/**
  * Verifica che l'utente in sessione sia abilitato all'accesso alla pagina richiesta. Se è
  * autorizzato il metodo termina con CONTINUE, altrimenti con REDIRECT impostando prima i
  * parametri di redirezione alla pagina di login.
  *
  * @param reqCtx Il contesto di richiesta
  * @param status Lo stato di uscita del servizio precedente
  * @return Lo stato di uscita
  */
 @Override
 public int service(RequestContext reqCtx, int status) {
   if (_log.isLoggable(Level.FINEST)) {
     _log.finest("Invoked: " + this.getClass().getName());
   }
   int retStatus = ControllerManager.INVALID_STATUS;
   if (status == ControllerManager.ERROR) {
     return status;
   }
   try {
     HttpServletRequest req = reqCtx.getRequest();
     HttpSession session = req.getSession();
     IPage currentPage = (IPage) reqCtx.getExtraParam(SystemConstants.EXTRAPAR_CURRENT_PAGE);
     UserDetails currentUser =
         (UserDetails) session.getAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER);
     if (null == currentUser) {
       throw new ApsSystemException("no user on session");
     }
     boolean authorized = this.getAuthManager().isAuth(currentUser, currentPage);
     if (authorized) {
       retStatus = ControllerManager.CONTINUE;
     } else {
       retStatus = this.redirect(this.getLoginPageCode(), reqCtx);
     }
   } catch (Throwable t) {
     ApsSystemUtils.logThrowable(t, this, "service", "Error while processing the request");
     retStatus = ControllerManager.SYS_ERROR;
     reqCtx.setHTTPError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
   }
   return retStatus;
 }
  public void testServiceFailure() throws ApsSystemException {
    RequestContext reqCtx = this.getRequestContext();

    Role role = new Role();
    role.setName("testRole");
    User user = new User();
    user.addAutority(role);
    reqCtx.getRequest().getSession().setAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER, user);

    Page page = new Page();
    page.setCode("login");
    page.setGroup("free");
    page.setModel(new PageModel());

    reqCtx.addExtraParam(SystemConstants.EXTRAPAR_CURRENT_PAGE, page);

    Lang lang = new Lang();
    lang.setCode("it");
    reqCtx.addExtraParam(SystemConstants.EXTRAPAR_CURRENT_LANG, lang);

    MockHttpServletRequest request = (MockHttpServletRequest) reqCtx.getRequest();
    request.setRemoteAddr("255.255.255.255");
    request.addHeader("Referer", "homeTest");
    request.addHeader("User-Agent", "Mio Test Browser");
    request.addHeader("accept-language", "sardo");

    int status = _statMonitor.service(reqCtx, ControllerManager.CONTINUE);
    assertEquals(status, ControllerManager.CONTINUE);
    this.deleteStatsRecord();
  }
 /**
  * Imposta i parametri di una redirezione.
  *
  * @param redirDestPage Il codice della pagina su cui si vuole redirezionare.
  * @param reqCtx Il contesto di richiesta.
  * @return L'indicativo del tipo di redirezione in uscita del controlService. Può essere una delle
  *     costanti definite in ControllerManager.
