aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java')
-rw-r--r--src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java576
1 files changed, 576 insertions, 0 deletions
diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java
new file mode 100644
index 0000000..f2cbde8
--- /dev/null
+++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java
@@ -0,0 +1,576 @@
+/**
+ * <copyright> Copyright (c) 2006 by Know-Center, Graz, Austria </copyright>
+ *
+ * This software is the confidential and proprietary information of Know-Center,
+ * Graz, Austria. You shall not disclose such Confidential Information and shall
+ * use it only in accordance with the terms of the license agreement you entered
+ * into with Know-Center.
+ *
+ * KNOW-CENTER MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY OF
+ * THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR
+ * NON-INFRINGEMENT. KNOW-CENTER SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY
+ * LICENSEE AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS
+ * DERIVATIVES.
+ *
+ * $Id: Sign.java,v 1.7 2006/10/11 07:39:13 wprinz Exp $
+ */
+package at.knowcenter.wag.egov.egiz.web.servlets;
+
+import java.io.File;
+import java.io.IOException;
+import java.io.Serializable;
+import java.io.UnsupportedEncodingException;
+import java.net.URL;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Properties;
+
+import javax.servlet.RequestDispatcher;
+import javax.servlet.ServletContext;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import org.apache.commons.fileupload.FileItem;
+import org.apache.commons.fileupload.FileUploadException;
+import org.apache.commons.fileupload.disk.DiskFileItemFactory;
+import org.apache.commons.fileupload.servlet.ServletFileUpload;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.log4j.Logger;
+
+import at.knowcenter.wag.egov.egiz.PdfAS;
+import at.knowcenter.wag.egov.egiz.PdfASID;
+import at.knowcenter.wag.egov.egiz.cfg.ConfigLogger;
+import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
+import at.knowcenter.wag.egov.egiz.exceptions.ErrorCodeException;
+import at.knowcenter.wag.egov.egiz.exceptions.PDFDocumentException;
+import at.knowcenter.wag.egov.egiz.exceptions.PlaceholderException;
+import at.knowcenter.wag.egov.egiz.exceptions.PresentableException;
+import at.knowcenter.wag.egov.egiz.framework.SignResult;
+import at.knowcenter.wag.egov.egiz.framework.Signator;
+import at.knowcenter.wag.egov.egiz.framework.SignatorFactory;
+import at.knowcenter.wag.egov.egiz.framework.signators.DetachedSignator_1_0_0;
+import at.knowcenter.wag.egov.egiz.sig.ConnectorFactory;
+import at.knowcenter.wag.egov.egiz.sig.SignatureData;
+import at.knowcenter.wag.egov.egiz.sig.SignatureDataImpl;
+import at.knowcenter.wag.egov.egiz.sig.connectors.Connector;
+import at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector;
+import at.knowcenter.wag.egov.egiz.sig.connectors.bku.DetachedBKUConnector;
+import at.knowcenter.wag.egov.egiz.sig.connectors.bku.EnvelopedBase64BKUConnector;
+import at.knowcenter.wag.egov.egiz.sig.connectors.bku.LocRefDetachedBKUConnector;
+import at.knowcenter.wag.egov.egiz.sig.connectors.moa.DetachedLocRefMOAConnector;
+import at.knowcenter.wag.egov.egiz.tools.CodingHelper;
+import at.knowcenter.wag.egov.egiz.web.FormFields;
+import at.knowcenter.wag.egov.egiz.web.LocalRequest;
+import at.knowcenter.wag.egov.egiz.web.LocalRequestHelper;
+import at.knowcenter.wag.egov.egiz.web.SessionAttributes;
+import at.knowcenter.wag.egov.egiz.web.SessionInformation;
+
+/**
+ * This method is the sign servlet for the pdf-as web application. It takes get
+ * and post requests fill out jsp templates and give the user feedback about the
+ * results of the sign process
+ *
+ * @author wlackner
+ * @author wprinz
+ */
+public class SignServlet extends HttpServlet
+{
+
+ /**
+ * SVUID.
+ */
+ private static final long serialVersionUID = -4156938216903740438L;
+
+ /**
+ * The log.
