| /* |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, |
| * software distributed under the License is distributed on an |
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| * KIND, either express or implied. See the License for the |
| * specific language governing permissions and limitations |
| * under the License. |
| */ |
| package org.jsecurity.web; |
| |
| import org.apache.commons.logging.Log; |
| import org.apache.commons.logging.LogFactory; |
| import org.jsecurity.util.JavaEnvironment; |
| |
| import javax.servlet.http.HttpServletRequest; |
| import javax.servlet.http.HttpServletResponse; |
| import java.io.IOException; |
| import java.io.UnsupportedEncodingException; |
| import java.net.URLEncoder; |
| import java.util.Map; |
| |
| /** |
| * <p>View that redirects to an absolute, context relative, or current request |
| * relative URL, exposing all model attributes as HTTP query parameters. |
| * |
| * <p>A URL for this view is supposed to be a HTTP redirect URL, i.e. |
| * suitable for HttpServletResponse's <code>sendRedirect</code> method, which |
| * is what actually does the redirect if the HTTP 1.0 flag is on, or via sending |
| * back an HTTP 303 code - if the HTTP 1.0 compatibility flag is off. |
| * |
| * <p>Note that while the default value for the "contextRelative" flag is off, |
| * you will probably want to almost always set it to true. With the flag off, |
| * URLs starting with "/" are considered relative to the web server root, while |
| * with the flag on, they are considered relative to the web application root. |
| * Since most web apps will never know or care what their context path actually |
| * is, they are much better off setting this flag to true, and submitting paths |
| * which are to be considered relative to the web application root. |
| * |
| * <p>Note that in a Servlet 2.2 environment, i.e. a servlet container which |
| * is only compliant to the limits of this spec, this class will probably fail |
| * when feeding in URLs which are not fully absolute, or relative to the current |
| * request (no leading "/"), as these are the only two types of URL that |
| * <code>sendRedirect</code> supports in a Servlet 2.2 environment. |
| * |
| * <p><em>This class was borrowed from a nearly identical version found in |
| * the <a href="http://www.springframework.org/">Spring Framework</a>, with minor modifications to |
| * avoid a dependency on Spring itself for a very small amount of code - we couldn't have done it better, and |
| * don't want to repeat all of their great effort ;). |
| * The original author names and copyright (Apache 2.0) has been left in place. A special |
| * thanks to Rod Johnson, Juergen Hoeller, and Colin Sampaleanu for making this available.</em> |
| * |
| * @author Rod Johnson |
| * @author Juergen Hoeller |
| * @author Colin Sampaleanu |
| * @see #setContextRelative |
| * @see #setHttp10Compatible |
| * @see javax.servlet.http.HttpServletResponse#sendRedirect |
| * @since 0.2 |
| */ |
| @SuppressWarnings({"deprecation"}) |
| public class RedirectView { |
| |
| //TODO - complete JavaDoc |
| |
| /** |
| * The default encoding scheme: UTF-8 |
| */ |
| public static final String DEFAULT_ENCODING_SCHEME = "UTF-8"; |
| |
| private static final Log log = LogFactory.getLog(RedirectView.class); |
| |
| private String url; |
| |
| private boolean contextRelative = false; |
| |
| private boolean http10Compatible = true; |
| |
| private String encodingScheme = DEFAULT_ENCODING_SCHEME; |
| |
| /** |
| * Constructor for use as a bean. |
| */ |
| public RedirectView() { |
| } |
| |
| /** |
| * Create a new RedirectView with the given URL. |
| * <p>The given URL will be considered as relative to the web server, |
| * not as relative to the current ServletContext. |
| * |
| * @param url the URL to redirect to |
| * @see #RedirectView(String, boolean) |
| */ |
| public RedirectView(String url) { |
| setUrl(url); |
| } |
| |
| /** |
| * Create a new RedirectView with the given URL. |
| * |
| * @param url the URL to redirect to |
| * @param contextRelative whether to interpret the given URL as |
| * relative to the current ServletContext |
| */ |
| public RedirectView(String url, boolean contextRelative) { |
| this(url); |
| this.contextRelative = contextRelative; |
| } |
| |
| /** |
| * Create a new RedirectView with the given URL. |
| * |
| * @param url the URL to redirect to |
| * @param contextRelative whether to interpret the given URL as |
| * relative to the current ServletContext |
| * @param http10Compatible whether to stay compatible with HTTP 1.0 clients |
| */ |
| public RedirectView(String url, boolean contextRelative, boolean http10Compatible) { |
| this(url); |
| this.contextRelative = contextRelative; |
| this.http10Compatible = http10Compatible; |
| } |
| |
| |
| public String getUrl() { |
| return url; |
| } |
| |
| public void setUrl(String url) { |
| this.url = url; |
| } |
| |
| /** |
| * Set whether to interpret a given URL that starts with a slash ("/") |
| * as relative to the current ServletContext, i.e. as relative to the |
| * web application root. |
| * <p>Default is "false": A URL that starts with a slash will be interpreted |
| * as absolute, i.e. taken as-is. If true, the context path will be |
| * prepended to the URL in such a case. |
| * |
| * @see javax.servlet.http.HttpServletRequest#getContextPath |
| */ |
| public void setContextRelative(boolean contextRelative) { |
| this.contextRelative = contextRelative; |
| } |
| |
| /** |
| * Set whether to stay compatible with HTTP 1.0 clients. |
| * <p>In the default implementation, this will enforce HTTP status code 302 |