  */
 protected int redirect(String redirDestPage, RequestContext reqCtx) {
   int retStatus;
   try {
     String redirPar = this.getParameter(RequestContext.PAR_REDIRECT_FLAG, reqCtx);
     if (redirPar == null || "".equals(redirPar)) {
       PageURL url = this.getUrlManager().createURL(reqCtx);
       url.setPageCode(redirDestPage);
       url.addParam(RequestContext.PAR_REDIRECT_FLAG, "1");
       String redirUrl = url.getURL();
       if (_log.isLoggable(Level.FINEST)) {
         _log.finest("Redirecting to " + redirUrl);
       }
       reqCtx.clearError();
       reqCtx.addExtraParam(RequestContext.EXTRAPAR_REDIRECT_URL, redirUrl);
       retStatus = ControllerManager.REDIRECT;
     } else {
       reqCtx.setHTTPError(HttpServletResponse.SC_BAD_REQUEST);
       retStatus = ControllerManager.ERROR;
     }
   } catch (Throwable t) {
     retStatus = ControllerManager.SYS_ERROR;
     reqCtx.setHTTPError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
     ApsSystemUtils.logThrowable(
         t, this, "redirect", "Error on creation redirect to page " + redirDestPage);
   }
   return retStatus;
 }
 public void testServiceFailure_2() throws ApsSystemException {
   RequestContext reqCtx = this.getRequestContext();
   ((MockHttpServletRequest) reqCtx.getRequest()).setServletPath("/wrongpath.wp"); // wrong path
   int status = _requestValidator.service(reqCtx, ControllerManager.CONTINUE);
   assertEquals(ControllerManager.REDIRECT, status);
   String redirectUrl = (String) reqCtx.getExtraParam(RequestContext.EXTRAPAR_REDIRECT_URL);
   assertEquals("/Entando/it/errorpage.page?redirectflag=1", redirectUrl);
 }
 public void testServiceFailure_2() throws Throwable {
   RequestContext reqCtx = this.getRequestContext();
   reqCtx.getRequest().getSession().removeAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER);
   IPage root = this._pageManager.getRoot();
   reqCtx.addExtraParam(SystemConstants.EXTRAPAR_CURRENT_PAGE, root);
   int status = _authorizator.service(reqCtx, ControllerManager.CONTINUE);
   assertEquals(status, ControllerManager.SYS_ERROR);
 }
 @Override
 public int service(RequestContext reqCtx, int status) {
   if (_log.isLoggable(Level.FINEST)) {
     _log.finest("Invoked " + this.getClass().getName());
   }
   int retStatus = ControllerManager.INVALID_STATUS;
   if (status == ControllerManager.ERROR) {
     return status;
   }
   try {
     String isActive =
         this.getConfigManager()
             .getParam(CasClientPluginSystemCostants.JPCASCLIENT_EXTENDED_ISACTIVE);
     if (!isActive.equals("true")) {
       // if cas client is disactivate normal Authorization on request
       return super.service(reqCtx, retStatus);
     } else {
       HttpServletRequest req = reqCtx.getRequest();
       HttpSession session = req.getSession();
       IPage currentPage = (IPage) reqCtx.getExtraParam(SystemConstants.EXTRAPAR_CURRENT_PAGE);
       UserDetails currentUser =
           (UserDetails) session.getAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER);
       boolean authorized = this.getAuthManager().isAuth(currentUser, currentPage);
       if (authorized) {
         retStatus = ControllerManager.CONTINUE;
       } else if (SystemConstants.GUEST_USER_NAME.equals(currentUser.getUsername())) {
         _log.info("CAS - user not authorized and guest");
         CasClientUtils casClientUtils = new CasClientUtils();
         String loginBaseUrl =
             this.getConfigManager().getParam(CasClientPluginSystemCostants.JPCASCLIENT_LOGIN_URL);
         StringBuffer loginUrl = new StringBuffer(loginBaseUrl);
         loginUrl.append("?service=");
         PageURL pageUrl = this.getUrlManager().createURL(reqCtx);
         String serviceUrl = casClientUtils.getURLStringWithoutTicketParam(pageUrl, reqCtx);
         loginUrl.append(serviceUrl);
         reqCtx.addExtraParam(RequestContext.EXTRAPAR_REDIRECT_URL, loginUrl.toString());
         retStatus = ControllerManager.REDIRECT;
       } else {
         _log.info("CAS - user authenticated but not authorized");
         Lang currentLang = (Lang) reqCtx.getExtraParam(SystemConstants.EXTRAPAR_CURRENT_LANG);
         String notAuthPageCode =
             this.getConfigManager()
                 .getParam(CasClientPluginSystemCostants.JPCASCLIENT_NO_AUTH_PAGE);
