Mercurial > hg > digilib
changeset 1177:9c956718f1da
better authorisation classes.
new AuthOpsFactory.
renamed XMLAuthOps to PathServletAuthOps.
new MetaAccessServletAuthOps using "access" metadata.
line wrap: on
line diff
--- a/common/src/main/java/digilib/auth/AuthOps.java Wed Apr 03 21:56:01 2013 +0200 +++ b/common/src/main/java/digilib/auth/AuthOps.java Thu Apr 04 11:21:16 2013 +0200 @@ -26,8 +26,6 @@ * Author: Robert Casties (robcast@berlios.de) */ -import java.util.List; - import digilib.conf.DigilibRequest; /** Class of operations requiring authentication. */ @@ -52,25 +50,4 @@ public boolean isAuthorized(DigilibRequest request) throws AuthOpException; - /** Authorization roles needed for request. - * - * Returns the list of authorization roles that are needed to access the - * specified path. No list means the path is free. - * - * The location information of the request is also considered. - * - * @param request DigilibRequest with address information. - * @throws AuthOpException Exception thrown on error. - * @return List of Strings with role names. - */ - public List<String> rolesForPath(DigilibRequest request) - throws AuthOpException; - - /** Test request authorization against a list of roles. - * @param roles List of Strings with role names. - * @param request ServletRequest with address information. - * @return true if the user information in the request authorizes one of the roles. - */ - public boolean isRoleAuthorized(List<String> roles, DigilibRequest request); - }
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/common/src/main/java/digilib/auth/AuthOpsFactory.java Thu Apr 04 11:21:16 2013 +0200 @@ -0,0 +1,37 @@ +/** + * + */ +package digilib.auth; + +import org.apache.log4j.Logger; + + +/** + * @author casties + * + */ +public class AuthOpsFactory { + /** Log4J logger */ + protected static Logger logger = Logger.getLogger(AuthOpsFactory.class); + + /** AuthOps implementation class */ + protected static Class<AuthOps> authOpsClass; + + public static AuthOps getAuthOpsInstance() { + AuthOps ao = null; + try { + ao = authOpsClass.newInstance(); + } catch (Exception e) { + logger.error("Unable to create AuthOps instance!", e); + } + return ao; + } + + /** set the AuthOps implementation class. + * @param clazz + */ + public static void setAuthOpsClass(Class<AuthOps> clazz) { + AuthOpsFactory.authOpsClass = clazz; + } + +}
--- a/common/src/main/java/digilib/conf/DigilibRequest.java Wed Apr 03 21:56:01 2013 +0200 +++ b/common/src/main/java/digilib/conf/DigilibRequest.java Thu Apr 04 11:21:16 2013 +0200 @@ -33,7 +33,7 @@ import java.net.URLDecoder; import java.util.StringTokenizer; -import digilib.image.DocuImage; +import digilib.image.ImageJobDescription; import digilib.io.FileOps; import digilib.util.OptionsSet; import digilib.util.Parameter; @@ -63,7 +63,7 @@ */ public class DigilibRequest extends ParameterMap { - protected DocuImage image; // internal DocuImage instance for this request + protected ImageJobDescription ticket; // ImageJobDescription for this request public DigilibRequest() { super(30); @@ -128,9 +128,6 @@ newParameter("request.path", "", null, 'i'); // base URL (from http:// to below /servlet) newParameter("base.url", null, null, 'i'); - // DocuImage instance for this request - newParameter("docu.image", image, null, 'i'); - image = null; /* * Parameters of type 'c' are for the clients use */ @@ -285,24 +282,18 @@ return FileOps.normalName(s); } - /** - * Returns the image. - * - * @return DocuImage - */ - public DocuImage getImage() { - return image; - } + /** + * @return the ticket + */ + public ImageJobDescription getJobDescription() { + return ticket; + } - /** - * Sets the image. - * - * @param image - * The image to set - */ - public void setImage(DocuImage image) { - this.image = image; - setValue("docu.image", image); - } + /** + * @param ticket the ticket to set + */ + public void setJobDescription(ImageJobDescription ticket) { + this.ticket = ticket; + } }
--- a/common/src/main/java/digilib/image/ImageJobDescription.java Wed Apr 03 21:56:01 2013 +0200 +++ b/common/src/main/java/digilib/image/ImageJobDescription.java Thu Apr 04 11:21:16 2013 +0200 @@ -32,6 +32,7 @@ import org.apache.log4j.Logger; import digilib.conf.DigilibConfiguration; +import digilib.conf.DigilibRequest; import digilib.image.DocuImage.ColorOp; import digilib.io.DocuDirCache; import digilib.io.DocuDirectory; @@ -142,19 +143,34 @@ } - /** Creates new ImageJobDescription by merging Parameters from another ParameterMap. - * @param pm + /** Creates new ImageJobDescription by merging Parameters from a DigilibRequest. + * @param dlReq * @param dlcfg * @return */ - public static ImageJobDescription getInstance(ParameterMap pm, DigilibConfiguration dlcfg) { + public static ImageJobDescription getInstance(DigilibRequest dlReq, DigilibConfiguration dlcfg) { ImageJobDescription newMap = new ImageJobDescription(dlcfg); // add all params to this map - newMap.params.putAll(pm.getParams()); + newMap.params.putAll(dlReq.getParams()); newMap.initOptions(); + // add ImageJobDescription back into DigilibRequest + dlReq.setJobDescription(newMap); return newMap; } + /** Creates new ImageJobDescription by merging Parameters from another ParameterMap. + * @param pm + * @param dlcfg + * @return + */ + public static ImageJobDescription getInstance(ParameterMap pm, DigilibConfiguration dlcfg) { + ImageJobDescription newMap = new ImageJobDescription(dlcfg); + // add all params to this map + newMap.params.putAll(pm.getParams()); + newMap.initOptions(); + return newMap; + } + /** Returns the mime-type (of the input). * @return
