boxtec
/
yacy_search_server
mirror of https://github.com/yacy/yacy_search_server
4
1
Fork 0
Code Issues Projects Releases Wiki Activity

* pass cookies to Server Side Includes

Browse Source 
* User.html a bit more usable


git-svn-id: https://svn.berlios.de/svnroot/repos/yacy/trunk@7963 6c8d7289-2bf4-0310-a012-ef5d649a1542
pull/1/head
f1ori 13 years ago
parent 6fba6e7cee
commit 97045022fa
5 changed files with 28 additions and 13 deletions
Show Stats Download Patch File Download Diff File

3
htroot/User.html
Unescape View File

@ -11,7 +11,8 @@
<p>
You are not logged in.<br />
<form action="User.html" method="post" accept-charset="UTF-8">
Username: <input type="text" name="username" /><br />
<input type="hidden" name="returnto" value="#[returnto]#" />
Username: <input type="text" name="username" value="#[username]#" /><br />
Password: <input type="password" name="password" /><br />
<input type="submit" value="login" />
</form>

8
htroot/User.java
Unescape View File

@ -52,6 +52,8 @@ public class User{
prop.put("logged_in", "0");
prop.put("logged-in_limit", "0");
prop.put("status", "0");
prop.put("logged-in_username", "");
prop.put("logged-in_returnto", "");
//identified via HTTPPassword
entry=sb.userDB.proxyAuth((requestHeader.get(RequestHeader.AUTHORIZATION, "xxxxxx")));
if(entry != null){
@ -91,8 +93,11 @@ public class User{
//identified via form-login
//TODO: this does not work for a static admin, yet.
}else if(post != null && post.containsKey("username") && post.containsKey("password")){
if (post.containsKey("returnto"))
prop.putHTML("logged-in_returnto", post.get("returnto"));
final String username=post.get("username");
final String password=post.get("password");
prop.put("logged-in_username", username);
entry=sb.userDB.passwordAuth(username, password);
final boolean staticAdmin = sb.getConfig(SwitchboardConstants.ADMIN_ACCOUNT_B64MD5, "").equals(
@ -155,6 +160,9 @@ public class User{
if(! (requestHeader.get(RequestHeader.AUTHORIZATION, "xxxxxx")).equals("xxxxxx")){
prop.put("AUTHENTICATE","admin log-in");
}
if(post.containsKey("returnto")){
prop.put("LOCATION", post.get("returnto"));
}
}
// return rewrite properties
return prop;

2
source/de/anomic/data/UserDB.java
Unescape View File

@ -210,7 +210,7 @@ public final class UserDB {
} catch (final Exception e) {
Log.logException(e);
}
return null;
return entry;
}
return entry;
}

11
source/de/anomic/http/server/HTTPDFileHandler.java
Unescape View File

@ -105,6 +105,7 @@ import net.yacy.kelondro.util.ByteBuffer;
import net.yacy.kelondro.util.FileUtils;
import net.yacy.kelondro.util.MemoryControl;
import net.yacy.visualization.RasterPlotter;
import de.anomic.data.UserDB;
import de.anomic.search.Switchboard;
import de.anomic.search.SwitchboardConstants;
import de.anomic.server.serverClassLoader;
@ -537,7 +538,9 @@ public final class HTTPDFileHandler {
// implement proxy via url (not in servlet, because we need binary access on ouputStream)
if (path.equals("/proxy.html")) {
final List<Pattern> urlProxyAccess = Domains.makePatterns(sb.getConfig("proxyURL.access", "127.0.0.1"));
if (sb.getConfigBool("proxyURL", false) && Domains.matchesList(clientIP, urlProxyAccess)) {
UserDB.Entry user = sb.userDB.getUser(requestHeader);
boolean user_may_see_proxyurl = Domains.matchesList(clientIP, urlProxyAccess) || (user!=null && user.hasRight(UserDB.AccessRight.PROXY_RIGHT));
if (sb.getConfigBool("proxyURL", false) && user_may_see_proxyurl) {
doURLProxy(args, conProp, requestHeader, out);
return;
}
@ -991,7 +994,7 @@ public final class HTTPDFileHandler {
final ChunkedOutputStream chos = new ChunkedOutputStream(out);
// GZIPOutputStream does not implement flush (this is a bug IMHO)
// so we can't compress this stuff, without loosing the cool SSI trickle feature
ServerSideIncludes.writeSSI(o, chos, realmProp, clientIP);
ServerSideIncludes.writeSSI(o, chos, realmProp, clientIP, requestHeader);
//chos.write(result);
chos.finish();
} else {
@ -1005,14 +1008,14 @@ public final class HTTPDFileHandler {
if (zipContent) {
GZIPOutputStream zippedOut = new GZIPOutputStream(o);
ServerSideIncludes.writeSSI(o1, zippedOut, realmProp, clientIP);
ServerSideIncludes.writeSSI(o1, zippedOut, realmProp, clientIP, requestHeader);
//httpTemplate.writeTemplate(fis, zippedOut, tp, "-UNRESOLVED_PATTERN-".getBytes("UTF-8"));
zippedOut.finish();
zippedOut.flush();
zippedOut.close();
zippedOut = null;
} else {
ServerSideIncludes.writeSSI(o1, o, realmProp, clientIP);
ServerSideIncludes.writeSSI(o1, o, realmProp, clientIP, requestHeader);
//httpTemplate.writeTemplate(fis, o, tp, "-UNRESOLVED_PATTERN-".getBytes("UTF-8"));
}
if (method.equals(HeaderFramework.METHOD_HEAD)) {

