boxtec
/
yacy_search_server
mirror of https://github.com/yacy/yacy_search_server
4
1
Fork 0
Code Issues Projects Releases Wiki Activity

Complete harmonization RequestHeader getCookie with std ServletRequest

Browse Source 
to use javax.servlet.http.Cookie parameters.
Depreciate now obsolete getHeaderCookies.
Adjust setting of MaxAge to spec if >= 0 otherwise keep default.
pull/101/merge
reger 8 years ago
parent 396ed3c769
commit 68d4dc5cc5
6 changed files with 44 additions and 41 deletions
Show Stats Download Patch File Download Diff File

31
htroot/CookieTest_p.java
Unescape View File

@ -27,12 +27,9 @@
// javac -classpath .:../classes index.java
// if the shell's current path is HTROOT
import java.util.Iterator;
import java.util.Map;
import javax.servlet.http.Cookie;
import net.yacy.cora.protocol.RequestHeader;
import net.yacy.cora.protocol.ResponseHeader;
import net.yacy.cora.util.CommonPattern;
import net.yacy.server.serverObjects;
import net.yacy.server.serverSwitch;
import net.yacy.server.servletProperties;
@ -53,22 +50,14 @@ public class CookieTest_p {
final servletProperties prop = new servletProperties();
if (post.containsKey("act") && "clear_cookie".equals(post.get("act"))) {
final ResponseHeader outgoingHeader = new ResponseHeader(200);
final Iterator<Map.Entry<String, String>> it = header.entrySet().iterator();
Map.Entry<String, String> e;
while (it.hasNext()) {
e = it.next();
if ("Cookie".equals(e.getKey())) {
final String cookies[] = CommonPattern.SEMICOLON.split(e.getValue());
for (final String cookie : cookies) {
final String nameValue[] = cookie.split("=");
outgoingHeader.setCookie(nameValue[0].trim(), nameValue.length > 1 ? (nameValue[1].trim()) : "");
}
Cookie[] cookies = header.getCookies();
if (cookies != null) {
for (final Cookie cookie : cookies) {
outgoingHeader.setCookie(cookie.getName(), cookie.getValue(), cookie.getMaxAge(), cookie.getPath(), cookie.getDomain(), cookie.getSecure());
}
}
prop.setOutgoingHeader(outgoingHeader);
prop.put("coockiesout", "0");
//header.
} else if (post.containsKey("act") && "set_cookie".equals(post.get("act"))) {
final String cookieName = post.get("cookie_name").trim();
@ -80,16 +69,16 @@ public class CookieTest_p {
prop.put("cookiesin", "1");
prop.putHTML("cookiesin_0_name", cookieName);
prop.putHTML("cookiesin_0_value", cookieValue);
//header.
}
//prop.put("cookiesout", "1");
String[] cookielst = header.getHeaderCookies().split(";");
Cookie[] cookielst = header.getCookies();
int i = 0;
for (String singleco : cookielst) {
prop.putHTML("cookiesout_" + i + "_string", singleco + ";"); // output with ";" for compatiblity with cookiesin
if (cookielst != null) {
for (Cookie singleco : cookielst) {
prop.putHTML("cookiesout_" + i + "_string", singleco.getName() + "=" + singleco.getValue() + ";"); // output with ";" for compatiblity with cookiesin
i++;
}
}
prop.put("cookiesout", i);
return prop;
}

4
htroot/User.java
Unescape View File

@ -59,7 +59,7 @@ public class User{
prop.put("logged-in_identified-by", "1");
//try via cookie
}else{
entry=sb.userDB.cookieAuth(requestHeader.getHeaderCookies());
entry=sb.userDB.cookieAuth(requestHeader.getCookies());
prop.put("logged-in_identified-by", "2");
//try via ip
if(entry == null){
@ -159,7 +159,7 @@ public class User{
prop.put("logged-in", "0");
if(entry != null){
final String ip = requestHeader.getRemoteAddr();
entry.logout((ip != null ? ip : "xxxxxx"), UserDB.getLoginToken(requestHeader.getHeaderCookies())); //todo: logout cookie
entry.logout((ip != null ? ip : "xxxxxx"), UserDB.getLoginToken(requestHeader.getCookies()));
}
try {
requestHeader.logout(); // servlet container session logout

