From ffc862426a64030d6954f7a954d18984cb150186 Mon Sep 17 00:00:00 2001 From: "Eric J. Bowersox" Date: Sun, 12 May 2002 08:53:28 +0000 Subject: [PATCH] added global UI properties, cookie-reading APIs to CookieControl, moved HttpVeniceUISession initialization into a script file (session_init.js) --- etc/ui-config.xml | 13 ++ scripts/login.js | 7 +- scripts/logout.js | 4 +- scripts/session_init.js | 50 ++++ .../silverwrist/venice/ui/RequestInput.java | 4 + .../venice/ui/VeniceUISession.java | 7 +- .../venice/ui/config/RootConfig.java | 55 ++++- .../ui/config/default-config.properties | 20 ++ .../venice/ui/helpers/CookieControl.java | 49 +++- .../venice/ui/script/ScriptLibrary.java | 20 ++ .../ui/servlet/HttpVeniceUISession.java | 72 +++--- .../venice/ui/servlet/RequestImpl.java | 215 ++++++++++++++---- 12 files changed, 425 insertions(+), 91 deletions(-) create mode 100644 scripts/session_init.js create mode 100644 src/com/silverwrist/venice/ui/config/default-config.properties diff --git a/etc/ui-config.xml b/etc/ui-config.xml index 2bc3b22..2aa0668 100644 --- a/etc/ui-config.xml +++ b/etc/ui-config.xml @@ -57,6 +57,19 @@ + + + + session_init.js + + + VeniceAuth + + + 31536000 + + + diff --git a/scripts/login.js b/scripts/login.js index 3a24e56..24a1300 100644 --- a/scripts/login.js +++ b/scripts/login.js @@ -10,7 +10,7 @@ // // The Initial Developer of the Original Code is Eric J. Bowersox , // for Silverwrist Design Studios. Portions created by Eric J. Bowersox are -// Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved. +// Copyright (C) 2001-2002 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved. // // Contributor(s): @@ -96,8 +96,9 @@ else if (op=="login") if (dlg.getValue("saveme").booleanValue()) { // If the user wants a cookie, give it to them! cctl = vlib.queryCookieControl(rinput); - cctl.savePersistentCookie(CookieControl.LOGIN_COOKIE,user.getAuthenticationToken(), - CookieControl.LOGIN_COOKIE_AGE); + cctl.savePersistentCookie(rinput.getConfigProperty("login.cookie"),user.getAuthenticationToken(), + vlib.toInteger(rinput.getConfigProperty("login.cookie.age"))); + } // end if // Clear the left menus (to force recomputation) and bounce us back to whereever we were diff --git a/scripts/logout.js b/scripts/logout.js index 2889905..eb225a8 100644 --- a/scripts/logout.js +++ b/scripts/logout.js @@ -10,7 +10,7 @@ // // The Initial Developer of the Original Code is Eric J. Bowersox , // for Silverwrist Design Studios. Portions created by Eric J. Bowersox are -// Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved. +// Copyright (C) 2001-2002 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved. // // Contributor(s): @@ -31,7 +31,7 @@ if (user.isLoggedIn()) { // user is logged in - we want to log out // TODO: only remove the login cookie if it was actually set! cctl = vlib.queryCookieControl(rinput); - cctl.deleteCookie(CookieControl.LOGIN_COOKIE); // remove the login cookie + cctl.deleteCookie(rinput.getConfigProperty("login.cookie")); // remove the login cookie sctl = vlib.querySessionControl(rinput); sctl.endSession(); diff --git a/scripts/session_init.js b/scripts/session_init.js new file mode 100644 index 0000000..780357e --- /dev/null +++ b/scripts/session_init.js @@ -0,0 +1,50 @@ +// The contents of this file are subject to the Mozilla Public License Version 1.1 +// (the "License"); you may not use this file except in compliance with the License. +// You may obtain a copy of the License at . +// +// Software distributed under the License is distributed on an "AS IS" basis, WITHOUT +// WARRANTY OF ANY KIND, either express or implied. See the License for the specific +// language governing rights and limitations under the License. +// +// The Original Code is the Venice Web Communities System. +// +// The Initial Developer of the Original Code is Eric J. Bowersox , +// for Silverwrist Design Studios. Portions created by Eric J. Bowersox are +// Copyright (C) 2002 