Bugzilla Bug #555927 - rhcs80 - AgentRequestFilter servlet and port fowarding

for agent services git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1356 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
author: mharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> 2010-10-15 18:07:37 +0000
committer: mharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> 2010-10-15 18:07:37 +0000
commit: 2fed6fe25f418750faa853577eb8c64d217fc9f0 (patch)
tree: 89c74a3915d4aeab65b4dfb6966900ced7804b80 /pki/base/tks
parent: 0ed4d13e5207c0e69a6d5e3f0f91d7e08d55f76f (diff)
download: pki-2fed6fe25f418750faa853577eb8c64d217fc9f0.tar.gz
pki-2fed6fe25f418750faa853577eb8c64d217fc9f0.tar.xz
pki-2fed6fe25f418750faa853577eb8c64d217fc9f0.zip
2 files changed, 93 insertions, 30 deletions
diff --git a/pki/base/tks/shared/webapps/ROOT/index.html b/pki/base/tks/shared/webapps/ROOT/index.html
deleted file mode 100644
index 1cf44b26..00000000
--- a/pki/base/tks/shared/webapps/ROOT/index.html
+++ /dev/null
@@ -1,22 +0,0 @@
-<!-- --- BEGIN COPYRIGHT BLOCK ---
-     This program is free software; you can redistribute it and/or modify
-     it under the terms of the GNU General Public License as published by
-     the Free Software Foundation; version 2 of the License.
-
-     This program is distributed in the hope that it will be useful,
-     but WITHOUT ANY WARRANTY; without even the implied warranty of
-     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-     GNU General Public License for more details.
-
-     You should have received a copy of the GNU General Public License along
-     with this program; if not, write to the Free Software Foundation, Inc.,
-     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-     Copyright (C) 2007 Red Hat, Inc.
-     All rights reserved.
-     --- END COPYRIGHT BLOCK --- -->
-<html>
-<head>
-<meta http-equiv="refresh" content="0; URL=https://[PKI_MACHINE_NAME]:[PKI_SECURE_PORT]/tks/services">
-</head>
-</html>
diff --git a/pki/base/tks/shared/webapps/ROOT/index.jsp b/pki/base/tks/shared/webapps/ROOT/index.jsp
index d3a2276b..4b2b3c60 100644
--- a/pki/base/tks/shared/webapps/ROOT/index.jsp
+++ b/pki/base/tks/shared/webapps/ROOT/index.jsp
@@ -1,13 +1,98 @@
 <!-- --- BEGIN COPYRIGHT BLOCK ---
-     Copyright (C) 2006 Red Hat, Inc.
+     This program is free software; you can redistribute it and/or modify
+     it under the terms of the GNU General Public License as published by
+     the Free Software Foundation; version 2 of the License.
+
+     This program is distributed in the hope that it will be useful,
+     but WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+     GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along
+     with this program; if not, write to the Free Software Foundation, Inc.,
+     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+     Copyright (C) 2010 Red Hat, Inc.
      All rights reserved.
