001: /*
002: * CVS information:
003: * $RCSfile$
004: * $Source$
005: * $Date: 2007-11-01 12:36:15 +0100 (Do, 01 Nov 2007) $
006: * $Author: til132 $
007: * $Revision: 257 $
008: */
009: package net.sf.regain.ui.server;
010:
011: import java.io.IOException;
012:
013: import javax.servlet.ServletException;
014: import javax.servlet.http.HttpServlet;
015: import javax.servlet.http.HttpServletRequest;
016: import javax.servlet.http.HttpServletResponse;
017: import javax.servlet.jsp.JspFactory;
018: import javax.servlet.jsp.JspWriter;
019: import javax.servlet.jsp.PageContext;
020:
021: import net.sf.regain.RegainException;
022: import net.sf.regain.RegainToolkit;
023: import net.sf.regain.search.SearchToolkit;
024: import net.sf.regain.util.sharedtag.PageRequest;
025: import net.sf.regain.util.sharedtag.PageResponse;
026: import net.sf.regain.util.sharedtag.taglib.JspPageRequest;
027: import net.sf.regain.util.sharedtag.taglib.JspPageResponse;
028:
029: /**
030: * A servlet providing files. For security reasons this service only provides
031: * files that are in the index.
032: *
033: * @author Tilman Schneider, STZ-IDA an der FH Karlsruhe
034: */
035: public class FileServlet extends HttpServlet {
036:
037: protected void doPost(HttpServletRequest req,
038: HttpServletResponse resp) throws ServletException,
039: IOException {
040: handleRequest(req, resp);
041: }
042:
043: protected void doGet(HttpServletRequest req,
044: HttpServletResponse resp) throws ServletException,
045: IOException {
046: handleRequest(req, resp);
047: }
048:
049: /**
050: * Handles a HTTP request.
051: *
052: * @param req The request.
053: * @param resp The response.
054: * @throws ServletException If handling the request failed.
055: * @throws IOException If writing to the result page failed.
056: */
057: private void handleRequest(HttpServletRequest req,
058: HttpServletResponse resp) throws ServletException,
059: IOException {
060: // Create a page context
061: JspFactory factory = JspFactory.getDefaultFactory();
062: String errorPageURL = null;
063: int bufferSize = (JspWriter.DEFAULT_BUFFER <= 0) ? 1024
064: : JspWriter.DEFAULT_BUFFER;
065: boolean needsSession = false;
066: boolean autoFlush = true;
067: PageContext pageContext = null;
068: try {
069: pageContext = factory.getPageContext(this , req, resp,
070: errorPageURL, needsSession, bufferSize, autoFlush);
071:
072: // Create a shared wrapper
073: PageRequest request = new JspPageRequest(pageContext);
074: PageResponse response = new JspPageResponse(pageContext);
075:
076: // Extract the file name
077: String encoding = "utf-8"; // We use utf-8 in our JSPs
078: String fileUrl = SearchToolkit.extractFileUrl(req
079: .getRequestURI(), encoding);
080:
081: // Check the file
082: try {
083: if (SearchToolkit.allowFileAccess(request, fileUrl)) {
084: // Access allowed -> Send the file
085: SearchToolkit.sendFile(request, response,
086: RegainToolkit.urlToFile(fileUrl));
087: } else {
088: // Access not allowed -> Send 403 Forbidden
089: resp.sendError(403);
090: }
091: } catch (RegainException exc) {
092: throw new ServletException(
093: "Checking file access failed: " + fileUrl, exc);
094: }
095: } catch (Exception exc) {
096: pageContext.handlePageException(exc);
097: } finally {
098: factory.releasePageContext(pageContext);
099: }
100: }
101:
102: }
|