4
source/net/yacy/cora/protocol/RequestHeader.java
Unescape View File

@ -152,8 +152,10 @@ public class RequestHeader extends HeaderFramework implements HttpServletRequest
*
* @return String with cookies separated by ';'
* @see getCookies()
* @deprecated depreceated since 1.92, use getCookies()
*/
public String getHeaderCookies() { // TODO: harmonize with standard getCookies
@Deprecated
public String getHeaderCookies() {
String cookiestring = this.get(COOKIE); // get from legacy or HttpServletRequest
if (cookiestring == null) {
return "";

2
source/net/yacy/cora/protocol/ResponseHeader.java
Unescape View File

@ -158,7 +158,7 @@ public class ResponseHeader extends HeaderFramework {
if (!name.isEmpty()) {
if (this.cookieStore == null) this.cookieStore = new ArrayList<Cookie>();
Cookie c = new Cookie (name, value);
if (maxage != null) c.setMaxAge(maxage);
if (maxage != null && maxage >= 0) c.setMaxAge(maxage);
if (path != null) c.setPath(path);
if (domain != null) c.setDomain(domain);
if (secure) c.setSecure(secure);

38
source/net/yacy/data/UserDB.java
Unescape View File

@ -35,6 +35,7 @@ import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Random;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import net.yacy.cora.document.encoding.UTF8;
@ -43,7 +44,6 @@ import net.yacy.cora.order.CloneableIterator;
import net.yacy.cora.order.Digest;
import net.yacy.cora.order.NaturalOrder;
import net.yacy.cora.protocol.RequestHeader;
import net.yacy.cora.util.CommonPattern;
import net.yacy.cora.util.ConcurrentLog;
import net.yacy.cora.util.SpaceExceededException;
import net.yacy.kelondro.blob.MapHeap;
@ -159,15 +159,15 @@ public final class UserDB {
}
public Entry getUser(final RequestHeader header){
return getUser(header.get(RequestHeader.AUTHORIZATION), header.getHeaderCookies());
return getUser(header.get(RequestHeader.AUTHORIZATION), header.getCookies());
}
public Entry getUser(final String auth, final String cookies){
public Entry getUser(final String auth, final Cookie[] cookies){
Entry entry=null;
if(auth != null) {
entry=proxyAuth(auth);
}
if(entry == null) {
if(entry == null && cookies != null) {
entry=cookieAuth(cookies);
}
return entry;
@ -180,7 +180,7 @@ public final class UserDB {
* @param auth http-headerline for authorisation.
* @param cookies
*/
public boolean hasAdminRight(final String auth, final String cookies) {
public boolean hasAdminRight(final String auth, final Cookie[] cookies) {
final Entry entry = getUser(auth, cookies);
return (entry != null) ? entry.hasRight(AccessRight.ADMIN_RIGHT) : false;
}
@ -255,8 +255,15 @@ public final class UserDB {
return null;
}
public Entry cookieAuth(final String cookieString){
final String token = getLoginToken(cookieString);
/**
* Returns the user entry matching the cookie login token created and set
* on login.
*
* @param cookies
* @return user entry or null
*/
public Entry cookieAuth(final Cookie[] cookies){
final String token = getLoginToken(cookies);
if (cookieUsers.containsKey(token)) {
final Entry entry = cookieUsers.get(token);
return entry;
@ -271,12 +278,17 @@ public final class UserDB {
return token;
}
public static String getLoginToken(final String cookies){
final String[] cookie = CommonPattern.SEMICOLON.split(cookies); //TODO: Mozilla uses "; "
for (final String c :cookie) {
String[] pair = c.split("=");
if (pair[0].trim().equals("login")) {
return pair[1].trim();
/**
* Extracts the token set as value in a cookie with name "login"
* @param cookies
* @return login token string
*/
public static String getLoginToken(final Cookie[] cookies) {
if (cookies != null) {
for (final Cookie c : cookies) {
if (c.getName().equals("login")) {
return c.getValue().trim();
}
}
}
return "";

2
source/net/yacy/search/Switchboard.java
Unescape View File

@ -3574,7 +3574,7 @@ public final class Switchboard extends serverSwitch {
}
// authorization by hit in userDB (authtype username:encodedpassword - handed over by DefaultServlet)
if ( this.userDB.hasAdminRight(realmProp, requestHeader.getHeaderCookies()) ) {
if ( this.userDB.hasAdminRight(realmProp, requestHeader.getCookies()) ) {
adminAuthenticationLastAccess = System.currentTimeMillis();
return 4; //return, because 4=max
}

Write Preview
Loading…
Cancel
Save