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/servlet/src/main/java/digilib/auth/MetaAccessServletAuthOps.java Thu Apr 04 11:21:16 2013 +0200 @@ -0,0 +1,174 @@ +package digilib.auth; + +/* + * #%L + * XMLAuthOps -- Authentication class implementation using XML files + * + * Digital Image Library servlet components + * + * %% + * Copyright (C) 2001 - 2013 MPIWG Berlin + * %% + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Lesser Public License for more details. + * + * You should have received a copy of the GNU General Lesser Public + * License along with this program. If not, see + * <http://www.gnu.org/licenses/lgpl-3.0.html>. + * #L% + * Author: Robert Casties (robcast@berlios.de) + */ + +import java.io.File; +import java.util.Arrays; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; + +import digilib.conf.DigilibServletRequest; +import digilib.io.DocuDirent; +import digilib.meta.MetadataMap; +import digilib.util.HashTree; +import digilib.util.XMLListLoader; + +/** + * Implementation of AuthOps using "access" information from file metadata and + * roles mapped to IP-number ranges defined in an XML config file. + * + * The configuration file is read by an XMLListLoader into HashTree objects for + * IP numbers. + */ +public class MetaAccessServletAuthOps extends ServletAuthOpsImpl { + + private File configFile; + private HashTree authIPs; + private Map<String, List<String>> rolesMap; + + /** + * Constructor taking an XML config file. + * + * @param confFile + * Configuration file. + * @throws AuthOpException + * Exception thrown on error. + */ + public MetaAccessServletAuthOps(File confFile) throws AuthOpException { + configFile = confFile; + init(); + } + + /** + * Set configuration file. + * + * @param confFile + * XML config file. + * @throws AuthOpException + * Exception thrown on error. + */ + public void setConfig(File confFile) throws AuthOpException { + configFile = confFile; + init(); + } + + /** + * Initialize. + * + * Read configuration files and setup authorization arrays. + * + * @throws AuthOpException + * Exception thrown on error. + */ + public void init() throws AuthOpException { + logger.debug("IpRoleServletAuthops.init (" + configFile + ")"); + Map<String, String> ipList = null; + Map<String, String> roleList = null; + try { + // load authIPs + XMLListLoader ipLoader = new XMLListLoader("digilib-addresses", "address", "ip", "role"); + ipList = ipLoader.loadUri(configFile.toURI()); + // load role mappings + XMLListLoader roleLoader = new XMLListLoader("digilib-access", "access", "type", "role"); + roleList = roleLoader.loadUri(configFile.toURI()); + } catch (Exception e) { + throw new AuthOpException("ERROR loading authorization config file: " + e); + } + if ((ipList == null)||(roleList == null)) { + throw new AuthOpException("ERROR unable to load authorization config file!"); + } + // setup ip tree + authIPs = new HashTree(ipList, ".", ","); + // convert role list to map, splitting roles by "," + rolesMap = new HashMap<String,List<String>>(roleList.size()); + for (String k : roleList.keySet()) { + String rs = roleList.get(k); + String[] ra = rs.split(","); + rolesMap.put(k, Arrays.asList(ra)); + } + } + + /** + * Return authorization roles needed for request. + * + * Returns the list of authorization roles that are needed to access the + * specified path. No list means the path is free. + * + * The location information of the request is also considered. + * + * @param request + * ServletRequest with address information. + * @throws AuthOpException + * Exception thrown on error. + * @return List of Strings with role names. + */ + @Override + public List<String> rolesForPath(DigilibServletRequest dlRequest) throws AuthOpException { + HttpServletRequest request = dlRequest.getServletRequest(); + logger.debug("rolesForPath (" + dlRequest.getFilePath() + ") by [" + request.getRemoteAddr() + "]"); + /* + * check if the requests address provides a role + */ + List<String> provided = authIPs.match(request.getRemoteAddr()); + if ((provided != null) && (provided.contains("ALL"))) { + // ALL switches off checking; + return null; + } + /* + * get access restrictions from metadata + */ + String access = null; + try { + DocuDirent imgs = (DocuDirent) dlRequest.getJobDescription().getImageSet(); + MetadataMap meta = imgs.getMeta().getFileMeta(); + access = meta.get("access"); + } catch (Exception e) { + logger.error("Error getting meta for file!", e); + throw new AuthOpException("Error getting meta for file access!"); + } + if (access == null) { + // no access restriction - allow + return null; + } + // check provided against required roles + List<String> required = rolesMap.get(access); + // do any provided roles match? + if ((provided != null) && (required != null)) { + for (String prov : provided) { + if (required.contains(prov)) { + // satisfied + return null; + } + } + } + return required; + } + +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/servlet/src/main/java/digilib/auth/PathServletAuthOps.java Thu Apr 04 11:21:16 2013 +0200 @@ -0,0 +1,151 @@ +package digilib.auth; + +/* + * #%L + * XMLAuthOps -- Authentication class implementation using XML files + * + * Digital Image Library servlet components + * + * %% + * Copyright (C) 2001 - 2013 MPIWG Berlin + * %% + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Lesser Public License for more details. + * + * You should have received a copy of the GNU General Lesser Public + * License along with this program. If not, see + * <http://www.gnu.org/licenses/lgpl-3.0.html>. + * #L% + * Author: Robert Casties (robcast@berlios.de) + */ + +import java.io.File; +import java.util.List; +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; + +import digilib.conf.DigilibServletRequest; +import digilib.util.HashTree; +import digilib.util.XMLListLoader; + +/** + * Implementation of AuthOps using paths defined in an XML config file. + * + * The configuration file is read by an XMLListLoader into HashTree objects for + * authentication paths and IP numbers. + */ +public class PathServletAuthOps extends ServletAuthOpsImpl { + + private File configFile; + private HashTree authPaths; + private HashTree authIPs; + + /** + * Constructor taking an XML config file. + * + * @param u + * utils object + * @param confFile + * Configuration file. + * @throws AuthOpException + * Exception thrown on error. + */ + public PathServletAuthOps(File confFile) throws AuthOpException { + configFile = confFile; + init(); + } + + /** + * Set configuration file. + * + * @param confFile + * XML config file. + * @throws AuthOpException + * Exception thrown on error. + */ + public void setConfig(File confFile) throws AuthOpException { + configFile = confFile; + init(); + } + + /** + * Initialize. + * + * Read configuration files and setup authentication arrays. + * + * @throws AuthOpException + * Exception thrown on error. + */ + public void init() throws AuthOpException { + logger.debug("xmlauthops.init (" + configFile + ")"); + Map<String, String> pathList = null; + Map<String, String> ipList = null; + try { + // load authPaths + XMLListLoader pathLoader = new XMLListLoader("digilib-paths", "path", "name", "role"); + pathList = pathLoader.loadUri(configFile.toURI()); + // load