17
source/de/anomic/http/server/ServerSideIncludes.java
Unescape View File

@ -39,11 +39,11 @@ import net.yacy.kelondro.util.ByteBuffer;
public class ServerSideIncludes {
public static void writeSSI(final ByteBuffer in, final OutputStream out, final String authorization, final String requesthost) throws IOException {
writeSSI(in, 0, out, authorization, requesthost);
public static void writeSSI(final ByteBuffer in, final OutputStream out, final String authorization, final String requesthost, final RequestHeader requestHeader) throws IOException {
writeSSI(in, 0, out, authorization, requesthost, requestHeader);
}
public static void writeSSI(final ByteBuffer in, int off, final OutputStream out, final String authorization, final String requesthost) throws IOException {
public static void writeSSI(final ByteBuffer in, int off, final OutputStream out, final String authorization, final String requesthost, final RequestHeader requestHeader) throws IOException {
int p = in.indexOf(ASCII.getBytes("<!--#"), off);
int q;
while (p >= 0) {
@ -53,7 +53,7 @@ public class ServerSideIncludes {
} else {
out.write(in.getBytes(off, p - off));
}
parseSSI(in, p, out, authorization, requesthost);
parseSSI(in, p, out, authorization, requesthost, requestHeader);
off = q + 3;
p = in.indexOf(ASCII.getBytes("<!--#"), off);
}
@ -64,17 +64,17 @@ public class ServerSideIncludes {
}
}
private static void parseSSI(final ByteBuffer in, final int off, final OutputStream out, final String authorization, final String requesthost) {
private static void parseSSI(final ByteBuffer in, final int off, final OutputStream out, final String authorization, final String requesthost, final RequestHeader requestHeader) {
if (in.startsWith(ASCII.getBytes("<!--#include virtual=\""), off)) {
final int q = in.indexOf(ASCII.getBytes("\""), off + 22);
if (q > 0) {
final String path = in.toString(off + 22, q - off - 22);
writeContent(path, out, authorization, requesthost);
writeContent(path, out, authorization, requesthost, requestHeader);
}
}
}
private static void writeContent(String path, final OutputStream out, final String authorization, final String requesthost) {
private static void writeContent(String path, final OutputStream out, final String authorization, final String requesthost, final RequestHeader requestHeader) {
// check if there are arguments in path string
String args = "";
final int argpos = path.indexOf('?');
@ -92,6 +92,9 @@ public class ServerSideIncludes {
conProp.put(HeaderFramework.CONNECTION_PROP_HTTP_VER, HeaderFramework.HTTP_VERSION_0_9);
conProp.put(HeaderFramework.CONNECTION_PROP_CLIENTIP, requesthost);
header.put(RequestHeader.AUTHORIZATION, authorization);
if (requestHeader.containsKey(RequestHeader.COOKIE))
header.put(RequestHeader.COOKIE, requestHeader.get(RequestHeader.COOKIE));
header.put(RequestHeader.REFERER, requestHeader.get(RequestHeader.CONNECTION_PROP_PATH));
HTTPDFileHandler.doGet(conProp, header, out);
}
}

Write Preview
Loading…
Cancel
Save