aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/at/knowcenter/wag/egov
diff options
context:
space:
mode:
authortknall <tknall@7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c>2010-03-16 12:07:29 +0000
committertknall <tknall@7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c>2010-03-16 12:07:29 +0000
commit11b5950be66bcc9d6f0bb28d3fc9d211bc70f4d9 (patch)
tree5a48a33069a318e269245998ecf89b387f331f67 /src/main/java/at/knowcenter/wag/egov
parentda4926845267ca8bedf34917bd3bfb94aeafa153 (diff)
downloadpdf-as-3-11b5950be66bcc9d6f0bb28d3fc9d211bc70f4d9.tar.gz
pdf-as-3-11b5950be66bcc9d6f0bb28d3fc9d211bc70f4d9.tar.bz2
pdf-as-3-11b5950be66bcc9d6f0bb28d3fc9d211bc70f4d9.zip
Catching OutOfMemory exceptions, returning appropriate error message/code
Binary signature: bug concerning indirect pdf objects fixed SignaturePositioning improved (Signature position can be declared by String which is parsed) Some more error codes (Out of memory, Invalid signature position) iText utility for creation of pdf files added ConfigUtils updated (destination of configuration to be extracted can now be chosen) PDFASUtils updated (more tools) WebApplication: Freetext pdf creation implemented WebApplication: XSS security updates git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/trunk@580 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c
Diffstat (limited to 'src/main/java/at/knowcenter/wag/egov')
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java2
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/exceptions/OutOfMemoryException.java19
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/pdf/BinarySignature.java4
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/pdf/TablePos.java12
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/web/FormFields.java10
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/ProvidePDFServlet.java2
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java102
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/UpdateFormServlet.java24
8 files changed, 133 insertions, 42 deletions
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java b/src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java
index 423c222..4b585fe 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/PdfAS.java
@@ -100,7 +100,7 @@ public abstract class PdfAS
* The current version of the pdf-as library. This version string is logged on every invocation
* of the api or the web application.
*/
- public static final String PDFAS_VERSION = "3.1 (20100118)";
+ public static final String PDFAS_VERSION = "3.1.1-snapshot (20100316)";
/**
* The key of the strict mode setting.
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/exceptions/OutOfMemoryException.java b/src/main/java/at/knowcenter/wag/egov/egiz/exceptions/OutOfMemoryException.java
new file mode 100644
index 0000000..1b75e36
--- /dev/null
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/exceptions/OutOfMemoryException.java
@@ -0,0 +1,19 @@
+package at.knowcenter.wag.egov.egiz.exceptions;
+
+public class OutOfMemoryException extends PresentableException {
+
+ private static final long serialVersionUID = 1L;
+
+ public OutOfMemoryException(int errorCode, String message, Throwable cause) {
+ super(errorCode, message, cause);
+ }
+
+ public OutOfMemoryException(int errorCode, String message) {
+ super(errorCode, message);
+ }
+
+ public OutOfMemoryException(int errorCode, Throwable cause) {
+ super(errorCode, cause);
+ }
+
+}
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/pdf/BinarySignature.java b/src/main/java/at/knowcenter/wag/egov/egiz/pdf/BinarySignature.java
index d1e227a..32871e8 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/pdf/BinarySignature.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/pdf/BinarySignature.java
@@ -18,6 +18,7 @@
package at.knowcenter.wag.egov.egiz.pdf;
import java.io.ByteArrayOutputStream;
+import java.io.File;
import java.io.IOException;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
@@ -32,6 +33,7 @@ import java.util.Iterator;
import java.util.List;
+import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -1213,7 +1215,7 @@ public abstract class BinarySignature
byte[] signed_pdf = iui.signed_pdf;
String str = iui.egiz_dict_ir_number + " " + iui.egiz_dict_ir_generation + " obj";
- byte[] obj_bytes = str.getBytes("US-ASCII");
