KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > enhydra > servlet > servlets > CGIServlet


1
2 /*
3  * Enhydra Java Application Server Project
4  *
5  * The contents of this file are subject to the Enhydra Public License
6  * Version 1.1 (the "License"); you may not use this file except in
7  * compliance with the License. You may obtain a copy of the License on
8  * the Enhydra web site ( http://www.enhydra.org/ ).
9  *
10  * Software distributed under the License is distributed on an "AS IS"
11  * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
12  * the License for the specific terms governing rights and limitations
13  * under the License.
14  *
15  * The Initial Developer of the Enhydra Application Server is Lutris
16  * Technologies, Inc. The Enhydra Application Server and portions created
17  * by Lutris Technologies, Inc. are Copyright Lutris Technologies, Inc.
18  * All Rights Reserved.
19  *
20  * Contributor(s):
21  *
22  * $Id: CGIServlet.java,v 1.4 2005/03/24 10:51:25 slobodan Exp $
23  */
24
25 package org.enhydra.servlet.servlets;
26
27 import java.io.File JavaDoc;
28 import java.io.IOException JavaDoc;
29
30 import javax.servlet.ServletContext JavaDoc;
31 import javax.servlet.ServletException JavaDoc;
32 import javax.servlet.http.HttpServlet JavaDoc;
33 import javax.servlet.http.HttpServletRequest JavaDoc;
34 import javax.servlet.http.HttpServletResponse JavaDoc;
35
36
37 /**
38  * This Servlet is for the purpose of executing a CGI program that resides on
39  * the system. In order to use this servlet in the server please
40  * remember to specify the fully qualified classname
41  * org.enhydra.servlet.servlets.CGIServlet in the Classname field and specify
42  * the directory of the CGI to run in the DocRoot field.
43  *
44  * @version $Revision: 1.4 $
45  * @author Kent Henneuse
46  * @author Paul Morgan
47  */
48 public class CGIServlet extends HttpServlet JavaDoc {
49
50     /**
51      * Overide the service method of HttpServelet. This method executes a CGI
52      * program that is specified on the URL line of a browser.
53      *
54      * @param request the request that is sent by a browser
55      * @param response the response that is sent back to the browser after
56      * processing the CGI
57      */
58     public void service(HttpServletRequest JavaDoc request,
59         HttpServletResponse JavaDoc response)
60         throws ServletException JavaDoc, IOException JavaDoc {
61
62     // Get the full path of the CGI program to execute, the simple
63 // script name and the path info...
64 String JavaDoc strBuffer, progName, scriptPath, scriptName, pathInfo;
65     int pathLength, sp, sp2;
66     String JavaDoc servletPath = request.getServletPath();
67
68         if (servletPath.equals("")) {
69         // handles url mappings to directories
70 progName = request.getPathTranslated();
71         pathLength = servletPath.length();
72         strBuffer = request.getRequestURI().substring(pathLength);
73         sp = progName.indexOf(strBuffer);
74         int nextSlash = 0;
75         while (sp == -1 && nextSlash != -1) {
76
77             nextSlash = strBuffer.indexOf(File.separator, 1);
78                 if (nextSlash != -1){
79                     strBuffer = strBuffer.substring(nextSlash);
80             sp = progName.indexOf(strBuffer);
81           }
82         }
83
84         scriptPath = progName;
85         sp2 = 0;
86         while (sp2 < progName.length()) {
87             sp2 = progName.indexOf(File.separator, sp);
88             scriptPath = progName.substring(0, sp2==-1?progName.length():sp2);
89         if (!scriptPath.equals("")){
90             File JavaDoc file = new File JavaDoc(scriptPath);
91             if (!file.isDirectory()) {
92                 break;
93             }
94             }
95             sp = sp2 + 1;
96         }
97
98         pathInfo = progName.substring(scriptPath.length());
99         scriptName = scriptPath.substring(scriptPath.lastIndexOf(File.separator) + 1);
100         } else {
101         // handles url mappings to suffixes
102 ServletContext JavaDoc context = getServletContext();
103         String JavaDoc realPath = context.getRealPath("");
104         if (!realPath.endsWith(File.separator)) {
105             realPath = realPath + File.separator;
106         }
107         if (servletPath.startsWith(File.separator)) {
108             servletPath = servletPath.substring(1);
109         }
110         scriptPath = realPath + servletPath;
111         scriptName = scriptPath.substring(scriptPath.lastIndexOf(File.separator) + 1);
112         pathInfo = request.getPathInfo();
113     }
114
115     // Check that the script pathname is valid i.e. no ".."
116 if (!isAuthorized(scriptPath)) {
117             response.sendError(response.SC_NOT_FOUND);
118             return;
119         }
120
121         
122         CgiProcessor cgi = new CgiProcessor();
123         try {
124             cgi.processCgiRequest(request, response, scriptPath, pathInfo, scriptName);
125         } catch (IOException JavaDoc e) {
126             cgi.cgiError(response);
127             System.err.println("ERROR: CGI: " + e);
128         }
129     }
130
131
132
133     /**
134      * Test if a path is authorized. Currently the only limitations
135      * are that the pathname must not contain "..".
136      *
137      * @param path requested path
138      * @return true if the path is authorized
139      */
140     private boolean isAuthorized(String JavaDoc path) {
141         if ((path != null) && (path.indexOf("..") != -1))
142             return false;
143         return true;
144     }
145
146
147
148
149
150 }
151
152
Popular Tags