From b548b9859413b3a974a5bad900c20fef4ae058d4 Mon Sep 17 00:00:00 2001 From: gregor Date: Tue, 25 Nov 2003 19:41:46 +0000 Subject: Zwischenstand git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@62 d688527b-c9ab-4aba-bd8d-4036d912da1d --- .../moa/spss/slinterface/Constants.java | 1 + .../gv/egovernment/moa/spss/slinterface/Utils.java | 33 ++++++ .../moa/spss/slinterface/filters/SL2MOAFilter.java | 131 ++++++--------------- .../spss/slinterface/servlets/ResultServlet.java | 125 ++++++++++++++++++++ .../moa/spss/slinterface/servlets/SLRequest.java | 19 +++ 5 files changed, 217 insertions(+), 92 deletions(-) create mode 100644 spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Utils.java create mode 100644 spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/ResultServlet.java create mode 100644 spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/SLRequest.java (limited to 'spss.slinterface/WEB-INF/src/at/gv/egovernment') diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Constants.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Constants.java index b47f245fa..cb37fe843 100644 --- a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Constants.java +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Constants.java @@ -28,6 +28,7 @@ public class Constants public static final String LH_LISTENERS_ = LH_BASE_ + ".listeners"; public static final String LH_FILTERS_ = LH_BASE_ + ".filters"; public static final String LH_SERVLETS_ = LH_BASE_ + ".servlets"; + public static final String LH_TEST_ = LH_BASE_ + ".test"; // Web service context parameters diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Utils.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Utils.java new file mode 100644 index 000000000..8c1292734 --- /dev/null +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/Utils.java @@ -0,0 +1,33 @@ +/* + * Created on 25.11.2003 + * + * (c) Stabsstelle IKT-Strategie des Bundes + */ +package at.gv.egovernment.moa.spss.slinterface; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.InputStream; + +/** + * @author Gregor Karlinger (mailto:gregor.karlinger@cio.gv.at) + */ +public class Utils +{ + public static byte[] readFromInputStream(InputStream inputStream) throws IOException + { + byte[] currentBytes = new byte[500]; + int bytesRead; + ByteArrayOutputStream result = new ByteArrayOutputStream(); + do + { + bytesRead = inputStream.read(currentBytes); + if (bytesRead > 0) + { + result.write(currentBytes, 0, bytesRead); + } + } + while (bytesRead != -1); + return result.toByteArray(); + } +} diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/filters/SL2MOAFilter.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/filters/SL2MOAFilter.java index 77c1b9c0e..08b8635ba 100644 --- a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/filters/SL2MOAFilter.java +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/filters/SL2MOAFilter.java @@ -10,6 +10,7 @@ import java.io.ByteArrayOutputStream; import java.io.CharArrayReader; import java.io.IOException; import java.io.InputStream; +import java.io.OutputStream; import java.io.Reader; import java.util.Iterator; import java.util.List; @@ -25,12 +26,10 @@ import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; import javax.xml.transform.Transformer; import javax.xml.transform.TransformerConfigurationException; -import javax.xml.transform.TransformerException; import javax.xml.transform.TransformerFactory; -import javax.xml.transform.dom.DOMSource; -import javax.xml.transform.stream.StreamResult; import javax.xml.transform.stream.StreamSource; import org.apache.commons.fileupload.DiskFileUpload; @@ -46,6 +45,7 @@ import org.xml.sax.SAXException; import at.gv.egovernment.moa.spss.slinterface.Constants; import at.gv.egovernment.moa.spss.slinterface.moainvoker.MOAInvoker; +import at.gv.egovernment.moa.spss.slinterface.servlets.SLRequest; import at.gv.egovernment.moa.spss.slinterface.transformers.MOA2SL; import at.gv.egovernment.moa.spss.slinterface.transformers.SL2MOA; @@ -57,7 +57,6 @@ public class SL2MOAFilter implements Filter private static Logger logger_ = Logger.getLogger(Constants.LH_FILTERS_); private FilterConfig config_; - private SLRequest slRequest_; /* ---------------------------------------------------------------------------------------------------- */ @@ -68,63 +67,32 @@ public class SL2MOAFilter implements Filter { // Store