+ byte[] obj_bytes = ArrayUtils.add(str.getBytes("US-ASCII"), 0, (byte) 0x0A);
int obj_index = ByteArrayUtils.lastIndexOf(signed_pdf, obj_bytes);
int obj_start = obj_index + obj_bytes.length;
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/pdf/TablePos.java b/src/main/java/at/knowcenter/wag/egov/egiz/pdf/TablePos.java
index 317e7a4..b343bc6 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/pdf/TablePos.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/pdf/TablePos.java
@@ -18,6 +18,8 @@
package at.knowcenter.wag.egov.egiz.pdf;
import java.io.Serializable;
+
+import at.gv.egiz.pdfas.exceptions.ErrorCode;
import at.knowcenter.wag.egov.egiz.exceptions.PDFDocumentException;
/**
@@ -153,12 +155,12 @@ public class TablePos implements Serializable
String[] cmd_kv = cmd_kvstring.split(":");
if (cmd_kv.length != 2)
{
- throw new PDFDocumentException(224, "Pos string (=" + pos_string + ") is invalid.");
+ throw new PDFDocumentException(ErrorCode.INVALID_SIGNATURE_POSITION, "Pos string (=" + pos_string + ") is invalid.");
}
String cmdstr = cmd_kv[0];
if (cmdstr.length() != 1)
{
- throw new PDFDocumentException(224, "Pos string (=" + pos_string + ") is invalid.");
+ throw new PDFDocumentException(ErrorCode.INVALID_SIGNATURE_POSITION, "Pos string (=" + pos_string + ") is invalid.");
}
char command = cmdstr.charAt(0);
String commandval= cmd_kv[1];
@@ -227,13 +229,13 @@ public class TablePos implements Serializable
float flval=Float.parseFloat(commandval);
if (flval<0)
{
- throw new PDFDocumentException(224, "Pos string (=" + pos_string + ") is invalid.");
+ throw new PDFDocumentException(ErrorCode.INVALID_SIGNATURE_POSITION, "Pos string (=" + pos_string + ") is invalid.");
}
this.footer_line = flval;
break;
}
default : {
- throw new PDFDocumentException(224, "Pos string (=" + pos_string + ") is invalid.");
+ throw new PDFDocumentException(ErrorCode.INVALID_SIGNATURE_POSITION, "Pos string (=" + pos_string + ") is invalid.");
}
}
}
@@ -241,7 +243,7 @@ public class TablePos implements Serializable
}
catch (NumberFormatException e)
{
- throw new PDFDocumentException(224, "Pos string (=" + pos_string + ") cannot be parsed.");
+ throw new PDFDocumentException(ErrorCode.INVALID_SIGNATURE_POSITION, "Pos string (=" + pos_string + ") cannot be parsed.");
}
}
public String toString()
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/FormFields.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/FormFields.java
index d455179..876413a 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/web/FormFields.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/FormFields.java
@@ -41,8 +41,6 @@ import at.knowcenter.wag.egov.egiz.sig.SignatureTypes;
*/
public abstract class FormFields
{
- public static final String PARAMETER_FREE_TEXT_ENTRY = "freetext";
-
public static final String FIELD_UPLOAD = "upload";
public static final String FIELD_CONNECTOR = "connector";
@@ -101,6 +99,14 @@ public abstract class FormFields
public static final String FIELD_SIGPOS_Y = "sig-pos-y";
public static final String FIELD_SIGPOS_P = "sig-pos-p";
+
+ public static final String FIELD_SOURCE = "source_filefreetext";
+
+ public static final String VALUE_SOURCE_FILE = "source-is-file";
+
+ public static final String VALUE_SOURCE_FREETEXT = "source-is-freetext";
+
+ public static final String FIELD_FREETEXT = "freetext";
// end add
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/ProvidePDFServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/ProvidePDFServlet.java
index 803dc59..0efed03 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/ProvidePDFServlet.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/ProvidePDFServlet.java
@@ -60,6 +60,8 @@ public class ProvidePDFServlet extends HttpServlet {
session.removeAttribute(SessionAttributes.SIGNED_PDF_DOCUMENT);
log.debug("Returning signed pdf to browser.");
SignServletHelper.returnSignResponse(si, request, response);
+ log.debug("Removing free text (if any) from session.");
+ session.removeAttribute(UpdateFormServlet.UPLOADFORM_FREETEXT_KEY);
return;
}
} else {
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java
index c946225..69b237f 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java
@@ -33,18 +33,26 @@ import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
import org.apache.commons.fileupload.FileItem;