+ */
+ private static Log log = LogFactory.getLog(SignServlet.class);
+
+ protected void dispatch(HttpServletRequest request,
+ HttpServletResponse response, String resource) throws ServletException, IOException
+ {
+ dispatch(request, response, resource, getServletContext());
+ }
+
+ protected static void dispatch(HttpServletRequest request,
+ HttpServletResponse response, String resource, ServletContext context) throws ServletException, IOException
+ {
+ response.setContentType("text/html");
+ response.setCharacterEncoding("UTF-8");
+
+ RequestDispatcher disp = context.getRequestDispatcher(resource);
+ disp.forward(request, response);
+ }
+
+ // The sign servlet is used for processing the upload only.
+ // Authentication is deactivated. if required - make an own servlet.
+ // /**
+ // * @author modified by tknall
+ // */
+ // public void doGet(HttpServletRequest request, HttpServletResponse response)
+ // throws ServletException, IOException
+ // {
+ // String authenticate = request.getHeader(AUTH);
+ // if (authenticate != null)
+ // {
+ // logger_.info("authenticate:" + authenticate);
+ // if (authenticate.indexOf(AUTH_BASIC) == 0)
+ // {
+ // authenticate = authenticate.substring(AUTH_BASIC.length() + 1);
+ // logger_.info("authenticate:" + authenticate);
+ // authenticate = new String(CodingHelper.decodeBase64(authenticate),
+ // "UTF-8");
+ // logger_.info("authenticate:" + authenticate);
+ //
+ // String[] auth_value = authenticate.split(":");
+ // String user_name = auth_value[0];
+ // String user_password = auth_value[1];
+ // logger_.info("username:" + user_name);
+ // // start modification tknall
+ // // logger_.info("password:" + user_password);
+ // logger_.info("password:XXXXXXXXXXXX");
+ // // stop modification tknall
+ //
+ // HttpSession session = request.getSession();
+ // session.setAttribute(SessionAttributes.ATTRIBUTE_USER_NAME, user_name);
+ // session.setAttribute(SessionAttributes.ATTRIBUTE_USER_PASSWORD,
+ // user_password);
+ //
+ // dispatch(request, response, "/jsp/signupload.jsp");
+ // return;
+ // }
+ // // start modification tknall
+ // } else {
+ // String user_name = "";
+ // String user_password = "";
+ // logger_.info("authenticate:User has not been authenticated!");
+ // logger_.info("username: UNKNOWN");
+ // logger_.info("password: XXXXXXXXXXXX");
+ // HttpSession session = request.getSession();
+ // session.setAttribute("uname", user_name);
+ // session.setAttribute("upass", user_password);
+ // dispatch(request, response, "/jsp/signupload.jsp");
+ // }
+
+ // request.setAttribute("error", "Falsche Authentifikation");
+ // request.setAttribute("cause", "Passwort oder Benutzername ist falsch");
+ // dispatch(request, response, "/jsp/error.jsp");
+ // // stop modification tknall
+ // }
+
+ /**
+ * Processes the sign upload.
+ *
+ * @see javax.servlet.http.HttpServlet#doPost(javax.servlet.http.HttpServletRequest,
+ * javax.servlet.http.HttpServletResponse)
+ */
+ public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
+ {
+ try
+ {
+ UploadedData ud = retrieveUploadedDataFromRequest(request);
+
+ PdfAS.applyStrictMode(ud.pdf);
+
+ SessionInformation si = new SessionInformation(); // SessionTable.generateSessionInformationObject();
+ si.connector = ud.sig_app;
+ si.application = "sign";
+ si.mode = ud.sig_mode;
+ si.pdf = ud.pdf;
+ si.type = ud.sig_type;
+ si.filename = formatFileName(ud.file_name);
+ si.download_inline = ud.download_inline;
+
+ request.getSession().setAttribute(SessionAttributes.ATTRIBUTE_SESSION_INFORMATION, si);
+
+ // String user_name = (String)
+ // request.getSession().getAttribute(SessionAttributes.ATTRIBUTE_USER_NAME);
+ // String user_password = (String)
