detect crawlers and strippers and chop off their sessions

This commit is contained in:
Eric J. Bowersox 2004-11-05 23:48:17 +00:00
parent 28d09ea769
commit cdbb987cd6
4 changed files with 103 additions and 26 deletions

View File

@ -23,30 +23,45 @@ importPackage(Packages.com.silverwrist.venice.ui.helpers);
rinput = bsf.lookupBean("request");
sess = vlib.castVeniceUISession(bsf.lookupBean("session"));
// Get the login cookie name and the CookieControl service.
cookie_name = rinput.getConfigProperty("login.cookie");
cctl = vlib.queryCookieControl(rinput);
if (cctl.isCookiePresent(cookie_name))
{ // get the login cookie value and try to use it to log in
logger.debug("cookie " + cookie_name + " found");
logged_in = false;
try
{ // attempt to log the user in with the cookie
// but don't do it if they're IP-banned
if (rinput.engine.testIPBan(rinput.sourceAddress)==null)
logged_in = sess.user.authenticateWithToken(cctl.getCookie(cookie_name));
// Is this browser a crawler or stripper? If so, make sure the session is destroyed at
// the end of this request.
binfo = vlib.queryBrowserInformation(rinput);
if (binfo.hasCapability("crawler") || binfo.hasCapability("stripper"))
{ // delete this session after 30 seconds if nothing else happens
logger.debug("this session is a crawler, it will be killed");
sess.setMaxInactiveInterval(30);
} // end try
catch (e)
{ // login failed
logger.error("caught " + vlib.exceptionType(e) + ": " + e.message);
logged_in = false;
} // end catch
if (!logged_in) // not logged in - delete the cookie
cctl.deleteCookie(cookie_name);
// the session will be killed at the end of the request anyway
rinput.registerCleanup(new SessionKiller(sess));
} // end if
else
logger.debug("cookie " + cookie_name + " not found");
{ // Get the login cookie name and the CookieControl service.
cookie_name = rinput.getConfigProperty("login.cookie");
cctl = vlib.queryCookieControl(rinput);
if (cctl.isCookiePresent(cookie_name))
{ // get the login cookie value and try to use it to log in
logger.debug("cookie " + cookie_name + " found");
logged_in = false;
try
{ // attempt to log the user in with the cookie
// but don't do it if they're IP-banned
if (rinput.engine.testIPBan(rinput.sourceAddress)==null)
logged_in = sess.user.authenticateWithToken(cctl.getCookie(cookie_name));
} // end try
catch (e)
{ // login failed
logger.error("caught " + vlib.exceptionType(e) + ": " + e.message);
logged_in = false;
} // end catch
if (!logged_in) // not logged in - delete the cookie
cctl.deleteCookie(cookie_name);
} // end if
else
logger.debug("cookie " + cookie_name + " not found");
} // end else (this is a REAL browser, not a crawler or stripper)

View File

@ -0,0 +1,53 @@
/*
* The contents of this file are subject to the Mozilla Public License Version 1.1
* (the "License"); you may not use this file except in compliance with the License.
* You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
*
* Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
* WARRANTY OF ANY KIND, either express or implied. See the License for the specific
* language governing rights and limitations under the License.
*
* The Original Code is the Venice Web Communities System.
*
* The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
* for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
* Copyright (C) 2004 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
*
* Contributor(s):
*/
package com.silverwrist.venice.ui.helpers;
import com.silverwrist.venice.ui.*;
public class SessionKiller implements AutoCleanup
{
/*--------------------------------------------------------------------------------
* Attributes
*--------------------------------------------------------------------------------
*/
private final VeniceUISession m_sess;
/*--------------------------------------------------------------------------------
* Constructor
*--------------------------------------------------------------------------------
*/
public SessionKiller(VeniceUISession sess)
{
m_sess = sess;
} // end constructor
/*--------------------------------------------------------------------------------
* Implementations from interface AutoCleanup
*--------------------------------------------------------------------------------
*/
public void cleanup()
{
m_sess.invalidate();
} // end cleanup
} // end class SessionKiller

View File

@ -24,9 +24,7 @@ import org.w3c.dom.*;
import com.silverwrist.util.StringUtil;
import com.silverwrist.venice.core.*;
import com.silverwrist.venice.ui.VeniceUISession;
import com.silverwrist.venice.ui.helpers.CookieControl;
import com.silverwrist.venice.ui.helpers.HTMLRendering;
import com.silverwrist.venice.ui.helpers.SessionControl;
import com.silverwrist.venice.ui.helpers.*;
import com.silverwrist.venice.util.*;
public class ScriptLibrary
@ -220,6 +218,12 @@ public class ScriptLibrary
} // end join
public final BrowserInformation queryBrowserInformation(ServiceProvider sp)
{
return (BrowserInformation)(sp.queryService(BrowserInformation.class));
} // end queryBrowserInformation
public final CookieControl queryCookieControl(ServiceProvider sp)
{
return (CookieControl)(sp.queryService(CookieControl.class));

View File

@ -110,6 +110,11 @@ class BrowserDatabase
} // end finally
if (m_broken)
logger.info("BrowserDatabase: load broken");
else
logger.info("BrowserDatabase: loaded " + m_browser_list.size() + " entries");
} // end constructor
/*--------------------------------------------------------------------------------