diff options
author | Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> | 2016-06-28 10:06:41 +0200 |
---|---|---|
committer | Andreas Fitzek <andreas.fitzek@iaik.tugraz.at> | 2016-06-28 10:06:41 +0200 |
commit | ae79fd767efa5760e1335815538018e5e83d55be (patch) | |
tree | f94f8c64c46aa12d9322f29d5939f86fddba3236 | |
parent | 9440e26621193d138ebe26b32405b33d41b7c7ab (diff) | |
download | pdf-as-4-ae79fd767efa5760e1335815538018e5e83d55be.tar.gz pdf-as-4-ae79fd767efa5760e1335815538018e5e83d55be.tar.bz2 pdf-as-4-ae79fd767efa5760e1335815538018e5e83d55be.zip |
fixes for disabling json API, keeping signed data
-rw-r--r-- | pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java | 6 | ||||
-rw-r--r-- | pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/JSONAPIServlet.java | 1 |
2 files changed, 6 insertions, 1 deletions
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java index 691ab423..c9c43fa3 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/helper/PdfAsHelper.java @@ -1148,6 +1148,7 @@ public class PdfAsHelper { HttpSession session = request.getSession(); Object signedData = session.getAttribute(PDF_SIGNED_DATA_CREATED); if (signedData == null) { + logger.warn("Cannot find signed data created timestamp in session."); return true; } @@ -1157,7 +1158,10 @@ public class PdfAsHelper { long validUntil = created + 300000; - return validUntil > now; + logger.warn("Signed data is expired valid until {} now {}", + validUntil, now); + + return validUntil < now; } logger.warn("PDF_SIGNED_DATA_CREATED in session is not a long type!"); return true; diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/JSONAPIServlet.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/JSONAPIServlet.java index 67b242d0..0cee185a 100644 --- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/JSONAPIServlet.java +++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/JSONAPIServlet.java @@ -59,6 +59,7 @@ public class JSONAPIServlet extends HttpServlet { if(!WebConfiguration.isJSONAPIEnabled()) { logger.info("Access to JSON API, but JSON API is disabled. Returning 404 error."); resp.sendError(404); + return; } String jsonString = IOUtils.toString(req.getInputStream(), "UTF-8"); |