authIPs + XMLListLoader ipLoader = new XMLListLoader("digilib-addresses", "address", "ip", "role"); + ipList = ipLoader.loadUri(configFile.toURI()); + } catch (Exception e) { + throw new AuthOpException("ERROR loading authorization config file: " + e); + } + if ((pathList == null) || (ipList == null)) { + throw new AuthOpException("ERROR unable to load authorization config file!"); + } + // setup path tree + authPaths = new HashTree(pathList, "/", ","); + // setup ip tree + authIPs = new HashTree(ipList, ".", ","); + } + + /** + * Return authorization roles needed for request. + * + * Returns the list of authorization roles that are needed to access the + * specified path. No list means the path is free. + * + * The location information of the request is also considered. + * + * @param filepath + * filepath to be accessed. + * @param request + * ServletRequest with address information. + * @throws AuthOpException + * Exception thrown on error. + * @return List of Strings with role names. + */ + public List<String> rolesForPath(DigilibServletRequest dlRequest) throws digilib.auth.AuthOpException { + String filepath = dlRequest.getFilePath(); + HttpServletRequest request = dlRequest.getServletRequest(); + logger.debug("rolesForPath (" + filepath + ") by [" + request.getRemoteAddr() + "]"); + + // check if the requests address provides a role + List<String> provided = authIPs.match(request.getRemoteAddr()); + if ((provided != null) && (provided.contains("ALL"))) { + // ALL switches off checking; + return null; + } + // which roles are required? + List<String> required = authPaths.match(filepath); + // do any provided roles match? + if ((provided != null) && (required != null)) { + for (int i = 0; i < provided.size(); i++) { + if (required.contains(provided.get(i))) { + // satisfied + return null; + } + } + } + return required; + } + +}
--- a/servlet/src/main/java/digilib/auth/ServletAuthOps.java Wed Apr 03 21:56:01 2013 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,158 +0,0 @@ -package digilib.auth; - -/* - * #%L - * AuthOps -- Authentication class implementation - * - * Digital Image Library servlet components - * - * %% - * Copyright (C) 2001 - 2013 MPIWG Berlin - * %% - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Lesser Public License for more details. - * - * You should have received a copy of the GNU General Lesser Public - * License along with this program. If not, see - * <http://www.gnu.org/licenses/lgpl-3.0.html>. - * #L% - * Author: Robert Casties (robcast@berlios.de) - */ - -import java.util.List; - -import javax.servlet.http.HttpServletRequest; - -import org.apache.log4j.Logger; - -import digilib.conf.DigilibRequest; -import digilib.conf.DigilibServletRequest; - -/** - * Basic implementation of AuthOps interface. - * - * Provides basic implementations. Only rolesForPath needs to be implemented by - * specific implementations. - */ -public abstract class ServletAuthOps implements AuthOps { - - /** general logger for this class */ - protected Logger logger = Logger.getLogger(this.getClass()); - - /** Default constructor. */ - public ServletAuthOps() { - try { - init(); - } catch (AuthOpException e) { - } - } - - /** - * Test if the request is allowed to access filepath. - * - * @param filepath - * filepath to be acessed. - * @param request - * Request with user information. - * @throws AuthOpException - * Exception thrown on error. - * @return true if the request is allowed. - */ - public boolean isAuthRequired(String filepath, HttpServletRequest request) throws AuthOpException { - // check permissions - List<String> rolesRequired = rolesForPath(filepath, request); - return (rolesRequired != null); - } - - /** - * @see digilib.auth.AuthOps#isAuthRequired(digilib.conf.DigilibRequest) - */ - public boolean isAuthRequired(DigilibRequest request) throws AuthOpException { - // check permissions - List<String> rolesRequired = rolesForPath(request); - return (rolesRequired != null); - } - - /** - * Return authorization roles needed for request. - * - * Returns a list of authorization roles that would be allowed to access the - * specified path. The location information of the request is considered - * also. - * - * @param filepath - * filepath to be accessed. - * @param request - * ServletRequest with address information. - * @throws AuthOpException - * Exception thrown on error. - * @return List of Strings with role names. - */ - public boolean isAuthorized(String filepath, HttpServletRequest request) throws AuthOpException { - List<String> rolesAllowed = rolesForPath(filepath, request); - return isRoleAuthorized(rolesAllowed, request); - } - - /** - * @see digilib.auth.AuthOps#isAuthorized(digilib.conf.DigilibRequest) - */ - public boolean isAuthorized(DigilibRequest request) throws AuthOpException { - List<String> rolesAllowed = rolesForPath(request); - return isRoleAuthorized(rolesAllowed, request); - } - - /** - * Test request authorization against a list of roles. - * - * @param roles - * List of Strings with role names. - * @param request - * ServletRequest with address information. - * @return true if the user information in the request authorizes one of the - * roles. - */ - public boolean isRoleAuthorized(List<String> roles, HttpServletRequest request) { - for (String s : roles) { - logger.debug("Testing role: " + s); - if (request.isUserInRole(s)) { - logger.debug("Role Authorized"); - return true; - } - } - return false; - } - - /** - * @see digilib.auth.AuthOps#isRoleAuthorized(java.util.List, - * digilib.conf.DigilibRequest) - */ - public boolean isRoleAuthorized(List<String> roles, DigilibRequest request) { - for (String s : roles) { - logger.debug("Testing role: " + s); - if (((DigilibServletRequest) request).getServletRequest().isUserInRole(s)) { - logger.debug("Role Authorized"); - return true; - } - } - return false; - } - - public abstract void init() throws AuthOpException; - - public abstract List<String> rolesForPath(String filepath, HttpServletRequest request) throws AuthOpException; - - /** - * @see digilib.auth.AuthOps#rolesForPath(digilib.conf.DigilibRequest) - */ - public List<String> rolesForPath(DigilibRequest request) throws AuthOpException { - return rolesForPath(request.getFilePath(), ((DigilibServletRequest) request).getServletRequest()); - } - -}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/servlet/src/main/java/digilib/auth/ServletAuthOpsImpl.java