filter configuration config_ = config; - - slRequest_ = new SLRequest(); - - // Initialize stylesheet transform SL2MOA -// ServletContext context = config_.getServletContext(); -// Transformer sl2MoaTransformer = (Transformer) context.getAttribute(Constants.WSCP_SL2MOA_TRANSFORMER_); -// if (sl2MoaTransformer == null) -// { -// initTransformer(context, Constants.IP_SL2MOA_STYLESHEET_); -// } - - // Initialize stylesheet transform MOA2SL -// Transformer moa2SlTransformer = (Transformer) context.getAttribute(Constants.WSCP_MOA2SL_TRANSFORMER_); -// if (moa2SlTransformer == null) -// { -// initTransformer(context, Constants.IP_MOA2SL_STYLESHEET_); -// } - } /* ---------------------------------------------------------------------------------------------------- */ - /* + /** * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, * javax.servlet.FilterChain) */ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { + // Create session + HttpSession session = ((HttpServletRequest) request).getSession(true); + // Check if request is HTTP-POST checkHttpPost((HttpServletRequest) request); // Get SL request from content of request - parseRequest((HttpServletRequest) request); + SLRequest slRequest = parseRequest((HttpServletRequest) request); + session.setAttribute("slRequest", slRequest); // Schema validate SL request - CharArrayReader slXmlRequestCAR = new CharArrayReader(slRequest_.xmlRequest_.toCharArray()); + CharArrayReader slXmlRequestCAR = new CharArrayReader(slRequest.xmlRequest_.toCharArray()); Document slXMLRequestDoc = parseSlXmlRequest(slXmlRequestCAR); // Transform SL request into a MOA SPSS request -// Transformer sl2MoaTransformer = -// (Transformer) config_.getServletContext().getAttribute(Constants.WSCP_SL2MOA_TRANSFORMER_); -// DOMSource slXMLRequestDS = new DOMSource(slXMLRequestDoc); -// ByteArrayOutputStream moaRequestBOS = new ByteArrayOutputStream(); -// StreamResult moaRequestResult = new StreamResult(moaRequestBOS); -// try -// { -// sl2MoaTransformer.transform(slXMLRequestDS, moaRequestResult); -// } -// catch (TransformerException e) -// { -// String message = "Transforming SL XML request into MOA XML request failed."; -// logger_.error(message, e); -// throw new ServletException(message, e); -// } -// logger_.debug("MOA XML Request:\n" + moaRequestBOS.toString()); -// ByteArrayInputStream moaRequestIS = new ByteArrayInputStream(moaRequestBOS.toByteArray()); Properties initProps = (Properties)config_.getServletContext().getAttribute(Constants.WSCP_INIT_PROPS_); String trustProfileId = initProps.getProperty(Constants.IP_SP_TRUSTPROFILEID_); Document moaXMLRequestDoc = SL2MOA.toMoaVerifyXMLSignatureRequest(slXMLRequestDoc, trustProfileId); @@ -138,36 +106,17 @@ public class SL2MOAFilter implements Filter ResponseWrapper responseWrapper = new ResponseWrapper((HttpServletResponse) response); chain.doFilter(requestWrapper, responseWrapper); - // Prepare response to client - response.setContentType("text/xml"); - - // Transform MOA response into a SL response and send SL response back to client -// Transformer moa2SlTransformer = -// (Transformer) config_.getServletContext().getAttribute(Constants.WSCP_MOA2SL_TRANSFORMER_); -// ServletOutputStream moaResponseSOS = (ServletOutputStream) responseWrapper.getOutputStream(); -// ByteArrayInputStream moaResponseBIS = new ByteArrayInputStream(moaResponseSOS.toByteArray()); -// StreamSource moaResponseSource = new StreamSource(moaResponseBIS); -// StreamResult slResponseResult = new StreamResult(response.getOutputStream()); -// try -// { -// moa2SlTransformer.transform(moaResponseSource, slResponseResult); -// } -// catch (TransformerException e) -// { -// String message = "Transforming MOA XML response into SL XML response failed."; -// logger_.error(message, e); -// throw new ServletException(message, e); -// } + // Transform MOA response into a SL response DOMParser xmlParser = (DOMParser) config_.getServletContext().getAttribute(Constants.WSCP_XMLPARSER_); ServletOutputStream moaResponseSOS = (ServletOutputStream) responseWrapper.getOutputStream(); ByteArrayInputStream moaResponseBIS = new ByteArrayInputStream(moaResponseSOS.toByteArray()); InputSource responseSource = new InputSource(moaResponseBIS); + Document slResponseDoc; try { xmlParser.parse(responseSource); Document moaResponseDoc = xmlParser.getDocument(); - Document slResponseDoc = MOA2SL.toSlVerifyXMLSignatureResponse(moaResponseDoc); - MOAInvoker.serializeDocument(slResponseDoc, response.getOutputStream()); + slResponseDoc = MOA2SL.toSlVerifyXMLSignatureResponse(moaResponseDoc); } catch (SAXException e) { @@ -175,7 +124,16 @@ public class SL2MOAFilter implements Filter logger_.error(message, e); throw new ServletException(message, e); } - + session.setAttribute("slResponseDoc", slResponseDoc); + + String continueURL = ((HttpServletRequest) request).getContextPath() + "/results"; + continueURL = ((HttpServletResponse) response).encodeURL(continueURL); + String responseStr = "Und weiter geht es ..."; + + response.setContentType("text/html"); + OutputStream responseOS = response.getOutputStream(); + responseOS.write(responseStr.getBytes("UTF-8")); + responseOS.flush(); } /* ---------------------------------------------------------------------------------------------------- */ @@ -233,8 +191,10 @@ public class SL2MOAFilter implements Filter /** * Parses the http request. */ - private void parseRequest(HttpServletRequest request) throws IOException + private SLRequest parseRequest(HttpServletRequest request) throws IOException { + SLRequest slRequest = new SLRequest(); + // Check if request URL ends with "http-security-layer-request" // @TODO Don't know if this check is sufficient - spec says request URL must have this value as path String requestURI = request.getRequestURI(); @@ -267,13 +227,13 @@ public class SL2MOAFilter implements Filter FileItem currItem = (FileItem) itemsIt.next(); String currItemName = currItem.getFieldName(); if (Constants.SLC_NAME_XML_REQUEST_.equals(currItemName)) - slRequest_.xmlRequest_ = currItem.getString(); + slRequest.xmlRequest_ = currItem.getString(); else if (Constants.SLC_NAME_DATA_URL_.equals(currItemName)) - slRequest_.dataUrl_ = currItem.getString(); + slRequest.dataUrl_ = currItem.getString(); else if (Constants.SLC_NAME_STYLESHEET_URL_.equals(currItemName)) - slRequest_.stylesheetUrl_ = currItem.getString(); + slRequest.stylesheetUrl_ = currItem.getString(); else if (Constants.SLC_NAME_REDIRECT_URL_.equals(currItemName)) - slRequest_.redirectUrl_ = currItem.getString(); + slRequest.redirectUrl_ = currItem.getString(); else continue; // @TODO Do not evaluate other params at the moment } @@ -288,26 +248,28 @@ public class SL2MOAFilter implements Filter String currName = (String) paramNames.next(); String[] currValues = (String[]) paramsMap.get(currName); if (Constants.SLC_NAME_XML_REQUEST_.equals(currName)) - slRequest_.xmlRequest_ = currValues[0]; + slRequest.xmlRequest_ = currValues[0]; else if (Constants.SLC_NAME_DATA_URL_.equals(currName)) - slRequest_.dataUrl_ = currValues[0]; + slRequest.dataUrl_ = currValues[0]; else if (Constants.SLC_NAME_STYLESHEET_URL_.equals(currName)) - slRequest_.stylesheetUrl_ = currValues[0]; + slRequest.stylesheetUrl_ = currValues[0]; else if (Constants.SLC_NAME_REDIRECT_URL_.equals(currName)) - slRequest_.redirectUrl_ = currValues[0]; + slRequest.redirectUrl_ = currValues[0]; else continue; // @TODO Do not evaluate other params at the moment } } - if (slRequest_.xmlRequest_ == null || slRequest_.dataUrl_ == null || - slRequest_.stylesheetUrl_ != null || slRequest_.redirectUrl_ != null) + if (slRequest.xmlRequest_ == null || slRequest.dataUrl_ == null || + slRequest.stylesheetUrl_ != null || slRequest.redirectUrl_ != null) { - // @TODO Only combindation of XMLRequest and StylesheetURL allowed at the moment + // @TODO Only combination of XMLRequest and DataURL allowed at the moment String message = "Currently only (XMLRequest + DataURL) is supported."; logger_.error(message); throw new IOException(message); } + + return slRequest; } /* ---------------------------------------------------------------------------------------------------- */ @@ -367,19 +329,4 @@ public class SL2MOAFilter implements Filter throw new ServletException(message); } } - - /* ---------------------------------------------------------------------------------------------------- */ - - /** - * Helper class, representing the fields of a Security-Layer request. - * - * @author Gregor Karlinger (mailto:gregor.karlinger@cio.gv.at) - */ - class SLRequest - { - public String xmlRequest_; - public String dataUrl_; - public String stylesheetUrl_; - public String redirectUrl_; - } } diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/ResultServlet.