View Javadoc
1   package info.ejava.examples.secureping.web;
2   
3   import info.ejava.examples.secureping.ejb.SecurePing;
4   import info.ejava.examples.secureping.ejb.SecurePingLocal;
5   import info.ejava.examples.secureping.ejb.SecurePingRemote;
6   
7   import java.io.IOException;
8   import java.util.Enumeration;
9   import java.util.HashMap;
10  import java.util.Map;
11  import java.util.Properties;
12  
13  import javax.ejb.EJB;
14  import javax.naming.InitialContext;
15  import javax.servlet.RequestDispatcher;
16  import javax.servlet.ServletConfig;
17  import javax.servlet.ServletException;
18  import javax.servlet.http.HttpServlet;
19  import javax.servlet.http.HttpServletRequest;
20  import javax.servlet.http.HttpServletResponse;
21  
22  import org.slf4j.Logger;
23  import org.slf4j.LoggerFactory;
24  
25  @SuppressWarnings("serial")
26  public class SecurePingHandlerServlet extends HttpServlet {
27      private static Logger logger = LoggerFactory.getLogger(SecurePingHandlerServlet.class);
28      private Map<String, Handler> handlers = new HashMap<String, Handler>();
29      
30      @EJB(beanName="SecurePingEJB", beanInterface=SecurePingLocal.class)
31      private SecurePing securePingServer;
32  
33      public static final String COMMAND_PARAM = "command";
34      public static final String EXCEPTION_PARAM = "exception";
35      public static final String HANDLER_TYPE_KEY = "type";
36      public static final String ADMIN_TYPE = "admin";
37      public static final String USER_TYPE = "user";
38      public static final String MAINMENU_COMMAND = "menu";
39      public static final String IS_CALLER_IN_ROLE_COMMAND = "isCallerInRole";
40      public static final String PING_ALL_COMMAND = "pingAll";
41      public static final String PING_USER_COMMAND = "pingUser";
42      public static final String PING_ADMIN_COMMAND = "pingAdmin";
43      public static final String PING_EXCLUDED_COMMAND = "pingExcluded";        
44      public static final String LOGOUT_COMMAND = "logout";        
45      protected static final String DISPLAY_EXCEPTION_URL = 
46          "/WEB-INF/content/DisplayException.jsp";
47      private static final String UNKNOWN_COMMAND_URL = 
48          "/WEB-INF/content/UnknownCommand.jsp";
49  
50      public void init() throws ServletException {
51          logger.debug("init() called ");
52          try {
53              ServletConfig config = getServletConfig();
54              initServerRef(config);
55              
56              //build a list of handlers for individual commands
57              //String handler = config.getInitParameter(HANDLER_TYPE_KEY);
58              
59              handlers.put(MAINMENU_COMMAND, new MainMenu());
60              handlers.put(IS_CALLER_IN_ROLE_COMMAND, new IsCallerInRole());
61              handlers.put(PING_ALL_COMMAND, new PingAll());
62              handlers.put(PING_USER_COMMAND, new PingUser());
63              handlers.put(PING_ADMIN_COMMAND, new PingAdmin());
64              handlers.put(PING_EXCLUDED_COMMAND, new PingExcluded());            
65              handlers.put(LOGOUT_COMMAND, new Logout());            
66          }
67          catch (Exception ex) {
68              logger.error("error initializing handler", ex);
69              throw new ServletException("error initializing handler", ex);
70          }
71      }
72  
73      @SuppressWarnings("rawtypes")
74      private void initServerRef(ServletConfig config) throws Exception {        
75          logger.debug("initServerRef(), securePingServer=" + securePingServer);
76          if (securePingServer == null) {
77              //build an InitialContext from Servlet.init properties in web.xml
78              Properties jndiProperties = new Properties();
79              for(Enumeration e=config.getInitParameterNames();
80                  e.hasMoreElements(); ) {
81                  String key = (String)e.nextElement();
82                  String value=(String)config.getInitParameter(key);
83                  if (key.startsWith("java.naming")) {
84                      jndiProperties.put(key, value);
85                  }                    
86              }
87              logger.debug("jndiProperties=" + jndiProperties);
88              InitialContext jndi = new InitialContext(jndiProperties);
89              String jndiName = config.getInitParameter("registrar.local");
90              try { securePingServer = (SecurePingLocal)jndi.lookup(jndiName); }
91              catch (Throwable ex) {
92                  logger.debug(jndiName + " not found, trying remote");
93                  jndiName = config.getInitParameter("secureping.remote");
94                  securePingServer = (SecurePingRemote)jndi.lookup(jndiName);
95              }
96              logger.debug("server ref initialized:" + securePingServer);
97          }        
98      }
99  
100     protected void doGet(HttpServletRequest request, 
101                          HttpServletResponse response) 
102         throws ServletException, IOException {
103         logger.debug("doGet() called");
104         String command = request.getParameter(COMMAND_PARAM);
105         logger.debug("command=" + command);
106         try {            
107             if (command != null) {
108                 Handler handler = handlers.get(command);
109                 if (handler != null) {
110                     handler.handle(request, response);
111                 }
112                 else {
113                     RequestDispatcher rd = 
114                         getServletContext().getRequestDispatcher(
115                             UNKNOWN_COMMAND_URL);
116                             rd.forward(request, response);
117                 }
118             }
119             else {
