/* build the trust source set*/
private static Set getTrustedSourceList() throws SessionException {
Set result = new HashSet();
try {
String rawList = SystemProperties.get(Constants.TRUSTED_SOURCE_LIST);
if (rawList != null) {
StringTokenizer stk = new StringTokenizer(rawList, ",");
while (stk.hasMoreTokens()) {
result.add(InetAddress.getByName(stk.nextToken()));
}
} else {
// use platform server list as a default fallback
Vector psl = WebtopNaming.getPlatformServerList();
if (psl == null) {
throw new SessionException(SessionBundle.rbName, "emptyTrustedSourceList", null);
}
for (Enumeration e = psl.elements(); e.hasMoreElements(); ) {
try {
URL url = new URL((String) e.nextElement());
result.add(InetAddress.getByName(url.getHost()));
} catch (Exception ex) {
debug.error("SessionUtils.getTrustedSourceList : " + "Validating Host exception", ex);
}
}
}
} catch (Exception e) {
throw new SessionException(e);
}
return result;
}
private URL getLogHostURL(String loggedBySID) {
SessionID sid = new SessionID(loggedBySID);
String sessionProtocol = sid.getSessionServerProtocol();
String sessionHost = sid.getSessionServer();
String sessionPort = sid.getSessionServerPort();
String sessionURI = sid.getSessionServerURI();
//
// if remote logging service and protocol, host, and port
// are null, get them from the logging service url in the
// AMConfig.properties file.
//
if ((!manager.isLocal)
&& ((sessionProtocol == null)
|| (sessionProtocol.length() <= 0)
|| (sessionHost == null)
|| (sessionHost.length() <= 0))) {
if (Debug.messageEnabled()) {
Debug.message("RemoteHandler.getLogHostURL(): remote serv = " + logServURL);
}
return (logServURL);
}
if (Debug.messageEnabled()) {
Debug.message(
"RemoteHandler.getLogHostURL(): "
+ " sessionProtocol: "
+ sessionProtocol
+ " sessionHost: "
+ sessionHost
+ " sessionPort: "
+ sessionPort
+ " sessionURI: "
+ sessionURI);
}
URL loggingURL = null;
try {
loggingURL =
WebtopNaming.getServiceURL(
LogConstants.LOGGING_SERVICE, sessionProtocol, sessionHost, sessionPort, sessionURI);
if (Debug.messageEnabled()) {
Debug.message(
"RemoteHandler.getLogHostURL(): WebtopNaming logging" + "service URL: " + loggingURL);
}
} catch (URLNotFoundException unfe) {
Debug.error("RemoteHandler.getLogHostURL(): URLNotFoundException: ", unfe);
return null;
}
return loggingURL;
}
/**
* Returns Session Service URL for a given server ID.
*
* @param serverID server ID from the platform server list.
* @return Session Service URL.
* @exception SessionException
*/
public URL getSessionServiceURL(String serverID) throws SessionException {
try {
URL parsedServerURL = new URL(WebtopNaming.getServerFromID(serverID));
return getSessionServiceURL(
parsedServerURL.getProtocol(),
parsedServerURL.getHost(),
Integer.toString(parsedServerURL.getPort()),
parsedServerURL.getPath());
} catch (Exception e) {
throw new SessionException(e);
}
}
/**
* Returns Session Service URL.
*
* @param protocol Session Server protocol.
* @param server Session Server host name.
* @param port Session Server port.
* @param uri Session Server URI.
* @return URL Session Service URL.
* @exception com.iplanet.dpro.session.SessionException
*/
public URL getSessionServiceURL(String protocol, String server, String port, String uri)
throws SessionException {
String key = protocol + "://" + server + ":" + port + uri;
URL url = sessionServiceURLTable.get(key);
if (url == null) {
try {
url = WebtopNaming.getServiceURL(SESSION_SERVICE, protocol, server, port, uri);
sessionServiceURLTable.put(key, url);
return url;
} catch (Exception e) {
throw new SessionException(e);
}
}
return url;
}
/**
* Returns Session Service URL for a Session ID.
*
* @param sid Session ID
* @return Session Service URL.
* @exception SessionException
*/
public URL getSessionServiceURL(SessionID sid) throws SessionException {
String primaryId;
if (SystemProperties.isServerMode()) {
/**
* Validate that the SessionID contains valid Server and Site references. This check is not
* appropriate for client side code as only the Site reference is exposed to client code.
*/
sid.validate();
SessionService ss = InjectorHolder.getInstance(SessionService.class);
if (ss.isSiteEnabled() && ss.isLocalSite(sid)) {
if (ss.isSessionFailoverEnabled()) {
return getSessionServiceURL(ss.getCurrentHostServer(sid));
} else {
primaryId = sid.getExtension().getPrimaryID();
return getSessionServiceURL(primaryId);
}
}
} else {
primaryId = sid.getExtension().getPrimaryID();
if (primaryId != null) {
String secondarysites = WebtopNaming.getSecondarySites(primaryId);
String serverID = SessionService.getAMServerID();
if ((secondarysites != null) && (serverID != null)) {
if (secondarysites.indexOf(serverID) != -1) {
return getSessionServiceURL(serverID);
}
}
}
}
return getSessionServiceURL(
sid.getSessionServerProtocol(),
sid.getSessionServer(),
sid.getSessionServerPort(),
sid.getSessionServerURI());
}
private boolean validateRequest(HttpServletRequest servletRequest) {
try {
String encryptedCookie =
CookieUtils.getCookieValueFromReq(servletRequest, SessionService.securityCookieName);
if (encryptedCookie == null) {
SessionService.sessionDebug.error(
"GetHttpSession.validateRequest: " + "no Security Cookie in the request");
return false;
}
String decryptedCookie =
(String) AccessController.doPrivileged(new DecodeAction(encryptedCookie));
StringTokenizer st = new StringTokenizer(decryptedCookie, "@");
String serverURL = st.nextToken();
long requestTimeStamp = Long.parseLong(st.nextToken());
long currentTime = System.currentTimeMillis();
if (Math.abs(currentTime - requestTimeStamp) > MAX_TIMESTAMP_DIFF) {
SessionService.sessionDebug.error(
"GetHttpSession.validateRequest: " + "Max time elapsed for the Request");
return false;
}
Vector platformServerList = WebtopNaming.getPlatformServerList();
if (!platformServerList.contains(serverURL)) {
SessionService.sessionDebug.error(
"GetHttpSession.validateRequest: "
+ "request host :"
+ serverURL
+ "was not part of the platformServerList");
}
return true;
} catch (Exception e) {
SessionService.sessionDebug.error(
"GetHttpSession.validateRequest: " + "Exception while validating the request ", e);
return false;
}
}