1 package org.jahia.services.webdav; 2 3 import java.io.IOException ; 4 import java.io.UnsupportedEncodingException ; 5 import java.security.Principal ; 6 import java.util.HashMap ; 7 import java.util.Map ; 8 9 import javax.servlet.http.HttpServletRequest ; 10 import javax.servlet.http.HttpServletRequestWrapper ; 11 12 import org.apache.slide.authenticate.SecurityToken; 13 import org.apache.slide.common.Domain; 14 import org.apache.slide.common.NamespaceAccessToken; 15 import org.apache.slide.util.logger.Logger; 16 import org.jahia.bin.Jahia; 17 import org.jahia.exceptions.JahiaException; 18 import org.jahia.params.ParamBean; 19 import org.jahia.registries.ServicesRegistry; 20 import org.jahia.services.sites.JahiaSite; 21 import org.jahia.services.usermanager.JahiaLDAPUser; 22 import org.jahia.services.usermanager.JahiaUser; 23 import org.jahia.utils.properties.PropertiesManager; 24 25 import sun.misc.BASE64Decoder; 26 27 34 public class HttpRequestWrapper extends HttpServletRequestWrapper { 35 public static final String NAMESPACE_ATTRIBUTE = "org.apache.slide.webdav.namespace"; 36 public static final String SITE_INFO_ENABLED = "org.apache.slide.webdav.siteinfo"; 37 public static final String TOKEN_ATTRIBUTE = "token"; 38 39 private static final String LOG_CHANNEL = HttpRequestWrapper.class.getName(); 40 41 private static Map tokens = new HashMap (); 42 43 private String pathInfo = null; 44 private String requestURI = null; 45 46 public HttpRequestWrapper(HttpServletRequest httpServletRequest) throws JahiaException { 47 super(httpServletRequest); 48 49 52 if (Jahia.getSettings() != null) { 57 if (Jahia.getSettings().isUtf8Encoding()) { 58 try { 62 httpServletRequest.setCharacterEncoding("UTF-8"); 63 } catch (UnsupportedEncodingException uee) { 64 uee.printStackTrace(); 65 } 66 } 67 } 68 69 pathInfo = super.getPathInfo(); 70 requestURI = super.getRequestURI(); 71 72 75 String ns = null; 76 77 JahiaSite site = null; 78 if (pathInfo != null) { 79 if (pathInfo.startsWith("/site/")) { 80 setAttribute(SITE_INFO_ENABLED, "on"); 81 int slashInd = pathInfo.indexOf('/',6); 82 if (slashInd == -1) { 83 ns = pathInfo.substring(6); 84 } else { 85 ns = pathInfo.substring(6, slashInd); 86 } 87 site = ServicesRegistry.getInstance().getJahiaSitesService().getSiteByKey(ns); 88 } 89 } 90 91 if (site == null) { 92 site = ServicesRegistry.getInstance().getJahiaSitesService().getSite(httpServletRequest.getServerName()); 93 } 94 95 if (site == null) { 96 site = getDefaultSite(); 97 } 98 99 if (site != null) { 100 ns = site.getSiteKey(); 101 } 102 103 getSession(true).setAttribute(ParamBean.SESSION_SITE,site); 104 105 if (ns == null) { 106 return; 107 } 108 109 setAttribute(NAMESPACE_ATTRIBUTE, ns); 110 111 NamespaceAccessToken token; 112 113 if (tokens.containsKey(ns)) { 114 token = (NamespaceAccessToken) tokens.get(ns); 115 } else { 116 token = Domain.accessNamespace 117 (new SecurityToken(this), ns); 118 tokens.put(ns, token); 119 } 120 setAttribute(HttpRequestWrapper.TOKEN_ATTRIBUTE,token); 121 } 122 123 public String getPathInfo() { 124 return pathInfo; 125 } 126 127 public String getRequestURI() { 128 return requestURI; 129 } 130 131 public String getServletPath() { 132 String servletPath = super.getServletPath(); 133 if (getAttribute(SITE_INFO_ENABLED) != null) { 134 return servletPath+"/site/"+((JahiaSite)getSession(true).getAttribute(ParamBean.SESSION_SITE)).getSiteKey(); 135 } else { 136 return servletPath; 137 } 138 } 139 140 private Principal getHttpUserPrincipal(Principal currentPrincipal) { 141 String auth = getHeader("Authorization"); 142 if (auth != null) { 143 try { 144 auth = auth.substring(6).trim(); 145 BASE64Decoder decoder = new BASE64Decoder(); 146 String cred = new String (decoder.decodeBuffer(auth)); 147 int colonInd = cred.indexOf(':'); 148 String user = cred.substring(0,colonInd); 