120                 throw new Exception("no " + COMMAND_PARAM + " supplied"); 
121             }
122         }
123         catch (Exception ex) {
124             request.setAttribute(EXCEPTION_PARAM, ex);
125             RequestDispatcher rd = getServletContext().getRequestDispatcher(
126                     UNKNOWN_COMMAND_URL);
127                     rd.forward(request, response);
128         }
129     }
130 
131     protected void doPost(HttpServletRequest request, 
132                           HttpServletResponse response) 
133         throws ServletException, IOException {
134         logger.debug("doPost() called, calling doGet()");
135         doGet(request, response);
136     }
137 
138     public void destroy() {
139         logger.debug("destroy() called");
140     }
141     
142     private abstract class Handler {
143         protected static final String ROLE_PARAM = "role";
144         protected static final String RESULT_PARAM = "result";
145         protected static final String MAINMENU_URL = 
146             "/WEB-INF/content/MainMenu.jsp";
147         protected static final String DISPLAY_RESULT_URL = 
148             "/WEB-INF/content/DisplayResult.jsp";
149         public abstract void handle(HttpServletRequest request, 
150                 HttpServletResponse response) 
151                 throws ServletException, IOException;        
152     }
153     
154     private class MainMenu extends Handler {
155         public void handle(HttpServletRequest request, 
156                 HttpServletResponse response) 
157                 throws ServletException, IOException {
158             try {
159                 RequestDispatcher rd = 
160                   getServletContext().getRequestDispatcher(MAINMENU_URL);
161                 rd.forward(request, response);                
162             }
163             catch (Exception ex) {
164                 request.setAttribute(EXCEPTION_PARAM, ex);
165                 RequestDispatcher rd = getServletContext().getRequestDispatcher(
166                     DISPLAY_EXCEPTION_URL);
167                 rd.forward(request, response);
168             }
169         }
170     }
171 
172     private class IsCallerInRole extends Handler {
173         public void handle(HttpServletRequest request, 
174                 HttpServletResponse response) 
175                 throws ServletException, IOException {
176             try {
177                 String role = 
178                     (String)request.getParameter(ROLE_PARAM);                
179                 
180                 Boolean result = securePingServer.isCallerInRole(role);
181                 
182                 request.setAttribute(RESULT_PARAM, 
183                         "isCallerInRole(" + role + ")=" + result);                
184                 RequestDispatcher rd = 
185                   getServletContext().getRequestDispatcher(DISPLAY_RESULT_URL);
186                 rd.forward(request, response);                
187             }
188             catch (Exception ex) {
189                 request.setAttribute(EXCEPTION_PARAM, ex);
190                 RequestDispatcher rd = getServletContext().getRequestDispatcher(
191                     DISPLAY_EXCEPTION_URL);
192                 rd.forward(request, response);
193             }
194         }
195     }    
196     
197     private abstract class Ping extends Handler {
198         protected abstract String doPing();
199         public void handle(HttpServletRequest request, 
200                 HttpServletResponse response) 
201                 throws ServletException, IOException {
202             try {
203                 String result = doPing();
204                 
205                 request.setAttribute(RESULT_PARAM, result);                
206                 RequestDispatcher rd = 
207                   getServletContext().getRequestDispatcher(DISPLAY_RESULT_URL);
208                 rd.forward(request, response);                
209             }
210             catch (Exception ex) {
211                 request.setAttribute(EXCEPTION_PARAM, ex);
212                 RequestDispatcher rd = getServletContext().getRequestDispatcher(
213                     DISPLAY_EXCEPTION_URL);
214                 rd.forward(request, response);
215             }
216         }
217     }
218     
219     private class PingAll extends Ping {
220         protected String doPing() { return securePingServer.pingAll(); }
221     }
222     private class PingUser extends Ping {
223         protected String doPing() { return securePingServer.pingUser(); }
224     }
225     private class PingAdmin extends Ping {
226         protected String doPing() { return securePingServer.pingAdmin(); }
227     }
228     private class PingExcluded extends Ping {
229         protected String doPing() { return securePingServer.pingExcluded(); }
230     }
231     
232     private class Logout extends Handler {
233         public void handle(HttpServletRequest request, 
234                 HttpServletResponse response) 
235                 throws ServletException, IOException {
236             try {
237                 request.logout();
238                 request.getSession(false).invalidate();
239                 
240                 RequestDispatcher rd = 
241                   getServletContext().getRequestDispatcher(MAINMENU_URL);
242                 rd.forward(request, response);                
243             }
244             catch (Exception ex) {
245                 request.setAttribute(EXCEPTION_PARAM, ex);
246                 RequestDispatcher rd = getServletContext().getRequestDispatcher(
247                     DISPLAY_EXCEPTION_URL);
248                 rd.forward(request, response);
249             }
250         }
251     }
252 }