import org.apache.commons.fileupload.FileUploadException;
import org.apache.commons.fileupload.disk.DiskFileItemFactory;
import org.apache.commons.fileupload.servlet.ServletFileUpload;
+import org.apache.commons.io.IOUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import com.lowagie.text.DocumentException;
+
import at.gv.egiz.pdfas.exceptions.ErrorCode;
import at.gv.egiz.pdfas.exceptions.ErrorCodeHelper;
import at.gv.egiz.pdfas.exceptions.external.ExternalErrorException;
import at.gv.egiz.pdfas.framework.input.PdfDataSource;
+import at.gv.egiz.pdfas.impl.input.ByteArrayPdfDataSourceImpl;
+import at.gv.egiz.pdfas.itext.IText;
+import at.gv.egiz.pdfas.utils.ConfigUtils;
+import at.gv.egiz.pdfas.utils.PDFASUtils;
import at.gv.egiz.pdfas.utils.WebUtils;
import at.gv.egiz.pdfas.web.SignSessionInformation;
import at.gv.egiz.pdfas.web.helper.SignServletHelper;
@@ -235,6 +243,7 @@ public class SignServlet extends HttpServlet
try
{
+
// tzefferer: modified
// UploadedData ud = retrieveUploadedDataFromRequest(request);
UploadedData ud_form = retrieveUploadedDataFromRequest(request);
@@ -244,9 +253,7 @@ public class SignServlet extends HttpServlet
}
catch (Exception e)
{
- // Error retrieving data
-// request.setAttribute("error", "Fehler beim Upload der Daten");
-// request.setAttribute("cause", "Beim Upload der Daten ist ein Fehler aufgetreten.");
+ log.error(e);
request.setAttribute("error", "signservlet.error");
request.setAttribute("cause", "signservlet.cause");
request.setAttribute("resourcebundle", Boolean.TRUE);
@@ -344,8 +351,11 @@ public class SignServlet extends HttpServlet
FileItem mode_fi = null;
FileItem file_upload_fi = null;
FileItem download_fi = null;
+ FileItem freeText = null;
+ FileItem pdfa = null;
Iterator it = items.iterator();
+ HttpSession session = request.getSession();
while (it.hasNext())
{
FileItem item = (FileItem) it.next();
@@ -374,18 +384,21 @@ public class SignServlet extends HttpServlet
if (item.getFieldName().equals(FormFields.FIELD_SIGNATURE_TYPE))
{
sig_type_fi = item;
+ session.setAttribute(UpdateFormServlet.UPLOADFORM_SIGNATURE_TYPE_KEY, sig_type_fi.getString("UTF-8"));
continue;
}
if (item.getFieldName().equals(FormFields.FIELD_CONNECTOR))
{
sig_app_fi = item;
+ session.setAttribute(UpdateFormServlet.UPLOADFORM_SIGNATURE_DEVICE_KEY, sig_app_fi.getString("UTF-8"));
continue;
}
if (item.getFieldName().equals(FormFields.FIELD_MODE))
{
mode_fi = item;
+ session.setAttribute(UpdateFormServlet.UPLOADFORM_SIGNATURE_MODE_KEY, mode_fi.getString("UTF-8"));
continue;
}
@@ -402,14 +415,30 @@ public class SignServlet extends HttpServlet
}
if (FormFields.FIELD_PDFA_ENABLED.equals(item.getFieldName())) {
+ pdfa = item;
+ session.setAttribute(UpdateFormServlet.UPLOADFORM_PDFA_KEY, pdfa.getString("UTF-8"));
+ continue;
+ }
+
+ if (FormFields.FIELD_FREETEXT.equals(item.getFieldName())) {
+ freeText = item;
+ String value = freeText.getString("UTF-8");
+ if (value != null) {
+ session.setAttribute(UpdateFormServlet.UPLOADFORM_FREETEXT_KEY, value);
+ }
+ continue;
+ }
+
+ if (FormFields.FIELD_SOURCE.equals(item.getFieldName())) {
+ session.setAttribute(UpdateFormServlet.UPLOADFORM_SOURCE_KEY, item.getString("UTF-8"));
continue;
}
- throw new ServletException("unrecognized POST data."); //$NON-NLS-1$
+ throw new ServletException("Unrecognized POST data."); //$NON-NLS-1$
}
- if (preview_fi == null || sig_type_fi == null || sig_app_fi == null || file_upload_fi == null || download_fi == null)
+ if (preview_fi == null || sig_type_fi == null || sig_app_fi == null || (file_upload_fi == null && freeText== null) || download_fi == null)
{
throw new ServletException("Insufficient data provided in request"); //$NON-NLS-1$
}
@@ -436,28 +465,47 @@ public class SignServlet extends HttpServlet
String sig_type = sig_type_fi.getString("UTF-8"); //$NON-NLS-1$
String sig_app = sig_app_fi.getString("UTF-8"); //$NON-NLS-1$
- String doc_file_name = TempDirHelper.extractFileNameSuffix(file_upload_fi.getName());
- log.debug("file content type =" + file_upload_fi.getContentType()); //$NON-NLS-1$
-
- String extension = VerifyServlet.extractExtension(doc_file_name);
- if (extension != null && !extension.equals("pdf")) //$NON-NLS-1$
- {
- throw new PDFDocumentException(201, "The provided file '" + doc_file_name + "' doesn't have the PDF extension (.pdf)."); //$NON-NLS-1$//$NON-NLS-2$