Thu Apr 04 11:21:16 2013 +0200 @@ -0,0 +1,111 @@ +package digilib.auth; + +/* + * #%L + * AuthOps -- Authentication class implementation + * + * Digital Image Library servlet components + * + * %% + * Copyright (C) 2001 - 2013 MPIWG Berlin + * %% + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Lesser Public License for more details. + * + * You should have received a copy of the GNU General Lesser Public + * License along with this program. If not, see + * <http://www.gnu.org/licenses/lgpl-3.0.html>. + * #L% + * Author: Robert Casties (robcast@berlios.de) + */ + +import java.util.List; + +import org.apache.log4j.Logger; + +import digilib.conf.DigilibRequest; +import digilib.conf.DigilibServletRequest; + +/** + * Basic implementation of AuthOps interface. + * + * Provides basic implementations. Only rolesForPath needs to be implemented by + * specific implementations. + */ +public abstract class ServletAuthOpsImpl implements AuthOps { + + /** general logger for this class */ + protected Logger logger = Logger.getLogger(this.getClass()); + + /** Default constructor. */ + public ServletAuthOpsImpl() { + try { + init(); + } catch (AuthOpException e) { + } + } + + public abstract void init() throws AuthOpException; + + /** + * @see digilib.auth.AuthOps#isAuthRequired(digilib.conf.DigilibRequest) + */ + public boolean isAuthRequired(DigilibRequest request) throws AuthOpException { + // check permissions + List<String> rolesRequired = rolesForPath((DigilibServletRequest) request); + return (rolesRequired != null); + } + + /** + * @see digilib.auth.AuthOps#isAuthorized(digilib.conf.DigilibRequest) + */ + public boolean isAuthorized(DigilibRequest request) throws AuthOpException { + List<String> rolesAllowed = rolesForPath((DigilibServletRequest) request); + return isRoleAuthorized(rolesAllowed, (DigilibServletRequest) request); + } + + /** + * Test request authorization against a list of roles. + * + * @param roles + * List of Strings with role names. + * @param request + * ServletRequest with address information. + * @return true if the user information in the request authorizes one of the + * roles. + */ + public boolean isRoleAuthorized(List<String> roles, DigilibServletRequest request) { + for (String s : roles) { + logger.debug("Testing role: " + s); + if (request.getServletRequest().isUserInRole(s)) { + logger.debug("Role Authorized"); + return true; + } + } + return false; + } + + /** + * Authorization roles needed for request. + * + * Returns the list of authorization roles that are needed to access the + * specified path. No list means the path is free. + * + * The location information of the request is also considered. + * + * @param request + * DigilibRequest with address information. + * @throws AuthOpException + * Exception thrown on error. + * @return List of Strings with role names. + */ + public abstract List<String> rolesForPath(DigilibServletRequest request) throws AuthOpException; + +}
--- a/servlet/src/main/java/digilib/auth/XMLAuthOps.java Wed Apr 03 21:56:01 2013 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,142 +0,0 @@ -package digilib.auth; - -/* - * #%L - * XMLAuthOps -- Authentication class implementation using XML files - * - * Digital Image Library servlet components - * - * %% - * Copyright (C) 2001 - 2013 MPIWG Berlin - * %% - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Lesser Public License for more details. - * - * You should have received a copy of the GNU General Lesser Public - * License along with this program. If not, see - * <http://www.gnu.org/licenses/lgpl-3.0.html>. - * #L% - * Author: Robert Casties (robcast@berlios.de) - */ - -import java.io.File; -import java.util.List; -import java.util.Map; - -import javax.servlet.http.HttpServletRequest; - -import digilib.util.HashTree; -import digilib.util.XMLListLoader; - -/** Implementation of AuthOps using XML files. - * - * The configuration file is read by an XMLListLoader into HashTree objects for - * authentication paths and IP numbers. - */ -public class XMLAuthOps extends ServletAuthOps { - - private File configFile; - private HashTree authPaths; - private HashTree authIPs; - - /** Constructor taking an XML config file. - * - * @param u utils object - * @param confFile Configuration file. - * @throws AuthOpException Exception thrown on error. - */ - public XMLAuthOps(File confFile) throws AuthOpException { - configFile = confFile; - init(); - } - - /** Set configuration file. - * - * @param confFile XML config file. - * @throws AuthOpException Exception thrown on error. - */ - public void setConfig(File confFile) throws AuthOpException { - configFile = confFile; - init(); - } - - /** Initialize. - * - * Read configuration files and setup authentication arrays. - * - * @throws AuthOpException Exception thrown on error. - */ - public void init() throws AuthOpException { - logger.debug("xmlauthops.init (" + configFile + ")"); - Map<String, String> pathList = null; - Map<String, String> ipList = null; - try { - // load authPaths - XMLListLoader pathLoader = - new XMLListLoader("digilib-paths", "path", "name", "role"); - pathList = pathLoader.loadUri(configFile.toURI()); - // load authIPs - XMLListLoader ipLoader = - new XMLListLoader("digilib-addresses", "address", "ip", "role"); - ipList = ipLoader.loadUri(configFile.toURI()); - } catch (Exception e) { - throw new AuthOpException( - "ERROR loading authorization config file: " + e); - } - if ((pathList == null) || (ipList == null)) { - throw new AuthOpException("ERROR unable to load authorization config file!"); - } - // setup path tree - authPaths = new HashTree(pathList, "/", ","); - // setup ip tree - authIPs = new HashTree(ipList, ".", ","); - } - - /** Return authorization roles needed for request. - * - * Returns the list of authorization roles that are needed to access the - * specified path. No list means the path is free. - * - * The location information of the request is also considered. - * - * @param filepath filepath to be accessed. - * @param request ServletRequest with address information. - * @throws AuthOpException Exception thrown on error. - * @return List of Strings with role names. - */ - public List<String> rolesForPath(String filepath, HttpServletRequest request) - throws digilib.auth.AuthOpException { - logger.debug("rolesForPath (" - + filepath - + ") by [" - + request.getRemoteAddr() - + "]"); - - // check if the requests address provides a role - List<String> provided = authIPs.match(request.getRemoteAddr()); - if ((provided != null) && (provided.contains("ALL"))) { - // ALL switches off checking; - return null; - } - // which roles are required? - List<String> required = authPaths.match(filepath); - // do any provided roles match? - if ((provided != null) && (required != null)) { - for (int i = 0; i < provided.size(); i++) { - if (required.contains(provided.get(i))) { - // satisfied - return null; - } - } - } - return required; - } - -}