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved. +// +// Contributor(s): + +importPackage(Packages.com.silverwrist.venice.core); +importPackage(Packages.com.silverwrist.venice.except); +importPackage(Packages.com.silverwrist.venice.ui); +importPackage(Packages.com.silverwrist.venice.ui.helpers); + +// Get the request and the session. +rinput = bsf.lookupBean("request"); +sess = vlib.castVeniceUISession(bsf.lookupBean("session")); + +// Get the login cookie name and the CookieControl service. +cookie_name = rinput.getConfigProperty("login.cookie"); +cctl = vlib.queryCookieControl(rinput); +if (cctl.isCookiePresent(cookie_name)) +{ // get the login cookie value and try to use it to log in + logger.debug("cookie " + cookie_name + " found"); + logged_in = false; + try + { // attempt to log the user in with the cookie + logged_in = sess.user.authenticateWithToken(cctl.getCookie(cookie_name)); + + } // end try + catch (e) + { // login failed + logger.error("caught " + vlib.exceptionType(e) + ": " + e.message); + logged_in = false; + + } // end catch + + if (!logged_in) // not logged in - delete the cookie + cctl.deleteCookie(cookie_name); + +} // end if +else + logger.debug("cookie " + cookie_name + " not found"); \ No newline at end of file diff --git a/src/com/silverwrist/venice/ui/RequestInput.java b/src/com/silverwrist/venice/ui/RequestInput.java index 7af525f..04cef58 100644 --- a/src/com/silverwrist/venice/ui/RequestInput.java +++ b/src/com/silverwrist/venice/ui/RequestInput.java @@ -360,4 +360,8 @@ public interface RequestInput extends ServiceProvider public abstract void registerCleanup(AutoCleanup ac); + public abstract String getConfigProperty(String name); + + public abstract String getConfigProperty(String name, String default_val); + } // end interface RequestInput diff --git a/src/com/silverwrist/venice/ui/VeniceUISession.java b/src/com/silverwrist/venice/ui/VeniceUISession.java index d06908f..76877b7 100644 --- a/src/com/silverwrist/venice/ui/VeniceUISession.java +++ b/src/com/silverwrist/venice/ui/VeniceUISession.java @@ -17,8 +17,9 @@ */ package com.silverwrist.venice.ui; -import java.util.*; -import com.silverwrist.venice.core.*; +import java.util.Enumeration; +import javax.servlet.ServletException; +import com.silverwrist.venice.core.UserContext; public interface VeniceUISession { @@ -46,6 +47,6 @@ public interface VeniceUISession public abstract void setUser(UserContext user); - public abstract void preprocess(RequestInput ri); + public abstract void preprocess(RequestInput ri) throws ServletException; } // end class VeniceUISession diff --git a/src/com/silverwrist/venice/ui/config/RootConfig.java b/src/com/silverwrist/venice/ui/config/RootConfig.java index a790b24..360f4b3 100644 --- a/src/com/silverwrist/venice/ui/config/RootConfig.java +++ b/src/com/silverwrist/venice/ui/config/RootConfig.java @@ -63,6 +63,7 @@ public class RootConfig implements LinkTypes, ColorSelectors private String external_static_path; // the external static files path private String format_path; // the JSP formatter path private String blank_photo_path; // the "photo not available" path + private Properties properties; // the property list private String frame_jsp_name; // the name of the frame JSP private String site_title; // the title for the site private File stylesheet; // the stylesheet file reference @@ -196,6 +197,44 @@ public class RootConfig implements LinkTypes, ColorSelectors if (sect1_h.hasAttribute("fixup")) blank_photo_path = image_path + blank_photo_path; + // Load the default properties from the resources. + Properties defprops = new Properties(); + try + { // load the properties from the resource + defprops.load(getClass().getResourceAsStream("default-config.properties")); + + } // end try + catch (IOException e) + { // whoops! + throw new ConfigException("unable to load default application properties"); + + } // end catch + + properties = new Properties(defprops); // create the actual properties + + // Get the section. + sect = loader.configGetSubSection(root_h,"properties"); + + // Loop through the section to find tags and add them to the property list. + NodeList nl; + int i; + if (sect!