0.8.1-rc1/grid/src/main/java/org/apache/oodt/grid/GridServlet.java - oodt - Git at Google

 /**
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 package org.apache.oodt.grid;

 import java.io.File;
 import java.io.IOException;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 import org.xml.sax.SAXException;

 /**
  * Grid servlet is an abstract servlet that provides basic behavior (configuration access)
  * for grid servlets.
  */
 public abstract class GridServlet extends HttpServlet {
 	/**
 	 * By default, grid servlets are POST only, so GETs get you the welcome page.
 	 *
 	 * @param req a <code>HttpServletRequest</code> value.
 	 * @param res a <code>HttpServletResponse</code> value.
 	 * @throws IOException if an error occurs.
 	 * @throws ServletException if an error occurs.
 	 */
 	public void doGet(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException {
 		req.getRequestDispatcher("index.html").forward(req, res);
 	}

 	/**
 	 * Get the configuration.
 	 *
 	 * @return a <code>Configuration</code> value.
 	 * @throws ServletException if an error occurs.
 	 * @throws IOException if an error occurs.
 	 */
 	protected Configuration getConfiguration() throws ServletException, IOException {
 		if (configuration != null) return configuration;
 		String path = getServletContext().getInitParameter("org.apache.oodt.grid.GridServlet.config");
 		if (path == null) path = getServletContext().getRealPath("/WEB-INF/config.xml");
 		if (path == null)
 			throw new ServletException("The config.xml file can't be accessed. Are we running from a war file!??!");
 		File file = new File(path);
 		Configuration c = null;
 		try {
 			c = new Configuration(file);
 		} catch (SAXException ex) {
 			throw new ServletException("Cannot parse config.xml file", ex);
 		}
 		synchronized (GridServlet.class) {
 			while (configuration == null)
 				configuration = c;
 		}
 		return configuration;
 	}

 	/**
 	 * Get the config bean.
 	 *
 	 * @param req a <code>HttpServletRequest</code> value.
 	 * @return a <code>ConfigBean</code> value.
 	 * @throws ServletException if an error occurs.
 	 * @throws IOException if an error occurs.
 	 */
 	protected ConfigBean getConfigBean(HttpServletRequest req) throws ServletException, IOException {
 		HttpSession session = req.getSession(/*create*/true);
 		ConfigBean cb = (ConfigBean) session.getAttribute("cb");
 		if (cb == null) {
 			cb = new ConfigBean();
 			session.setAttribute("cb", cb);
 		}
 		Configuration config = getConfiguration();
 		cb.setConfiguration(config);
 		return cb;
 	}

 	/**
 	 * Check if administrative access is allowed.  This examines the request scheme
 	 * (http, ftp, https, etc.) and sees if https is required by the configuration.
 	 * It also checks the remote host and sees if localhost access is required.
 	 *
 	 * @param config a <code>Configuration</code> value.
 	 * @param req a <code>HttpServletRequest</code> value.
 	 * @param res a <code>HttpServletResponse</code> value.
 	 * @return True if access is approved, false otherwise.
 	 * @throws IOException if an error occurs.
 	 */
 	protected boolean approveAccess(Configuration config, HttpServletRequest req, HttpServletResponse res) throws IOException {
 		if (config.isHTTPSrequired() && !"https".equals(req.getScheme())) {
 			res.sendError(HttpServletResponse.SC_FORBIDDEN, "https required");
 			return false;
 		}

 		if (config.isLocalhostRequired() && !Utility.isLocalhost(req.getRemoteHost())) {
 			res.sendError(HttpServletResponse.SC_FORBIDDEN, "localhost access only");
 			return false;
 		}

 		return true;
 	}

 	/** Singleton configuration. */
 	private static volatile Configuration configuration;
 }
	/**
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	package org.apache.oodt.grid;

	import java.io.File;
	import java.io.IOException;
	import javax.servlet.ServletException;
	import javax.servlet.http.HttpServlet;
	import javax.servlet.http.HttpServletRequest;
	import javax.servlet.http.HttpServletResponse;
	import javax.servlet.http.HttpSession;
	import org.xml.sax.SAXException;

	/**
	* Grid servlet is an abstract servlet that provides basic behavior (configuration access)
	* for grid servlets.
	*/
	public abstract class GridServlet extends HttpServlet {
	/**
	* By default, grid servlets are POST only, so GETs get you the welcome page.
	*
	* @param req a <code>HttpServletRequest</code> value.
	* @param res a <code>HttpServletResponse</code> value.
	* @throws IOException if an error occurs.
	* @throws ServletException if an error occurs.
	*/
	public void doGet(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException {
	req.getRequestDispatcher("index.html").forward(req, res);
	}

	/**
	* Get the configuration.
	*
	* @return a <code>Configuration</code> value.
	* @throws ServletException if an error occurs.
	* @throws IOException if an error occurs.
	*/
	protected Configuration getConfiguration() throws ServletException, IOException {
	if (configuration != null) return configuration;
	String path = getServletContext().getInitParameter("org.apache.oodt.grid.GridServlet.config");
	if (path == null) path = getServletContext().getRealPath("/WEB-INF/config.xml");
	if (path == null)
	throw new ServletException("The config.xml file can't be accessed. Are we running from a war file!??!");
	File file = new File(path);
	Configuration c = null;
	try {
	c = new Configuration(file);
	} catch (SAXException ex) {
	throw new ServletException("Cannot parse config.xml file", ex);
	}
	synchronized (GridServlet.class) {
	while (configuration == null)
	configuration = c;
	}
	return configuration;
	}

	/**
	* Get the config bean.
	*
	* @param req a <code>HttpServletRequest</code> value.
	* @return a <code>ConfigBean</code> value.
	* @throws ServletException if an error occurs.
	* @throws IOException if an error occurs.
	*/
	protected ConfigBean getConfigBean(HttpServletRequest req) throws ServletException, IOException {
	HttpSession session = req.getSession(/create/true);
	ConfigBean cb = (ConfigBean) session.getAttribute("cb");
	if (cb == null) {
	cb = new ConfigBean();
	session.setAttribute("cb", cb);
	}
	Configuration config = getConfiguration();
	cb.setConfiguration(config);
	return cb;
	}

	/**
	* Check if administrative access is allowed. This examines the request scheme
	* (http, ftp, https, etc.) and sees if https is required by the configuration.
	* It also checks the remote host and sees if localhost access is required.
	*
	* @param config a <code>Configuration</code> value.
	* @param req a <code>HttpServletRequest</code> value.
	* @param res a <code>HttpServletResponse</code> value.
	* @return True if access is approved, false otherwise.
	* @throws IOException if an error occurs.
	*/
	protected boolean approveAccess(Configuration config, HttpServletRequest req, HttpServletResponse res) throws IOException {
	if (config.isHTTPSrequired() && !"https".equals(req.getScheme())) {
	res.sendError(HttpServletResponse.SC_FORBIDDEN, "https required");
	return false;
	}

	if (config.isLocalhostRequired() && !Utility.isLocalhost(req.getRemoteHost())) {
	res.sendError(HttpServletResponse.SC_FORBIDDEN, "localhost access only");
	return false;
	}

	return true;
	}

	/** Singleton configuration. */
	private static volatile Configuration configuration;
	}