001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: *
017: */
018: package org.apache.lenya.cms.cocoon.acting;
019:
020: import java.util.Collections;
021: import java.util.Map;
022:
023: import org.apache.avalon.framework.parameters.Parameters;
024: import org.apache.avalon.framework.service.ServiceSelector;
025: import org.apache.cocoon.acting.ConfigurableServiceableAction;
026: import org.apache.cocoon.environment.ObjectModelHelper;
027: import org.apache.cocoon.environment.Redirector;
028: import org.apache.cocoon.environment.Request;
029: import org.apache.cocoon.environment.SourceResolver;
030: import org.apache.lenya.ac.AccessController;
031: import org.apache.lenya.ac.AccessControllerResolver;
032: import org.apache.lenya.ac.Policy;
033: import org.apache.lenya.ac.PolicyManager;
034: import org.apache.lenya.cms.linking.LinkRewriter;
035: import org.apache.lenya.cms.linking.OutgoingLinkRewriter;
036: import org.apache.lenya.cms.repository.RepositoryUtil;
037: import org.apache.lenya.cms.repository.Session;
038: import org.apache.lenya.util.ServletHelper;
039:
040: /**
041: * Returns a map if the current request needs a redirect to the <code>https://</code> protocol.
042: * This is the case if the policy requires SSL protection and the current request is not secure. The
043: * map contains the redirect URI as value for the key <em>redirectUri</em>. Otherwise,
044: * <code>null</code> is returned.
045: */
046: public class SslRedirectAction extends ConfigurableServiceableAction {
047:
048: /**
049: * The key to obtain the redirect URI from the returned map.
050: */
051: public static final String KEY_REDIRECT_URI = "redirectUri";
052:
053: public Map act(Redirector redirector,
054: SourceResolver sourceResolver, Map objectModel,
055: String source, Parameters parameters) throws Exception {
056:
057: ServiceSelector selector = null;
058: AccessControllerResolver resolver = null;
059: AccessController accessController = null;
060:
061: Request request = ObjectModelHelper.getRequest(objectModel);
062:
063: if (!request.isSecure()) {
064: try {
065: selector = (ServiceSelector) this .manager
066: .lookup(AccessControllerResolver.ROLE
067: + "Selector");
068:
069: resolver = (AccessControllerResolver) selector
070: .select(AccessControllerResolver.DEFAULT_RESOLVER);
071:
072: String url = ServletHelper.getWebappURI(request);
073: accessController = resolver
074: .resolveAccessController(url);
075:
076: if (accessController != null) {
077: PolicyManager policyManager = accessController
078: .getPolicyManager();
079: Policy policy = policyManager.getPolicy(
080: accessController.getAccreditableManager(),
081: url);
082: if (policy.isSSLProtected()) {
083: Session session = RepositoryUtil.getSession(
084: this .manager, request);
085: LinkRewriter rewriter = new OutgoingLinkRewriter(
086: this .manager, session, url, false,
087: true, false);
088: String sslUri = rewriter.rewrite(url);
089: return Collections.singletonMap(
090: KEY_REDIRECT_URI, sslUri);
091: }
092: }
093:
094: } finally {
095: if (selector != null) {
096: if (resolver != null) {
097: if (accessController != null) {
098: resolver.release(accessController);
099: }
100: selector.release(resolver);
101: }
102: this.manager.release(selector);
103: }
104: }
105: }
106: return null;
107: }
108: }
|