@Override public final void enforceGetDatastreamHistory(Context context, String pid, String datastreamId) throws AuthzException { try { logger.debug("Entered enforceGetDatastreamHistory"); String target = Constants.ACTION.GET_DATASTREAM_HISTORY.uri; context.setActionAttributes(null); MultiValueMap<URI> resourceAttributes = new MultiValueMap<URI>(); try { resourceAttributes.set(Constants.DATASTREAM.ID.attributeId, datastreamId); } catch (Exception e) { context.setResourceAttributes(null); throw new AuthzOperationalException( target + " couldn't set " + Constants.DATASTREAM.ID.uri, e); } context.setResourceAttributes(resourceAttributes); xacmlPep.enforce( context.getSubjectValue(Constants.SUBJECT.LOGIN_ID.uri), target, Constants.ACTION.APIM.uri, pid, extractNamespace(pid), context); } finally { logger.debug("Exiting enforceGetDatastreamHistory"); } }
@Override public void enforceGetDatastreamDissemination( Context context, String pid, String datastreamId, Date asOfDate) throws AuthzException { try { logger.debug("Entered enforceGetDatastreamDissemination"); String target = Constants.ACTION.GET_DATASTREAM_DISSEMINATION.uri; context.setActionAttributes(null); MultiValueMap<URI> resourceAttributes = new MultiValueMap<URI>(); URI name = null; try { name = Constants.DATASTREAM.ID.attributeId; resourceAttributes.set(name, datastreamId); name = Constants.RESOURCE.AS_OF_DATETIME.attributeId; resourceAttributes.set(name, ensureDate(asOfDate, context)); } catch (Exception e) { context.setResourceAttributes(null); throw new AuthzOperationalException(target + " couldn't set " + name, e); } context.setResourceAttributes(resourceAttributes); xacmlPep.enforce( context.getSubjectValue(Constants.SUBJECT.LOGIN_ID.uri), target, Constants.ACTION.APIA.uri, pid, extractNamespace(pid), context); } finally { logger.debug("Exiting enforceGetDatastreamDissemination"); } }
@Override public final void enforceIngest(Context context, String pid, String format, String ingestEncoding) throws AuthzException { try { logger.debug("Entered enforceIngest"); String target = Constants.ACTION.INGEST.uri; context.setActionAttributes(null); MultiValueMap<URI> resourceAttributes = new MultiValueMap<URI>(); URI name = null; try { name = Constants.OBJECT.FORMAT_URI.attributeId; resourceAttributes.set(name, format); name = Constants.OBJECT.ENCODING.attributeId; resourceAttributes.set(name, ingestEncoding); } catch (Exception e) { context.setResourceAttributes(null); throw new AuthzOperationalException(target + " couldn't set " + name, e); } context.setResourceAttributes(resourceAttributes); xacmlPep.enforce( context.getSubjectValue(Constants.SUBJECT.LOGIN_ID.uri), target, Constants.ACTION.APIM.uri, pid, extractNamespace(pid), context); } finally { logger.debug("Exiting enforceIngest"); } }
@Override public final void enforceModifyObject( Context context, String pid, String objectNewState, String objectNewOwnerId) throws AuthzException { try { logger.debug("Entered enforceModifyObject"); String target = Constants.ACTION.MODIFY_OBJECT.uri; context.setActionAttributes(null); MultiValueMap<URI> resourceAttributes = new MultiValueMap<URI>(); URI name = null; try { name = Constants.OBJECT.NEW_STATE.attributeId; resourceAttributes.set(name, objectNewState); if (objectNewOwnerId != null) { name = Constants.OBJECT.OWNER.attributeId; resourceAttributes.set(name, objectNewOwnerId.split(m_ownerIdSeparator)); } } catch (Exception e) { context.setResourceAttributes(null); throw new AuthzOperationalException(target + " couldn't set " + name, e); } context.setResourceAttributes(resourceAttributes); xacmlPep.enforce( context.getSubjectValue(Constants.SUBJECT.LOGIN_ID.uri), target, Constants.ACTION.APIM.uri, pid, extractNamespace(pid), context); } finally { logger.debug("Exiting enforceModifyObject"); } }
