From eb68e29e371ef3e944f682239e6f3f92cb084697 Mon Sep 17 00:00:00 2001 From: tknall Date: Mon, 9 Jun 2008 15:27:50 +0000 Subject: Web-Application: Configuration may be declared via system property "pdf-as.work-dir" or via Servlet-Init-Parameter "work-dir". Bug fixed in RetrieveSignatureDataServlet: Response header didn't contain a content length attribute. The ITS Mac BKU rejects those requests. Workaround for ITS Mac BKU integrated. A redirect via response does only work if the response contains a valid SL request (e.g. a NullOperationRequest). API: The configuration folder may be omitted at instantiating the api. Configuration may be set via system property "pdf-as.work-dir". If no configuration is given at all, the current user's home directory is searched for a folder "PDF-AS". If not found a default configuration is created. If the configuration is explicitely given than the temporary folder is located within the given directory otherwise within the user's temporary directory. Declaring the configuration folder, replacements for system properties like "${catalina.base}/conf/pdfas" may be used. Web-Application: Session is now being invalidated after download of the signed pdf file. Web-Application: Every hardcoded context "pdf-as" has been replaced. git-svn-id: https://joinup.ec.europa.eu/svn/pdf-as/trunk@277 7b5415b0-85f9-ee4d-85bd-d5d0c3b42d1c --- .../wag/egov/egiz/web/servlets/DataURLServlet.java | 42 ++++++++++++++++++---- .../egov/egiz/web/servlets/ProvidePDFServlet.java | 4 ++- .../web/servlets/RetrieveSignatureDataServlet.java | 22 ++++++------ .../wag/egov/egiz/web/servlets/SignServlet.java | 3 +- .../egiz/web/servlets/VerifyPreviewServlet.java | 10 +++--- .../wag/egov/egiz/web/servlets/VerifyServlet.java | 2 +- 6 files changed, 57 insertions(+), 26 deletions(-) (limited to 'src/main/java/at/knowcenter/wag/egov/egiz/web/servlets') diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java index 3c2ba28..cbb33ba 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/DataURLServlet.java @@ -4,6 +4,7 @@ package at.knowcenter.wag.egov.egiz.web.servlets; import java.io.IOException; +import java.io.PrintWriter; import java.io.UnsupportedEncodingException; import java.net.URL; import java.util.ArrayList; @@ -41,6 +42,7 @@ import at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector; import at.knowcenter.wag.egov.egiz.sig.connectors.bku.BKUPostConnection; import at.knowcenter.wag.egov.egiz.web.FormFields; import at.knowcenter.wag.egov.egiz.web.LocalRequest; +import at.knowcenter.wag.egov.egiz.web.LocalRequestHelper; import at.knowcenter.wag.egov.egiz.web.SessionAttributes; /** @@ -84,7 +86,26 @@ public class DataURLServlet extends HttpServlet dispatch(request, response, "/jsp/results.jsp"); } - /** + protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { + this.doPost(req, resp); + } + + private static void temporaryRedirect(String redirectURL, HttpServletResponse response) throws IOException { + String encodedRedirect = response.encodeRedirectURL(redirectURL); + response.addHeader("Location", encodedRedirect); + response.setContentType("text/xml"); + response.setStatus(HttpServletResponse.SC_TEMPORARY_REDIRECT); + String nop = ""; + PrintWriter pw = response.getWriter(); + response.setCharacterEncoding("UTF-8"); + response.setContentLength(nop.getBytes("UTF-8").length); + log.debug("Redirecting via NullOperationRequest to " + encodedRedirect + "."); + pw.println(nop); + pw.flush(); + pw.close(); + } + +/** * @see javax.servlet.http.HttpServlet#doPost(javax.servlet.http.HttpServletRequest, * javax.servlet.http.HttpServletResponse) */ @@ -148,7 +169,7 @@ public class DataURLServlet extends HttpServlet if (isNullResponse(xml_response)) { log.debug("Received a NullOperationResponse -> answering with the first request."); //$NON-NLS-1$ - + assert si.outputAvailable == false; assert si.response_properties == null; @@ -158,6 +179,7 @@ public class DataURLServlet extends HttpServlet String request_string = local_request.getRequestString(); + log.debug("request = " + request_string); response.setContentType("text/xml"); response.setCharacterEncoding("UTF-8"); response.getWriter().println(request_string); @@ -208,10 +230,16 @@ public class DataURLServlet extends HttpServlet HttpSession session = request.getSession(true); log.debug("Putting signed document