From af24a20257f4958ef5335d471a7fe2c93f475a35 Mon Sep 17 00:00:00 2001 From: mcentner Date: Wed, 28 Jul 2010 09:05:04 +0000 Subject: Resolved issue [#MOCCA-745] (Two simultaneous requests within the same session cause failure in both requests). git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@790 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../gv/egiz/bku/online/webapp/RequestIdFilter.java | 58 ------ .../gv/egiz/bku/online/webapp/SessionListener.java | 11 +- .../gv/egiz/bku/online/webapp/TransactionId.java | 38 ++++ .../bku/online/webapp/TransactionIdFilter.java | 78 ++++++++ .../webapp/TransactionIdResponseWrapper.java | 98 ++++++++++ .../egiz/bku/online/webapp/WebRequestHandler.java | 5 +- BKUOnline/src/main/webapp/WEB-INF/web.xml | 2 +- .../webapp/TransactionIdResponseWrapperTest.java | 210 +++++++++++++++++++++ 8 files changed, 436 insertions(+), 64 deletions(-) delete mode 100644 BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/RequestIdFilter.java create mode 100644 BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/TransactionId.java create mode 100644 BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/TransactionIdFilter.java create mode 100644 BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/TransactionIdResponseWrapper.java create mode 100644 BKUOnline/src/test/java/at/gv/egiz/bku/online/webapp/TransactionIdResponseWrapperTest.java (limited to 'BKUOnline') diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/RequestIdFilter.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/RequestIdFilter.java deleted file mode 100644 index 210f482f..00000000 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/RequestIdFilter.java +++ /dev/null @@ -1,58 +0,0 @@ -package at.gv.egiz.bku.online.webapp; - -import java.io.IOException; - -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.FilterConfig; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpSession; - -import org.slf4j.MDC; - -import at.gv.egiz.bku.binding.Id; -import at.gv.egiz.bku.binding.IdFactory; - -/** - * Servlet Filter implementation class BindingProcessorFilter - */ -public class RequestIdFilter implements Filter { - - /** - * @see Filter#destroy() - */ - public void destroy() { - } - - /** - * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain) - */ - public void doFilter(ServletRequest request, ServletResponse response, - FilterChain chain) throws IOException, ServletException { - - if (request instanceof HttpServletRequest) { - HttpSession session = ((HttpServletRequest) request).getSession(); - Id id = IdFactory.getInstance().createId(session.getId()); - MDC.put("id", id.toString()); - request.setAttribute("id", id); - } - - // pass the request along the filter chain - try { - chain.doFilter(request, response); - } finally { - MDC.remove("id"); - } - - } - - /** - * @see Filter#init(FilterConfig) - */ - public void init(FilterConfig fConfig) throws ServletException { - } - -} diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SessionListener.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SessionListener.java index e7f05862..58e9c861 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SessionListener.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/SessionListener.java @@ -23,6 +23,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import at.gv.egiz.bku.binding.BindingProcessorManager; +import at.gv.egiz.bku.binding.Id; import at.gv.egiz.bku.binding.IdFactory; /** @@ -36,12 +37,20 @@ public class SessionListener implements HttpSessionListener { @Override public void sessionCreated(HttpSessionEvent event) { log.info("Session {} created.", event.getSession().getId()); + event.getSession().setAttribute(TransactionId.TRANSACTION_INDEX, new TransactionId()); } @Override public void sessionDestroyed(HttpSessionEvent event) { BindingProcessorManager manager = (BindingProcessorManager) event.getSession().getServletContext().getAttribute("bindingProcessorManager"); - manager.removeBindingProcessor(IdFactory.getInstance().createId(event.getSession().getId())); + TransactionId tidx = (TransactionId) event.getSession().getAttribute(TransactionId.TRANSACTION_INDEX); + if (tidx != null) { + IdFactory idFactory = IdFactory.getInstance(); + for (int i = 0; i <= tidx.get(); i++) { + Id id = idFactory.createId(event.getSession().getId() + "-" + i); + manager.removeBindingProcessor(id); + } + } log.info("Session {} destroyed.", event.getSession().getId()); } diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/TransactionId.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/TransactionId.java new file mode 100644 index 00000000..329db1bb --- /dev/null +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/TransactionId.java @@ -0,0 +1,38 @@ +/* +* Copyright 2009 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ + +package at.gv.egiz.bku.online.webapp; + +import java.io.Serializable; + +public class TransactionId implements Serializable { + + private static final long serialVersionUID = 1L; + + public static final String TRANSACTION_INDEX = "tidx"; + + private int index = 0; + + public synchronized int next() { + return ++index; + } + + public synchronized int get() { + return index; + } + +} diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/TransactionIdFilter.