aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Fitzek <andreas.fitzek@iaik.tugraz.at>2016-06-28 10:06:41 +0200
committerAndreas Fitzek <andreas.fitzek@iaik.tugraz.at>2016-06-28 10:06:41 +0200
commitae79fd767efa5760e1335815538018e5e83d55be (patch)
treef94f8c64c46aa12d9322f29d5939f86fddba3236
parent9440e26621193d138ebe26b32405b33d41b7c7ab (diff)
downloadpdf-as-4-ae79fd767efa5760e1335815538018e5e83d55be.tar.gz
pdf-as-4-ae79fd767efa5760e1335815538018e5e83d55be.tar.bz2
pdf-as-4-ae79fd767efa5760e1335815538018e5e83d55be.zip
fixes for disabling json API, keeping signed data
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java6
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/JSONAPIServlet.java1
2 files changed, 6 insertions, 1 deletions
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java
index 691ab423..c9c43fa3 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java
@@ -1148,6 +1148,7 @@ public class PdfAsHelper {
HttpSession session = request.getSession();
Object signedData = session.getAttribute(PDF_SIGNED_DATA_CREATED);
if (signedData == null) {
+ logger.warn("Cannot find signed data created timestamp in session.");
return true;
}
@@ -1157,7 +1158,10 @@ public class PdfAsHelper {
long validUntil = created + 300000;
- return validUntil > now;
+ logger.warn("Signed data is expired valid until {} now {}",
+ validUntil, now);
+
+ return validUntil < now;
}
logger.warn("PDF_SIGNED_DATA_CREATED in session is not a long type!");
return true;
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/JSONAPIServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/JSONAPIServlet.java
index 67b242d0..0cee185a 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/JSONAPIServlet.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/JSONAPIServlet.java
@@ -59,6 +59,7 @@ public class JSONAPIServlet extends HttpServlet {
if(!WebConfiguration.isJSONAPIEnabled()) {
logger.info("Access to JSON API, but JSON API is disabled. Returning 404 error.");
resp.sendError(404);
+ return;
}
String jsonString = IOUtils.toString(req.getInputStream(), "UTF-8");