Web-Application: Configuration may be declared via system property "pdf-as.work-dir" or via Servlet-Init-Parameter "work-dir".

Bug fixed in RetrieveSignatureDataServlet: Response header didn't contain a content length attribute. The ITS Mac BKU rejects those requests.
Workaround for ITS Mac BKU integrated. A redirect via response does only work if the response contains a valid SL request (e.g. a NullOperationRequest).
API: The configuration folder may be omitted at instantiating the api. Configuration may be set via system property "pdf-as.work-dir". If no configuration is given at all, the current user's home directory is searched for a folder "PDF-AS". If not found a default configuration is created.
If the configuration is explicitely given than the temporary folder is located within the given directory otherwise within the user's temporary directory.
Declaring the configuration folder, replacements for system properties like "${catalina.base}/conf/pdfas" may be used.
Web-Application: Session is now being invalidated after download of the signed pdf file.
Web-Application: Every hardcoded context "pdf-as" has been replaced.


git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/trunk@277 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c

8 files changed, 103 insertions, 45 deletions

diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/LocalRequestHelper.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/LocalRequestHelper.java
index 8ee09dc..2f02944 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/web/LocalRequestHelper.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/LocalRequestHelper.java
@@ -84,7 +84,7 @@ public abstract class LocalRequestHelper
   public static String processLocalSign(SignSessionInformation si, HttpServletRequest request, HttpServletResponse response) throws IOException, PresentableException

   {

     String host = request.getServerName(); // "129.27.153.77"

-    URL loc_ref_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/RetrieveSignatureData");

+    URL loc_ref_URL = new URL(getLocalContextAddress(request, response) + "/RetrieveSignatureData");

     String loc_ref_url = response.encodeURL(loc_ref_URL.toString());

 

     LocalConnector c = ConnectorChooser.chooseLocalConnectorForSign(si.connector, si.type, loc_ref_url);

@@ -175,7 +175,7 @@ public abstract class LocalRequestHelper
 //    si.finished = false;

 

     String host = request.getServerName();

-    URL loc_ref_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/RetrieveSignatureData");

+    URL loc_ref_URL = new URL(getLocalContextAddress(request, response) + "/RetrieveSignatureData");

     String loc_ref_url = response.encodeURL(loc_ref_URL.toString());

 

     for (int i = 0; i < si.currentLocalOperation.requests.length; i++)

@@ -414,7 +414,15 @@ public abstract class LocalRequestHelper
     URL local_server = null;

     try

     {

-      local_server = new URL(request.getScheme(), host, request.getServerPort(), "/");

+       String scheme = request.getScheme();

+       int port = request.getServerPort();

+       if ("http".equalsIgnoreCase(scheme) && port == 80) {

+          local_server = new URL(scheme, host, "/");

+       } else if ("https".equalsIgnoreCase(scheme) && port == 443) {

+          local_server = new URL(scheme, host, "/");

+       } else {

+          local_server = new URL(scheme, host, port, "/");

+       }

     }

     catch (MalformedURLException e)

     {

@@ -424,6 +432,15 @@ public abstract class LocalRequestHelper
 

     return loc_server;

   }

+  

+  public static String getLocalContextAddress(HttpServletRequest request, HttpServletResponse response) {

+     String serverURL = getLocalServerAddress(request, response);

+     String context = request.getContextPath();

+     if (serverURL.endsWith("/") && context.startsWith("/")) {

+        context = context.substring(1);

+     }

+     return serverURL + context;

+  }

 

   /**

    * Returns the URL for accessing the local service.

diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/PdfASServletContextListener.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/PdfASServletContextListener.java
index adb31be..e33a5ec 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/web/PdfASServletContextListener.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/PdfASServletContextListener.java
@@ -17,15 +17,13 @@
  */

 package at.knowcenter.wag.egov.egiz.web;

 

-import java.io.File;

-import java.io.IOException;

-

 import javax.servlet.ServletContextEvent;

 import javax.servlet.ServletContextListener;

 

 import org.apache.log4j.Logger;

 import org.apache.log4j.PropertyConfigurator;

 

+import at.gv.egiz.pdfas.api.commons.Constants;

 import at.knowcenter.wag.egov.egiz.cfg.ConfigLogger;

 import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;

 

@@ -44,6 +42,14 @@ public class PdfASServletContextListener implements ServletContextListener
    * The logger.