- }
-
- if (file_upload_fi.getSize() <= 0)
- {
- throw new PDFDocumentException(250, "The document is empty."); //$NON-NLS-1$
- }
-
- PdfDataSource pdfDataSource = null;
- try
- {
- pdfDataSource = TempDirHelper.placePdfIntoTempDir(file_upload_fi.getInputStream(), doc_file_name);
- }
- catch (IOException e)
- {
- throw new PDFDocumentException(201, "Couldn't store the file in the temp dir.", e);
+ PdfDataSource pdfDataSource;
+ String doc_file_name;
+ // distinguish between file and freetext
+ if (file_upload_fi != null) {
+ log.debug("Processing file.");
+ doc_file_name = TempDirHelper.extractFileNameSuffix(file_upload_fi.getName());
+ log.debug("file content type =" + file_upload_fi.getContentType()); //$NON-NLS-1$
+
+ String extension = VerifyServlet.extractExtension(doc_file_name);
+ if (extension != null && !extension.equals("pdf")) //$NON-NLS-1$
+ {
+ throw new PDFDocumentException(201, "The provided file '" + doc_file_name + "' doesn't have the PDF extension (.pdf)."); //$NON-NLS-1$//$NON-NLS-2$
+ }
+
+ if (file_upload_fi.getSize() <= 0)
+ {
+ throw new PDFDocumentException(250, "The document is empty."); //$NON-NLS-1$
+ }
+
+ try
+ {
+ pdfDataSource = TempDirHelper.placePdfIntoTempDir(file_upload_fi.getInputStream(), doc_file_name);
+ }
+ catch (IOException e)
+ {
+ throw new PDFDocumentException(201, "Couldn't store the file in the temp dir.", e);
+ }
+ } else {
+ log.debug("Processing free text.");
+ try {
+ boolean pdfaEnabled = pdfa != null && "true".equalsIgnoreCase(pdfa.getString());
+ byte[] freeTextPDF = IText.createPDF(freeText.getString("UTF-8"), pdfaEnabled);
+
+ pdfDataSource = new ByteArrayPdfDataSourceImpl(freeTextPDF);
+ doc_file_name = IText.DEFAULT_FILENAME;
+ } catch (DocumentException e) {
+ throw new PDFDocumentException(201, "Unable to create PDF document.", e);
+ } catch (IOException e) {
+ throw new PDFDocumentException(201, "Unable to create PDF document.", e);
+ }
+
}
// byte[] pdf = file_upload_fi.get();
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/UpdateFormServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/UpdateFormServlet.java
index 2d21545..f0d3d3d 100644
--- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/UpdateFormServlet.java
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/UpdateFormServlet.java
@@ -19,22 +19,34 @@ public class UpdateFormServlet extends HttpServlet {
public static final String UPLOADFORM_SIGNATURE_MODE_KEY = "signupload.jsp:signatureMode";
public static final String UPLOADFORM_SIGNATURE_DEVICE_KEY = "signupload.jsp:signatureKey";
public static final String UPLOADFORM_PDFA_KEY = "signupload.jsp:pdfaKey";
+ public static final String UPLOADFORM_SOURCE_KEY = "signupload.jsp:sourceKey";
+ public static final String UPLOADFORM_FREETEXT_KEY = "signupload.jsp:freeTextKey";
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
this.doPost(request, response);
}
-
- protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
- String mode = request.getParameter(FormFields.FIELD_MODE);
- String device = request.getParameter(FormFields.FIELD_CONNECTOR);
- String type = request.getParameter(FormFields.FIELD_SIGNATURE_TYPE);
- String pdfa = request.getParameter(FormFields.FIELD_PDFA_ENABLED);
+
+ public static void updateSession(HttpServletRequest request) {
+ String mode = request.getParameter(FormFields.FIELD_MODE);
+ String device = request.getParameter(FormFields.FIELD_CONNECTOR);
+ String type = request.getParameter(FormFields.FIELD_SIGNATURE_TYPE);
+ String pdfa = request.getParameter(FormFields.FIELD_PDFA_ENABLED);
+ String source = request.getParameter(FormFields.FIELD_SOURCE);
+ String freeText = request.getParameter(FormFields.FIELD_FREETEXT);
HttpSession session = request.getSession();
session.setAttribute(UPLOADFORM_SIGNATURE_DEVICE_KEY, device);
session.setAttribute(UPLOADFORM_SIGNATURE_MODE_KEY, mode);
session.setAttribute(UPLOADFORM_SIGNATURE_TYPE_KEY, type);
session.setAttribute(UPLOADFORM_PDFA_KEY, pdfa);
+ session.setAttribute(UPLOADFORM_SOURCE_KEY, source);
+ if (freeText != null) {
+ session.setAttribute(UPLOADFORM_FREETEXT_KEY, freeText);
+ }
+ }
+
+ protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+ updateSession(request);
RequestDispatcher dispatcher = request.getRequestDispatcher("/jsp/signupload.jsp");
dispatcher.forward(request, response);