         IPage page = this.getPageManager().getPage(notAuthPageCode);
         String url =
             this.getUrlManager().createUrl(page, currentLang, new HashMap<String, String>());
         reqCtx.addExtraParam(RequestContext.EXTRAPAR_REDIRECT_URL, url);
         retStatus = ControllerManager.REDIRECT;
       }
     }
   } catch (Throwable t) {
     ApsSystemUtils.logThrowable(t, this, "service", "Error in processing the request");
     retStatus = ControllerManager.ERROR;
   }
   return retStatus;
 }
 public void testServiceFailure_1() throws Throwable {
   RequestContext reqCtx = this.getRequestContext();
   this.setUserOnSession(SystemConstants.GUEST_USER_NAME);
   IPage requiredPage = this._pageManager.getPage("customers_page");
   reqCtx.addExtraParam(SystemConstants.EXTRAPAR_CURRENT_PAGE, requiredPage);
   int status = _authorizator.service(reqCtx, ControllerManager.CONTINUE);
   assertEquals(status, ControllerManager.REDIRECT);
   String redirectUrl = (String) reqCtx.getExtraParam(RequestContext.EXTRAPAR_REDIRECT_URL);
   assertEquals("/japs/it/login.page?redirectflag=1", redirectUrl);
 }
 public void testService_2() throws Throwable {
   RequestContext reqCtx = this.getRequestContext();
   this.setUserOnSession("admin");
   IPage root = this._pageManager.getRoot();
   reqCtx.addExtraParam(SystemConstants.EXTRAPAR_CURRENT_PAGE, root);
   int status = this._authorizator.service(reqCtx, ControllerManager.CONTINUE);
   assertEquals(status, ControllerManager.CONTINUE);
   String redirectUrl = (String) reqCtx.getExtraParam(RequestContext.EXTRAPAR_REDIRECT_URL);
   assertNull(redirectUrl);
 }
 /**
  * Crea e restituisce una lista di oggetti NavigatorTarget, che wrappano pagine del portale e
  * possono essere utilizzati dai sub-tag.
  *
  * @param spec L'espressione usata la specificazione delle pagine da selezionare; possono essere
  *     assolute o relative o miste.
  * @param reqCtx Il contesto della richiesta corrente.
  * @return La lista di oggetti NavigatorTarget.
  */
 @Override
 public List<NavigatorTarget> parseSpec(String spec, RequestContext reqCtx) {
   IPage currentPage = (IPage) reqCtx.getExtraParam(SystemConstants.EXTRAPAR_CURRENT_PAGE);
   UserDetails currentUser =
       (UserDetails)
           reqCtx
               .getRequest()
               .getSession()
               .getAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER);
   return this.parseSpec(spec, currentPage, currentUser);
 }
 @Override
 public String intercept(ActionInvocation invocation) throws Exception {
   HttpServletRequest request = ServletActionContext.getRequest();
   RequestContext reqCtx = (RequestContext) request.getAttribute(RequestContext.REQCTX);
   if (null != reqCtx) {
     Lang currentLang = (Lang) reqCtx.getExtraParam(SystemConstants.EXTRAPAR_CURRENT_LANG);
     Locale locale = new Locale(currentLang.getCode(), "");
     invocation.getInvocationContext().setLocale(locale);
   }
   return invocation.invoke();
 }
 public void testService() throws ApsSystemException {
   RequestContext reqCtx = this.getRequestContext();
   ((MockHttpServletRequest) reqCtx.getRequest()).setServletPath("/it/homepage.wp");
   int status = this._requestValidator.service(reqCtx, ControllerManager.CONTINUE);
   assertEquals(ControllerManager.CONTINUE, status);
   Lang lang = (Lang) reqCtx.getExtraParam(SystemConstants.EXTRAPAR_CURRENT_LANG);
   IPage page = (IPage) reqCtx.getExtraParam(SystemConstants.EXTRAPAR_CURRENT_PAGE);
   assertNotNull(page);
   assertNotNull(lang);
   assertEquals("it", lang.getCode());
   assertEquals("homepage", page.getCode());
 }
 private String extractTitle(Widget widget) {
   ServletRequest request = this.pageContext.getRequest();
   RequestContext reqCtx = (RequestContext) request.getAttribute(RequestContext.REQCTX);
   Lang currentLang = (Lang) reqCtx.getExtraParam(SystemConstants.EXTRAPAR_CURRENT_LANG);
   WidgetType type = widget.getType();
   String value = type.getTitles().getProperty(currentLang.getCode());
   if (null == value || value.trim().length() == 0) {
     ILangManager langManager =
         (ILangManager)
             ApsWebApplicationUtils.getBean(SystemConstants.LANGUAGE_MANAGER, this.pageContext);
     Lang defaultLang = langManager.getDefaultLang();
     value = type.getTitles().getProperty(defaultLang.getCode());
   }
   return value;