    */

   private static final Logger logger = ConfigLogger.getLogger(PdfASServletContextListener.class);

+  

+  

+  /**

+   * The servlet init parameter that may be used to declare the pdf-as configuration folder. The

+   * init parameter may be set in web.xml or in META-INF/context.xml resp.

+   * conf/Catalina/localhost/pdf-as.xml if deployed.

+   */

+  private final static String CONFIG_SERVLET_INIT_PARAMETER = "work-dir";

 

   /**

    * @see javax.servlet.ServletContextListener#contextInitialized(javax.servlet.ServletContextEvent)

@@ -52,19 +58,28 @@ public class PdfASServletContextListener implements ServletContextListener
   {

     logger.info("PDF-AS Context init"); //$NON-NLS-1$

     

-    String sysPropWorkdir = System.getProperty("pdf-as.work-dir");

+    String sysPropWorkdir = System.getProperty(Constants.CONFIG_SYSTEM_PROPERTY);

+    String scWorkdir = sce.getServletContext().getInitParameter(CONFIG_SERVLET_INIT_PARAMETER);

+    

     String work_dir;

+

+    // search for system property

     if (sysPropWorkdir != null && sysPropWorkdir.length() > 0) {

        work_dir = sysPropWorkdir;

-       logger.info("Work-dir configuration via system property.");

-       logger.info("PDF-AS work-dir via system property = " + work_dir); //$NON-NLS-1$

+       logger.debug("Work-dir configuration via system property \"" + Constants.CONFIG_SYSTEM_PROPERTY + "\" = \"" + sysPropWorkdir + "\".");

+       

+    // search for servlet parameter

+    } else if (scWorkdir != null && scWorkdir.length() > 0){

+       work_dir = scWorkdir;

+       logger.debug("Work-dir configuration via servlet init parameter \"" + CONFIG_SERVLET_INIT_PARAMETER + "\" = \"" + scWorkdir + "\".");

+    

+    // assume configuration to be located in webapp path

     } else {

-       work_dir = sce.getServletContext().getInitParameter("work-dir"); //$NON-NLS-1$

-       logger.info("PDF-AS work-dir context parameter = " + work_dir); //$NON-NLS-1$

+       work_dir = sce.getServletContext().getRealPath("/");

+       logger.debug("PDF-AS work-dir not explicitely given. Assuming configuration is located in webapp folder \"" + work_dir + "\".");

     }

     

-    String base_dir = sce.getServletContext().getRealPath("/"); //$NON-NLS-1$

-    logger.info("PDF-AS real path = " + base_dir); //$NON-NLS-1$

+    logger.info("PDF-AS configuration location = \"" + work_dir + "\"");

 

 //    try

 //    {

@@ -76,13 +91,8 @@ public class PdfASServletContextListener implements ServletContextListener
 //      e.printStackTrace();

 //    }

     

-    if (work_dir != null && work_dir.length() > 0)

-    {

-      base_dir = work_dir;

-    }

-    logger.info("The PDF-AS application will be initialized for the directory: " + base_dir);

     

-    SettingsReader.initializeForWeb(base_dir);

+    SettingsReader.initializeForWeb(work_dir);

     PropertyConfigurator.configure(SettingsReader.CONFIG_PATH + "log4j.properties");

 

     SettingsReader.clearTemporaryDirectory();

diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java
index 3c2ba28..cbb33ba 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java
@@ -4,6 +4,7 @@
 package at.knowcenter.wag.egov.egiz.web.servlets;

 

 import java.io.IOException;

+import java.io.PrintWriter;

 import java.io.UnsupportedEncodingException;

 import java.net.URL;

 import java.util.ArrayList;