+ // request.getSession().getAttribute(SessionAttributes.ATTRIBUTE_USER_PASSWORD);
+ // si.user_name = user_name;
+ // si.user_password = user_password;
+
+ prepareSign(si);
+
+ if (ud.preview)
+ {
+ String submit_url = response.encodeURL(request.getContextPath() + "/SignPreview");
+ String signature_data_url = response.encodeURL(request.getContextPath() + "/RetrieveSignatureData");
+
+ request.setAttribute("submit_url", submit_url);
+ request.setAttribute("signature_data_url", signature_data_url);
+
+ dispatch(request, response, "/jsp/signpreview.jsp");
+
+ return;
+ }
+
+ finishSign(si, request, response, getServletContext());
+ }
+ catch (FileUploadException e)
+ {
+ request.setAttribute("error", "Fehler beim Upload der Daten");
+ request.setAttribute("cause", "Beim Upload der Daten ist ein Fehler aufgetreten.");
+ dispatch(request, response, "/jsp/error.jsp");
+ }
+ catch (PresentableException e)
+ {
+ e.printStackTrace();
+ prepareDispatchToErrorPage(e, request);
+ dispatch(request, response, "/jsp/error.jsp");
+ }
+ }
+
+ protected UploadedData retrieveUploadedDataFromRequest(
+ HttpServletRequest request) throws ServletException, UnsupportedEncodingException, FileUploadException, PDFDocumentException
+ {
+ DiskFileItemFactory fif = new DiskFileItemFactory();
+ fif.setRepository(SettingsReader.getTemporaryDirectory());
+ ServletFileUpload sfu = new ServletFileUpload(fif);
+
+ List items = sfu.parseRequest(request);
+
+ FileItem preview_fi = null;
+ FileItem sig_type_fi = null;
+ FileItem sig_app_fi = null;
+ FileItem mode_fi = null;
+ FileItem file_upload_fi = null;
+ FileItem download_fi = null;
+
+ Iterator it = items.iterator();
+ while (it.hasNext())
+ {
+ FileItem item = (FileItem) it.next();
+ log.debug("item = " + item.getFieldName()); //$NON-NLS-1$
+
+ if (log.isDebugEnabled())
+ {
+ if (item.isFormField())
+ {
+ String item_string = item.getString("UTF-8"); //$NON-NLS-1$
+ log.debug(" form field string = " + item_string); //$NON-NLS-1$
+ }
+ else
+ {
+ log.debug(" filename = " + item.getName()); //$NON-NLS-1$
+ log.debug(" filesize = " + item.getSize()); //$NON-NLS-1$
+ }
+ }
+
+ if (item.getFieldName().equals(FormFields.FIELD_PREVIEW))
+ {
+ preview_fi = item;
+ continue;
+ }
+
+ if (item.getFieldName().equals(FormFields.FIELD_SIGNATURE_TYPE))
+ {
+ sig_type_fi = item;
+ continue;
+ }
+
+ if (item.getFieldName().equals(FormFields.FIELD_CONNECTOR))
+ {
+ sig_app_fi = item;
+ continue;
+ }
+
+ if (item.getFieldName().equals(FormFields.FIELD_MODE))
+ {
+ mode_fi = item;
+ continue;
+ }
+
+ if (item.getFieldName().equals(FormFields.FIELD_UPLOAD))
+ {
+ file_upload_fi = item;
+ continue;
+ }
+
+ if (item.getFieldName().equals(FormFields.FIELD_DOWNLOAD))
+ {
+ download_fi = item;
+ continue;
+ }
+
+ throw new ServletException("unrecognized POST data."); //$NON-NLS-1$
+
+ }
+
+ if (preview_fi == null || sig_type_fi == null || sig_app_fi == null || file_upload_fi == null || download_fi == null)
+ {
+ throw new ServletException("Insufficient data provided in request"); //$NON-NLS-1$
+ }
+
+ String mode = mode_fi.getString("UTF-8"); //$NON-NLS-1$
+ if (!mode.equals(FormFields.VALUE_MODE_BINARY) && !mode.equals(FormFields.VALUE_MODE_TEXTUAL) && !mode.equals(FormFields.VALUE_MODE_DETACHED))
+ {
+ throw new ServletException("The mode '" + mode + "' is unrecognized."); //$NON-NLS-1$ //$NON-NLS-2$
+ }
+
+ String preview_str = preview_fi.getString("UTF-8"); //$NON-NLS-1$
+ boolean preview = false;
+ if (preview_str.equals("true")) //$NON-NLS-1$
+ {
+ preview = true;
+ }
+
+ boolean download_inline = true;
+ if (download_fi.getString("UTF-8").equals(FormFields.VALUE_DOWNLOAD_ATTACHMENT)) //$NON-NLS-1$
+ {
+ download_inline = false;
+ }
+
+ String sig_type = sig_type_fi.getString("UTF-8"); //$NON-NLS-1$
