diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/filter/AgentRequestFilter.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/filter/AgentRequestFilter.java | 85 |
1 files changed, 46 insertions, 39 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/filter/AgentRequestFilter.java b/pki/base/common/src/com/netscape/cms/servlet/filter/AgentRequestFilter.java index c9c651b66..1ae44a646 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/filter/AgentRequestFilter.java +++ b/pki/base/common/src/com/netscape/cms/servlet/filter/AgentRequestFilter.java @@ -28,24 +28,30 @@ import javax.servlet.http.HttpServletResponse; import com.netscape.certsrv.apps.CMS; -public class AgentRequestFilter implements Filter { +public class AgentRequestFilter implements Filter +{ private static final String HTTPS_SCHEME = "https"; private static final String HTTPS_PORT = "https_port"; private static final String HTTPS_ROLE = "Agent"; private static final String PROXY_PORT = "proxy_port"; private FilterConfig config; - + /* Create a new AgentRequestFilter */ - public AgentRequestFilter() { - } - - public void init(FilterConfig filterConfig) throws ServletException { + public AgentRequestFilter() {} + + public void init( FilterConfig filterConfig ) + throws ServletException + { this.config = filterConfig; } - - public void doFilter(ServletRequest request, ServletResponse response, - FilterChain chain) throws java.io.IOException, ServletException { + + public void doFilter( ServletRequest request, + ServletResponse response, + FilterChain chain ) + throws java.io.IOException, + ServletException + { String filterName = getClass().getName(); String scheme = null; @@ -59,32 +65,32 @@ public class AgentRequestFilter implements Filter { String param_active = null; // CMS.debug("Entering the agent filter"); - param_active = config.getInitParameter("active"); + param_active = config.getInitParameter( "active"); - if (request instanceof HttpServletRequest) { - HttpServletResponse resp = (HttpServletResponse) response; + if( request instanceof HttpServletRequest ) { + HttpServletResponse resp = ( HttpServletResponse ) response; - // RFC 1738: verify that scheme is "https" + // RFC 1738: verify that scheme is "https" scheme = request.getScheme(); - if (!scheme.equals(HTTPS_SCHEME)) { - msg = "The scheme MUST be '" + HTTPS_SCHEME + "', NOT '" - + scheme + "'!"; - CMS.debug(filterName + ": " + msg); - resp.sendError(HttpServletResponse.SC_UNAUTHORIZED, msg); + if( ! scheme.equals( HTTPS_SCHEME ) ) { + msg = "The scheme MUST be '" + HTTPS_SCHEME + + "', NOT '" + scheme + "'!"; + CMS.debug( filterName + ": " + msg ); + resp.sendError( HttpServletResponse.SC_UNAUTHORIZED, msg ); return; } // Always obtain an "https" port from request port = request.getLocalPort(); - request_port = Integer.toString(port); + request_port = Integer.toString( port ); // Always obtain the "https" port passed in as a parameter - param_https_port = config.getInitParameter(HTTPS_PORT); - if (param_https_port == null) { - msg = "The <param-name> '" + HTTPS_PORT + "' </param-name> " - + "MUST be specified in 'web.xml'!"; - CMS.debug(filterName + ": " + msg); - resp.sendError(HttpServletResponse.SC_NOT_IMPLEMENTED, msg); + param_https_port = config.getInitParameter( HTTPS_PORT ); + if( param_https_port == null ) { + msg = "The <param-name> '" + HTTPS_PORT + + "' </param-name> " + "MUST be specified in 'web.xml'!"; + CMS.debug( filterName + ": " + msg ); + resp.sendError( HttpServletResponse.SC_NOT_IMPLEMENTED, msg ); return; } @@ -92,30 +98,29 @@ public class AgentRequestFilter implements Filter { boolean bad_port = false; // Compare the request and param "https" ports - if (!param_https_port.equals(request_port)) { + if( ! param_https_port.equals( request_port ) ) { String uri = ((HttpServletRequest) request).getRequestURI(); if (param_proxy_port != null) { if (!param_proxy_port.equals(request_port)) { msg = "Use HTTPS port '" + param_https_port - + "' or proxy port '" + param_proxy_port - + "' instead of '" + request_port - + "' when performing " + HTTPS_ROLE + " tasks!"; + + "' or proxy port '" + param_proxy_port + + "' instead of '" + request_port + + "' when performing " + HTTPS_ROLE + " tasks!"; bad_port = true; } } else { msg = "Use HTTPS port '" + param_https_port - + "' instead of '" + request_port - + "' when performing " + HTTPS_ROLE + " tasks!"; + + "' instead of '" + request_port + + "' when performing " + HTTPS_ROLE + " tasks!"; bad_port = true; } if (bad_port) { - CMS.debug(filterName + ": " + msg); - CMS.debug(filterName + ": uri is " + uri); - if ((param_active != null) - && (param_active.equals("false"))) { + CMS.debug( filterName + ": " + msg ); + CMS.debug( filterName + ": uri is " + uri); + if ((param_active != null) &&(param_active.equals("false"))) { CMS.debug("Filter is disabled .. continuing"); } else { - resp.sendError(HttpServletResponse.SC_NOT_FOUND, msg); + resp.sendError( HttpServletResponse.SC_NOT_FOUND, msg ); return; } } @@ -123,9 +128,11 @@ public class AgentRequestFilter implements Filter { } // CMS.debug("Exiting the Agent filter"); - chain.doFilter(request, response); + chain.doFilter( request, response ); } - - public void destroy() { + + public void destroy() + { } } + |