KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > activemq > util > RestFilter


1 //========================================================================
2 //Copyright 2007 CSC - Scientific Computing Ltd.
3 //------------------------------------------------------------------------
4 //Licensed under the Apache License, Version 2.0 (the "License");
5 //you may not use this file except in compliance with the License.
6 //You may obtain a copy of the License at
7 //http://www.apache.org/licenses/LICENSE-2.0
8 //Unless required by applicable law or agreed to in writing, software
9 //distributed under the License is distributed on an "AS IS" BASIS,
10 //WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
11 //See the License for the specific language governing permissions and
12 //limitations under the License.
13 //========================================================================
14
15 package org.apache.activemq.util;
16
17 import java.io.File JavaDoc;
18 import java.io.FileOutputStream JavaDoc;
19 import java.io.IOException JavaDoc;
20 import java.net.URL JavaDoc;
21
22 import javax.servlet.Filter JavaDoc;
23 import javax.servlet.FilterChain JavaDoc;
24 import javax.servlet.FilterConfig JavaDoc;
25 import javax.servlet.ServletException JavaDoc;
26 import javax.servlet.ServletRequest JavaDoc;
27 import javax.servlet.ServletResponse JavaDoc;
28 import javax.servlet.UnavailableException JavaDoc;
29 import javax.servlet.http.HttpServletRequest JavaDoc;
30 import javax.servlet.http.HttpServletResponse JavaDoc;
31
32 import org.mortbay.log.Log;
33 import org.mortbay.util.IO;
34 import org.mortbay.util.URIUtil;
35
36 import sun.net.www.protocol.http.HttpURLConnection;
37
38 /**
39 * <p>Adds support for HTTP PUT, MOVE and
40 * DELETE methods. If init parameters read-permission-role and write-permission-role
41 * are defined then all requests are authorized using the defined roles. Also GET methods are
42 * authorized. </p>
43 *
44 * @author Aleksi Kallio
45 *
46 */
47 public class RestFilter implements Filter JavaDoc {
48
49     private static final String JavaDoc HTTP_HEADER_DESTINATION = "Destination";
50     private static final String JavaDoc HTTP_METHOD_MOVE = "MOVE";
51     private static final String JavaDoc HTTP_METHOD_PUT = "PUT";
52     private static final String JavaDoc HTTP_METHOD_GET = "GET";
53     private static final String JavaDoc HTTP_METHOD_DELETE = "DELETE";
54     
55     private String JavaDoc readPermissionRole = null;
56     private String JavaDoc writePermissionRole = null;
57     private FilterConfig JavaDoc filterConfig;
58
59     public void init(FilterConfig JavaDoc filterConfig) throws UnavailableException JavaDoc
60     {
61         this.filterConfig = filterConfig;
62         readPermissionRole = filterConfig.getInitParameter("read-permission-role");
63         writePermissionRole = filterConfig.getInitParameter("write-permission-role");
64     }
65     
66     private File JavaDoc locateFile(HttpServletRequest JavaDoc request)
67     {
68         return new File JavaDoc(filterConfig.getServletContext().getRealPath(URIUtil.addPaths(request.getServletPath(),request.getPathInfo())));
69     }
70
71     public void doFilter(ServletRequest JavaDoc request, ServletResponse JavaDoc response, FilterChain JavaDoc chain) throws IOException JavaDoc, ServletException JavaDoc
72     {
73         if (!(request instanceof HttpServletRequest JavaDoc && response instanceof HttpServletResponse JavaDoc))
74         {
75             if (Log.isDebugEnabled())
76             {
77                 Log.debug("request not HTTP, can not understand: " + request.toString());
78             }
79             chain.doFilter(request, response);
80             return;
81         }
82         
83         HttpServletRequest JavaDoc httpRequest = (HttpServletRequest JavaDoc)request;
84         HttpServletResponse JavaDoc httpResponse = (HttpServletResponse JavaDoc)response;
85         
86         if (httpRequest.getMethod().equals(HTTP_METHOD_MOVE))
87         {
88             doMove(httpRequest, httpResponse);
89         }
90         else if (httpRequest.getMethod().equals(HTTP_METHOD_PUT))
91         {
92             doPut(httpRequest, httpResponse);
93         }
94         else if (httpRequest.getMethod().equals(HTTP_METHOD_GET))
95         {
96             if (checkGet(httpRequest, httpResponse)) {
97                 chain.doFilter(httpRequest, httpResponse); // actual processing done elsewhere
98 }
99         }
100         else if (httpRequest.getMethod().equals(HTTP_METHOD_DELETE))
101         {
102             doDelete(httpRequest, httpResponse);
103         }
104         else
105         {
106             chain.doFilter(httpRequest, httpResponse);
107         }
108     }