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/TransactionIdFilter.java new file mode 100644 index 00000000..3ae41707 --- /dev/null +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/TransactionIdFilter.java @@ -0,0 +1,78 @@ +package at.gv.egiz.bku.online.webapp; + +import java.io.IOException; + +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.slf4j.MDC; + +import at.gv.egiz.bku.binding.Id; +import at.gv.egiz.bku.binding.IdFactory; + +/** + * Servlet Filter implementation class BindingProcessorFilter + */ +public class TransactionIdFilter implements Filter { + + /** + * @see Filter#destroy() + */ + public void destroy() { + } + + /** + * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain) + */ + public void doFilter(ServletRequest request, ServletResponse response, + FilterChain chain) throws IOException, ServletException { + + if (request instanceof HttpServletRequest) { + HttpSession session = ((HttpServletRequest) request).getSession(); + + String tidx = null; + // We expect the transaction index parameter to appear in GET requests only + if ("GET".equals(((HttpServletRequest) request).getMethod())) { + tidx = request.getParameter("tidx"); + } + + if (tidx == null) { + TransactionId transactionIndex = (TransactionId) session + .getAttribute(TransactionId.TRANSACTION_INDEX); + if (transactionIndex != null) { + tidx = Integer.toString(transactionIndex.next()); + } else { + tidx = "0"; + } + } + + Id id = IdFactory.getInstance().createId(session.getId() + "-" + tidx); + MDC.put("id", id.toString()); + request.setAttribute("id", id); + + response = new TransactionIdResponseWrapper((HttpServletResponse) response, session.getId(), tidx); + } + + // pass the request along the filter chain + try { + chain.doFilter(request, response); + } finally { + MDC.remove("id"); + } + + } + + /** + * @see Filter#init(FilterConfig) + */ + public void init(FilterConfig fConfig) throws ServletException { + } + +} diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/TransactionIdResponseWrapper.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/TransactionIdResponseWrapper.java new file mode 100644 index 00000000..c7bbf85c --- /dev/null +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/TransactionIdResponseWrapper.java @@ -0,0 +1,98 @@ +/* +* Copyright 2009 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ + +/** + * + */ +package at.gv.egiz.bku.online.webapp; + +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpServletResponseWrapper; + +public class TransactionIdResponseWrapper extends HttpServletResponseWrapper { + + private String sessionId; + + private String tidx; + + public TransactionIdResponseWrapper(HttpServletResponse response, String sessionId, String tidx) { + super(response); + this.sessionId = sessionId; + this.tidx = tidx; + } + + /* (non-Javadoc) + * @see javax.servlet.http.HttpServletResponseWrapper#encodeRedirectURL(java.lang.String) + */ + @Override + public String encodeRedirectURL(String url) { + // ensure jsessionid and tidx parameters + String encodedUrl = super.encodeRedirectUrl(url); + int i = encodedUrl.indexOf('?'); + StringBuilder u = new StringBuilder(); + if (i > 0) { + u.append(encodedUrl.substring(0, i)); + } else { + u.append(encodedUrl); + } + if (!encodedUrl.contains(";jsessionid=")) { + u.append(";jsessionid="); + u.append(sessionId); + } + if (i < 0) { + u.append('?'); + } else if (i < encodedUrl.length() - 1) { + u.append(encodedUrl.substring(i)); + u.append('&'); + } + u.append("tidx="); + u.append(tidx); + + return u.toString(); + } + + /* (non-Javadoc) + * @see javax.servlet.http.HttpServletResponseWrapper#encodeURL(java.lang.String) + */ + @Override + public String encodeURL(String url) { + // ensure tidx parameter + String encodedUrl = super.encodeUrl(url); + if (url.endsWith("?wsdl")) { + // don't add parameters to ?wsdl URLs + return encodedUrl; + } + int i = encodedUrl.indexOf('?'); + StringBuilder u = new StringBuilder(); + if (i > 0) { + u.append(encodedUrl.substring(0, i)); + } else { + u.append(encodedUrl); + } + if (i < 0) { + u.append('?'); + } else if (i < encodedUrl.length() - 1) { + u.append(encodedUrl.substring(i)); + u.append('&'); + } + u.append("tidx="); + u.append(tidx); + + return u.toString(); + } + +} \ No newline at end of file diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/WebRequestHandler.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/WebRequestHandler.java index 08b50699..0f432a10 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/WebRequestHandler.