@@ -41,6 +42,7 @@ import at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector;
 import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUPostConnection;

 import at.knowcenter.wag.egov.egiz.web.FormFields;

 import at.knowcenter.wag.egov.egiz.web.LocalRequest;

+import at.knowcenter.wag.egov.egiz.web.LocalRequestHelper;

 import at.knowcenter.wag.egov.egiz.web.SessionAttributes;

 

 /**

@@ -84,7 +86,26 @@ public class DataURLServlet extends HttpServlet
     dispatch(request, response, "/jsp/results.jsp");

   }

 

-  /**

+  protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {

+     this.doPost(req, resp);

+  }

+  

+  private static void temporaryRedirect(String redirectURL, HttpServletResponse response) throws IOException {

+     String encodedRedirect = response.encodeRedirectURL(redirectURL);

+     response.addHeader("Location", encodedRedirect);

+     response.setContentType("text/xml");

+     response.setStatus(HttpServletResponse.SC_TEMPORARY_REDIRECT);

+     String nop = "<?xml version='1.0' encoding='UTF-8'?><NullOperationRequest xmlns='http://www.buergerkarte.at/namespaces/securitylayer/1.2#'/>";

+     PrintWriter pw = response.getWriter();

+     response.setCharacterEncoding("UTF-8");

+     response.setContentLength(nop.getBytes("UTF-8").length);

+     log.debug("Redirecting via NullOperationRequest to " + encodedRedirect + ".");

+     pw.println(nop);

+     pw.flush();

+     pw.close();

+  }

+

+/**

    * @see javax.servlet.http.HttpServlet#doPost(javax.servlet.http.HttpServletRequest,

    *      javax.servlet.http.HttpServletResponse)

    */

@@ -148,7 +169,7 @@ public class DataURLServlet extends HttpServlet
     if (isNullResponse(xml_response))

     {

       log.debug("Received a NullOperationResponse -> answering with the first request."); //$NON-NLS-1$

-

+      

       assert si.outputAvailable == false;

       assert si.response_properties == null;

       

@@ -158,6 +179,7 @@ public class DataURLServlet extends HttpServlet
 

       String request_string = local_request.getRequestString();

 

+      log.debug("request = " + request_string);

       response.setContentType("text/xml");

       response.setCharacterEncoding("UTF-8");

       response.getWriter().println(request_string);

@@ -208,10 +230,16 @@ public class DataURLServlet extends HttpServlet
          HttpSession session = request.getSession(true);

          log.debug("Putting signed document into session (" + session.getId() + ").");

          session.setAttribute(SessionAttributes.SIGNED_PDF_DOCUMENT, si);

-         session.setAttribute(SessionAttributes.DOWNLOAD_URL_FOR_SIGNED_PDF_DOCUMENT, response.encodeRedirectURL("/pdf-as/ProvidePDF"));

-         String redirectURL = response.encodeRedirectURL("/pdf-as/jsp/download.jsp");

-         log.debug("Redirecting to " + redirectURL + ".");

-         response.sendRedirect(redirectURL);

+//         String serverURL = LocalRequestHelper.getLocalServerAddress(request, response);

+         String downloadURL = response.encodeRedirectURL(LocalRequestHelper.getLocalContextAddress(request, response) + "/ProvidePDF");

+         log.debug("Creating download URL \"" + downloadURL + "\".");

+         session.setAttribute(SessionAttributes.DOWNLOAD_URL_FOR_SIGNED_PDF_DOCUMENT, downloadURL);

+

+//         String redirectURL = response.encodeRedirectURL("/pdf-as/jsp/download.jsp");

+//         log.debug("Redirecting to " + redirectURL + ".");

+//         response.sendRedirect(redirectURL);

+         temporaryRedirect(LocalRequestHelper.getLocalContextAddress(request, response) + "/jsp/download.jsp", response);

+         

          return;

 //        SignServletHelper.returnSignResponse(si, response);

