release13.07/framework/webapp/src/org/ofbiz/webapp/webdav/WebDavUtil.java - ofbiz - Git at Google

 /*******************************************************************************
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  * http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  *******************************************************************************/
 package org.ofbiz.webapp.webdav;

 import java.io.IOException;
 import java.io.InputStream;
 import java.text.DateFormat;
 import java.text.SimpleDateFormat;
 import java.util.Date;
 import java.util.Map;
 import java.util.TimeZone;

 import javax.servlet.http.HttpServletRequest;
 import javax.xml.parsers.ParserConfigurationException;

 import javolution.util.FastMap;

 import org.ofbiz.base.util.Base64;
 import org.ofbiz.base.util.Debug;
 import org.ofbiz.base.util.UtilProperties;
 import org.ofbiz.base.util.UtilValidate;
 import org.ofbiz.base.util.UtilXml;
 import org.w3c.dom.Document;
 import org.xml.sax.SAXException;

 /** Utility methods needed to implement a WebDAV servlet. */
 public class WebDavUtil {

     public static final String module = WebDavUtil.class.getName();
     public static final TimeZone GMT_TIMEZONE = TimeZone.getTimeZone("GMT");
     public static final String RFC1123_DATE_FORMAT = "EEE, dd MMM yyyy HH:mm:ss zzz";

     public static String formatDate(String formatString, Date date) {
         DateFormat df = new SimpleDateFormat(formatString);
         df.setTimeZone(GMT_TIMEZONE);
         return df.format(date);
     }

     public static Document getDocumentFromRequest(HttpServletRequest request) throws IOException, SAXException, ParserConfigurationException {
         Document document = null;
         InputStream is = null;
         try {
             is = request.getInputStream();
             document = UtilXml.readXmlDocument(is, false, "WebDAV request");
         } finally {
             if (is != null) {
                 is.close();
             }
         }
         return document;
     }

     /** Returns a <code>Map</code> containing user credentials found in the request. Returns
      * <code>null</code> if no user credentials were found. The returned <code>Map</code> is
      * intended to be used as parameters for the <code>userLogin</code> service. <p>The method
      * checks for the request parameters <code>USERNAME</code> and <code>PASSWORD</code>. If
      * those aren't found, then the request is checked for the HTTP Authorization header.
      * Currently, only Basic authorization is supported.</p>
      *
      * @param request The WebDAV request
      * @return A <code>Map</code> containing <code>login.username</code> and
      * <code>login.password</code> elements.
      */
     public static Map<String, Object> getCredentialsFromRequest(HttpServletRequest request) {
         String username = request.getParameter("USERNAME");
         String password = request.getParameter("PASSWORD");
         if (UtilValidate.isEmpty(username) || UtilValidate.isEmpty(password)) {
             String credentials = request.getHeader("Authorization");
             if (credentials != null && credentials.startsWith("Basic ")) {
                 credentials = Base64.base64Decode(credentials.replace("Basic ", ""));
                 Debug.logVerbose("Found HTTP Basic credentials", module);
                 String[] parts = credentials.split(":");
                 if (parts.length < 2) {
                     return null;
                 }
                 username = parts[0];
                 password = parts[1];
             } else {
                 return null;
             }
         }
         if ("true".equalsIgnoreCase(UtilProperties.getPropertyValue("security.properties", "username.lowercase"))) {
             username = username.toLowerCase();
         }
         if ("true".equalsIgnoreCase(UtilProperties.getPropertyValue("security.properties", "password.lowercase"))) {
             password = password.toLowerCase();
         }
         Map<String, Object> result = FastMap.newInstance();
         result.put("login.username", username);
         result.put("login.password", password);
         return result;
     }
 }
	/*******************************************************************************
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*******************************************************************************/
	package org.ofbiz.webapp.webdav;

	import java.io.IOException;
	import java.io.InputStream;
	import java.text.DateFormat;
	import java.text.SimpleDateFormat;
	import java.util.Date;
	import java.util.Map;
	import java.util.TimeZone;

	import javax.servlet.http.HttpServletRequest;
	import javax.xml.parsers.ParserConfigurationException;

	import javolution.util.FastMap;

	import org.ofbiz.base.util.Base64;
	import org.ofbiz.base.util.Debug;
	import org.ofbiz.base.util.UtilProperties;
	import org.ofbiz.base.util.UtilValidate;
	import org.ofbiz.base.util.UtilXml;
	import org.w3c.dom.Document;
	import org.xml.sax.SAXException;

	/** Utility methods needed to implement a WebDAV servlet. */
	public class WebDavUtil {

	public static final String module = WebDavUtil.class.getName();
	public static final TimeZone GMT_TIMEZONE = TimeZone.getTimeZone("GMT");
	public static final String RFC1123_DATE_FORMAT = "EEE, dd MMM yyyy HH:mm:ss zzz";

	public static String formatDate(String formatString, Date date) {
	DateFormat df = new SimpleDateFormat(formatString);
	df.setTimeZone(GMT_TIMEZONE);
	return df.format(date);
	}

	public static Document getDocumentFromRequest(HttpServletRequest request) throws IOException, SAXException, ParserConfigurationException {
	Document document = null;
	InputStream is = null;
	try {
	is = request.getInputStream();
	document = UtilXml.readXmlDocument(is, false, "WebDAV request");
	} finally {
	if (is != null) {
	is.close();
	}
	}
	return document;
	}

	/** Returns a <code>Map</code> containing user credentials found in the request. Returns
	* <code>null</code> if no user credentials were found. The returned <code>Map</code> is
	* intended to be used as parameters for the <code>userLogin</code> service. <p>The method
	* checks for the request parameters <code>USERNAME</code> and <code>PASSWORD</code>. If
	* those aren't found, then the request is checked for the HTTP Authorization header.
	* Currently, only Basic authorization is supported.</p>
	*
	* @param request The WebDAV request
	* @return A <code>Map</code> containing <code>login.username</code> and
	* <code>login.password</code> elements.
	*/
	public static Map<String, Object> getCredentialsFromRequest(HttpServletRequest request) {
	String username = request.getParameter("USERNAME");
	String password = request.getParameter("PASSWORD");
	if (UtilValidate.isEmpty(username) \|\| UtilValidate.isEmpty(password)) {
	String credentials = request.getHeader("Authorization");
	if (credentials != null && credentials.startsWith("Basic ")) {
	credentials = Base64.base64Decode(credentials.replace("Basic ", ""));
	Debug.logVerbose("Found HTTP Basic credentials", module);
	String[] parts = credentials.split(":");
	if (parts.length < 2) {
	return null;
	}
	username = parts[0];
	password = parts[1];
	} else {
	return null;
	}
	}
	if ("true".equalsIgnoreCase(UtilProperties.getPropertyValue("security.properties", "username.lowercase"))) {
	username = username.toLowerCase();
	}
	if ("true".equalsIgnoreCase(UtilProperties.getPropertyValue("security.properties", "password.lowercase"))) {
	password = password.toLowerCase();
	}
	Map<String, Object> result = FastMap.newInstance();
	result.put("login.username", username);
	result.put("login.password", password);
	return result;
	}
	}