=null) + { // get the child nodes + nl = sect.getChildNodes(); + for (i=0; i) + + } // end if ( section exists) + // Get the section. sect = loader.configGetSubSection(root_h,"frame"); sect_h = new DOMElementHelper(sect); @@ -336,8 +375,6 @@ public class RootConfig implements LinkTypes, ColorSelectors // Load the stock font sizes. sect1 = sect_h.getSubElement("font-sizes"); HashMap tmap; - NodeList nl; - int i; if (sect1!=null) { // scan through this subsection to find the stock font sizes tmap = new HashMap(); @@ -774,6 +811,18 @@ public class RootConfig implements LinkTypes, ColorSelectors } // end getBlankPhoto + public final String getProperty(String name) + { + return properties.getProperty(name); + + } // end getProperty + + public final String getProperty(String name, String default_val) + { + return properties.getProperty(name,default_val); + + } // end getProperty + public final CommunityMenu getCommunityMenu(CommunityContext comm) { return comm_menu_fact.createMenu(comm); @@ -804,7 +853,7 @@ public class RootConfig implements LinkTypes, ColorSelectors */ static - { + { // create the link types HashMap m = new HashMap(); m.put("absolute",new Integer(ABSOLUTE)); m.put("servlet",new Integer(SERVLET)); diff --git a/src/com/silverwrist/venice/ui/config/default-config.properties b/src/com/silverwrist/venice/ui/config/default-config.properties new file mode 100644 index 0000000..958fd7a --- /dev/null +++ b/src/com/silverwrist/venice/ui/config/default-config.properties @@ -0,0 +1,20 @@ +# The contents of this file are subject to the Mozilla Public License Version 1.1 +# (the "License"); you may not use this file except in compliance with the License. +# You may obtain a copy of the License at . +# +# Software distributed under the License is distributed on an "AS IS" basis, WITHOUT +# WARRANTY OF ANY KIND, either express or implied. See the License for the specific +# language governing rights and limitations under the License. +# +# The Original Code is the Venice Web Communities System. +# +# The Initial Developer of the Original Code is Eric J. Bowersox , +# for Silverwrist Design Studios. Portions created by Eric J. Bowersox are +# Copyright (C) 2001 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved. +# +# Contributor(s): +# ------------------------------------------------------------------------------------- +# Default values for the properties that are loaded from the ui-config.xml section. +session.init=session_init.js +login.cookie=VeniceAuth +login.cookie.age=31536000 \ No newline at end of file diff --git a/src/com/silverwrist/venice/ui/helpers/CookieControl.java b/src/com/silverwrist/venice/ui/helpers/CookieControl.java index 0476ccd..2c3fa3e 100644 --- a/src/com/silverwrist/venice/ui/helpers/CookieControl.java +++ b/src/com/silverwrist/venice/ui/helpers/CookieControl.java @@ -17,15 +17,60 @@ */ package com.silverwrist.venice.ui.helpers; +import java.util.Set; + public interface CookieControl { - public static final String LOGIN_COOKIE = "VeniceAuth"; - public static final int LOGIN_COOKIE_AGE = 60*60*24*365; // one year + /** + * Tests for the presence of a particular cookie. + * + * @param name Name of the cookie to test for existence. + * @return true if a cookie by this name is present, false if not. + */ + public abstract boolean isCookiePresent(String name); + /** + * Returns the value of a particular request cookie. + * + * @param name Name of the cookie to retrieve the value of. + * @return The value of that cookie, or null if the cookie is not present. + */ + public abstract String getCookie(String name); + + /** + * Returns a set containing all the cookie names associated with this request. + * + * @return See above. + */ + public abstract Set getCookieNames(); + + /** + * Adds a new persistent cookie to the application. The cookie will be stored by the + * browser's persistent storage facility.