       }

@@ -275,7 +303,7 @@ public class DataURLServlet extends HttpServlet
         

         si.currentLocalOperation = null;

 

-        URL btlURL = new URL(request.getScheme(), request.getServerName(), request.getServerPort(), request.getContextPath() + "/jsp/verifylist.jsp");

+        URL btlURL = new URL(LocalRequestHelper.getLocalContextAddress(request, response) + "/jsp/verifylist.jsp");

         String backToListURL = response.encodeURL(btlURL.toString());

 

         dispatchToResults(results, request, response, backToListURL);

diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/ProvidePDFServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/ProvidePDFServlet.java
index 6d486a5..03bd074 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/ProvidePDFServlet.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/ProvidePDFServlet.java
@@ -56,9 +56,11 @@ public class ProvidePDFServlet extends HttpServlet {
             disp.forward(request, response);

             return;

          } else {

-            log.debug("Signed pdf found. Removing from session.");

+            log.debug("Signed pdf found.");

             session.removeAttribute(SessionAttributes.SIGNED_PDF_DOCUMENT);

             log.debug("Returning signed pdf to browser.");

+            log.debug("Invalidating session.");

+            session.invalidate();

             SignServletHelper.returnSignResponse(si, response);

             return;

          }

diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/RetrieveSignatureDataServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/RetrieveSignatureDataServlet.java
index 6653a60..61996da 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/RetrieveSignatureDataServlet.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/RetrieveSignatureDataServlet.java
@@ -12,22 +12,17 @@ import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;

 import javax.servlet.http.HttpServletResponse;

 

-import at.gv.egiz.pdfas.impl.input.TextDataSourceImpl;

+import org.apache.commons.logging.Log;

+import org.apache.commons.logging.LogFactory;

+

 import at.gv.egiz.pdfas.exceptions.web.SessionExpiredException;

-import at.gv.egiz.pdfas.framework.input.DataSource;

+import at.gv.egiz.pdfas.utils.StreamUtils;

 import at.gv.egiz.pdfas.web.SignSessionInformation;

 import at.gv.egiz.pdfas.web.VerifySessionInformation;

 import at.gv.egiz.pdfas.web.helper.SessionHelper;

-import at.gv.egiz.pdfas.utils.StreamUtils;

-

-import org.apache.commons.logging.Log;

-import org.apache.commons.logging.LogFactory;

-

 import at.knowcenter.wag.egov.egiz.PdfAS;

-import at.knowcenter.wag.egov.egiz.pdf.BinarySignatureHolder;

 import at.knowcenter.wag.egov.egiz.pdf.SignatureHolder;

 import at.knowcenter.wag.egov.egiz.sig.SignatureData;

-import at.knowcenter.wag.egov.egiz.sig.SignatureDataImpl;

 

 /**

  * Retrieves the Signature Data from the session and returns it.

@@ -63,13 +58,16 @@ public class RetrieveSignatureDataServlet extends HttpServlet
     disp.forward(request, response);

   }

 

-  /**

+/**

    * @see javax.servlet.http.HttpServlet#doGet(javax.servlet.http.HttpServletRequest,

    *      javax.servlet.http.HttpServletResponse)

    */

   protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException

   {

-    log.debug("Request for receiving signature data."); //$NON-NLS-1$

+    if (log.isDebugEnabled()) {

+       log.debug("Request for receiving signature data."); //$NON-NLS-1$

+       log.debug("Requested session id is = " + request.getRequestedSessionId());

+    }

 

     try

     {

@@ -141,6 +139,8 @@ public class RetrieveSignatureDataServlet extends HttpServlet
 

     response.setContentType(sd.getMimeType());

     response.setCharacterEncoding(sd.getCharacterEncoding());

+    // [tknall] content length must be set, otherwise ITS BKU for Mac rejects the request. 

