X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fkernel%2FNodeHttp.java;h=5e1f39acb1f7a57d0651a0976a5c0cc786a781a1;hb=43f4cfb5bf7a475a6b92831f3077a3c7d6aed82e;hp=7afab675fcf4012726c44f2b0da6ed7f708509d0;hpb=0aace113e5cd3c265f2a1c7aeec5bac565fe581a;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeHttp.java b/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeHttp.java
index 7afab675f..5e1f39acb 100644
--- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeHttp.java
+++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeHttp.java
@@ -1,185 +1,48 @@
 package org.argeo.cms.internal.kernel;
 
-import static org.argeo.jackrabbit.servlet.WebdavServlet.INIT_PARAM_RESOURCE_CONFIG;
-
 import java.io.IOException;
 import java.security.cert.X509Certificate;
 import java.util.Enumeration;
-import java.util.Properties;
-import java.util.StringTokenizer;
 
-import javax.jcr.Repository;
 import javax.servlet.FilterChain;
-import javax.servlet.Servlet;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 
-import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.argeo.cms.CmsException;
-import org.argeo.jackrabbit.servlet.OpenInViewSessionProvider;
-import org.argeo.jackrabbit.servlet.RemotingServlet;
-import org.argeo.jackrabbit.servlet.WebdavServlet;
 import org.argeo.jcr.ArgeoJcrConstants;
-import org.argeo.security.NodeAuthenticationToken;
 import org.eclipse.equinox.http.servlet.ExtendedHttpService;
-import org.osgi.service.http.NamespaceException;
-import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
 
 /**
  * Intercepts and enriches http access, mainly focusing on security and
  * transactionality.
  */
+@Deprecated
 class NodeHttp implements KernelConstants, ArgeoJcrConstants {
 	private final static Log log = LogFactory.getLog(NodeHttp.class);
 
-	private final static String ATTR_AUTH = "auth";
-	private final static String HEADER_AUTHORIZATION = "Authorization";
-	private final static String HEADER_WWW_AUTHENTICATE = "WWW-Authenticate";
-
-	private final AuthenticationManager authenticationManager;
-	private final ExtendedHttpService httpService;
-
-	// FIXME Make it more unique
-	private String httpAuthRealm = "Argeo";
-
 	// Filters
 	private final RootFilter rootFilter;
+
 	// private final DoSFilter dosFilter;
 	// private final QoSFilter qosFilter;
 
-	// WebDav / JCR remoting
-	private OpenInViewSessionProvider sessionProvider;
-
-	NodeHttp(ExtendedHttpService httpService, JackrabbitNode node,
-			NodeSecurity authenticationManager) {
-		// this.bundleContext = bundleContext;
-		this.authenticationManager = authenticationManager;
-
-		this.httpService = httpService;
-
-		// Filters
+	NodeHttp(ExtendedHttpService httpService) {
 		rootFilter = new RootFilter();
 		// dosFilter = new CustomDosFilter();
 		// qosFilter = new QoSFilter();
 
-		// DAV
-		sessionProvider = new OpenInViewSessionProvider();
-
-		registerRepositoryServlets(ALIAS_NODE, node);
 		try {
 			httpService.registerFilter("/", rootFilter, null, null);
 		} catch (Exception e) {
-			throw new CmsException(
-					"Could not register root filter", e);
+			throw new CmsException("Cannot register filters", e);
 		}
 	}
 