@Override public void enforce_Internal_DSState(Context context, String id, String state) throws AuthzException { try { logger.debug("Entered enforce_Internal_DSState"); String target = Constants.ACTION.INTERNAL_DSSTATE.uri; context.setActionAttributes(null); MultiValueMap<URI> resourceAttributes = new MultiValueMap<URI>(); try { resourceAttributes.set(Constants.DATASTREAM.ID.attributeId, id); } catch (Exception e) { context.setResourceAttributes(null); throw new AuthzOperationalException( target + " couldn't set " + Constants.DATASTREAM.ID.uri, e); } try { resourceAttributes.set(Constants.DATASTREAM.STATE.attributeId, state); } catch (Exception e) { context.setResourceAttributes(null); throw new AuthzOperationalException( target + " couldn't set " + Constants.DATASTREAM.STATE.uri, e); } context.setResourceAttributes(resourceAttributes); xacmlPep.enforce( context.getSubjectValue(Constants.SUBJECT.LOGIN_ID.uri), target, Constants.ACTION.APIA.uri, "", "", context); } finally { logger.debug("Exiting enforce_Internal_DSState"); } }
@Override public final void enforceGetObjectXML(Context context, String pid, String objectXmlEncoding) throws AuthzException { try { logger.debug("Entered enforceGetObjectXML"); String target = Constants.ACTION.GET_OBJECT_XML.uri; context.setActionAttributes(null); MultiValueMap<URI> resourceAttributes = new MultiValueMap<URI>(); try { resourceAttributes.set(Constants.OBJECT.ENCODING.attributeId, objectXmlEncoding); } catch (Exception e) { context.setResourceAttributes(null); throw new AuthzOperationalException( target + " couldn't set " + Constants.OBJECT.ENCODING.uri, e); } context.setResourceAttributes(resourceAttributes); xacmlPep.enforce( context.getSubjectValue(Constants.SUBJECT.LOGIN_ID.uri), target, Constants.ACTION.APIM.uri, pid, extractNamespace(pid), context); } finally { logger.debug("Exiting enforceGetObjectXML"); } }
@Override public final void enforceGetNextPid(Context context, String namespace, int nNewPids) throws AuthzException { try { logger.debug("Entered enforceGetNextPid"); String target = Constants.ACTION.GET_NEXT_PID.uri; context.setActionAttributes(null); MultiValueMap<URI> resourceAttributes = new MultiValueMap<URI>(); try { String nNewPidsAsString = Integer.toString(nNewPids); resourceAttributes.set(Constants.OBJECT.N_PIDS.attributeId, nNewPidsAsString); } catch (Exception e) { context.setResourceAttributes(null); throw new AuthzOperationalException( target + " couldn't set " + Constants.OBJECT.N_PIDS.uri, e); } context.setResourceAttributes(resourceAttributes); xacmlPep.enforce( context.getSubjectValue(Constants.SUBJECT.LOGIN_ID.uri), target, Constants.ACTION.APIM.uri, "", namespace, context); } finally { logger.debug("Exiting enforceGetNextPid"); } }
@Override public void enforceRetrieveFile(Context context, String fileURI) throws AuthzException { try { logger.debug("Entered enforceRetrieveFile for {}", fileURI); String target = Constants.ACTION.RETRIEVE_FILE.uri; context.setActionAttributes(null); try { MultiValueMap<URI> resourceAttributes = new MultiValueMap<URI>(); resourceAttributes.set(Constants.DATASTREAM.FILE_URI.attributeId, fileURI); context.setResourceAttributes(resourceAttributes); } catch (Exception e) { context.setResourceAttributes(null); throw new AuthzOperationalException( target + " couldn't be set " + Constants.DATASTREAM.FILE_URI.uri, e); } xacmlPep.enforce( context.getSubjectValue(Constants.SUBJECT.LOGIN_ID.uri), target, Constants.ACTION.APIM.uri, "", extractNamespace(fileURI), context); } finally { logger.debug("Exiting enforceRetrieveFile"); } }