+    response.setContentLength(sd.getDataSource().getLength());

     StreamUtils.writeInputStreamToOutputStream(sd.getDataSource().createInputStream(), response.getOutputStream());

     // response.getOutputStream().write(sd.getData());

 

diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java
index e2de8ae..a608b74 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java
@@ -299,7 +299,8 @@ public class SignServlet extends HttpServlet
       // for performance measurement

       if (log.isInfoEnabled()) {

       	long endTime = System.currentTimeMillis();

-      	String toReport = "SIGN;" + si.mode + ";" + si.filename + ";"+ fileSize + ";" + 

+//      	String toReport = "SIGN;" + si.mode + ";" + si.filename + ";"+ fileSize + ";" + 

+      	String toReport = "SIGN;" + si.mode + ";XXX;"+ fileSize + ";" + 

       	(endTime - startTime); 

       	

       	log.info(toReport);

diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java
index 571a8e1..9a91567 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java
@@ -101,7 +101,7 @@ public class VerifyPreviewServlet extends HttpServlet
 

   protected String formBackToListURL(HttpServletRequest request, HttpServletResponse response) throws MalformedURLException

   {

-    URL btlURL = new URL(request.getScheme(), request.getServerName(), request.getServerPort(), request.getContextPath() + "/jsp/verifylist.jsp");

+    URL btlURL = new URL(LocalRequestHelper.getLocalContextAddress(request, response) + "/jsp/verifylist.jsp");

     String backToListURL = response.encodeURL(btlURL.toString());

 

     return backToListURL;

@@ -566,7 +566,7 @@ public class VerifyPreviewServlet extends HttpServlet
       }

 

       String host = request.getServerName();

-      URL loc_ref_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/RetrieveSignatureData");

+      URL loc_ref_URL = new URL(LocalRequestHelper.getLocalContextAddress(request, response) + "/RetrieveSignatureData");

       String loc_ref_url = response.encodeURL(loc_ref_URL.toString());

 

       List results = PdfAS.verifySignatureHoldersWeb(holders_to_verify, si, loc_ref_url);

@@ -575,7 +575,7 @@ public class VerifyPreviewServlet extends HttpServlet
       {

         backbutton = false;

       }

-      URL btlURL = new URL(request.getScheme(), request.getServerName(), request.getServerPort(), request.getContextPath() + "/jsp/verifylist.jsp");

+      URL btlURL = new URL(LocalRequestHelper.getLocalContextAddress(request, response) + "/jsp/verifylist.jsp");

       String backToListURL = response.encodeURL(btlURL.toString());

       dispatchToResults(results, request, response, backbutton, backToListURL);

 

@@ -685,12 +685,12 @@ public class VerifyPreviewServlet extends HttpServlet
       }

 

       String host = request.getServerName();

-      URL loc_ref_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/RetrieveSignatureData");

+      URL loc_ref_URL = new URL(LocalRequestHelper.getLocalContextAddress(request, response) + "/RetrieveSignatureData");

       String loc_ref_url = response.encodeURL(loc_ref_URL.toString());

 

       List results = PdfAS.verifySignatureHoldersWeb(holders_to_verify, si, loc_ref_url);

       

-      URL btlURL = new URL(request.getScheme(), request.getServerName(), request.getServerPort(), request.getContextPath() + "/jsp/verifylist.jsp");

+      URL btlURL = new URL(LocalRequestHelper.getLocalContextAddress(request, response) + "/jsp/verifylist.jsp");

       String backToListURL = response.encodeURL(btlURL.toString());

       dispatchToResults(results, request, response, true, backToListURL);

     }

diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java
index c9ed314..97a1e6f 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java
@@ -151,7 +151,7 @@ public class VerifyServlet extends HttpServlet
 

         String host = request.getServerName();

         // TODO still required for old communication with MOA-SS/SP

-        URL loc_ref_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/RetrieveSignatureData");

+        URL loc_ref_URL = new URL(LocalRequestHelper.getLocalContextAddress(request, response) + "/RetrieveSignatureData");

         String loc_ref_url = response.encodeURL(loc_ref_URL.toString());

 

         List results = PdfAS.verifySignatureHoldersWeb(signature_holders, si, loc_ref_url);