/** * Verifica che l'utente in sessione sia abilitato all'accesso alla pagina richiesta. Se è * autorizzato il metodo termina con CONTINUE, altrimenti con REDIRECT impostando prima i * parametri di redirezione alla pagina di login. * * @param reqCtx Il contesto di richiesta * @param status Lo stato di uscita del servizio precedente * @return Lo stato di uscita */ @Override public int service(RequestContext reqCtx, int status) { if (_log.isLoggable(Level.FINEST)) { _log.finest("Invoked: " + this.getClass().getName()); } int retStatus = ControllerManager.INVALID_STATUS; if (status == ControllerManager.ERROR) { return status; } try { HttpServletRequest req = reqCtx.getRequest(); HttpSession session = req.getSession(); IPage currentPage = (IPage) reqCtx.getExtraParam(SystemConstants.EXTRAPAR_CURRENT_PAGE); UserDetails currentUser = (UserDetails) session.getAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER); if (null == currentUser) { throw new ApsSystemException("no user on session"); } boolean authorized = this.getAuthManager().isAuth(currentUser, currentPage); if (authorized) { retStatus = ControllerManager.CONTINUE; } else { retStatus = this.redirect(this.getLoginPageCode(), reqCtx); } } catch (Throwable t) { ApsSystemUtils.logThrowable(t, this, "service", "Error while processing the request"); retStatus = ControllerManager.SYS_ERROR; reqCtx.setHTTPError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); } return retStatus; }
public void testServiceFailure() throws ApsSystemException { RequestContext reqCtx = this.getRequestContext(); Role role = new Role(); role.setName("testRole"); User user = new User(); user.addAutority(role); reqCtx.getRequest().getSession().setAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER, user); Page page = new Page(); page.setCode("login"); page.setGroup("free"); page.setModel(new PageModel()); reqCtx.addExtraParam(SystemConstants.EXTRAPAR_CURRENT_PAGE, page); Lang lang = new Lang(); lang.setCode("it"); reqCtx.addExtraParam(SystemConstants.EXTRAPAR_CURRENT_LANG, lang); MockHttpServletRequest request = (MockHttpServletRequest) reqCtx.getRequest(); request.setRemoteAddr("255.255.255.255"); request.addHeader("Referer", "homeTest"); request.addHeader("User-Agent", "Mio Test Browser"); request.addHeader("accept-language", "sardo"); int status = _statMonitor.service(reqCtx, ControllerManager.CONTINUE); assertEquals(status, ControllerManager.CONTINUE); this.deleteStatsRecord(); }
/** * Imposta i parametri di una redirezione. * * @param redirDestPage Il codice della pagina su cui si vuole redirezionare. * @param reqCtx Il contesto di richiesta. * @return L'indicativo del tipo di redirezione in uscita del controlService. Può essere una delle * costanti definite in ControllerManager. */ protected int redirect(String redirDestPage, RequestContext reqCtx) { int retStatus; try { String redirPar = this.getParameter(RequestContext.PAR_REDIRECT_FLAG, reqCtx); if (redirPar == null || "".equals(redirPar)) { PageURL url = this.getUrlManager().createURL(reqCtx); url.setPageCode(redirDestPage); url.addParam(RequestContext.PAR_REDIRECT_FLAG, "1"); String redirUrl = url.getURL(); if (_log.isLoggable(Level.FINEST)) { _log.finest("Redirecting to " + redirUrl); } reqCtx.clearError(); reqCtx.addExtraParam(RequestContext.EXTRAPAR_REDIRECT_URL, redirUrl); retStatus = ControllerManager.REDIRECT; } else { reqCtx.setHTTPError(HttpServletResponse.SC_BAD_REQUEST); retStatus = ControllerManager.ERROR; } } catch (Throwable t) { retStatus = ControllerManager.SYS_ERROR; reqCtx.setHTTPError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); ApsSystemUtils.logThrowable( t, this, "redirect", "Error on creation redirect to page " + redirDestPage); } return retStatus; }