@Override public void enforcePurgeRelationship( Context context, String pid, String predicate, String object, boolean isLiteral, String datatype) throws AuthzException { try { logger.debug("Entered enforcePurgeRelationship"); String target = Constants.ACTION.PURGE_RELATIONSHIP.uri; context.setActionAttributes(null); MultiValueMap<URI> resourceAttributes = new MultiValueMap<URI>(); try { resourceAttributes.set(Constants.OBJECT.PID.attributeId, pid); } catch (Exception e) { context.setResourceAttributes(null); throw new AuthzOperationalException( target + " couldn't set " + Constants.OBJECT.PID.uri, e); } context.setResourceAttributes(resourceAttributes); xacmlPep.enforce( context.getSubjectValue(Constants.SUBJECT.LOGIN_ID.uri), target, Constants.ACTION.APIM.uri, pid, extractNamespace(pid), context); } finally { logger.debug("Exiting enforcePurgeRelationship"); } }
@Override public void enforceGetObjectProfile(Context context, String pid, Date asOfDate) throws AuthzException { try { logger.debug("Entered enforceGetObjectProfile"); String target = Constants.ACTION.GET_OBJECT_PROFILE.uri; context.setActionAttributes(null); MultiValueMap<URI> resourceAttributes = new MultiValueMap<URI>(); try { resourceAttributes.set( Constants.RESOURCE.AS_OF_DATETIME.attributeId, ensureDate(asOfDate, context)); } catch (Exception e) { context.setResourceAttributes(null); throw new AuthzOperationalException( target + " couldn't set " + Constants.RESOURCE.AS_OF_DATETIME.uri, e); } context.setResourceAttributes(resourceAttributes); xacmlPep.enforce( context.getSubjectValue(Constants.SUBJECT.LOGIN_ID.uri), target, Constants.ACTION.APIA.uri, pid, extractNamespace(pid), context); } finally { logger.debug("Exiting enforceGetObjectProfile"); } }
@Override public final void enforceSetDatastreamVersionable( Context context, String pid, String datastreamId, boolean datastreamNewVersionable) throws AuthzException { try { logger.debug("Entered enforceSetDatastreamVersionable"); String target = Constants.ACTION.SET_DATASTREAM_VERSIONABLE.uri; context.setActionAttributes(null); MultiValueMap<URI> resourceAttributes = new MultiValueMap<URI>(); URI name = null; try { name = Constants.DATASTREAM.ID.attributeId; resourceAttributes.set(name, datastreamId); name = Constants.DATASTREAM.NEW_VERSIONABLE.attributeId; resourceAttributes.set(name, new Boolean(datastreamNewVersionable).toString()); } catch (Exception e) { context.setResourceAttributes(null); throw new AuthzOperationalException(target + " couldn't set " + name, e); } context.setResourceAttributes(resourceAttributes); xacmlPep.enforce( context.getSubjectValue(Constants.SUBJECT.LOGIN_ID.uri), target, Constants.ACTION.APIM.uri, pid, extractNamespace(pid), context); } finally { logger.debug("Exiting enforceSetDatastreamVersionable"); } }
@SuppressWarnings("deprecation") @Override public void enforceGetDissemination( Context context, String pid, String sDefPid, String methodName, Date asOfDate, String objectState, String sDefState, String sDepPid, String sDepState, String dissState) throws AuthzException { try { logger.debug("Entered enforceGetDissemination"); String target = Constants.ACTION.GET_DISSEMINATION.uri; context.setActionAttributes(null); MultiValueMap<URI> resourceAttributes = new MultiValueMap<URI>(); URI name = null; try { name = Constants.SDEF.PID.attributeId; resourceAttributes.set(name, sDefPid); name = Constants.SDEF.NAMESPACE.attributeId; resourceAttributes.set(name, extractNamespace(sDefPid)); name = Constants.DISSEMINATOR.METHOD.attributeId; resourceAttributes.set(name, methodName); name = Constants.SDEP.PID.attributeId; resourceAttributes.set(name, sDepPid); name = Constants.SDEP.NAMESPACE.attributeId; resourceAttributes.set(name, extractNamespace(sDepPid)); name = Constants.OBJECT.STATE.attributeId; resourceAttributes.set(name, objectState); name = Constants.DISSEMINATOR.STATE.attributeId; resourceAttributes.set(name, dissState); name = Constants.SDEF.STATE.attributeId; resourceAttributes.set(name, sDefState); name = Constants.SDEP.STATE.attributeId; resourceAttributes.set(name, sDepState); name = Constants.RESOURCE.AS_OF_DATETIME.attributeId; resourceAttributes.set(name, ensureDate(asOfDate, context)); } catch (Exception e) { context.setResourceAttributes(null); throw new AuthzOperationalException(target + " couldn't set " + name, e); } context.setResourceAttributes(resourceAttributes); xacmlPep.enforce( context.getSubjectValue(Constants.SUBJECT.LOGIN_ID.uri), target, Constants.ACTION.APIA.uri, pid, extractNamespace(pid), context); } finally { logger.debug("Exiting enforceGetDissemination"); } }
/** * Enforce authorization for adding a datastream to an object. Provide attributes for the * authorization decision and wrap that xacml decision. * * <p>The following attributes are available for use in authorization policies during a call to * this method. * * <p>action attributes * * <ul> * <li>urn:fedora:names:fedora:2.1:action:id == * urn:fedora:names:fedora:2.1:action:id-addDatastream * <li>urn:fedora:names:fedora:2.1:action:api == urn:fedora:names:fedora:2.1:action:api-m * </ul> * * <p>resource attributes of object to which datastream would be added * * <ul> * <li>urn:fedora:names:fedora:2.1:resource:object:pid * <li>urn:fedora:names:fedora:2.1:resource:object:namespace (if pid is "x:y", namespace is "x") * </ul> * * <p>resource attributes of datastream which would be added * * <ul> * <li>urn:fedora:names:fedora:2.1:resource:datastream:mimeType * <li>urn:fedora:names:fedora:2.1:resource:datastream:formatUri * <li>urn:fedora:names:fedora:2.1:resource:datastream:state * <li>urn:fedora:names:fedora:2.1:resource:datastream:id * <li>urn:fedora:names:fedora:2.1:resource:datastream:location * <li>urn:fedora:names:fedora:2.1:resource:datastream:controlGroup * <li>urn:fedora:names:fedora:2.1:resource:datastream:altIds * <li>urn:fedora:names:fedora:2.1:resource:datastream:checksumType * <li>urn:fedora:names:fedora:2.1:resource:datastream:checksum * </ul> */ @Override public final void enforceAddDatastream( Context context, String pid, String dsId, String[] altIDs, String MIMEType, String formatURI, String dsLocation, String controlGroup, String dsState, String checksumType, String checksum) throws AuthzException { try { logger.debug("Entered enforceAddDatastream"); String target = Constants.ACTION.ADD_DATASTREAM.uri; context.setActionAttributes(null); MultiValueMap<URI> resourceAttributes = new MultiValueMap<URI>(); URI name = null; try { name = Constants.DATASTREAM.MIME_TYPE.attributeId; resourceAttributes.set(name, MIMEType); name = Constants.DATASTREAM.FORMAT_URI.attributeId; resourceAttributes.set(name, formatURI); name = Constants.DATASTREAM.STATE.attributeId; resourceAttributes.set(name, dsState); name = Constants.DATASTREAM.ID.attributeId; resourceAttributes.set(name, dsId); name = Constants.DATASTREAM.LOCATION.attributeId; resourceAttributes.set(name, dsLocation); name = Constants.DATASTREAM.CONTROL_GROUP.attributeId; resourceAttributes.set(name, controlGroup); name = Constants.DATASTREAM.ALT_IDS.attributeId; resourceAttributes.set(name, altIDs); name = Constants.DATASTREAM.CHECKSUM_TYPE.attributeId; resourceAttributes.set(name, checksumType); name = Constants.DATASTREAM.CHECKSUM.attributeId; resourceAttributes.set(name, checksum); } catch (Exception e) { context.setResourceAttributes(null); throw new AuthzOperationalException(target + " couldn't set " + name, e); } context.setResourceAttributes(resourceAttributes); xacmlPep.enforce( context.getSubjectValue(Constants.SUBJECT.LOGIN_ID.uri), target, Constants.ACTION.APIM.uri, pid, extractNamespace(pid), context); } finally { logger.debug("Exiting enforceAddDatastream"); } }
@Override public void enforceReloadPolicies(Context context) throws AuthzException { try { logger.debug("Entered enforceReloadPolicies"); String target = Constants.ACTION.RELOAD_POLICIES.uri; context.setResourceAttributes(null); context.setActionAttributes(null); xacmlPep.enforce( context.getSubjectValue(Constants.SUBJECT.LOGIN_ID.uri), target, "", "", "", context); } finally { logger.debug("Exiting enforceReloadPolicies"); } }
@Override public final void enforceModifyDatastreamByReference( Context context, String pid, String datastreamId, String[] datastreamNewAltIDs, String datastreamNewMimeType, String datastreamNewFormatURI, String datastreamNewLocation, String datastreamNewChecksumType, String datastreamNewChecksum) throws AuthzException { try { logger.debug("Entered enforceModifyDatastreamByReference"); String target = Constants.ACTION.MODIFY_DATASTREAM_BY_REFERENCE.uri; context.setActionAttributes(null); MultiValueMap<URI> resourceAttributes = new MultiValueMap<URI>(); URI name = null; try { name = Constants.DATASTREAM.ID.attributeId; resourceAttributes.set(name, datastreamId); name = Constants.DATASTREAM.NEW_MIME_TYPE.attributeId; resourceAttributes.set(name, datastreamNewMimeType); name = Constants.DATASTREAM.NEW_FORMAT_URI.attributeId; resourceAttributes.set(name, datastreamNewFormatURI); name = Constants.DATASTREAM.NEW_LOCATION.attributeId; resourceAttributes.set(name, datastreamNewLocation); name = Constants.DATASTREAM.NEW_ALT_IDS.attributeId; resourceAttributes.set(name, datastreamNewAltIDs); name = Constants.DATASTREAM.NEW_CHECKSUM_TYPE.attributeId; resourceAttributes.set(name, datastreamNewChecksumType); name = Constants.DATASTREAM.NEW_CHECKSUM.attributeId; resourceAttributes.set(name, datastreamNewChecksum); } catch (Exception e) { context.setResourceAttributes(null); throw new AuthzOperationalException(target + " couldn't set " + name, e); } context.setResourceAttributes(resourceAttributes); xacmlPep.enforce( context.getSubjectValue(Constants.SUBJECT.LOGIN_ID.uri), target, Constants.ACTION.APIM.uri, pid, extractNamespace(pid), context); } finally { logger.debug("Exiting enforceModifyDatastreamByReference"); } }
@Override public void enforceGetObjectHistory(Context context, String pid) throws AuthzException { try { logger.debug("Entered enforceGetObjectHistory"); String target = Constants.ACTION.GET_OBJECT_HISTORY.uri; context.setActionAttributes(null); context.setResourceAttributes(null); xacmlPep.enforce( context.getSubjectValue(Constants.SUBJECT.LOGIN_ID.uri), target, Constants.ACTION.APIA.uri, pid, extractNamespace(pid), context); } finally { logger.debug("Exiting enforceGetObjectHistory"); } }
@Override public void enforceRIFindObjects(Context context) throws AuthzException { try { logger.debug("Entered enforceRIFindObjects"); String target = Constants.ACTION.RI_FIND_OBJECTS.uri; context.setActionAttributes(null); context.setResourceAttributes(null); xacmlPep.enforce( context.getSubjectValue(Constants.SUBJECT.LOGIN_ID.uri), target, Constants.ACTION.APIA.uri, "", "", context); } finally { logger.debug("Exiting enforceRIFindObjects"); } }
