+	      String paramName = (String)iter.next();
+	      String paramValue = (String)parameters.get(paramName);
+	      String paramString = paramName + "=" + paramValue;
+	      if (newURL.indexOf("?") < 0)
+	        newURL = newURL + "?" + paramString;
+	      else
+	        newURL = newURL + "&" + paramString;
+	    }
+	    return newURL;
+	  }
+	  */
+	  
+	  /**
+	     * @author Stefan Knirsch
+	     * @version $Id$
+	     * A private class to change the standard HostName verifier to disable the
+	     * Hostname Verification Check
+	     */
+	  private class HostnameNonVerifier implements HostnameVerifier {
+	    
+	    /**
+	     * @see com.sun.net.ssl.HostnameVerifier#verify(String, String)
+	     */
+	    public boolean verify(String arg0, String arg1) {
+	      return true;
+	    }
+	  }
+
+	}