+ String sig_app = sig_app_fi.getString("UTF-8"); //$NON-NLS-1$
+
+ String doc_file_name = file_upload_fi.getName();
+ log.debug("file content type =" + file_upload_fi.getContentType()); //$NON-NLS-1$
+
+ String extension = VerifyServlet.extractExtension(doc_file_name);
+ if (extension != null && !extension.equals("pdf")) //$NON-NLS-1$
+ {
+ throw new PDFDocumentException(201, "The provided file '" + doc_file_name + "' doesn't have the PDF extension (.pdf)."); //$NON-NLS-1$//$NON-NLS-2$
+ }
+
+ byte[] pdf = file_upload_fi.get();
+ if (file_upload_fi.getSize() <= 0)
+ {
+ throw new PDFDocumentException(250, "The document is empty."); //$NON-NLS-1$
+ }
+
+ UploadedData ud = new UploadedData();
+
+ ud.preview = preview;
+ ud.download_inline = download_inline;
+ ud.sig_type = sig_type;
+ ud.sig_app = sig_app;
+ ud.sig_mode = mode;
+ ud.file_name = doc_file_name;
+ ud.pdf = pdf;
+
+ return ud;
+ }
+
+ /**
+ * Prepares the sign.
+ *
+ * <p>
+ * This prepares the data for both being signed or being previewed.
+ * </p>
+ *
+ * @param si
+ * The SessionInformation to be prepared.
+ * @throws PresentableException
+ * f.e.
+ */
+ public static void prepareSign(SessionInformation si) throws PresentableException
+ {
+ log.debug("prepareSign:"); //$NON-NLS-1$
+
+ PdfASID algorithm = FormFields.translateSignatureModeToPdfASID(si.mode);
+ Signator signator = SignatorFactory.createSignator(algorithm);
+ si.iui = signator.prepareSign(si.pdf, si.type, null, ConnectorFactory.needsSIG_ID(si.connector));
+
+ log.debug("prepareSign finished."); //$NON-NLS-1$
+ }
+
+ /**
+ * Finishes the sign.
+ *
+ * <p>
+ * For non local connectors this concludes the sign process, signs the
+ * document and returns the result. For local connectors this initializes the
+ * local sign process and redirects to following servlets.
+ * </p>
+ *
+ * @param si
+ * The SessionInformation.
+ * @param request
+ * The servlet request for dispatching.
+ * @param response
+ * The servlet response for dispatching.
+ * @param context
+ * The servlet context for dispatching.
+ * @throws PresentableException
+ * f.e.
+ * @throws IOException
+ * f. e.
+ * @throws ServletException
+ * f. e.
+ */
+ public static void finishSign(SessionInformation si,
+ HttpServletRequest request, HttpServletResponse response,
+ ServletContext context) throws PresentableException, IOException, ServletException
+ {
+ log.debug("finishSign:"); //$NON-NLS-1$
+
+ log.debug("connector = " + si.connector); //$NON-NLS-1$
+ if (ConnectorFactory.isConnectorLocal(si.connector))
+ {
+ log.debug("Connector is local -> dispatching to local processing."); //$NON-NLS-1$
+
+ String dispatch_to = LocalRequestHelper.processLocalSign(si, request, response);
+ dispatch(request, response, dispatch_to, context);
+ return;
+ }
+ log.debug("Connector is not local -> finishing the sign."); //$NON-NLS-1$
+
+ PdfASID algorithm = FormFields.translateSignatureModeToPdfASID(si.mode);
+ Signator signator = SignatorFactory.createSignator(algorithm);
+
+ log.debug("RequestURL = " + request.getRequestURL());
+ log.debug("ContextPath = " + request.getContextPath());
+ String host = request.getServerName();
+ URL signature_data_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/RetrieveSignatureData");
+ String signature_data_url = response.encodeURL(signature_data_URL.toString());
+
+ Connector c = new DetachedLocRefMOAConnector(si.type, signature_data_url);
+ si.iui.signed_signature_object = c.doSign(si.iui.signature_data);
+
+ si.sign_result = signator.finishSign(si.iui);
+
+ returnSignResponse(si, response);
+
+ log.debug("finishSign finished."); //$NON-NLS-1$
+ }
+
+ public static void prepareDispatchToErrorPage(PresentableException pe,