 	public void destroy() {
-		sessionProvider.destroy();
-		unregisterRepositoryServlets(ALIAS_NODE);
-	}
-
-	void registerRepositoryServlets(String alias, Repository repository) {
-		try {
-			registerWebdavServlet(alias, repository, true);
-			registerWebdavServlet(alias, repository, false);
-			registerRemotingServlet(alias, repository, true);
-			registerRemotingServlet(alias, repository, false);
-		} catch (Exception e) {
-			throw new CmsException(
-					"Could not register servlets for repository " + alias, e);
-		}
-	}
-
-	void unregisterRepositoryServlets(String alias) {
-		// FIXME unregister servlets
-	}
-
-	void registerWebdavServlet(String alias, Repository repository,
-			boolean anonymous) throws NamespaceException, ServletException {
-		WebdavServlet webdavServlet = new WebdavServlet(repository,
-				sessionProvider);
-		String pathPrefix = anonymous ? WEBDAV_PUBLIC : WEBDAV_PRIVATE;
-		String path = pathPrefix + "/" + alias;
-		Properties ip = new Properties();
-		ip.setProperty(INIT_PARAM_RESOURCE_CONFIG, WEBDAV_CONFIG);
-		ip.setProperty(WebdavServlet.INIT_PARAM_RESOURCE_PATH_PREFIX, path);
-		httpService.registerFilter(path, anonymous ? new AnonymousFilter()
-				: new DavFilter(), null, null);
-		// Cast to servlet because of a weird behaviour in Eclipse
-		httpService.registerServlet(path, (Servlet) webdavServlet, ip, null);
-	}
-
-	void registerRemotingServlet(String alias, Repository repository,
-			boolean anonymous) throws NamespaceException, ServletException {
-		String pathPrefix = anonymous ? REMOTING_PUBLIC : REMOTING_PRIVATE;
-		RemotingServlet remotingServlet = new RemotingServlet(repository,
-				sessionProvider);
-		String path = pathPrefix + "/" + alias;
-		Properties ip = new Properties();
-		ip.setProperty(RemotingServlet.INIT_PARAM_RESOURCE_PATH_PREFIX, path);
-
-		// Looks like a bug in Jackrabbit remoting init
-		ip.setProperty(RemotingServlet.INIT_PARAM_HOME,
-				KernelUtils.getOsgiInstanceDir() + "/tmp/jackrabbit");
-		ip.setProperty(RemotingServlet.INIT_PARAM_TMP_DIRECTORY, "remoting");
-		// Cast to servlet because of a weird behaviour in Eclipse
-		httpService.registerFilter(path, anonymous ? new AnonymousFilter()
-				: new DavFilter(), null, null);
-		httpService.registerServlet(path, (Servlet) remotingServlet, ip, null);
-	}
-
-//	private Boolean isSessionAuthenticated(HttpSession httpSession) {
-//		SecurityContext contextFromSession = (SecurityContext) httpSession
-//				.getAttribute(SPRING_SECURITY_CONTEXT_KEY);
-//		return contextFromSession != null;
-//	}
-
-	private void requestBasicAuth(HttpSession httpSession,
-			HttpServletResponse response) {
-		response.setStatus(401);
-		response.setHeader(HEADER_WWW_AUTHENTICATE, "basic realm=\""
-				+ httpAuthRealm + "\"");
-		httpSession.setAttribute(ATTR_AUTH, Boolean.TRUE);
-	}
-
-	private NodeAuthenticationToken basicAuth(String authHeader) {
-		if (authHeader != null) {
-			StringTokenizer st = new StringTokenizer(authHeader);
-			if (st.hasMoreTokens()) {
-				String basic = st.nextToken();
-				if (basic.equalsIgnoreCase("Basic")) {
-					try {
-						String credentials = new String(Base64.decodeBase64(st
-								.nextToken()), "UTF-8");
-						// log.debug("Credentials: " + credentials);
-						int p = credentials.indexOf(":");
-						if (p != -1) {
-							String login = credentials.substring(0, p).trim();
-							String password = credentials.substring(p + 1)
-									.trim();
-
-							return new NodeAuthenticationToken(login,
-									password.toCharArray());
-						} else {
-							throw new CmsException(
-									"Invalid authentication token");
-						}
-					} catch (Exception e) {
-						throw new CmsException(
-								"Couldn't retrieve authentication", e);
-					}
-				}
-			}
-		}
-		throw new CmsException("Couldn't retrieve authentication");
 	}
 