--- a/servlet/src/main/java/digilib/servlet/DocumentBean.java Wed Apr 03 21:56:01 2013 +0200 +++ b/servlet/src/main/java/digilib/servlet/DocumentBean.java Thu Apr 04 11:21:16 2013 +0200 @@ -132,24 +132,6 @@ } /** - * return a list of authorization roles needed for request to access the - * specified path - */ - public List<String> rolesForPath(DigilibServletRequest request) throws AuthOpException { - logger.debug("rolesForPath"); - return useAuthentication ? authOp.rolesForPath(request) : null; - } - - /** - * check request authorization against a list of roles - */ - public boolean isRoleAuthorized(List<String> roles, DigilibServletRequest request) { - logger.debug("isRoleAuthorized"); - return useAuthentication ? authOp.isRoleAuthorized(roles, request) - : true; - } - - /** * check for authenticated access and redirect if necessary */ public boolean doAuthentication(HttpServletResponse response)
--- a/servlet2/src/main/java/digilib/servlet/Initialiser.java Wed Apr 03 21:56:01 2013 +0200 +++ b/servlet2/src/main/java/digilib/servlet/Initialiser.java Thu Apr 04 11:21:16 2013 +0200 @@ -42,7 +42,7 @@ import org.apache.log4j.xml.DOMConfigurator; import digilib.auth.AuthOps; -import digilib.auth.XMLAuthOps; +import digilib.auth.PathServletAuthOps; import digilib.conf.DigilibServletConfiguration; import digilib.image.DocuImage; import digilib.io.AliasingDocuDirCache; @@ -134,7 +134,7 @@ // XML version File authConf = ServletOps.getConfigFile((File) dlConfig .getValue("auth-file"), context); - AuthOps authOp = new XMLAuthOps(authConf); + AuthOps authOp = new PathServletAuthOps(authConf); dlConfig.setValue("servlet.auth.op", authOp); dlConfig.setValue("auth-file", authConf); }
--- a/servlet2/src/main/java/digilib/servlet/Scaler.java Wed Apr 03 21:56:01 2013 +0200 +++ b/servlet2/src/main/java/digilib/servlet/Scaler.java Thu Apr 04 11:21:16 2013 +0200 @@ -27,7 +27,6 @@ import java.io.File; import java.io.IOException; -import java.util.List; import java.util.concurrent.ExecutionException; import java.util.concurrent.Future; @@ -54,21 +53,26 @@ import digilib.util.DigilibJobCenter; /** - * Version of Scaler servlet that uses a thread pool but not Servlet 3.0 async API. + * Version of Scaler servlet that uses a thread pool but not Servlet 3.0 async + * API. */ public class Scaler extends HttpServlet { private static final long serialVersionUID = -5439198888139362735L; /** digilib servlet version (for all components) */ - public static final String version = "2.1.5 noasync"; + public static final String version = "2.1.6 noasync"; /** servlet error codes */ - public static enum Error {UNKNOWN, AUTH, FILE, IMAGE}; - + public static enum Error { + UNKNOWN, AUTH, FILE, IMAGE + }; + /** type of error message */ - public static enum ErrMsg {IMAGE, TEXT, CODE}; - + public static enum ErrMsg { + IMAGE, TEXT, CODE + }; + /** logger for accounting requests */ protected static Logger accountlog = Logger.getLogger("account.request"); @@ -116,18 +120,14 @@ public void init(ServletConfig config) throws ServletException { super.init(config); - System.out - .println("***** Digital Image Library Image Scaler Servlet (version " - + version + ") *****"); + System.out.println("***** Digital Image Library Image Scaler Servlet (version " + version + ") *****"); // say hello in the log file - logger.info("***** Digital Image Library Image Scaler Servlet (version " - + version + ") *****"); + logger.info("***** Digital Image Library Image Scaler Servlet (version " + version + ") *****"); // get our ServletContext ServletContext context = config.getServletContext(); // see if there is a Configuration instance - dlConfig = (DigilibServletConfiguration) context - .getAttribute("digilib.servlet.configuration"); + dlConfig = (DigilibServletConfiguration) context.getAttribute("digilib.servlet.configuration"); if (dlConfig == null) { // no Configuration throw new ServletException("No Configuration!"); @@ -142,8 +142,7 @@ dirCache = (DocuDirCache) dlConfig.getValue("servlet.dir.cache"); // Executor - imageJobCenter = (DigilibJobCenter<DocuImage>) dlConfig - .getValue("servlet.worker.imageexecutor"); + imageJobCenter = (DigilibJobCenter<DocuImage>) dlConfig.getValue("servlet.worker.imageexecutor"); denyImgFile = ServletOps.getFile(dlConfig.getAsFile("denied-image"), context); errorImgFile = ServletOps.getFile(dlConfig.getAsFile("error-image"), context); @@ -151,13 +150,13 @@ sendFileAllowed = dlConfig.getAsBoolean("sendfile-allowed"); } - /** Returns modification time relevant to the request for caching. + /** + * Returns modification time relevant to the request for caching. * * @see javax.servlet.http.HttpServlet#getLastModified(javax.servlet.http.HttpServletRequest) */ public long getLastModified(HttpServletRequest request) { - accountlog.debug("GetLastModified from " + request.getRemoteAddr() - + " for " + request.getQueryString()); + accountlog.debug("GetLastModified from " + request.getRemoteAddr() + " for " + request.getQueryString()); long mtime = -1; // create new request DigilibServletRequest dlReq = new DigilibServletRequest(request); @@ -165,47 +164,52 @@ if (dd != null) { mtime = dd.getDirMTime() / 1000 * 1000; } - logger.debug(" returns "+mtime); + logger.debug(" returns " + mtime); return mtime; } - /* (non-Javadoc) - * @see javax.servlet.http.HttpServlet#doGet(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + /* + * (non-Javadoc) + * + * @see + * javax.servlet.http.HttpServlet#doGet(javax.servlet.http.HttpServletRequest + * , javax.servlet.http.HttpServletResponse) */ public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException { accountlog.info("GET from " + request.getRemoteAddr()); this.processRequest(request, response); } - - /* (non-Javadoc) - * @see javax.servlet.http.HttpServlet#doPost(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + /* + * (non-Javadoc) + * + * @see + * javax.servlet.http.HttpServlet#doPost(javax.servlet.http.HttpServletRequest + * , javax.servlet.http.HttpServletResponse) */ public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException { accountlog.info("POST from " + request.getRemoteAddr()); this.processRequest(request, response); } - - protected void doHead(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - logger.debug("HEAD from "+req.getRemoteAddr()); - super.doHead(req, resp); - } + protected void doHead(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { + logger.debug("HEAD from " + req.getRemoteAddr()); + super.doHead(req, resp); + } - protected void doOptions(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - logger.debug("OPTIONS from "+req.getRemoteAddr()); - super.doOptions(req, resp); - } + protected void doOptions(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { + logger.debug("OPTIONS from " + req.getRemoteAddr()); + super.doOptions(req, resp); + } - /** Service this request using the response. + /** + * Service this request using the response. + * * @param request * @param response - * @throws ServletException + * @throws ServletException */ - public void processRequest(HttpServletRequest request, - HttpServletResponse response) throws ServletException { + public void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException { if (dlConfig == null) { logger.error("ERROR: No Configuration!"); @@ -224,29 +228,23 @@ // type of error reporting ErrMsg errMsgType = ErrMsg.IMAGE; if (dlRequest.hasOption("errtxt")) { - errMsgType = ErrMsg.TEXT; + errMsgType = ErrMsg.TEXT; } else if (dlRequest.hasOption("errcode")) { - errMsgType = ErrMsg.CODE; + errMsgType = ErrMsg.CODE; } - + try { - /* - * check if we can fast-track without scaling - */ + /* + * check if we can fast-track without scaling + */ ImageInput fileToLoad = (ImageInput) jobTicket.getInput(); // check permissions if (useAuthorization) { - // get a list of required roles (empty if no restrictions) - List<String> rolesRequired = authOp.rolesForPath(dlRequest); - if (rolesRequired != null) { - authlog.debug("Role required: " + rolesRequired); - authlog.debug("User: " + request.getRemoteUser()); - // is the current request/user authorized? - if (!authOp.isRoleAuthorized(rolesRequired, dlRequest)) { - // send deny answer and abort - throw new AuthOpException(); - } + // is the current request/user authorized? + if (!authOp.isAuthorized(dlRequest)) { + // send deny answer and abort + throw new AuthOpException(); } } @@ -262,8 +260,9 @@ return; } - // if possible, send the image without actually having to transform it - if (! jobTicket.isTransformRequired()) { + // if possible, send the image without actually having to transform + // it + if (!jobTicket.isTransformRequired()) { logger.debug("Sending File as is."); ServletOps.sendFile(fileToLoad.getFile(), null, null, response, logger); logger.info("Done in " + (System.currentTimeMillis() - startTime) + "ms"); @@ -285,14 +284,13 @@ // forced destination image type String mt = null; if (jobTicket.hasOption("jpg")) { - mt = "image/jpeg"; + mt = "image/jpeg"; } else if (jobTicket.hasOption("png")) { - mt = "image/png"; + mt = "image/png"; } // send image ServletOps.sendImage(img, mt, response, logger); - logger.debug("Job Processing Time: " - + (System.currentTimeMillis() - startTime) + "ms"); + logger.debug("Job Processing Time: " + (System.currentTimeMillis() - startTime) + "ms"); } catch (ImageOpException e) { logger.error(e.getClass() + ": " + e.getMessage()); @@ -322,8 +320,7 @@ * @param msg * @param response */ - public static void digilibError(ErrMsg type, Error error, String msg, - HttpServletResponse response) { + public static void digilibError(ErrMsg type, Error error, String msg, HttpServletResponse response) { try { File img = null; int status = 0;
--- a/servlet2/src/main/java/digilib/servlet/ScalerNoThread.java Wed Apr 03 21:56:01 2013 +0200 +++ b/servlet2/src/main/java/digilib/servlet/ScalerNoThread.java Thu Apr 04 11:21:16 2013 +0200 @@ -25,7 +25,6 @@ import java.io.File; import java.io.IOException; -import java.util.List; import javax.servlet.ServletConfig; import javax.servlet.ServletContext; @@ -56,14 +55,18 @@ private static final long serialVersionUID = 1450947819851623306L; /** digilib servlet version (for all components) */ - public static final String version = "2.1.5a nothread"; + public static final String version = "2.1.6 nothread"; /** servlet error codes */ - public static enum Error {UNKNOWN, AUTH, FILE, IMAGE}; - + public static enum Error { + UNKNOWN, AUTH, FILE, IMAGE + }; + /** type of error message */ - public static enum ErrMsg {IMAGE, TEXT, CODE}; - + public static enum ErrMsg { + IMAGE, TEXT, CODE + }; + /** logger for accounting requests */ protected static Logger accountlog = Logger.getLogger("account.request"); @@ -107,18 +110,14 @@ public void init(ServletConfig config) throws ServletException { super.init(config); - System.out - .println("***** Digital Image Library Image Scaler Servlet (version " - + version + ") *****"); + System.out.println("***** Digital Image Library Image Scaler Servlet (version " + version + ") *****"); // say hello in the log file - logger.info("***** Digital Image Library Image Scaler Servlet (version " - + version + ") *****"); + logger.info("***** Digital Image Library Image Scaler Servlet (version " + version + ") *****"); // get our ServletContext ServletContext context = config.getServletContext(); // see if there is a Configuration instance - dlConfig = (DigilibServletConfiguration) context - .getAttribute("digilib.servlet.configuration"); + dlConfig = (DigilibServletConfiguration) context.getAttribute("digilib.servlet.configuration"); if (dlConfig == null) { // no Configuration throw new ServletException("No Configuration!"); @@ -130,22 +129,19 @@ // DocuDirCache instance dirCache = (DocuDirCache) dlConfig.getValue("servlet.dir.cache"); - denyImgFile = ServletOps.getFile( - (File) dlConfig.getValue("denied-image"), context); - errorImgFile = ServletOps.getFile( - (File) dlConfig.getValue("error-image"), context); - notfoundImgFile = ServletOps.getFile( - (File) dlConfig.getValue("notfound-image"), context); + denyImgFile = ServletOps.getFile((File) dlConfig.getValue("denied-image"), context); + errorImgFile = ServletOps.getFile((File) dlConfig.getValue("error-image"), context); + notfoundImgFile = ServletOps.getFile((File) dlConfig.getValue("notfound-image"), context); sendFileAllowed = dlConfig.getAsBoolean("sendfile-allowed"); } - /** Returns modification time relevant to the request for caching. + /** + * Returns modification time relevant to the request for caching. * * @see javax.servlet.http.HttpServlet#getLastModified(javax.servlet.http.HttpServletRequest) */ public long getLastModified(HttpServletRequest request) { - accountlog.debug("GetLastModified from " + request.getRemoteAddr() - + " for " + request.getQueryString()); + accountlog.debug("GetLastModified from " + request.getRemoteAddr() + " for " + request.getQueryString()); long mtime = -1; // create new request DigilibServletRequest dlReq = new DigilibServletRequest(request); @@ -153,47 +149,52 @@ if (dd != null) { mtime = dd.getDirMTime() / 1000 * 1000; } - logger.debug(" returns "+mtime); + logger.debug(" returns " + mtime); return mtime; } - /* (non-Javadoc) - * @see javax.servlet.http.HttpServlet#doGet(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + /* + * (non-Javadoc) + * + * @see + * javax.servlet.http.HttpServlet#doGet(javax.servlet.http.HttpServletRequest + * , javax.servlet.http.HttpServletResponse) */ public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException { accountlog.info("GET from " + request.getRemoteAddr()); this.processRequest(request, response); } - - /* (non-Javadoc) - * @see javax.servlet.http.HttpServlet#doPost(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + /* + * (non-Javadoc) + * + * @see + * javax.servlet.http.HttpServlet#doPost(javax.servlet.http.HttpServletRequest + * , javax.servlet.http.HttpServletResponse) */ public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException { accountlog.info("POST from " + request.getRemoteAddr()); this.processRequest(request, response); } - - protected void doHead(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - logger.debug("HEAD from "+req.getRemoteAddr()); - super.doHead(req, resp); - } + protected void doHead(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { + logger.debug("HEAD from " + req.getRemoteAddr()); + super.doHead(req, resp); + } - protected void doOptions(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - logger.debug("OPTIONS from "+req.getRemoteAddr()); - super.doOptions(req, resp); - } + protected void doOptions(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { + logger.debug("OPTIONS from " + req.getRemoteAddr()); + super.doOptions(req, resp); + } - /** Service this request using the response. + /** + * Service this request using the response. + * * @param request * @param response - * @throws ServletException + * @throws ServletException */ - public void processRequest(HttpServletRequest request, - HttpServletResponse response) throws ServletException { + public void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException { if (dlConfig == null) { logger.error("ERROR: No Configuration!"); @@ -212,29 +213,23 @@ // type of error reporting ErrMsg errMsgType = ErrMsg.IMAGE; if (dlRequest.hasOption("errtxt")) { - errMsgType = ErrMsg.TEXT; + errMsgType = ErrMsg.TEXT; } else if (dlRequest.hasOption("errcode")) { - errMsgType = ErrMsg.CODE; + errMsgType = ErrMsg.CODE; } - + try { - /* - * check if we can fast-track without scaling - */ + /* + * check if we can fast-track without scaling + */ ImageInput fileToLoad = (ImageInput) jobTicket.getInput(); // check permissions if (useAuthorization) { - // get a list of required roles (empty if no restrictions) - List<String> rolesRequired = authOp.rolesForPath(dlRequest); - if (rolesRequired != null) { - authlog.debug("Role required: " + rolesRequired); - authlog.debug("User: " + request.getRemoteUser()); - // is the current request/user authorized? - if (!authOp.isRoleAuthorized(rolesRequired, dlRequest)) { - // send deny answer and abort - throw new AuthOpException(); - } + // is the current request/user authorized? + if (!authOp.isAuthorized(dlRequest)) { + // send deny answer and abort + throw new AuthOpException(); } } @@ -250,8 +245,9 @@ return; } - // if possible, send the image without actually having to transform it - if (! jobTicket.isTransformRequired()) { + // if possible, send the image without actually having to transform + // it + if (!jobTicket.isTransformRequired()) { logger.debug("Sending File as is."); ServletOps.sendFile(fileToLoad.getFile(), null, null, response, logger); logger.info("Done in " + (System.currentTimeMillis() - startTime) + "ms"); @@ -265,14 +261,13 @@ // forced destination image type String mt = null; if (jobTicket.hasOption("jpg")) { - mt = "image/jpeg"; + mt = "image/jpeg"; } else if (jobTicket.hasOption("png")) { - mt = "image/png"; + mt = "image/png"; } // send image ServletOps.sendImage(img, mt, response, logger); - logger.debug("Job Processing Time: " - + (System.currentTimeMillis() - startTime) + "ms"); + logger.debug("Job Processing Time: " + (System.currentTimeMillis() - startTime) + "ms"); } catch (ImageOpException e) { logger.error(e.getClass() + ": " + e.getMessage()); @@ -295,8 +290,7 @@ * @param msg * @param response */ - public static void digilibError(ErrMsg type, Error error, String msg, - HttpServletResponse response) { + public static void digilibError(ErrMsg type, Error error, String msg, HttpServletResponse response) { try { File img = null; int status = 0;
--- a/servlet3/src/main/java/digilib/servlet/Initialiser.java Wed Apr 03 21:56:01 2013 +0200 +++ b/servlet3/src/main/java/digilib/servlet/Initialiser.java Thu Apr 04 11:21:16 2013 +0200 @@ -43,7 +43,7 @@ import org.apache.log4j.xml.DOMConfigurator; import digilib.auth.AuthOps; -import digilib.auth.XMLAuthOps; +import digilib.auth.PathServletAuthOps; import digilib.conf.DigilibConfiguration; import digilib.conf.DigilibServletConfiguration; import digilib.image.DocuImage; @@ -138,7 +138,7 @@ // XML version File authConf = ServletOps.getConfigFile((File) dlConfig .getValue("auth-file"), context); - AuthOps authOp = new XMLAuthOps(authConf); + AuthOps authOp = new PathServletAuthOps(authConf); dlConfig.setValue("servlet.auth.op", authOp); dlConfig.setValue("auth-file", authConf); }
