From 94c7b5a45e9fb197b36aae1b860c5f58607716e1 Mon Sep 17 00:00:00 2001 From: rpiazzi Date: Wed, 5 Oct 2011 16:21:27 +0000 Subject: Added error handling for the case an a-trust CCS version >1.3.3.2 as local CCS is choosen. In this case this servlet receives more than one call from the CCS and the first call will be ignored because there is no information on the CCS type in. git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/trunk@850 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c --- .../gv/egiz/pdfas/web/servlets/DataURLServlet.java | 205 ++++++++++++--------- 1 file changed, 121 insertions(+), 84 deletions(-) (limited to 'pdf-as-web/src/main/java/at/gv/egiz') diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java index 63d22a3..588a969 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java @@ -28,6 +28,7 @@ import java.io.PrintWriter; import java.io.UnsupportedEncodingException; import java.net.URL; import java.util.ArrayList; +import java.util.Enumeration; import java.util.Iterator; import java.util.List; @@ -144,8 +145,8 @@ public class DataURLServlet extends HttpServlet if (sessionObject instanceof SignSessionInformation) { - SignSessionInformation si = (SignSessionInformation)sessionObject; - processSign(request, response, si); + SignSessionInformation si = (SignSessionInformation)sessionObject; + processSign(request, response, si); } else { @@ -210,7 +211,7 @@ public class DataURLServlet extends HttpServlet protected void processSign(HttpServletRequest request, HttpServletResponse response, SignSessionInformation si) throws ServletException, IOException, PdfAsException { - log.trace("processSign"); + log.trace("processSign"); String xml_response = retrieveXMLResponse(request); @@ -219,91 +220,127 @@ public class DataURLServlet extends HttpServlet String server = request.getHeader("server"); String userAgent = request.getHeader("user-agent"); String signatureLayout = request.getHeader(Constants.BKU_HEADER_SIGNATURE_LAYOUT); - LocalBKUParams bkuParams = new LocalBKUParams(server, userAgent, signatureLayout); - si.localBKUParams = bkuParams; - pdfAsInternal.verifyBKUSupport(bkuParams); - - if (isNullResponse(xml_response)) - { - log.debug("Received a NullOperationResponse -> answering with the first request."); //$NON-NLS-1$ - - //assert si.outputAvailable == false; - //assert si.xmlResponse == null; - - log.debug("There are still requests to be performed -> answering with request."); //$NON-NLS-1$ - - LocalRequest local_request = si.localRequest; - - String request_string = local_request.getRequestString(); - - log.debug("request = " + request_string); - response.setContentType("text/xml"); - response.setCharacterEncoding("UTF-8"); - response.getWriter().println(request_string); + //rpiazzi added + //When choosing local CCS (a-trust 1.3.3.3 and higher) it seems that more requests to this servlet are sent from + //CCS. Therefore the first request (with no information about CCS in the headers) has to be ignored... + if (((server==null) && (userAgent==null) && (signatureLayout==null)) || (xml_response==null)) { + if ((server==null) && (userAgent==null) && (signatureLayout==null)) { + log.debug("Received response with none of the following header fields: \"server\", \"user-agent\", \""+Constants.BKU_HEADER_SIGNATURE_LAYOUT+"\""); + log.debug("This is probably the empty servlet call when local CCS and a-trust CCS version >1.3.3.2 is choosen. In this case the right call of this servlet will follow soon!"); + } + if (xml_response==null) { + log.debug("Received response with no content. Redirect to error page!"); + String name = ""; + if (server!=null) { + name = server; + } + else { + if (userAgent!=null) { + name = userAgent; + } + else { + if (signatureLayout!=null) { + name = signatureLayout; + } + else { + name = "Unkown server"; + } + } + } + request.setAttribute("cause", "Received wrong response from server \""+name+"\""); + temporaryRedirect(response.encodeRedirectURL(LocalRequestHelper.getLocalContextAddress(request, response) + "/jsp/error.jsp") , response); + } } - else if (xml_response != null) - { - log.debug("Received a normal response -> storing the response."); //$NON-NLS-1$ - - si.xmlResponse = xml_response; - - log.debug("All requests have been processed -> processing the responses."); //$NON-NLS-1$ - - // Sign - - if (!si.outputAvailable) - { - PdfAs pdfAs = ApiHelper.getPdfAsFromContext(getServletContext()); - SignServletHelper.finishLocalSign(pdfAs, pdfAsInternal, si); - SigningTimeHelper.checkSigningTimeAgainstHostTime(si.sdi.getSignDate()); - si.outputAvailable = true; - } + //end added + else { + LocalBKUParams bkuParams = new LocalBKUParams(server, userAgent, signatureLayout); + si.localBKUParams = bkuParams; + + pdfAsInternal.verifyBKUSupport(bkuParams); + + if (isNullResponse(xml_response)) + { + log.debug("Received a NullOperationResponse -> answering with the first request."); //$NON-NLS-1$ + + //assert si.outputAvailable == false; + //assert si.xmlResponse == null; + + log.debug("There are still requests to be performed -> answering with request."); //$NON-NLS-1$ + + LocalRequest local_request = si.localRequest; + + String request_string = local_request.getRequestString(); + + log.debug("request = " + request_string); + response.setContentType("text/xml"); + response.setCharacterEncoding("UTF-8"); + response.getWriter().println(request_string); + } + else if (xml_response != null) + { + log.debug("Received a normal response -> storing the response."); //$NON-NLS-1$ + + si.xmlResponse = xml_response; + + log.debug("All requests have been processed -> processing the responses."); //$NON-NLS-1$ + + // Sign + + if (!si.outputAvailable) + { + PdfAs pdfAs = ApiHelper.getPdfAsFromContext(getServletContext()); + SignServletHelper.finishLocalSign(pdfAs, pdfAsInternal, si); + SigningTimeHelper.checkSigningTimeAgainstHostTime(si.sdi.getSignDate()); + si.outputAvailable = true; + } - if (si.output.getMimeType().equals("text/xml") && si.outputAvailable) - { - // For "detached" signatures, the return value (data sink) is the response xml, - // but when passed through the BKU it is interpreted as another request - // which will generate a return code 1501 - // Then PDF-AS would answer with the response as well generating - // another 1501 and so forth. - // Therefor return it as TXT. - response.setContentType("text/plain"); - response.setCharacterEncoding("UTF-8"); - response.getWriter().println("Das detached XML kann nicht direkt durch die BKU geschliffen werden, weil diese es als Request interpretieren würde. Daher das XML als Text:"); - response.getWriter().println(new String(si.signedPdf, "UTF-8")); - } - else - { - // tzefferer: If PDF-AS has been called by an external web-application, we do not - // redirect to download.jsp but return the sign-response immediately - if (si.exappinf != null) { - log.debug("Entering external application interface mode. Skipping redirection to download page."); - SignServletHelper.returnSignResponse(si, request, response); - - // Not needed due to redirection of returnSignResponse. - // Just to clarify that there must not be any code after returnSignResponse. - return; - } else { - log.debug("Preparing download page."); - HttpSession session = request.getSession(true); - log.debug("Putting signed document into session (" + session.getId() + ")."); - session.setAttribute(SessionAttributes.SIGNED_PDF_DOCUMENT, si); - String downloadURL = response.encodeRedirectURL(LocalRequestHelper.getLocalContextAddress(request, response) + "/ProvidePDF"); - log.debug("Creating download URL \"" + downloadURL + "\"."); - session.setAttribute(SessionAttributes.DOWNLOAD_URL_FOR_SIGNED_PDF_DOCUMENT, downloadURL); - temporaryRedirect(response.encodeRedirectURL(LocalRequestHelper.getLocalContextAddress(request, response) + "/jsp/download.jsp") , response); - - // Not needed due to temporaryRedirect. - // Just to clarify that there must not be any code after temporaryRedirect. - return; + if (si.output.getMimeType().equals("text/xml") && si.outputAvailable) + { + // For "detached" signatures, the return value (data sink) is the response xml, + // but when passed through the BKU it is interpreted as another request + // which will generate a return code 1501 + // Then PDF-AS would answer with the response as well generating + // another 1501 and so forth. + // Therefor return it as TXT. + response.setContentType("text/plain"); + response.setCharacterEncoding("UTF-8"); + response.getWriter().println("Das detached XML kann nicht direkt durch die BKU geschliffen werden, weil diese es als Request interpretieren würde. Daher das XML als Text:"); + response.getWriter().println(new String(si.signedPdf, "UTF-8")); + } + else + { + // tzefferer: If PDF-AS has been called by an external web-application, we do not + // redirect to download.jsp but return the sign-response immediately + if (si.exappinf != null) { + log.debug("Entering external application interface mode. Skipping redirection to download page."); + SignServletHelper.returnSignResponse(si, request, response); + + // Not needed due to redirection of returnSignResponse. + // Just to clarify that there must not be any code after returnSignResponse. + return; + } else { + log.debug("Preparing download page."); + HttpSession session = request.getSession(true); + log.debug("Putting signed document into session (" + session.getId() + ")."); + session.setAttribute(SessionAttributes.SIGNED_PDF_DOCUMENT, si); + String downloadURL = response.encodeRedirectURL(LocalRequestHelper.getLocalContextAddress(request, response) + "/ProvidePDF"); + log.debug("Creating download URL \"" + downloadURL + "\"."); + session.setAttribute(SessionAttributes.DOWNLOAD_URL_FOR_SIGNED_PDF_DOCUMENT, downloadURL); + temporaryRedirect(response.encodeRedirectURL(LocalRequestHelper.getLocalContextAddress(request, response) + "/jsp/download.jsp") , response); + + // Not needed due to temporaryRedirect. + // Just to clarify that there must not be any code after temporaryRedirect. + return; + } + + // do not insert any code within this else block ! + } + } else { + log.debug("No XMLResponse found. Do nothing."); } - - // do not insert any code within this else block ! - } - } else { - log.debug("No XMLResponse found. Do nothing."); - } + } + } protected void processVerify(HttpServletRequest request, HttpServletResponse response, VerifySessionInformation si) throws ServletException, IOException, ConnectorException, SignatureException -- cgit v1.2.3