From b13b00f05bace428952f0957075bf032ab4cd778 Mon Sep 17 00:00:00 2001 From: rpiazzi Date: Mon, 24 Oct 2011 17:07:07 +0000 Subject: Error corrected: ignore also requests where headers and xml_string are null (this happen sometimes, when a-trust is called) git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/trunk@875 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c --- .../gv/egiz/pdfas/web/servlets/DataURLServlet.java | 232 +++++++++++---------- 1 file changed, 118 insertions(+), 114 deletions(-) (limited to 'pdf-as-web/src/main/java/at') diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java index 1936e41..8fa058b 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/DataURLServlet.java @@ -68,6 +68,7 @@ import at.gv.egiz.pdfas.web.session.SessionAttributes; import at.gv.egiz.pdfas.web.session.SignSessionInformation; import at.gv.egiz.pdfas.web.session.VerifySessionInformation; import at.gv.egiz.pdfas.web.servlets.SignServlet; +import at.knowcenter.wag.egov.egiz.cfg.SettingsReader; import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException; import at.knowcenter.wag.egov.egiz.exceptions.SignatureException; @@ -142,14 +143,15 @@ public class DataURLServlet extends HttpServlet try { Object sessionObject = SessionHelper.getSession(request); - // obsolete since EncodingFilter is set in web.xml checkRequestCharacterEncoding(request); if (sessionObject instanceof SignSessionInformation) { SignSessionInformation si = (SignSessionInformation)sessionObject; + log.debug("Vor process sign:..."); processSign(request, response, si); + log.debug("Nach process sign..."); } else { @@ -224,7 +226,7 @@ public class DataURLServlet extends HttpServlet { log.trace("processSign"); - String xml_response = retrieveXMLResponse(request); + String xml_response = retrieveXMLResponse(request); PdfAsInternal pdfAsInternal = ApiHelper.getPdfAsInternalFromContext(getServletContext()); @@ -232,125 +234,127 @@ public class DataURLServlet extends HttpServlet String userAgent = request.getHeader("user-agent"); String signatureLayout = request.getHeader(Constants.BKU_HEADER_SIGNATURE_LAYOUT); + String connector = si.connector; + String url = ""; + + if (si.connector.equals(Constants.SIGNATURE_DEVICE_BKU)) { + url = SettingsReader.getInstance().getSetting("bku.sign.url"); + } + else if (si.connector.equals(Constants.SIGNATURE_DEVICE_MOC)) { + url = SettingsReader.getInstance().getSetting("moc.sign.url"); + } + else if (si.connector.equals(Constants.SIGNATURE_DEVICE_MOBILE)) { + url = SettingsReader.getInstance().getSetting("mobile.sign.url"); + } + else { + url = SettingsReader.getInstance().getSetting("mobiletest.sign.url"); + } + + log.debug("Url ist: "+url); + log.debug("Server ist: "+server); + log.debug("UserAgent: "+userAgent); + log.debug("Layout ist: "+signatureLayout); + //rpiazzi added //When choosing local CCS (a-trust 1.3.3.3 and higher) it seems that more requests to this servlet are sent from //CCS. Therefore the first request (with no information about CCS in the headers) has to be ignored... - if (((server==null) && (userAgent==null) && (signatureLayout==null)) || (xml_response==null)) { - if ((server==null) && (userAgent==null) && (signatureLayout==null)) { - log.debug("Received response with none of the following header fields: \"server\", \"user-agent\", \""+Constants.BKU_HEADER_SIGNATURE_LAYOUT+"\""); - log.debug("This is probably the empty servlet call when local CCS and a-trust CCS version >1.3.3.2 is choosen. In this case the right call of this servlet will follow soon!"); - } - if (xml_response==null) { - log.debug("Received response with no content. Redirect to error page!"); - String name = ""; - if (server!=null) { - name = server; - } - else { - if (userAgent!=null) { - name = userAgent; - } - else { - if (signatureLayout!