+ * Cookies should be used sparingly, to avoid possible privacy concerns. + * + * @param name Name of the cookie to be set. + * @param value Value of the cookie to be set. + * @param max_age The maximum lifespan of the persistent cookie, in seconds. + */ public abstract void savePersistentCookie(String name, String value, int max_age); + /** + * Adds a new temporary cookie to the application. The cookie will be stored in the + * browser's memory only, and will disappear when the browser is closed. + * Cookies should be used sparingly, to avoid possible privacy concerns. + * + * @param name Name of the cookie to be set. + * @param value Value of the cookie to be set. + */ public abstract void saveTemporaryCookie(String name, String value); + /** + * Deletes a cookie (either persistent or temporary) from the application. The cookie + * will be erased from the browser. + * + * @param name Name of the cookie to remove. + */ public abstract void deleteCookie(String name); } // end interface CookieControl diff --git a/src/com/silverwrist/venice/ui/script/ScriptLibrary.java b/src/com/silverwrist/venice/ui/script/ScriptLibrary.java index 5637cac..5c7722c 100644 --- a/src/com/silverwrist/venice/ui/script/ScriptLibrary.java +++ b/src/com/silverwrist/venice/ui/script/ScriptLibrary.java @@ -22,6 +22,7 @@ import java.util.*; import org.w3c.dom.*; import com.silverwrist.util.StringUtil; import com.silverwrist.venice.core.*; +import com.silverwrist.venice.ui.VeniceUISession; import com.silverwrist.venice.ui.helpers.CookieControl; import com.silverwrist.venice.ui.helpers.HTMLRendering; import com.silverwrist.venice.ui.helpers.SessionControl; @@ -128,6 +129,14 @@ public class ScriptLibrary } // end castUserSideBoxDescriptor + public final VeniceUISession castVeniceUISession(Object o) + { + if (o instanceof VeniceUISession) + return (VeniceUISession)o; + throw new ClassCastException("ScriptLibrary.castVeniceUISession: invalid cast"); + + } // end castVeniceUISession + public final boolean[] createBooleanArray(int len) { return new boolean[len]; @@ -184,6 +193,8 @@ public class ScriptLibrary public final String exceptionType(Object o) throws ScriptExit { + if (o==null) + return null; if (o instanceof ScriptExit) throw (ScriptExit)o; // rethrow ScriptExit exceptions if (o instanceof Throwable) @@ -244,6 +255,15 @@ public class ScriptLibrary } // end toInteger + public final String typeOf(Object o) + { + if (o==null) + return null; + else + return o.getClass().getName(); + + } // end typeOf + public final boolean validVeniceID(String s) { return IDUtils.isValidVeniceID(s); diff --git a/src/com/silverwrist/venice/ui/servlet/HttpVeniceUISession.java b/src/com/silverwrist/venice/ui/servlet/HttpVeniceUISession.java index 26444d8..c5fac1d 100644 --- a/src/com/silverwrist/venice/ui/servlet/HttpVeniceUISession.java +++ b/src/com/silverwrist/venice/ui/servlet/HttpVeniceUISession.java @@ -17,6 +17,7 @@ */ package com.silverwrist.venice.ui.servlet; +import java.io.*; import java.util.*; import javax.servlet.*; import javax.servlet.http.*; @@ -24,7 +25,8 @@ import org.apache.log4j.*; import com.silverwrist.venice.core.*; import com.silverwrist.venice.except.*; import com.silverwrist.venice.ui.*; -import com.silverwrist.venice.ui.helpers.CookieControl; +import com.silverwrist.venice.ui.helpers.*; +import com.silverwrist.venice.ui.script.