--- a/servlet3/src/main/java/digilib/servlet/Scaler.java Wed Apr 03 21:56:01 2013 +0200 +++ b/servlet3/src/main/java/digilib/servlet/Scaler.java Thu Apr 04 11:21:16 2013 +0200 @@ -28,7 +28,6 @@ import java.io.File; import java.io.IOException; -import java.util.List; import javax.servlet.AsyncContext; import javax.servlet.ServletConfig; @@ -121,18 +120,14 @@ public void init(ServletConfig config) throws ServletException { super.init(config); - System.out - .println("***** Digital Image Library Image Scaler Servlet (version " - + version + ") *****"); + System.out.println("***** Digital Image Library Image Scaler Servlet (version " + version + ") *****"); // say hello in the log file - logger.info("***** Digital Image Library Image Scaler Servlet (version " - + version + ") *****"); + logger.info("***** Digital Image Library Image Scaler Servlet (version " + version + ") *****"); // get our ServletContext ServletContext context = config.getServletContext(); // see if there is a Configuration instance - dlConfig = (DigilibConfiguration) context - .getAttribute("digilib.servlet.configuration"); + dlConfig = (DigilibConfiguration) context.getAttribute("digilib.servlet.configuration"); if (dlConfig == null) { // no Configuration throw new ServletException("No Configuration!"); @@ -147,16 +142,14 @@ dirCache = (DocuDirCache) dlConfig.getValue("servlet.dir.cache"); // Executor - imageJobCenter = (DigilibJobCenter<DocuImage>) dlConfig - .getValue("servlet.worker.imageexecutor"); + imageJobCenter = (DigilibJobCenter<DocuImage>) dlConfig.getValue("servlet.worker.imageexecutor"); denyImgFile = ServletOps.getFile(dlConfig.getAsFile("denied-image"), context); errorImgFile = ServletOps.getFile(dlConfig.getAsFile("error-image"), context); notfoundImgFile = ServletOps.getFile(dlConfig.getAsFile("notfound-image"), context); sendFileAllowed = dlConfig.getAsBoolean("sendfile-allowed"); try { - defaultErrMsgType = ErrMsg.valueOf(dlConfig - .getAsString("default-errmsg-type")); + defaultErrMsgType = ErrMsg.valueOf(dlConfig.getAsString("default-errmsg-type")); } catch (Exception e) { // nothing to do } @@ -168,8 +161,7 @@ * @see javax.servlet.http.HttpServlet#getLastModified(javax.servlet.http.HttpServletRequest) */ public long getLastModified(HttpServletRequest request) { - accountlog.debug("GetLastModified from " + request.getRemoteAddr() - + " for " + request.getQueryString()); + accountlog.debug("GetLastModified from " + request.getRemoteAddr() + " for " + request.getQueryString()); long mtime = -1; try { // create new digilib request @@ -192,8 +184,7 @@ * javax.servlet.http.HttpServlet#doGet(javax.servlet.http.HttpServletRequest * , javax.servlet.http.HttpServletResponse) */ - public void doGet(HttpServletRequest request, HttpServletResponse response) - throws ServletException { + public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException { accountlog.info("GET from " + request.getRemoteAddr()); this.processRequest(request, response); } @@ -205,20 +196,17 @@ * javax.servlet.http.HttpServlet#doPost(javax.servlet.http.HttpServletRequest * , javax.servlet.http.HttpServletResponse) */ - public void doPost(HttpServletRequest request, HttpServletResponse response) - throws ServletException { + public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException { accountlog.info("POST from " + request.getRemoteAddr()); this.processRequest(request, response); } - protected void doHead(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + protected void doHead(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { logger.debug("HEAD from " + req.getRemoteAddr()); super.doHead(req, resp); } - protected void doOptions(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + protected void doOptions(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { logger.debug("OPTIONS from " + req.getRemoteAddr()); super.doOptions(req, resp); } @@ -230,8 +218,7 @@ * @param response * @throws ServletException */ - public void processRequest(HttpServletRequest request, - HttpServletResponse response) throws ServletException { + public void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException { if (dlConfig == null) { logger.error("ERROR: No Configuration!"); @@ -248,8 +235,7 @@ // parse request DigilibServletRequest dlRequest = new DigilibServletRequest(request); // extract the job information - final ImageJobDescription jobTicket = ImageJobDescription.getInstance( - dlRequest, dlConfig); + final ImageJobDescription jobTicket = ImageJobDescription.getInstance(dlRequest, dlConfig); // type of error reporting ErrMsg errMsgType = defaultErrMsgType; @@ -269,16 +255,10 @@ // check permissions if (useAuthorization) { - // get a list of required roles (empty if no restrictions) - List<String> rolesRequired = authOp.rolesForPath(dlRequest); - if (rolesRequired != null) { - authlog.debug("Role required: " + rolesRequired); - authlog.debug("User: " + request.getRemoteUser()); - // is the current request/user authorized? - if (!authOp.isRoleAuthorized(rolesRequired, dlRequest)) { - // send deny answer and abort - throw new AuthOpException(); - } + // is the current request/user authorized? + if (!authOp.isAuthorized(dlRequest)) { + // send deny answer and abort + throw new AuthOpException(); } } @@ -289,10 +269,8 @@ mt = "application/octet-stream"; } logger.debug("Sending RAW File as is."); - ServletOps.sendFile(fileToLoad.getFile(), mt, null, response, - logger); - logger.info("Done in " - + (System.currentTimeMillis() - startTime) + "ms"); + ServletOps.sendFile(fileToLoad.getFile(), mt, null, response, logger); + logger.info("Done in " + (System.currentTimeMillis() - startTime) + "ms"); return; } @@ -300,10 +278,8 @@ // it if (!jobTicket.isTransformRequired()) { logger.debug("Sending File as is."); - ServletOps.sendFile(fileToLoad.getFile(), null, null, response, - logger); - logger.info("Done in " - + (System.currentTimeMillis() - startTime) + "ms"); + ServletOps.sendFile(fileToLoad.getFile(), null, null, response, logger); + logger.info("Done in " + (System.currentTimeMillis() - startTime) + "ms"); return; } @@ -317,8 +293,7 @@ // worker job is done asynchronously AsyncContext asyncCtx = request.startAsync(request, response); // create job - AsyncServletWorker job = new AsyncServletWorker(dlConfig, - jobTicket, asyncCtx, errMsgType, startTime); + AsyncServletWorker job = new AsyncServletWorker(dlConfig, jobTicket, asyncCtx, errMsgType, startTime); // AsyncServletWorker is its own AsyncListener asyncCtx.addListener(job); // submit job @@ -349,8 +324,7 @@ * @param msg * @param response */ - public static void digilibError(ErrMsg type, Error error, String msg, - HttpServletResponse response) { + public static void digilibError(ErrMsg type, Error error, String msg, HttpServletResponse response) { try { File img = null; int status = 0;