=null) { - name = signatureLayout; - } - else { - name = "Unkown server"; - } - } - } - request.setAttribute("cause", "Received wrong response from server \""+name+"\""); - temporaryRedirect(response.encodeRedirectURL(LocalRequestHelper.getLocalContextAddress(request, response) + "/jsp/error.jsp") , response); - } + if (((server==null) && (userAgent==null) && (signatureLayout==null) || (xml_response==null))) { + log.debug("Received response with none of the following header fields: \"server\", \"user-agent\", \""+Constants.BKU_HEADER_SIGNATURE_LAYOUT+"\""); + log.debug("This is probably the empty servlet call when local CCS and a-trust CCS version >1.3.3.2 is choosen. In this case the right call of this servlet will follow soon!"); + log.debug("Server is: "+server); + log.debug("UserAgent is: "+userAgent); + log.debug("SignatureLayout is: "+signatureLayout); + log.debug("xml_response is: "+xml_response); } //end added else { - LocalBKUParams bkuParams = new LocalBKUParams(server, userAgent, signatureLayout); - si.localBKUParams = bkuParams; - - pdfAsInternal.verifyBKUSupport(bkuParams); - - if (isNullResponse(xml_response)) - { - log.debug("Received a NullOperationResponse -> answering with the first request."); //$NON-NLS-1$ - - //assert si.outputAvailable == false; - //assert si.xmlResponse == null; - - log.debug("There are still requests to be performed -> answering with request."); //$NON-NLS-1$ - - LocalRequest local_request = si.localRequest; - - String request_string = local_request.getRequestString(); - - log.debug("request = " + request_string); - response.setContentType("text/xml"); - response.setCharacterEncoding("UTF-8"); - response.getWriter().println(request_string); - } - else if (xml_response != null) - { - log.debug("Received a normal response -> storing the response."); //$NON-NLS-1$ - - si.xmlResponse = xml_response; - - log.debug("All requests have been processed -> processing the responses."); //$NON-NLS-1$ - - // Sign - - if (!si.outputAvailable) - { - PdfAs pdfAs = ApiHelper.getPdfAsFromContext(getServletContext()); - SignServletHelper.finishLocalSign(pdfAs, pdfAsInternal, si); - SigningTimeHelper.checkSigningTimeAgainstHostTime(si.sdi.getSignDate()); - si.outputAvailable = true; - } - - if (si.output.getMimeType().equals("text/xml") && si.outputAvailable) - { - // For "detached" signatures, the return value (data sink) is the response xml, - // but when passed through the BKU it is interpreted as another request - // which will generate a return code 1501 - // Then PDF-AS would answer with the response as well generating - // another 1501 and so forth. - // Therefor return it as TXT. - response.setContentType("text/plain"); - response.setCharacterEncoding("UTF-8"); - response.getWriter().println("Das detached XML kann nicht direkt durch die BKU geschliffen werden, weil diese es als Request interpretieren würde. Daher das XML als Text:"); - response.getWriter().println(new String(si.signedPdf, "UTF-8")); - } - else - { - // tzefferer: If PDF-AS has been called by an external web-application, we do not - // redirect to download.jsp but return the sign-response immediately - if (si.exappinf != null) { - log.debug("Entering external application interface mode. Skipping redirection to download page."); - SignServletHelper.returnSignResponse(si, request, response); - - // Not needed due to redirection of returnSignResponse. - // Just to clarify that there must not be any code after returnSignResponse. - return; - } else { - log.debug("Preparing download page."); - HttpSession session = request.getSession(true); - log.debug("Putting signed document into session (" + session.getId() + ")."); - session.setAttribute(SessionAttributes.SIGNED_PDF_DOCUMENT, si); - String downloadURL = response.encodeRedirectURL(LocalRequestHelper.getLocalContextAddress(request, response) + "/ProvidePDF"); - log.debug("Creating download URL \"" + downloadURL + "\"."); - session.setAttribute(SessionAttributes.DOWNLOAD_URL_FOR_SIGNED_PDF_DOCUMENT, downloadURL); - temporaryRedirect(response.encodeRedirectURL(LocalRequestHelper.getLocalContextAddress(request, response) + "/jsp/download.jsp") , response); - - // Not needed due to temporaryRedirect. - // Just to clarify that there must not be any code after temporaryRedirect. - return; + LocalBKUParams bkuParams = new LocalBKUParams(server, userAgent, signatureLayout); + si.localBKUParams = bkuParams; + + pdfAsInternal.verifyBKUSupport(bkuParams); + + if (isNullResponse(xml_response)) + { + log.debug("Received a NullOperationResponse -> answering with the first request."); //$NON-NLS-1$ + + //assert si.outputAvailable == false; + //assert si.xmlResponse == null; + + log.debug("There are still requests to be performed -> answering with request."); //$NON-NLS-1$ + + LocalRequest local_request = si.localRequest; + + String request_string = local_request.getRequestString(); + + log.debug("request = " + request_string); + response.setContentType("text/xml"); + response.setCharacterEncoding("UTF-8"); + response.getWriter().println(request_string); + } + else if (xml_response != null) + { + log.debug("Received a normal response -> storing the response."); //$NON-NLS-1$ + + si.xmlResponse = xml_response; + + log.debug("All requests have been processed -> processing the responses."); //$NON-NLS-1$ + + // Sign + + if (!si.outputAvailable) + { + PdfAs pdfAs = ApiHelper.getPdfAsFromContext(getServletContext()); + SignServletHelper.finishLocalSign(pdfAs, pdfAsInternal, si); + SigningTimeHelper.checkSigningTimeAgainstHostTime(si.sdi.getSignDate()); + si.outputAvailable = true; + } + + if (si.output.getMimeType().equals("text/xml") && si.outputAvailable) + { + // For "detached" signatures, the return value (data sink) is the response xml, + // but when passed through the BKU it is interpreted as another request + // which will generate a return code 1501 + // Then PDF-AS would answer with the response as well generating + // another 1501 and so forth. + // Therefor return it as TXT. + response.setContentType("text/plain"); + response.setCharacterEncoding("UTF-8"); + response.getWriter().println("Das detached XML kann nicht direkt durch die BKU geschliffen werden, weil diese es als Request interpretieren würde. Daher das XML als Text:"); + response.getWriter().println(new String(si.signedPdf, "UTF-8")); + } + else + { + // tzefferer: If PDF-AS has been called by an external web-application, we do not + // redirect to download.jsp but return the sign-response immediately + if (si.exappinf != null) { + log.debug("Entering external application interface mode. Skipping redirection to download page."); + SignServletHelper.returnSignResponse(si, request, response); + + // Not needed due to redirection of returnSignResponse. + // Just to clarify that there must not be any code after returnSignResponse. + return; + } else { + log.debug("Preparing download page."); + HttpSession session = request.getSession(true); + log.debug("Putting signed document into session (" + session.getId() + ")."); + session.setAttribute(SessionAttributes.SIGNED_PDF_DOCUMENT, si); + String downloadURL = response.encodeRedirectURL(LocalRequestHelper.getLocalContextAddress(request, response) + "/ProvidePDF"); + log.debug("Creating download URL \"" + downloadURL + "\"."); + session.setAttribute(SessionAttributes.DOWNLOAD_URL_FOR_SIGNED_PDF_DOCUMENT, downloadURL); + temporaryRedirect(response.encodeRedirectURL(LocalRequestHelper.getLocalContextAddress(request, response) + "/jsp/download.jsp") , response); + + // Not needed due to temporaryRedirect. + // Just to clarify that there must not be any code after temporaryRedirect. + return; + } + + // do not insert any code within this else block ! + } + } else { + log.debug("No XMLResponse found. Do nothing."); } - - // do not insert any code within this else block ! - } - } else { - log.debug("No XMLResponse found. Do nothing."); - } - } + } + } -- cgit v1.2.3