public void testServiceFailure_2() throws ApsSystemException { RequestContext reqCtx = this.getRequestContext(); ((MockHttpServletRequest) reqCtx.getRequest()).setServletPath("/wrongpath.wp"); // wrong path int status = _requestValidator.service(reqCtx, ControllerManager.CONTINUE); assertEquals(ControllerManager.REDIRECT, status); String redirectUrl = (String) reqCtx.getExtraParam(RequestContext.EXTRAPAR_REDIRECT_URL); assertEquals("/Entando/it/errorpage.page?redirectflag=1", redirectUrl); }
public void testServiceFailure_2() throws Throwable { RequestContext reqCtx = this.getRequestContext(); reqCtx.getRequest().getSession().removeAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER); IPage root = this._pageManager.getRoot(); reqCtx.addExtraParam(SystemConstants.EXTRAPAR_CURRENT_PAGE, root); int status = _authorizator.service(reqCtx, ControllerManager.CONTINUE); assertEquals(status, ControllerManager.SYS_ERROR); }
@Override public int service(RequestContext reqCtx, int status) { if (_log.isLoggable(Level.FINEST)) { _log.finest("Invoked " + this.getClass().getName()); } int retStatus = ControllerManager.INVALID_STATUS; if (status == ControllerManager.ERROR) { return status; } try { String isActive = this.getConfigManager() .getParam(CasClientPluginSystemCostants.JPCASCLIENT_EXTENDED_ISACTIVE); if (!isActive.equals("true")) { // if cas client is disactivate normal Authorization on request return super.service(reqCtx, retStatus); } else { HttpServletRequest req = reqCtx.getRequest(); HttpSession session = req.getSession(); IPage currentPage = (IPage) reqCtx.getExtraParam(SystemConstants.EXTRAPAR_CURRENT_PAGE); UserDetails currentUser = (UserDetails) session.getAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER); boolean authorized = this.getAuthManager().isAuth(currentUser, currentPage); if (authorized) { retStatus = ControllerManager.CONTINUE; } else if (SystemConstants.GUEST_USER_NAME.equals(currentUser.getUsername())) { _log.info("CAS - user not authorized and guest"); CasClientUtils casClientUtils = new CasClientUtils(); String loginBaseUrl = this.getConfigManager().getParam(CasClientPluginSystemCostants.JPCASCLIENT_LOGIN_URL); StringBuffer loginUrl = new StringBuffer(loginBaseUrl); loginUrl.append("?service="); PageURL pageUrl = this.getUrlManager().createURL(reqCtx); String serviceUrl = casClientUtils.getURLStringWithoutTicketParam(pageUrl, reqCtx); loginUrl.append(serviceUrl); reqCtx.addExtraParam(RequestContext.EXTRAPAR_REDIRECT_URL, loginUrl.toString()); retStatus = ControllerManager.REDIRECT; } else { _log.info("CAS - user authenticated but not authorized"); Lang currentLang = (Lang) reqCtx.getExtraParam(SystemConstants.EXTRAPAR_CURRENT_LANG); String notAuthPageCode = this.getConfigManager() .getParam(CasClientPluginSystemCostants.JPCASCLIENT_NO_AUTH_PAGE); IPage page = this.getPageManager().getPage(notAuthPageCode); String url = this.getUrlManager().createUrl(page, currentLang, new HashMap<String, String>()); reqCtx.addExtraParam(RequestContext.EXTRAPAR_REDIRECT_URL, url); retStatus = ControllerManager.REDIRECT; } } } catch (Throwable t) { ApsSystemUtils.logThrowable(t, this, "service", "Error in processing the request"); retStatus = ControllerManager.ERROR; } return retStatus; }