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/ResultServlet.java new file mode 100644 index 000000000..67397a1ee --- /dev/null +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/ResultServlet.java @@ -0,0 +1,125 @@ +/* + * Created on 25.11.2003 + * + * (c) Stabsstelle IKT-Strategie des Bundes + */ +package at.gv.egovernment.moa.spss.slinterface.servlets; + +import java.io.InputStream; +import java.io.OutputStream; +import java.net.URL; +import java.net.URLConnection; + +import javax.servlet.ServletException; +import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.apache.log4j.Logger; +import org.w3c.dom.Document; + +import at.gv.egovernment.moa.spss.slinterface.Constants; +import at.gv.egovernment.moa.spss.slinterface.Utils; +import at.gv.egovernment.moa.spss.slinterface.moainvoker.MOAInvoker; + +/** + * @author Gregor Karlinger (mailto:gregor.karlinger@cio.gv.at) + */ +public class ResultServlet extends HttpServlet +{ + + private static Logger logger_ = Logger.getLogger(Constants.LH_SERVLETS_); + + /** + * Default constructor. + */ + public ResultServlet() + { + super(); + } + + public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException + { + // Get session + HttpSession session = request.getSession(false); + if (session == null) + { + String message = "No session available"; + logger_.error(message); + throw new ServletException(message); + } + + // Get original SL request from session + SLRequest slRequest = (SLRequest) session.getAttribute("slRequest"); + if (slRequest == null) + { + String message = "Session object \"slRequest\" not available."; + logger_.error(message); + throw new ServletException(message); + } + + // Get SL response from session + Document slResponseDoc = (Document) session.getAttribute("slResponseDoc"); + if (slResponseDoc == null) + { + String message = "Session object \"slResponseDoc\" not available."; + logger_.error(message); + throw new ServletException(message); + } + + URLConnection dataURLConn; + try + { + // Open connection to DataURL + URL dataURL = new URL(slRequest.dataUrl_); + dataURLConn = dataURL.openConnection(); + dataURLConn.setDoOutput(true); + OutputStream dataURLOS = dataURLConn.getOutputStream(); + MOAInvoker.serializeDocument(slResponseDoc, dataURLOS); + dataURLOS.flush(); + } + catch (Exception e) + { + String message = "Sending SL XML response to DataURL failed."; + logger_.error(message, e); + throw new ServletException(message, e); + } + + // Forward response from DataURL to client + forwardResponse(dataURLConn, response); + + session.invalidate(); + } + + /* ---------------------------------------------------------------------------------------------------- */ + + private void forwardResponse(URLConnection dataURLConn, ServletResponse response) throws ServletException + { + // Make sure that content type of DataURL response is text/html + String dataURLContentType = dataURLConn.getContentType(); + if (dataURLContentType == null || !dataURLContentType.startsWith("text/html")) + { + String message = "Unsupported content type of DataURL response: \"" + dataURLContentType + "\"."; + logger_.error(message); + throw new ServletException(message); + } + + try + { + InputStream dataURLIS = dataURLConn.getInputStream(); + byte[] dataURLResponse = Utils.readFromInputStream(dataURLIS); + response.setContentType("text/html"); + OutputStream responseOS = response.getOutputStream(); + responseOS.write(dataURLResponse); + responseOS.flush(); + } + catch (Exception e) + { + String message = "Forwarding DataURL response to client failed."; + logger_.error(message, e); + throw new ServletException(message, e); + } + } +} diff --git a/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/SLRequest.java b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/SLRequest.java new file mode 100644 index 000000000..3c19d5ff6 --- /dev/null +++ b/spss.slinterface/WEB-INF/src/at/gv/egovernment/moa/spss/slinterface/servlets/SLRequest.java @@ -0,0 +1,19 @@ +/* + * Created on 25.11.2003 + * + * (c) Stabsstelle IKT-Strategie des Bundes + */ +package at.gv.egovernment.moa.spss.slinterface.servlets; + +/** + * Helper class, representing the fields of a Security-Layer request. + * + * @author Gregor Karlinger (mailto:gregor.karlinger@cio.gv.at) + */ +public class SLRequest +{ + public String xmlRequest_; + public String dataUrl_; + public String stylesheetUrl_; + public String redirectUrl_; +} -- cgit v1.2.3