 	/** Intercepts all requests. Authenticates. */
@@ -189,8 +52,12 @@ class NodeHttp implements KernelConstants, ArgeoJcrConstants {
 		public void doFilter(HttpSession httpSession,
 				HttpServletRequest request, HttpServletResponse response,
 				FilterChain filterChain) throws IOException, ServletException {
-			if (log.isTraceEnabled())
+			if (log.isTraceEnabled()) {
+				log.trace(request.getRequestURL().append(
+						request.getQueryString() != null ? "?"
+								+ request.getQueryString() : ""));
 				logRequest(request);
+			}
 
 			String servletPath = request.getServletPath();
 
@@ -220,7 +87,8 @@ class NodeHttp implements KernelConstants, ArgeoJcrConstants {
 			int pathLength = path.length();
 			if (pathLength != 0 && (path.charAt(0) == '/')
 					&& !servletPath.endsWith("rwt-resources")
-					&& !path.equals("/")) {
+					&& !path.startsWith(KernelConstants.PATH_WORKBENCH)
+					&& path.lastIndexOf('/') != 0) {
 				String newLocation = request.getServletPath() + "#" + path;
 				response.setHeader("Location", newLocation);
 				response.setStatus(HttpServletResponse.SC_FOUND);
@@ -233,10 +101,10 @@ class NodeHttp implements KernelConstants, ArgeoJcrConstants {
 	}
 
 	private void logRequest(HttpServletRequest request) {
-		log.debug(request.getContextPath());
-		log.debug(request.getServletPath());
-		log.debug(request.getRequestURI());
-		log.debug(request.getQueryString());
+		log.debug("contextPath=" + request.getContextPath());
+		log.debug("servletPath=" + request.getServletPath());
+		log.debug("requestURI=" + request.getRequestURI());
+		log.debug("queryString=" + request.getQueryString());
 		StringBuilder buf = new StringBuilder();
 		// headers
 		Enumeration<String> en = request.getHeaderNames();
@@ -268,55 +136,6 @@ class NodeHttp implements KernelConstants, ArgeoJcrConstants {
 		return null;
 	}
 
-	/** Intercepts all requests. Authenticates. */
-	private class AnonymousFilter extends HttpFilter {
-		@Override
-		public void doFilter(HttpSession httpSession,
-				HttpServletRequest request, HttpServletResponse response,
-				FilterChain filterChain) throws IOException, ServletException {
-
-			// Authenticate from session
-//			if (isSessionAuthenticated(httpSession)) {
-//				filterChain.doFilter(request, response);
-//				return;
-//			}
-
-			KernelUtils.anonymousLogin(authenticationManager);
-			filterChain.doFilter(request, response);
-		}
-	}
-
-	/** Intercepts all requests. Authenticates. */
-	private class DavFilter extends HttpFilter {
-
-		@Override
-		public void doFilter(HttpSession httpSession,
-				HttpServletRequest request, HttpServletResponse response,
-				FilterChain filterChain) throws IOException, ServletException {
-
-			// Authenticate from session
-			// if (isSessionAuthenticated(httpSession)) {
-			// filterChain.doFilter(request, response);
-			// return;
-			// }
-
-			// Process basic auth
-			String basicAuth = request.getHeader(HEADER_AUTHORIZATION);
-			if (basicAuth != null) {
-				UsernamePasswordAuthenticationToken token = basicAuth(basicAuth);
-				Authentication auth = authenticationManager.authenticate(token);
-				SecurityContextHolder.getContext().setAuthentication(auth);
-//				httpSession.setAttribute(SPRING_SECURITY_CONTEXT_KEY,
-//						SecurityContextHolder.getContext());
-//				httpSession.setAttribute(ATTR_AUTH, Boolean.FALSE);
-				filterChain.doFilter(request, response);
-				return;
-			}
-
-			requestBasicAuth(httpSession, response);
-		}
-	}
-
 	// class CustomDosFilter extends DoSFilter {
 	// @Override
 	// protected String extractUserId(ServletRequest request) {