public void testServiceFailure_1() throws Throwable { RequestContext reqCtx = this.getRequestContext(); this.setUserOnSession(SystemConstants.GUEST_USER_NAME); IPage requiredPage = this._pageManager.getPage("customers_page"); reqCtx.addExtraParam(SystemConstants.EXTRAPAR_CURRENT_PAGE, requiredPage); int status = _authorizator.service(reqCtx, ControllerManager.CONTINUE); assertEquals(status, ControllerManager.REDIRECT); String redirectUrl = (String) reqCtx.getExtraParam(RequestContext.EXTRAPAR_REDIRECT_URL); assertEquals("/japs/it/login.page?redirectflag=1", redirectUrl); }
public void testService_2() throws Throwable { RequestContext reqCtx = this.getRequestContext(); this.setUserOnSession("admin"); IPage root = this._pageManager.getRoot(); reqCtx.addExtraParam(SystemConstants.EXTRAPAR_CURRENT_PAGE, root); int status = this._authorizator.service(reqCtx, ControllerManager.CONTINUE); assertEquals(status, ControllerManager.CONTINUE); String redirectUrl = (String) reqCtx.getExtraParam(RequestContext.EXTRAPAR_REDIRECT_URL); assertNull(redirectUrl); }
/** * Crea e restituisce una lista di oggetti NavigatorTarget, che wrappano pagine del portale e * possono essere utilizzati dai sub-tag. * * @param spec L'espressione usata la specificazione delle pagine da selezionare; possono essere * assolute o relative o miste. * @param reqCtx Il contesto della richiesta corrente. * @return La lista di oggetti NavigatorTarget. */ @Override public List<NavigatorTarget> parseSpec(String spec, RequestContext reqCtx) { IPage currentPage = (IPage) reqCtx.getExtraParam(SystemConstants.EXTRAPAR_CURRENT_PAGE); UserDetails currentUser = (UserDetails) reqCtx .getRequest() .getSession() .getAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER); return this.parseSpec(spec, currentPage, currentUser); }
@Override public String intercept(ActionInvocation invocation) throws Exception { HttpServletRequest request = ServletActionContext.getRequest(); RequestContext reqCtx = (RequestContext) request.getAttribute(RequestContext.REQCTX); if (null != reqCtx) { Lang currentLang = (Lang) reqCtx.getExtraParam(SystemConstants.EXTRAPAR_CURRENT_LANG); Locale locale = new Locale(currentLang.getCode(), ""); invocation.getInvocationContext().setLocale(locale); } return invocation.invoke(); }
public void testService() throws ApsSystemException { RequestContext reqCtx = this.getRequestContext(); ((MockHttpServletRequest) reqCtx.getRequest()).setServletPath("/it/homepage.wp"); int status = this._requestValidator.service(reqCtx, ControllerManager.CONTINUE); assertEquals(ControllerManager.CONTINUE, status); Lang lang = (Lang) reqCtx.getExtraParam(SystemConstants.EXTRAPAR_CURRENT_LANG); IPage page = (IPage) reqCtx.getExtraParam(SystemConstants.EXTRAPAR_CURRENT_PAGE); assertNotNull(page); assertNotNull(lang); assertEquals("it", lang.getCode()); assertEquals("homepage", page.getCode()); }
private String extractTitle(Widget widget) { ServletRequest request = this.pageContext.getRequest(); RequestContext reqCtx = (RequestContext) request.getAttribute(RequestContext.REQCTX); Lang currentLang = (Lang) reqCtx.getExtraParam(SystemConstants.EXTRAPAR_CURRENT_LANG); WidgetType type = widget.getType(); String value = type.getTitles().getProperty(currentLang.getCode()); if (null == value || value.trim().length() == 0) { ILangManager langManager = (ILangManager) ApsWebApplicationUtils.getBean(SystemConstants.LANGUAGE_MANAGER, this.pageContext); Lang defaultLang = langManager.getDefaultLang(); value = type.getTitles().getProperty(defaultLang.getCode()); } return value; }