 }
 private Widget extractShowlet() {
   ServletRequest req = this.pageContext.getRequest();
   RequestContext reqCtx = (RequestContext) req.getAttribute(RequestContext.REQCTX);
   Widget widget = null;
   if (this.getFrame() < 0) {
     widget = (Widget) reqCtx.getExtraParam((SystemConstants.EXTRAPAR_CURRENT_WIDGET));
   } else {
     IPage currentPage = (IPage) reqCtx.getExtraParam((SystemConstants.EXTRAPAR_CURRENT_PAGE));
     Widget[] showlets = currentPage.getWidgets();
     if (showlets.length > this.getFrame()) {
       widget = showlets[this.getFrame()];
     }
   }
   return widget;
 }
 /**
  * Questo controller si incarica di caricare in sessione, quando possibile, la configurazione
  * personalizzata dell'utente correntemente loggato. NOTA: la sessione viene esplicitamente
  * ripulita da qualsiasi configurazione personalizzata non allineata all'utente corrente
  */
 @Override
 public int service(RequestContext reqCtx, int status) {
   if (_log.isLoggable(Level.FINEST)) {
     _log.finest("Invocata " + this.getClass().getName());
   }
   int retStatus = ControllerManager.INVALID_STATUS;
   if (status == ControllerManager.ERROR) {
     return status;
   }
   try {
     HttpServletRequest req = reqCtx.getRequest();
     HttpSession session = req.getSession();
     UserDetails currentUser =
         (UserDetails) session.getAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER);
     if (null == currentUser) {
       throw new ApsSystemException("no user on session");
     }
     PageModelUserConfigBean userConfigBean =
         (PageModelUserConfigBean)
             session.getAttribute(
                 JpmyportalSystemConstants.SESSIONPARAM_CURRENT_USER_PAGE_MODEL_CONFIG);
     if (!currentUser.getUsername().equals(SystemConstants.GUEST_USER_NAME)
         && !currentUser.getUsername().equals(SystemConstants.ADMIN_USER_NAME)) {
       if ((null == userConfigBean
           || !currentUser.getUsername().equals(userConfigBean.getUsername()))) {
         userConfigBean =
             this.getPageModelUserConfigManager().getUserConfig(currentUser.getUsername());
         if (null != userConfigBean) {
           session.setAttribute(
               JpmyportalSystemConstants.SESSIONPARAM_CURRENT_USER_PAGE_MODEL_CONFIG,
               userConfigBean);
         } else {
           session.removeAttribute(
               JpmyportalSystemConstants.SESSIONPARAM_CURRENT_USER_PAGE_MODEL_CONFIG);
         }
       }
     } else {
       session.removeAttribute(
           JpmyportalSystemConstants.SESSIONPARAM_CURRENT_USER_PAGE_MODEL_CONFIG);
     }
     retStatus = ControllerManager.CONTINUE;
   } catch (Throwable t) {
     ApsSystemUtils.logThrowable(t, this, "service", "Error while processing the request");
     retStatus = ControllerManager.SYS_ERROR;
     reqCtx.setHTTPError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
   }
   return retStatus;
 }
 @Override
 public int doStartTag() throws JspException {
   ServletRequest request = this.pageContext.getRequest();
   try {
     RequestContext reqCtx = (RequestContext) request.getAttribute(RequestContext.REQCTX);
     Object value = reqCtx.getExtraParam(this.getParam());
     if (null != value) {
       String var = this.getVar();
       if (null == var || "".equals(var)) {
         this.pageContext.getOut().print(value);
       } else {
         this.pageContext.setAttribute(this.getVar(), value);
       }
     }
   } catch (Throwable t) {
     _logger.error("error in doStartTag", t);
     throw new JspException("error in doStartTag", t);
   }
   return super.doStartTag();
 }
 protected boolean isPageAllowed(RequestContext reqCtx, String pageCode) {
   UserDetails user = null;
   if (null != reqCtx) {
     user =
         (UserDetails)
             reqCtx
                 .getRequest()
                 .getSession()
                 .getAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER);
   }
   return this.isPageAllowed(user, pageCode);
 }
Esempio n. 17
0
 /**
  * Recupera un parametro della richiesta.
  *
  * @param name Il nome del parametro.
  * @param reqCtx Il contesto di richiesta.
  * @return Il valore del parametro
  */
 protected String getParameter(String name, RequestContext reqCtx) {
   String param = reqCtx.getRequest().getParameter(name);
   return param;
 }