@Override public void enforceDescribeRepository(Context context) throws AuthzException { try { logger.debug("Entered enforceDescribeRepository"); String target = Constants.ACTION.DESCRIBE_REPOSITORY.uri; context.setActionAttributes(null); context.setResourceAttributes(null); xacmlPep.enforce( context.getSubjectValue(Constants.SUBJECT.LOGIN_ID.uri), target, Constants.ACTION.APIA.uri, "", "", context); } finally { logger.debug("Exiting enforceDescribeRepository"); } }
@Override public Object invoke(Object proxy, Method method, Object[] args) throws Throwable { // TODO only hook the changing methods // args[0] = context // args[1] = pid Context context = (Context) args[0]; String pid = args[1].toString(); // from context, get username String username = context.getSubjectValue(Constants.SUBJECT.LOGIN_ID.uri); sharedLockResource database = sharedLockResource.getInstance(); // check pid and username against databaseAccessor if (database.isAvailableForThisUser(pid, username)) { return method.invoke(target, args); } else { throw new IllegalAccessException("Attempted to use a method on a locked object"); } }
private final String ensureDate(Date date, Context context) throws AuthzOperationalException { if (date == null) { date = context.now(); } String dateAsString; try { dateAsString = dateAsString(date); } catch (Throwable t) { throw new AuthzOperationalException("couldn't make date a string", t); } return dateAsString; }
/** * Constructor for ProfileSerializeThread. * * @param PID The persistent identifier of the specified digital object. * @param methodDefs An array of ObjectMethodsDefs. * @param versDateTime The version datetime stamp of the request. * @param pw A PipedWriter to which the serialization info is written. */ public ObjectMethodsDefSerializerThread( Context context, String PID, ObjectMethodsDef[] methodDefs, Date versDateTime, PipedWriter pw) { this.pw = pw; this.PID = PID; this.methodDefs = methodDefs; this.versDateTime = versDateTime; fedoraServerPort = context.getEnvironmentValue(HTTP_REQUEST.SERVER_PORT.attributeId); fedoraAppServerContext = context.getEnvironmentValue(Constants.FEDORA_APP_CONTEXT_NAME); if (HTTP_REQUEST.SECURE.uri.equals( context.getEnvironmentValue(HTTP_REQUEST.SECURITY.attributeId))) { fedoraServerProtocol = HTTPS; } else if (HTTP_REQUEST.INSECURE.uri.equals( context.getEnvironmentValue(HTTP_REQUEST.SECURITY.attributeId))) { fedoraServerProtocol = HTTP; } }
@Override public final void enforceListObjectInResourceIndexResults(Context context, String pid) throws AuthzException { try { logger.debug("Entered enforceListObjectInResourceIndexResults"); String target = Constants.ACTION.LIST_OBJECT_IN_RESOURCE_INDEX_RESULTS.uri; if (enforceListObjectInResourceIndexResults) { context.setActionAttributes(null); context.setResourceAttributes(null); xacmlPep.enforce( context.getSubjectValue(Constants.SUBJECT.LOGIN_ID.uri), target, Constants.ACTION.APIA.uri, pid, extractNamespace(pid), context); } } finally { logger.debug("Exiting enforceListObjectInResourceIndexResults"); } }
private void writeContextPassword(Context context, XMLEventWriter writer) throws XMLStreamException { String password = context.getPassword(); if (password == null) { password = ""; } putStartTag(writer, QNAME_TAG_PASSWORD); putAttribute(writer, QNAME_ATTR_PASSWORD_TYPE, PASSWORD_CIPHER_TYPE); putCharacters(writer, encipherPassword(context, password)); putEndTag(writer, QNAME_TAG_PASSWORD); }