into session (" + session.getId() + ")."); session.setAttribute(SessionAttributes.SIGNED_PDF_DOCUMENT, si); - session.setAttribute(SessionAttributes.DOWNLOAD_URL_FOR_SIGNED_PDF_DOCUMENT, response.encodeRedirectURL("/pdf-as/ProvidePDF")); - String redirectURL = response.encodeRedirectURL("/pdf-as/jsp/download.jsp"); - log.debug("Redirecting to " + redirectURL + "."); - response.sendRedirect(redirectURL); +// String serverURL = LocalRequestHelper.getLocalServerAddress(request, response); + String downloadURL = response.encodeRedirectURL(LocalRequestHelper.getLocalContextAddress(request, response) + "/ProvidePDF"); + log.debug("Creating download URL \"" + downloadURL + "\"."); + session.setAttribute(SessionAttributes.DOWNLOAD_URL_FOR_SIGNED_PDF_DOCUMENT, downloadURL); + +// String redirectURL = response.encodeRedirectURL("/pdf-as/jsp/download.jsp"); +// log.debug("Redirecting to " + redirectURL + "."); +// response.sendRedirect(redirectURL); + temporaryRedirect(LocalRequestHelper.getLocalContextAddress(request, response) + "/jsp/download.jsp", response); + return; // SignServletHelper.returnSignResponse(si, response); } @@ -275,7 +303,7 @@ public class DataURLServlet extends HttpServlet si.currentLocalOperation = null; - URL btlURL = new URL(request.getScheme(), request.getServerName(), request.getServerPort(), request.getContextPath() + "/jsp/verifylist.jsp"); + URL btlURL = new URL(LocalRequestHelper.getLocalContextAddress(request, response) + "/jsp/verifylist.jsp"); String backToListURL = response.encodeURL(btlURL.toString()); dispatchToResults(results, request, response, backToListURL); diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/ProvidePDFServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/ProvidePDFServlet.java index 6d486a5..03bd074 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/ProvidePDFServlet.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/ProvidePDFServlet.java @@ -56,9 +56,11 @@ public class ProvidePDFServlet extends HttpServlet { disp.forward(request, response); return; } else { - log.debug("Signed pdf found. Removing from session."); + log.debug("Signed pdf found."); session.removeAttribute(SessionAttributes.SIGNED_PDF_DOCUMENT); log.debug("Returning signed pdf to browser."); + log.debug("Invalidating session."); + session.invalidate(); SignServletHelper.returnSignResponse(si, response); return; } diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/RetrieveSignatureDataServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/RetrieveSignatureDataServlet.java index 6653a60..61996da 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/RetrieveSignatureDataServlet.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/RetrieveSignatureDataServlet.java @@ -12,22 +12,17 @@ import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import at.gv.egiz.pdfas.impl.input.TextDataSourceImpl; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + import at.gv.egiz.pdfas.exceptions.web.SessionExpiredException; -import at.gv.egiz.pdfas.framework.input.DataSource; +import at.gv.egiz.pdfas.utils.StreamUtils; import at.gv.egiz.pdfas.web.SignSessionInformation; import at.gv.egiz.pdfas.web.VerifySessionInformation; import at.gv.egiz.pdfas.web.helper.SessionHelper; -import at.gv.egiz.pdfas.utils.StreamUtils; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - import at.knowcenter.wag.egov.egiz.PdfAS; -import at.knowcenter.wag.egov.egiz.pdf.BinarySignatureHolder; import at.knowcenter.wag.egov.egiz.pdf.SignatureHolder; import at.knowcenter.wag.egov.egiz.sig.SignatureData; -import at.knowcenter.wag.egov.egiz.sig.SignatureDataImpl; /** * Retrieves the Signature Data from the session and returns it. @@ -63,13 +58,16 @@ public class RetrieveSignatureDataServlet extends HttpServlet disp.forward(request, response); } - /** +/** * @see javax.servlet.http.HttpServlet#doGet(javax.servlet.http.HttpServletRequest, * javax.servlet.http.HttpServletResponse) */ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { - log.debug("Request for receiving signature data."); //$NON-NLS-1$ + if (log.isDebugEnabled()) { + log.debug("Request for receiving signature data."); //$NON-NLS-1$ + log.debug("Requested session id is = " + request.getRequestedSessionId()); + } try { @@ -141,6 +139,8 @@ public class RetrieveSignatureDataServlet extends HttpServlet