149 if (currentPrincipal != null 150 && user.equals(currentPrincipal.getName())) 151 return currentPrincipal; 152 String pass = cred.substring(colonInd+1); 153 154 JahiaSite site = (JahiaSite) getSession().getAttribute(ParamBean.SESSION_SITE); 155 JahiaUser jahiaUser = null; 156 try { 157 jahiaUser = ServicesRegistry.getInstance().getJahiaSiteUserManagerService().getMember(site.getID(), user); 158 if (jahiaUser != null) { 163 if (jahiaUser.verifyPassword(pass) ) { 164 getLogger().log( 165 "User [" + jahiaUser.getName() 166 + "] logged in.", LOG_CHANNEL, 167 Logger.DEBUG); 168 return new JahiaUserWrapper(jahiaUser); 169 } 170 } 171 } catch (JahiaException ex) { 172 getLogger().log( 173 "User [" + jahiaUser.getName() + "] login failure", ex, 174 LOG_CHANNEL, Logger.ERROR); 175 } 176 } catch (IOException ex) { 177 getLogger().log("Invalid Authorization request", ex, 178 LOG_CHANNEL, Logger.ERROR); 179 } catch (StringIndexOutOfBoundsException sib) { 180 getLogger().log("Invalid Authorization request", sib, 181 LOG_CHANNEL, Logger.ERROR); 182 } 183 } 184 185 if (getLogger().isEnabled(Logger.DEBUG)) 186 getLogger().log( 187 "No explicit authorization requested: using session user", 188 LOG_CHANNEL, Logger.DEBUG); 189 return currentPrincipal; 190 } 191 192 private Principal getJahiaUserPrincipal() { 193 JahiaUser jahiaUser = (JahiaUser) getSession(true).getAttribute(ParamBean.SESSION_USER); 194 195 if (jahiaUser == null) { 196 return null; 197 } 198 199 if (jahiaUser.getSiteID() != 0 && !(jahiaUser instanceof JahiaLDAPUser)) { 200 JahiaSite site = null; 201 try { 202 site = ServicesRegistry.getInstance().getJahiaSitesService().getSite(jahiaUser.getSiteID()); 203 } catch (JahiaException e) { 204 return null; 205 } 206 if (site == null) { 207 return null; 208 } 209 if (!site.getSiteKey().equals(getAttribute(NAMESPACE_ATTRIBUTE))) { 210 return null; 211 } 212 } 213 214 return new JahiaUserWrapper(jahiaUser); 215 } 216 217 private Principal getNtlmUserPrincipal() { 218 if (getAttribute("ntlmAuthType") != null) { 219 Principal principal = (Principal ) getAttribute("ntlmPrincipal"); 220 if (principal != null) { 221 String userName = principal.getName(); 224 int backslashPos = principal.getName().lastIndexOf("\\"); 225 if (backslashPos != -1) { 226 userName = principal.getName().substring(backslashPos+1); 227 } 228 try { 229 JahiaSite site = (JahiaSite) getSession().getAttribute(ParamBean.SESSION_SITE); 230 JahiaUser jahiaUser = null; 231 if (site != null) { 232 jahiaUser = ServicesRegistry.getInstance().getJahiaSiteUserManagerService().getMember(site.getID(), userName); 233 if (jahiaUser != null) { 234 return new JahiaUserWrapper(jahiaUser); 235 } 236 } 237 } catch (Exception e) { 238 } 239 } 240 } 241 return null; 242 } 243 244 public Principal getUserPrincipal() { 245 Principal user = getJahiaUserPrincipal(); 246 if (user == null) { 247 user = getNtlmUserPrincipal(); 248 } 249 if (user == null) { 250 user = getHttpUserPrincipal(getJahiaUserPrincipal()); 251 } 252 return user; 253 } 254 255 261 private JahiaSite getDefaultSite(){ 262 263 265 JahiaSite site = null; 266 String siteKey = null; 267 268 PropertiesManager pm = new PropertiesManager(Jahia.getJahiaPropertiesFileName()); 270 if ( pm != null ){ 271 siteKey = pm.getProperty("defautSite"); 272 if ( siteKey == null || siteKey.trim().equals("") ){ 273 return null; 274 } 275 } 276 277 if ( siteKey != null ){ 278 try { 279 site = ServicesRegistry.getInstance() 280 .getJahiaSitesService() 281 .getSiteByKey(siteKey); 282 } catch ( JahiaException je ){ 283 return null; 284 } 285 } 286 287 288 return site; 289 } 290 291 private Logger getLogger() { 292 NamespaceAccessToken token = (NamespaceAccessToken) getAttribute(TOKEN_ATTRIBUTE); 293 return token != null ? token.getLogger() : null; 294 } 295 296 } 297 | Popular Tags |