@Override public void enforceResolveDatastream(Context context, Date ticketIssuedDateTime) throws AuthzException { try { logger.debug("Entered enforceResolveDatastream"); String target = Constants.ACTION.RESOLVE_DATASTREAM.uri; context.setResourceAttributes(null); MultiValueMap<URI> actionAttributes = new MultiValueMap<URI>(); try { String ticketIssuedDateTimeString = DateUtility.convertDateToString(ticketIssuedDateTime); actionAttributes.set( Constants.RESOURCE.TICKET_ISSUED_DATETIME.attributeId, ticketIssuedDateTimeString); } catch (Exception e) { context.setActionAttributes(null); throw new AuthzOperationalException( target + " couldn't set " + Constants.RESOURCE.TICKET_ISSUED_DATETIME.uri, e); } context.setActionAttributes(actionAttributes); xacmlPep.enforce( context.getSubjectValue(Constants.SUBJECT.LOGIN_ID.uri), target, "", "", "", context); } finally { logger.debug("Exiting enforceResolveDatastream"); } }
private void writeContextNow(Context context, XMLEventWriter writer) throws XMLStreamException { putStartTag(writer, QNAME_TAG_NOW); putCharacters(writer, JournalHelper.formatDate(context.now())); putEndTag(writer, QNAME_TAG_NOW); }
private void writeContextNoOp(Context context, XMLEventWriter writer) throws XMLStreamException { putStartTag(writer, QNAME_TAG_NOOP); putCharacters(writer, String.valueOf(context.getNoOp())); putEndTag(writer, QNAME_TAG_NOOP); }
private String encipherPassword(Context context, String password) { String key = JournalHelper.formatDate(context.now()); return PasswordCipher.encipher(key, password); }
public void listMethods( Context context, String PID, Date asOfDateTime, boolean xml, HttpServletRequest request, HttpServletResponse response) throws ServerException { OutputStreamWriter out = null; Date versDateTime = asOfDateTime; ObjectMethodsDef[] methodDefs = null; PipedWriter pw = null; PipedReader pr = null; try { pw = new PipedWriter(); pr = new PipedReader(pw); methodDefs = m_access.listMethods(context, PID, asOfDateTime); // Object Profile found. // Serialize the ObjectProfile object into XML new ObjectMethodsDefSerializerThread(context, PID, methodDefs, versDateTime, pw).start(); if (xml) { // Return results as raw XML response.setContentType(CONTENT_TYPE_XML); // Insures stream read from PipedReader correctly translates // utf-8 // encoded characters to OutputStreamWriter. out = new OutputStreamWriter(response.getOutputStream(), "UTF-8"); int bufSize = 4096; char[] buf = new char[bufSize]; int len = 0; while ((len = pr.read(buf, 0, bufSize)) != -1) { out.write(buf, 0, len); } out.flush(); } else { // Transform results into an html table response.setContentType(CONTENT_TYPE_HTML); out = new OutputStreamWriter(response.getOutputStream(), "UTF-8"); File xslFile = new File(m_server.getHomeDir(), "access/listMethods.xslt"); Templates template = XmlTransformUtility.getTemplates(xslFile); Transformer transformer = template.newTransformer(); transformer.setParameter("fedora", context.getEnvironmentValue(FEDORA_APP_CONTEXT_NAME)); transformer.transform(new StreamSource(pr), new StreamResult(out)); } out.flush(); } catch (ServerException e) { throw e; } catch (Throwable th) { String message = "Error listing methods"; logger.error(message, th); throw new GeneralException(message, th); } finally { try { if (pr != null) { pr.close(); } if (out != null) { out.close(); } } catch (Throwable th) { String message = "[ListMethodsServlet] An error has occured. " + " The error was a \" " + th.getClass().getName() + " \". Reason: " + th.getMessage(); throw new StreamIOException(message); } } }