109     
110     protected void doMove(HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response) throws ServletException JavaDoc, IOException JavaDoc
111     {
112         if (Log.isDebugEnabled())
113         {
114             Log.debug("RESTful file access: MOVE request for " + request.getRequestURI());
115         }
116
117         if (writePermissionRole != null && !request.isUserInRole(writePermissionRole))
118         {
119             response.sendError(HttpURLConnection.HTTP_FORBIDDEN);
120             return;
121         }
122
123         File JavaDoc file = locateFile(request);
124         String JavaDoc destination = request.getHeader(HTTP_HEADER_DESTINATION);
125         
126         if (destination == null)
127         {
128             response.sendError(HttpURLConnection.HTTP_BAD_REQUEST, "Destination header not found");
129             return;
130         }
131         
132         try
133         {
134             URL JavaDoc destinationUrl = new URL JavaDoc(destination);
135             IO.copyFile(file, new File JavaDoc(destinationUrl.getFile()));
136             IO.delete(file);
137         }
138         catch (IOException JavaDoc e)
139         {
140             response.sendError(HttpURLConnection.HTTP_INTERNAL_ERROR); // file could not be moved
141 return;
142         }
143         
144         response.setStatus(HttpURLConnection.HTTP_NO_CONTENT); // we return no content
145 }
146
147     protected boolean checkGet(HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response) throws ServletException JavaDoc, IOException JavaDoc {
148         if (Log.isDebugEnabled())
149         {
150             Log.debug("RESTful file access: GET request for " + request.getRequestURI());
151         }
152
153         if (readPermissionRole != null && !request.isUserInRole(readPermissionRole))
154         {
155             response.sendError(HttpURLConnection.HTTP_FORBIDDEN);
156             return false;
157         } else {
158             return true;
159         }
160     }
161     
162     
163     protected void doPut(HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response) throws ServletException JavaDoc, IOException JavaDoc
164     {
165         if (Log.isDebugEnabled())
166         {
167             Log.debug("RESTful file access: PUT request for " + request.getRequestURI());
168         }
169         
170         if (writePermissionRole != null && !request.isUserInRole(writePermissionRole))
171         {
172             response.sendError(HttpURLConnection.HTTP_FORBIDDEN);
173             return;
174         }
175         
176         File JavaDoc file = locateFile(request);
177         
178         if (file.exists())
179         {
180             boolean success = file.delete(); // replace file if it exists
181 if (!success)
182             {
183                 response.sendError(HttpURLConnection.HTTP_INTERNAL_ERROR); // file existed and could not be deleted
184 return;
185             }
186         }
187         
188         FileOutputStream JavaDoc out = new FileOutputStream JavaDoc(file);
189         try
190         {
191             IO.copy(request.getInputStream(), out);
192         }
193         catch (IOException JavaDoc e)
194         {
195             Log.warn(Log.EXCEPTION, e); // is this obsolete?
196 out.close();
197             throw(e);
198         }
199         
200         response.setStatus(HttpURLConnection.HTTP_NO_CONTENT); // we return no content
201 }
202     
203     protected void doDelete(HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response) throws ServletException JavaDoc, IOException JavaDoc
204     {
205         if (Log.isDebugEnabled())
206         {
207             Log.debug("RESTful file access: DELETE request for " + request.getRequestURI());
208         }
209         
210         if (writePermissionRole != null && !request.isUserInRole(writePermissionRole))
211         {
212             response.sendError(HttpURLConnection.HTTP_FORBIDDEN);
213             return;
214         }
215         
216         File JavaDoc file = locateFile(request);
217         
218         if (!file.exists())
219         {
220             response.sendError(HttpURLConnection.HTTP_NOT_FOUND); // file not found
221 return;
222         }
223         
224         boolean success = IO.delete(file); // actual delete operation
225
226         if (success)
227         {
228             response.setStatus(HttpURLConnection.HTTP_NO_CONTENT); // we return no content
229 }
230         else
231         {
232             response.sendError(HttpURLConnection.HTTP_INTERNAL_ERROR); // could not be deleted due to internal error
233 }
234     }
235     
236     public void destroy()
237     {
238         // nothing to destroy
239 }
240 }
241
242
Popular Tags