KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > nemesis > forum > util > CookieManager


1 /*
2  * NEMESIS-FORUM.
3  * Copyright (C) 2002 David Laurent(lithium2@free.fr). All rights reserved.
4  *
5  * Copyright (c) 2000 The Apache Software Foundation. All rights reserved.
6  *
7  * Copyright (C) 2001 Yasna.com. All rights reserved.
8  *
9  * Copyright (C) 2000 CoolServlets.com. All rights reserved.
10  *
11  * NEMESIS-FORUM. is free software; you can redistribute it and/or
12  * modify it under the terms of the Apache Software License, Version 1.1,
13  * or (at your option) any later version.
14  *
15  * NEMESIS-FORUM core framework, NEMESIS-FORUM backoffice, NEMESIS-FORUM frontoffice
16  * application are parts of NEMESIS-FORUM and are distributed under
17  * same terms of licence.
18  *
19  *
20  * NEMESIS-FORUM includes software developed by the Apache Software Foundation (http://www.apache.org/)
21  * and software developed by CoolServlets.com (http://www.coolservlets.com).
22  * and software developed by Yasna.com (http://www.yasna.com).
23  *
24  */
25 package org.nemesis.forum.util;
26
27 import javax.servlet.http.Cookie JavaDoc;
28 import javax.servlet.http.HttpServletRequest JavaDoc;
29 import javax.servlet.http.HttpServletResponse JavaDoc;
30
31 /**
32  * @author dlaurent
33  *
34  * :TODO:passer en config
35  */
36 public class CookieManager {
37
38     private static final long SECOND = 1000;
39     private static final long MINUTE = 60 * SECOND;
40     private static final long HOUR = 60 * MINUTE;
41     private static final long DAY = 24 * HOUR;
42     private static final long WEEK = 7 * DAY;
43     public static final int MAX_COOKIE_AGE = (int) (WEEK / 1000) * 8;
44
45     private final static int ENCODE_XORMASK = 0x5A;
46     private final static char ENCODE_DELIMETER = '\002';
47     private final static char ENCODE_CHAR_OFFSET1 = 'A';
48     private final static char ENCODE_CHAR_OFFSET2 = 'h';
49
50     public static void setCookie(HttpServletResponse JavaDoc res, String JavaDoc name, String JavaDoc value, int maxAge) {
51         Cookie JavaDoc oneCookie = new Cookie JavaDoc(name, value);
52         oneCookie.setMaxAge(maxAge);
53         oneCookie.setPath("/");
54         res.addCookie(oneCookie);
55     }
56
57     /**
58      * Returns the specified Cookie object, or null if the cookie does not exist.
59      *
60      * @param request The HttpServletRequest object, known as "request" in a
61      * JSP page.
62      * @param name the name of the cookie.
63      * @return the Cookie object if it exists, otherwise null.
64      */
65     public static Cookie JavaDoc getCookie(HttpServletRequest JavaDoc request, String JavaDoc name) {
66         Cookie JavaDoc cookies[] = request.getCookies();
67         if (cookies == null || name == null || name.length() == 0) {
68             return null;
69         }
70         //Otherwise, we have to do a linear scan for the cookie.
71 for (int i = 0; i < cookies.length; i++) {
72             if (cookies[i].getName().equals(name)) {
73                 return cookies[i];
74             }
75         }
76         return null;
77     }
78
79     /**
80      * Returns the value of the specified cookie as a String. If the cookie
81      * does not exist, the method returns null.
82      *
83      * @param request the HttpServletRequest object, known as "request" in a
84      * JSP page.
85      * @param name the name of the cookie
86      * @return the value of the cookie, or null if the cookie does not exist.
87      */
88     public static String JavaDoc getCookieValue(HttpServletRequest JavaDoc request, String JavaDoc name) {
89         Cookie JavaDoc cookie = getCookie(request, name);
90         if (cookie != null) {
91             return cookie.getValue();
92         }
93         return null;
94     }
95
96     /**
97      * Invalidate the specified cookie and delete it from the response object.
98      *
99      * @param request The HttpServletRequest object, known as "request" in a JSP page.
100      * @param response The HttpServletResponse object, known as "response" in a JSP page.
101      * @param cookieName The name of the cookie you want to delete.
102      */
103     public static void invalidateCookie(HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response, String JavaDoc cookieName) {
104         Cookie JavaDoc cookie = new Cookie JavaDoc(cookieName, null); // invalidate cookie
105 cookie.setMaxAge(0); // deletes cookie
106 cookie.setPath("/");
107         response.addCookie(cookie);
108     }
109
110     /**
111      * Builds a cookie string containing a username and password.<p>
112      *
113      * Note: with open source this is not really secure, but it prevents users
114      * from snooping the cookie file of others and by changing the XOR mask and
115      * character offsets, you can easily tweak results.
116      *
117      * @param username The username.
118      * @param password The password.
119      * @return String encoding the input parameters, an empty string if one of
120      * the arguments equals <code>null</code>.
121      */
122     public static String JavaDoc encodePasswordCookie(String JavaDoc username, String JavaDoc password) {
123         StringBuffer JavaDoc buf = new StringBuffer JavaDoc();
124         if (username != null && password != null) {
125             byte[] bytes = (username + ENCODE_DELIMETER + password).getBytes();
126             int b;
127
128             for (int n = 0; n < bytes.length; n++) {
129                 b = bytes[n] ^ (ENCODE_XORMASK + n);
130                 buf.append((char) (ENCODE_CHAR_OFFSET1 + (b & 0x0F)));
131                 buf.append((char) (ENCODE_CHAR_OFFSET2 + ((b >> 4) & 0x0F)));
132             }
133         }
134         return buf.toString();
135     }
136
137     /**
138      * Unrafels a cookie string containing a username and password.
139      * @param value The cookie value.
140      * @return String[] containing the username at index 0 and the password at
141      * index 1, or <code>{ null, null }</code> if cookieVal equals
142      * <code>null</code> or the empty string.
143      */
144     public static String JavaDoc[] decodePasswordCookie(String JavaDoc cookieVal) {
145
146         // check that the cookie value isn't null or zero-length
147 if (cookieVal == null || cookieVal.length() <= 0) {
148             return null;
149         }
150
151         // unrafel the cookie value
152 char[] chars = cookieVal.toCharArray();
153         byte[] bytes = new byte[chars.length / 2];
154         int b;
155         for (int n = 0, m = 0; n < bytes.length; n++) {
156             b = chars[m++] - ENCODE_CHAR_OFFSET1;
157             b |= (chars[m++] - ENCODE_CHAR_OFFSET2) << 4;
158             bytes[n] = (byte) (b ^ (ENCODE_XORMASK + n));
159         }
160         cookieVal = new String JavaDoc(bytes);
161         int pos = cookieVal.indexOf(ENCODE_DELIMETER);
162         String JavaDoc username = (pos < 0) ? "" : cookieVal.substring(0, pos);
163         String JavaDoc password = (pos < 0) ? "" : cookieVal.substring(pos + 1);
164
165         return new String JavaDoc[] { username, password };
166     }
167 }
168
Popular Tags