+ HttpServletRequest request)
+ {
+ if (pe instanceof ErrorCodeException)
+ {
+ ErrorCodeException ece = (ErrorCodeException) pe;
+ request.setAttribute("error", "Fehler " + ece.getErrorCode());
+
+ String cause = ece.getErrorCodeMessage();
+ if (ece.hasExternalErrorMessage())
+ {
+ cause = ece.getExternalErrorCode() + ": " + ece.getExternalErrorMessage();
+ }
+ request.setAttribute("cause", cause);
+
+ if (pe instanceof PlaceholderException)
+ {
+ PlaceholderException phe = (PlaceholderException) ece;
+
+ request.setAttribute("cause", "Der Platzhalter des Feldes " + phe.getField() + " ist um " + phe.getMissing() + " Bytes zu kurz. " + ece.getErrorCodeMessage());
+ }
+ }
+ else
+ {
+ request.setAttribute("error", "PresentableException");
+ request.setAttribute("cause", pe.toString());
+ }
+ }
+
+ public void dispatchToPreview(String document_text, String connector,
+ String mode, String signature_type, String submit_url,
+ HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
+ {
+ request.setAttribute("document_text", document_text);
+ request.setAttribute("connector", connector);
+ request.setAttribute("mode", mode);
+ request.setAttribute("signature_type", signature_type);
+ request.setAttribute("submit_url", submit_url);
+
+ dispatch(request, response, "/jsp/signpreview.jsp");
+ }
+
+ /**
+ * Formats the file name so that it is suitable for content disposition.
+ *
+ * @param file_name
+ * The file name.
+ * @return Returns the formatted file name.
+ */
+ public static String formatFileName(String file_name)
+ {
+ File file = new File(file_name);
+ String file_name_only = file.getName();
+ // the file_name contains \\ ==> remove them so Internet Explorer works
+ // correctly.
+ return file_name_only;
+ }
+
+ /**
+ * Formats the file name according to the SignResult.
+ *
+ * @param file_name
+ * The file name.
+ * @param sign_result
+ * The sign result.
+ * @return Returns the formatted file name.
+ */
+ public static String formatFileNameForSignResult(String file_name,
+ SignResult sign_result)
+ {
+ String output = file_name + "_signed";
+ if (sign_result.getMimeType().equals(DetachedSignator_1_0_0.MIME_TYPE))
+ {
+ output += ".xml";
+ }
+ else
+ {
+ output += ".pdf";
+ }
+
+ return output;
+ }
+
+ /**
+ * Returns the data in the SignResult with proper content disposition.
+ *
+ * @param si
+ * SessionInformation.
+ * @param response
+ * The servlet response.
+ * @throws IOException
+ * The IO Exception.
+ */
+ public static void returnSignResponse(SessionInformation si,
+ HttpServletResponse response) throws IOException
+ {
+ SignResult sign_result = si.sign_result;
+
+ String file_name = formatFileNameForSignResult(si.filename, sign_result);
+
+ // The name parameter is actually deprecated in favour of
+ // Content-Disposition filename
+ // Unfortunately Acrobat reader does recognize neither of these parameters
+ // with its inline save-as. It always takes the page name.
+ response.setContentType(sign_result.getMimeType() + "; name=\"" + file_name + "\"");
+ if (si.download_inline)
+ {
+ response.addHeader("Content-Disposition", "inline; filename=\"" + file_name + "\"");
+ }
+ else
+ {
+ response.addHeader("Content-Disposition", "attachment; filename=\"" + file_name + "\"");
+ }
+ response.getOutputStream().write(sign_result.getData());
+
+ }
+
+ protected static class UploadedData
+ {
+ protected boolean preview = false;
+
+ protected boolean download_inline = false;
+
+ protected String sig_type = null;
+
+ protected String sig_app = null;
+
+ protected String sig_mode = null;
+
+ protected String file_name = null;
+
+ protected byte[] pdf = null;
+ }
+} \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-30 22:08:30 +0000