| * in any case, i.e. delegate to <code>HttpServletResponse.sendRedirect</code>. |
| * Turning this off will send HTTP status code 303, which is the correct |
| * code for HTTP 1.1 clients, but not understood by HTTP 1.0 clients. |
| * <p>Many HTTP 1.1 clients treat 302 just like 303, not making any |
| * difference. However, some clients depend on 303 when redirecting |
| * after a POST request; turn this flag off in such a scenario. |
| * |
| * @see javax.servlet.http.HttpServletResponse#sendRedirect |
| */ |
| public void setHttp10Compatible(boolean http10Compatible) { |
| this.http10Compatible = http10Compatible; |
| } |
| |
| /** |
| * Set the encoding scheme for this view. Default is UTF-8. |
| */ |
| public void setEncodingScheme(String encodingScheme) { |
| this.encodingScheme = encodingScheme; |
| } |
| |
| |
| /** |
| * Convert model to request parameters and redirect to the given URL. |
| * |
| * @see #appendQueryProperties |
| * @see #sendRedirect |
| */ |
| public final void renderMergedOutputModel( |
| Map model, HttpServletRequest request, HttpServletResponse response) throws IOException { |
| |
| // Prepare name URL. |
| StringBuffer targetUrl = new StringBuffer(); |
| if (this.contextRelative && getUrl().startsWith("/")) { |
| // Do not apply context path to relative URLs. |
| targetUrl.append(request.getContextPath()); |
| } |
| targetUrl.append(getUrl()); |
| appendQueryProperties(targetUrl, model, this.encodingScheme); |
| |
| sendRedirect(request, response, targetUrl.toString(), this.http10Compatible); |
| } |
| |
| /** |
| * Append query properties to the redirect URL. |
| * Stringifies, URL-encodes and formats model attributes as query properties. |
| * |
| * @param targetUrl the StringBuffer to append the properties to |
| * @param model Map that contains model attributes |
| * @param encodingScheme the encoding scheme to use |
| * @throws java.io.UnsupportedEncodingException |
| * if string encoding failed |
| * @see #queryProperties |
| */ |
| protected void appendQueryProperties(StringBuffer targetUrl, Map model, String encodingScheme) |
| throws UnsupportedEncodingException { |
| |
| // Extract anchor fragment, if any. |
| // The following code does not use JDK 1.4's StringBuffer.indexOf(String) |
| // method to retain JDK 1.3 compatibility. |
| String fragment = null; |
| int anchorIndex = targetUrl.toString().indexOf('#'); |
| if (anchorIndex > -1) { |
| fragment = targetUrl.substring(anchorIndex); |
| targetUrl.delete(anchorIndex, targetUrl.length()); |
| } |
| |
| // If there aren't already some parameters, we need a "?". |
| boolean first = (getUrl().indexOf('?') < 0); |
| Map queryProps = queryProperties(model); |
| |
| if (queryProps != null) { |
| for (Object o : queryProps.entrySet()) { |
| if (first) { |
| targetUrl.append('?'); |
| first = false; |
| } else { |
| targetUrl.append('&'); |
| } |
| Map.Entry entry = (Map.Entry) o; |
| String encodedKey = urlEncode(entry.getKey().toString(), encodingScheme); |
| String encodedValue = |
| (entry.getValue() != null ? urlEncode(entry.getValue().toString(), encodingScheme) : ""); |
| targetUrl.append(encodedKey).append('=').append(encodedValue); |
| } |
| } |
| |
| // Append anchor fragment, if any, to end of URL. |
| if (fragment != null) { |
| targetUrl.append(fragment); |
| } |
| } |
| |
| /** |
| * URL-encode the given input String with the given encoding scheme. |
| * <p>Default implementation uses <code>URLEncoder.encode(input, enc)</code> |
| * on JDK 1.4+, falling back to <code>URLEncoder.encode(input)</code> |
| * (which uses the platform default encoding) on JDK 1.3. |
| * |
| * @param input the unencoded input String |
| * @param encodingScheme the encoding scheme |
| * @return the encoded output String |
| * @throws UnsupportedEncodingException if thrown by the JDK URLEncoder |
| * @see java.net.URLEncoder#encode(String, String) |
| * @see java.net.URLEncoder#encode(String) |
| */ |
| protected String urlEncode(String input, String encodingScheme) throws UnsupportedEncodingException { |
| if (!JavaEnvironment.isAtLeastVersion14()) { |
| if (log.isDebugEnabled()) { |
| log.debug("Only JDK 1.3 URLEncoder available: using platform default encoding " + |
| "instead of the requested scheme '" + encodingScheme + "'"); |
| } |
| return URLEncoder.encode(input); |
| } |
| return URLEncoder.encode(input, encodingScheme); |
| } |
| |
| /** |
| * Determine name-value pairs for query strings, which will be stringified, |
| * URL-encoded and formatted by appendQueryProperties. |
| * <p>This implementation returns all model elements as-is. |
| * |
| * @see #appendQueryProperties |
| */ |
| protected Map queryProperties(Map model) { |
| return model; |
| } |
| |
| /** |
| * Send a redirect back to the HTTP client |
| * |
| * @param request current HTTP request (allows for reacting to request method) |
| * @param response current HTTP response (for sending response headers) |
| * @param targetUrl the name URL to redirect to |
| * @param http10Compatible whether to stay compatible with HTTP 1.0 clients |
| * @throws IOException if thrown by response methods |
| */ |
| protected void sendRedirect( |
| HttpServletRequest request, HttpServletResponse response, String targetUrl, boolean http10Compatible) |
| throws IOException { |
| |
| if (http10Compatible) { |
| // Always send status code 302. |
| response.sendRedirect(response.encodeRedirectURL(targetUrl)); |
| } else { |
| // Correct HTTP status code is 303, in particular for POST requests. |
| response.setStatus(303); |
| response.setHeader("Location", response.encodeRedirectURL(targetUrl)); |
| } |
| } |
| |
| } |