response.setContentType(sd.getMimeType()); response.setCharacterEncoding(sd.getCharacterEncoding()); + // [tknall] content length must be set, otherwise ITS BKU for Mac rejects the request. + response.setContentLength(sd.getDataSource().getLength()); StreamUtils.writeInputStreamToOutputStream(sd.getDataSource().createInputStream(), response.getOutputStream()); // response.getOutputStream().write(sd.getData()); diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java index e2de8ae..a608b74 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/SignServlet.java @@ -299,7 +299,8 @@ public class SignServlet extends HttpServlet // for performance measurement if (log.isInfoEnabled()) { long endTime = System.currentTimeMillis(); - String toReport = "SIGN;" + si.mode + ";" + si.filename + ";"+ fileSize + ";" + +// String toReport = "SIGN;" + si.mode + ";" + si.filename + ";"+ fileSize + ";" + + String toReport = "SIGN;" + si.mode + ";XXX;"+ fileSize + ";" + (endTime - startTime); log.info(toReport); diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java index 571a8e1..9a91567 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyPreviewServlet.java @@ -101,7 +101,7 @@ public class VerifyPreviewServlet extends HttpServlet protected String formBackToListURL(HttpServletRequest request, HttpServletResponse response) throws MalformedURLException { - URL btlURL = new URL(request.getScheme(), request.getServerName(), request.getServerPort(), request.getContextPath() + "/jsp/verifylist.jsp"); + URL btlURL = new URL(LocalRequestHelper.getLocalContextAddress(request, response) + "/jsp/verifylist.jsp"); String backToListURL = response.encodeURL(btlURL.toString()); return backToListURL; @@ -566,7 +566,7 @@ public class VerifyPreviewServlet extends HttpServlet } String host = request.getServerName(); - URL loc_ref_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/RetrieveSignatureData"); + URL loc_ref_URL = new URL(LocalRequestHelper.getLocalContextAddress(request, response) + "/RetrieveSignatureData"); String loc_ref_url = response.encodeURL(loc_ref_URL.toString()); List results = PdfAS.verifySignatureHoldersWeb(holders_to_verify, si, loc_ref_url); @@ -575,7 +575,7 @@ public class VerifyPreviewServlet extends HttpServlet { backbutton = false; } - URL btlURL = new URL(request.getScheme(), request.getServerName(), request.getServerPort(), request.getContextPath() + "/jsp/verifylist.jsp"); + URL btlURL = new URL(LocalRequestHelper.getLocalContextAddress(request, response) + "/jsp/verifylist.jsp"); String backToListURL = response.encodeURL(btlURL.toString()); dispatchToResults(results, request, response, backbutton, backToListURL); @@ -685,12 +685,12 @@ public class VerifyPreviewServlet extends HttpServlet } String host = request.getServerName(); - URL loc_ref_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/RetrieveSignatureData"); + URL loc_ref_URL = new URL(LocalRequestHelper.getLocalContextAddress(request, response) + "/RetrieveSignatureData"); String loc_ref_url = response.encodeURL(loc_ref_URL.toString()); List results = PdfAS.verifySignatureHoldersWeb(holders_to_verify, si, loc_ref_url); - URL btlURL = new URL(request.getScheme(), request.getServerName(), request.getServerPort(), request.getContextPath() + "/jsp/verifylist.jsp"); + URL btlURL = new URL(LocalRequestHelper.getLocalContextAddress(request, response) + "/jsp/verifylist.jsp"); String backToListURL = response.encodeURL(btlURL.toString()); dispatchToResults(results, request, response, true, backToListURL); } diff --git a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java index c9ed314..97a1e6f 100644 --- a/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java +++ b/src/main/java/at/knowcenter/wag/egov/egiz/web/servlets/VerifyServlet.java @@ -151,7 +151,7 @@ public class VerifyServlet extends HttpServlet String host = request.getServerName(); // TODO still required for old communication with MOA-SS/SP - URL loc_ref_URL = new URL(request.getScheme(), host, request.getServerPort(), request.getContextPath() + "/RetrieveSignatureData"); + URL loc_ref_URL = new URL(LocalRequestHelper.getLocalContextAddress(request, response) + "/RetrieveSignatureData"); String loc_ref_url = response.encodeURL(loc_ref_URL.toString()); List results = PdfAS.verifySignatureHoldersWeb(signature_holders, si, loc_ref_url); -- cgit v1.2.3