*; class HttpVeniceUISession implements VeniceUISession { @@ -42,9 +44,9 @@ class HttpVeniceUISession implements VeniceUISession *-------------------------------------------------------------------------------- */ - private HttpSession session; - private UserContext user; - private Cookie venice_cookie = null; + private HttpSession session; // HTTP session value + private UserContext user; // user context associated with this session + private boolean new_session = true; // is this a new session? /*-------------------------------------------------------------------------------- * Constructor @@ -59,15 +61,6 @@ class HttpVeniceUISession implements VeniceUISession { // tell the engine to create us a user context user = engine.createUserContext(request.getRemoteAddr()); - // Did the user send a Venice authentication cookie? If so, try to use it. - Cookie[] cookies = request.getCookies(); - for (int i=0; (venice_cookie==null) && (itrue if a cookie by this name is present, false if not. + */ + public boolean isCookiePresent(String name) + { + loadCookies(); + return old_cookies.containsKey(name); + + } // end isCookiePresent + + /** + * Returns the value of a particular request cookie. + * + * @param name Name of the cookie to retrieve the value of. + * @return The value of that cookie, or null if the cookie is not present. + */ + public String getCookie(String name) + { + loadCookies(); + Cookie tmp = (Cookie)(old_cookies.get(name)); + return ((tmp==null) ? null : tmp.getValue()); + + } // end getCookie + + /** + * Returns a set containing all the cookie names associated with this request. + * + * @return See above. + */ + public Set getCookieNames() + { + loadCookies(); + if (old_cookies.isEmpty()) + return Collections.EMPTY_SET; + else + return Collections.unmodifiableSet(old_cookies.keySet()); + + } // end getCookieNames + + /** + * Adds a new persistent cookie to the application. The cookie will be stored by the + * browser's persistent storage facility.

+ * Cookies should be used sparingly, to avoid possible privacy concerns. + * + * @param name Name of the cookie to be set. + * @param value Value of the cookie to be set. + * @param max_age The maximum lifespan of the persistent cookie, in seconds. + */ public void savePersistentCookie(String name, String value, int max_age) { Cookie c = new Cookie(name,value); c.setMaxAge(Math.max(max_age,1)); - c.setPath(req.getContextPath()); + c.setPath(httpreq.getContextPath()); putCookie(c); } // end savePersistentCookie + /** + * Adds a new temporary cookie to the application. The cookie will be stored in the + * browser's memory only, and will disappear when the browser is closed. + * Cookies should be used sparingly, to avoid possible privacy concerns. + * + * @param name Name of the cookie to be set. + * @param value Value of the cookie to be set. + */ public void saveTemporaryCookie(String name, String value) { Cookie c = new Cookie(name,value); c.setMaxAge(-1); - c.setPath(req.getContextPath()); + c.setPath(httpreq.getContextPath()); putCookie(c); } // end saveTemporaryCookie + /** + * Deletes a cookie (either persistent or temporary) from the application. The cookie + * will be erased from the browser. + * + * @param name Name of the cookie to remove. + */ public void deleteCookie(String name) { Cookie c = new Cookie(name,""); c.setMaxAge(0); - c.setPath(req.getContextPath()); + c.setPath(httpreq.getContextPath()); putCookie(c); } // end deleteCookie @@ -1776,13 +1886,22 @@ class CookieControlImpl implements CookieControl *-------------------------------------------------------------------------------- */ + /** + * Takes all cookies that have been set on the current request and writes them to the + * HTTP output. + * + * @param response HTTP response to receive all the cookies. + */ final void flushCookies(HttpServletResponse response) { if (new_cookies==null) return; // no-op + if (logger.isDebugEnabled()) + logger.debug("flushCookies(): " + new_cookies.size() + " cookie(s) to output"); + // loop over the cookies and add them to the response - Iterator it = new_cookies.iterator(); + Iterator it = new_cookies.values().iterator(); while (it.hasNext()) { // add cookies to the response Cookie c = (Cookie)(it.next());