private Widget extractShowlet() { ServletRequest req = this.pageContext.getRequest(); RequestContext reqCtx = (RequestContext) req.getAttribute(RequestContext.REQCTX); Widget widget = null; if (this.getFrame() < 0) { widget = (Widget) reqCtx.getExtraParam((SystemConstants.EXTRAPAR_CURRENT_WIDGET)); } else { IPage currentPage = (IPage) reqCtx.getExtraParam((SystemConstants.EXTRAPAR_CURRENT_PAGE)); Widget[] showlets = currentPage.getWidgets(); if (showlets.length > this.getFrame()) { widget = showlets[this.getFrame()]; } } return widget; }
/** * Questo controller si incarica di caricare in sessione, quando possibile, la configurazione * personalizzata dell'utente correntemente loggato. NOTA: la sessione viene esplicitamente * ripulita da qualsiasi configurazione personalizzata non allineata all'utente corrente */ @Override public int service(RequestContext reqCtx, int status) { if (_log.isLoggable(Level.FINEST)) { _log.finest("Invocata " + this.getClass().getName()); } int retStatus = ControllerManager.INVALID_STATUS; if (status == ControllerManager.ERROR) { return status; } try { HttpServletRequest req = reqCtx.getRequest(); HttpSession session = req.getSession(); UserDetails currentUser = (UserDetails) session.getAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER); if (null == currentUser) { throw new ApsSystemException("no user on session"); } PageModelUserConfigBean userConfigBean = (PageModelUserConfigBean) session.getAttribute( JpmyportalSystemConstants.SESSIONPARAM_CURRENT_USER_PAGE_MODEL_CONFIG); if (!currentUser.getUsername().equals(SystemConstants.GUEST_USER_NAME) && !currentUser.getUsername().equals(SystemConstants.ADMIN_USER_NAME)) { if ((null == userConfigBean || !currentUser.getUsername().equals(userConfigBean.getUsername()))) { userConfigBean = this.getPageModelUserConfigManager().getUserConfig(currentUser.getUsername()); if (null != userConfigBean) { session.setAttribute( JpmyportalSystemConstants.SESSIONPARAM_CURRENT_USER_PAGE_MODEL_CONFIG, userConfigBean); } else { session.removeAttribute( JpmyportalSystemConstants.SESSIONPARAM_CURRENT_USER_PAGE_MODEL_CONFIG); } } } else { session.removeAttribute( JpmyportalSystemConstants.SESSIONPARAM_CURRENT_USER_PAGE_MODEL_CONFIG); } retStatus = ControllerManager.CONTINUE; } catch (Throwable t) { ApsSystemUtils.logThrowable(t, this, "service", "Error while processing the request"); retStatus = ControllerManager.SYS_ERROR; reqCtx.setHTTPError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); } return retStatus; }
@Override public int doStartTag() throws JspException { ServletRequest request = this.pageContext.getRequest(); try { RequestContext reqCtx = (RequestContext) request.getAttribute(RequestContext.REQCTX); Object value = reqCtx.getExtraParam(this.getParam()); if (null != value) { String var = this.getVar(); if (null == var || "".equals(var)) { this.pageContext.getOut().print(value); } else { this.pageContext.setAttribute(this.getVar(), value); } } } catch (Throwable t) { _logger.error("error in doStartTag", t); throw new JspException("error in doStartTag", t); } return super.doStartTag(); }
protected boolean isPageAllowed(RequestContext reqCtx, String pageCode) { UserDetails user = null; if (null != reqCtx) { user = (UserDetails) reqCtx .getRequest() .getSession() .getAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER); } return this.isPageAllowed(user, pageCode); }
/** * Recupera un parametro della richiesta. * * @param name Il nome del parametro. * @param reqCtx Il contesto di richiesta. * @return Il valore del parametro */ protected String getParameter(String name, RequestContext reqCtx) { String param = reqCtx.getRequest().getParameter(name); return param; }