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/webapp/WebRequestHandler.java @@ -121,10 +121,7 @@ public class WebRequestHandler extends HttpServlet { bindingProcessorManager.process(id, bindingProcessor); log.debug("Sending redirect to user interface."); - // TODO: appending the jsessionid here breaks the separation of request - // handling and request state tracking done in the servlet filter, but - // the servlet filter does not allow us to modify the redirect - resp.sendRedirect("ui;jsessionid=" + id.toString()); + resp.sendRedirect(resp.encodeRedirectURL("ui")); } diff --git a/BKUOnline/src/main/webapp/WEB-INF/web.xml b/BKUOnline/src/main/webapp/WEB-INF/web.xml index 3a318844..bcce9b34 100644 --- a/BKUOnline/src/main/webapp/WEB-INF/web.xml +++ b/BKUOnline/src/main/webapp/WEB-INF/web.xml @@ -153,7 +153,7 @@ --> RequestIdFilter - at.gv.egiz.bku.online.webapp.RequestIdFilter + at.gv.egiz.bku.online.webapp.TransactionIdFilter RequestIdFilter diff --git a/BKUOnline/src/test/java/at/gv/egiz/bku/online/webapp/TransactionIdResponseWrapperTest.java b/BKUOnline/src/test/java/at/gv/egiz/bku/online/webapp/TransactionIdResponseWrapperTest.java new file mode 100644 index 00000000..b1c2ea53 --- /dev/null +++ b/BKUOnline/src/test/java/at/gv/egiz/bku/online/webapp/TransactionIdResponseWrapperTest.java @@ -0,0 +1,210 @@ +/* +* Copyright 2009 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ + +package at.gv.egiz.bku.online.webapp; + +import static org.junit.Assert.*; + +import java.io.IOException; +import java.io.PrintWriter; +import java.net.MalformedURLException; +import java.net.URL; +import java.util.Locale; + +import javax.servlet.ServletOutputStream; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletResponse; + +import org.junit.Test; + + +public class TransactionIdResponseWrapperTest { + + @Test + public void testEncodeRedirectURLfString() { + + String sessionId = "nQeu67vFMC+OTCXI67woBlpYgCxn"; + String tidx = "2"; + + TransactionIdResponseWrapper wrapper = new TransactionIdResponseWrapper(new ServletResponse(), sessionId, tidx); + + assertEquals(";jsessionid=nQeu67vFMC+OTCXI67woBlpYgCxn?tidx=2", wrapper.encodeRedirectURL("")); + assertEquals("ui;jsessionid=nQeu67vFMC+OTCXI67woBlpYgCxn?tidx=2", wrapper.encodeRedirectURL("ui")); + assertEquals("/mocca/ui;jsessionid=nQeu67vFMC+OTCXI67woBlpYgCxn?param1=test&tidx=2", wrapper.encodeRedirectURL("/mocca/ui?param1=test")); + + } + + @Test + public void testEncodeURLString() { + + String sessionId = "nQeu67vFMC+OTCXI67woBlpYgCxn"; + String tidx = "2"; + + TransactionIdResponseWrapper wrapper = new TransactionIdResponseWrapper(new ServletResponse(), sessionId, tidx); + + assertEquals("?tidx=2", wrapper.encodeURL("")); + assertEquals("ui?tidx=2", wrapper.encodeURL("ui")); + assertEquals("/mocca/ui?param1=test&tidx=2", wrapper.encodeURL("/mocca/ui?param1=test")); + assertEquals("stal?wsdl", wrapper.encodeUrl("stal?wsdl")); + + } + + public class ServletResponse implements HttpServletResponse { + + @Override + public void addCookie(Cookie cookie) { + } + + @Override + public void addDateHeader(String name, long date) { + } + + @Override + public void addHeader(String name, String value) { + } + + @Override + public void addIntHeader(String name, int value) { + } + + @Override + public boolean containsHeader(String name) { + return false; + } + + @Override + public String encodeRedirectURL(String url) { + return url; + } + + @Override + public String encodeRedirectUrl(String url) { + return url; + } + + @Override + public String encodeURL(String url) { + return url; + } + + @Override + public String encodeUrl(String url) { + return url; + } + + @Override + public void sendError(int sc) throws IOException { + } + + @Override + public void sendError(int sc, String msg) throws IOException { + } + + @Override + public void sendRedirect(String location) throws IOException { + } + + @Override + public void setDateHeader(String name, long date) { + } + + @Override + public void setHeader(String name, String value) { + } + + @Override + public void setIntHeader(String name, int value) { + } + + @Override + public void setStatus(int sc) { + } + + @Override + public void setStatus(int sc, String sm) { + } + + @Override + public void flushBuffer() throws IOException { + } + + @Override + public int getBufferSize() { + return 0; + } + + @Override + public String getCharacterEncoding() { + return null; + } + + @Override + public String getContentType() { + return null; + } + + @Override + public Locale getLocale() { + return null; + } + + @Override + public ServletOutputStream getOutputStream() throws IOException { + return null; + } + + @Override + public PrintWriter getWriter() throws IOException { + return null; + } + + @Override + public boolean isCommitted() { + return false; + } + + @Override + public void reset() { + } + + @Override + public void resetBuffer() { + } + + @Override + public void setBufferSize(int size) { + } + + @Override + public void setCharacterEncoding(String charset) { + } + + @Override + public void setContentLength(int len) { + } + + @Override + public void setContentType(String type) { + } + + @Override + public void setLocale(Locale loc) { + } + + } + +} -- cgit v1.2.3