      --- END COPYRIGHT BLOCK --- -->
 <%
-  String op = request.getParameter("op");
-  if (op == null || op.equals("")) {
-    String redirectURL = "/ca/ee/ca";
-    response.sendRedirect(redirectURL);
-  } else if (op.equals("enroll")) {
-    /* redirect to enrollment servlet */
-  }
+    // establish acceptable schemes
+    final String HTTP_SCHEME = "http";
+    final String HTTPS_SCHEME = "https";
+
+    // establish known ports
+    final int EE_HTTP_PORT = [PKI_UNSECURE_PORT];
+    final int AGENT_HTTPS_PORT = [PKI_AGENT_SECURE_PORT];
+    final int EE_HTTPS_PORT = [PKI_EE_SECURE_PORT];
+    final int ADMIN_HTTPS_PORT = [PKI_ADMIN_SECURE_PORT];
+
+    // establish known paths
+    final String ADMIN_PATH = "/[PKI_SUBSYSTEM_TYPE]/services";
+    final String AGENT_PATH = "/[PKI_SUBSYSTEM_TYPE]/agent/[PKI_SUBSYSTEM_TYPE]";
+    final String ERROR_PATH = "/[PKI_SUBSYSTEM_TYPE]/404.html";
+
+    // retrieve scheme from request
+    String scheme = request.getScheme();
+
+    // retrieve client hostname on which the request was sent
+    String client_hostname = request.getServerName();
+
+    // retrieve client port number on which the request was sent
+    int client_port = request.getServerPort();
+
+    // retrieve server hostname on which the request was received
+    String server_hostname = request.getLocalName();
+
+    // retrieve server port number on which the request was received
+    int server_port = request.getLocalPort();
+
+    // uncomment the following lines to write to 'catalina.out'
+    //System.out.println( "scheme = '" + scheme + "'" );
+    //System.out.println( "client hostname = '" + client_hostname + "'" );
+    //System.out.println( "client port = '" + client_port + "'" );
+    //System.out.println( "server hostname = '" + server_hostname + "'" );
+    //System.out.println( "server port = '" + server_port + "'" );
+
+    // compose the appropriate URL
+    String URL = "";
+
+    if( scheme.equals( HTTP_SCHEME ) ) {
+        if( server_port == EE_HTTP_PORT ) {
+            // always redirect to secure admin 'services' port
+            scheme = HTTPS_SCHEME;
+            client_port = ADMIN_HTTPS_PORT;
+            URL = scheme + "://" + client_hostname + ":" + client_port + ADMIN_PATH;
+        } else {
+            // unknown HTTP server port:  should never get here
+            URL = scheme + "://" + client_hostname + ":" + client_port + ERROR_PATH;
+
+            // uncomment the following line to write to 'catalina.out'
+            //System.out.println( "Unknown HTTP server port:  '" + server_port + "'" );
+        }
+    } else if( scheme.equals( HTTPS_SCHEME ) ) {
+        if( server_port == AGENT_HTTPS_PORT ) {
+            URL = scheme + "://" + client_hostname + ":" + client_port + AGENT_PATH;
+        } else if( server_port == EE_HTTPS_PORT ) {
+            // always redirect to secure admin 'services' port
+            client_port = ADMIN_HTTPS_PORT;
+            URL = scheme + "://" + client_hostname + ":" + client_port + ADMIN_PATH;
+        } else if( server_port == ADMIN_HTTPS_PORT ) {
+            URL = scheme + "://" + client_hostname + ":" + client_port + ADMIN_PATH;
+        } else {
+            // unknown HTTPS server port:  should never get here
+            URL = scheme + "://" + client_hostname + ":" + client_port + ERROR_PATH;
+
+            // uncomment the following line to write to 'catalina.out'
+            //System.out.println( "Unknown HTTPS server port:  '" + server_port + "'" );
+        }
+    } else {
+        // unacceptable scheme:  should never get here
+        URL = scheme + "://" + client_hostname + ":" + client_port + ERROR_PATH;
+
+        // uncomment the following line to write to 'catalina.out'
+        //System.out.println( "Unacceptable scheme:  '" + scheme + "'" );
+    }
+
+    // respond (back to browser) with the appropriate redirected URL
+    response.sendRedirect( URL );
 %>
author	mharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>	2010-10-15 18:07:37 +0000
committer	mharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>	2010-10-15 18:07:37 +0000
commit	2fed6fe25f418750faa853577eb8c64d217fc9f0 (patch)
tree	89c74a3915d4aeab65b4dfb6966900ced7804b80 /pki/base/tks
parent	0ed4d13e5207c0e69a6d5e3f0f91d7e08d55f76f (diff)
download	pki-2fed6fe25f418750faa853577eb8c64d217fc9f0.tar.gz pki-2fed6fe25f418750faa853577eb8c64d217fc9f0.tar.xz pki-2fed6fe25f418750faa853577eb8c64d217fc9f0.zip