[Dive4elements-commits] [PATCH] Remove authentication from MapPrintServiceImpl
Wald Commits
scm-commit at wald.intevation.org
Tue Nov 6 14:50:35 CET 2012
# HG changeset patch
# User Christian Lins <christian.lins at intevation.de>
# Date 1352209826 -3600
# Node ID 6ef48927df38add83f509b9fdbde0257845fc35f
# Parent 687b7a6f09aa6652b4780c179422a30813f4d174
Remove authentication from MapPrintServiceImpl.
Printing maps was broken because the called service
required user authentication. The /flys/mapfish-print/print.pdf URI
is now whitelisted in GGInAFilter.
TODO: Support user authentication in MapPrintServiceImpl.
diff -r 687b7a6f09aa -r 6ef48927df38 flys-client/src/main/java/de/intevation/flys/client/server/MapPrintServiceImpl.java
--- a/flys-client/src/main/java/de/intevation/flys/client/server/MapPrintServiceImpl.java Tue Nov 06 13:39:00 2012 +0100
+++ b/flys-client/src/main/java/de/intevation/flys/client/server/MapPrintServiceImpl.java Tue Nov 06 14:50:26 2012 +0100
@@ -1,22 +1,39 @@
package de.intevation.flys.client.server;
import de.intevation.artifacts.common.ArtifactNamespaceContext;
-
import de.intevation.artifacts.common.utils.ClientProtocolUtils;
import de.intevation.artifacts.common.utils.JSON;
import de.intevation.artifacts.common.utils.StringUtils;
import de.intevation.artifacts.common.utils.XMLUtils;
-
import de.intevation.artifacts.httpclient.exceptions.ConnectionException;
-
import de.intevation.artifacts.httpclient.http.HttpClient;
import de.intevation.artifacts.httpclient.http.HttpClientImpl;
+import de.intevation.artifacts.httpclient.http.response.DocumentResponseHandler;
+import de.intevation.flys.client.shared.MapUtils;
+import de.intevation.flys.client.shared.model.MapConfig;
-import de.intevation.artifacts.httpclient.http.response.DocumentResponseHandler;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.io.UnsupportedEncodingException;
+import java.net.URLEncoder;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.LinkedHashMap;
+import java.util.List;
+import java.util.Map;
-import de.intevation.flys.client.shared.model.MapConfig;
-import de.intevation.flys.client.shared.MapUtils;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.httpclient.MultiThreadedHttpConnectionManager;
+import org.apache.commons.httpclient.methods.GetMethod;
+import org.apache.log4j.Logger;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.NodeList;
/*
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
@@ -24,31 +41,6 @@
import java.io.FileInputStream;
import java.io.FileOutputStream;
*/
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.io.UnsupportedEncodingException;
-
-import java.net.URLEncoder;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.LinkedHashMap;
-import java.util.List;
-import java.util.Map;
-
-import javax.servlet.ServletException;
-
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.httpclient.MultiThreadedHttpConnectionManager;
-
-import org.apache.commons.httpclient.methods.GetMethod;
-
-import org.apache.log4j.Logger;
-
/* Used by direct API call. -> Enforce GPLv3
import org.mapfish.print.MapPrinter;
import org.mapfish.print.output.OutputFactory;
@@ -57,10 +49,6 @@
import org.mapfish.print.utils.PJsonObject;
*/
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
-
public class MapPrintServiceImpl
extends HttpServlet
{
@@ -371,6 +359,9 @@
new org.apache.commons.httpclient.HttpClient(
new MultiThreadedHttpConnectionManager());
+ // FIXME: The request is not authenticated.
+ // Currently this is not a problem because /flys/map-print
+ // is whitelisted in GGInAFilter.
GetMethod get = new GetMethod(url);
int result = client.executeMethod(get);
InputStream in = get.getResponseBodyAsStream();
diff -r 687b7a6f09aa -r 6ef48927df38 flys-client/src/main/java/de/intevation/flys/client/server/filter/GGInAFilter.java
--- a/flys-client/src/main/java/de/intevation/flys/client/server/filter/GGInAFilter.java Tue Nov 06 13:39:00 2012 +0100
+++ b/flys-client/src/main/java/de/intevation/flys/client/server/filter/GGInAFilter.java Tue Nov 06 14:50:26 2012 +0100
@@ -1,5 +1,11 @@
package de.intevation.flys.client.server.filter;
+import de.intevation.flys.client.server.auth.Authentication;
+import de.intevation.flys.client.server.auth.AuthenticationException;
+import de.intevation.flys.client.server.auth.AuthenticationFactory;
+import de.intevation.flys.client.server.auth.User;
+import de.intevation.flys.client.server.features.Features;
+
import java.io.IOException;
import java.util.Enumeration;
@@ -10,19 +16,12 @@
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
-
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
-import de.intevation.flys.client.server.auth.Authentication;
-import de.intevation.flys.client.server.auth.AuthenticationException;
-import de.intevation.flys.client.server.auth.AuthenticationFactory;
-import de.intevation.flys.client.server.auth.User;
-import de.intevation.flys.client.server.features.Features;
-
/** ServletFilter used for GGInA authentification and certain authorisation. */
public class GGInAFilter implements Filter {
@@ -38,6 +37,8 @@
public static final String LOGIN_JSP = "/login.jsp";
public static final String LOGIN_SERVLET = "/flys/login";
public static final String FLYS_CSS = "/FLYS.css";
+ public static final String MAP_PRINT = "/flys/map-print";
+ public static final String MAPFISH_PRINT = "/flys/mapfish-print/print.pdf";
/**
@@ -89,9 +90,11 @@
// Allow access to login pages
// TODO Maybe replace with Filter <url-pattern>
String path = this.sc.getContextPath();
- if (requesturi.equals(path + "/login.jsp") ||
- requesturi.equals(path + "/flys/login")
- || requesturi.equals(path + "/FLYS.css")) {
+ if (requesturi.equals(path + LOGIN_JSP)
+ || requesturi.equals(path + LOGIN_SERVLET)
+ || requesturi.equals(path + FLYS_CSS)
+ || requesturi.equals(path + MAP_PRINT)
+ || requesturi.equals(path + MAPFISH_PRINT)) {
logger.debug("Request for login " + requesturi);
chain.doFilter(req, resp);
return;
More information about the Dive4elements-commits
mailing list