Example 1 with AuthenticationException
use of com.twinsoft.convertigo.engine.AuthenticationException in project convertigo by convertigo.
the class AdminServlet method doRequest.
private void doRequest(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
boolean show_error = false;
try {
show_error = !EnginePropertiesManager.getProperty(PropertyName.HIDING_ERROR_INFORMATION).equals("true");
} catch (Exception e) {
Engine.logAdmin.debug("Failed to retrieve property HIDING_ERROR_INFORMATION: " + e.getClass() + " (" + e.getMessage() + ")");
}
try {
String serviceName = "";
String isAdmin = "";
try {
response.addHeader("Expires", "-1");
response.addHeader("Pragma", "no-cache");
request.setCharacterEncoding("UTF-8");
String requestURL = request.getRequestURL().toString();
int i = requestURL.lastIndexOf('/');
isAdmin = requestURL.substring(0, i).endsWith("/admin/services") ? "admin " : "";
serviceName = requestURL.substring(i + 1);
if (serviceName != null && !serviceName.equals("logs.Get")) {
Engine.logAdmin.info("Service name: " + serviceName);
}
String myPackage = this.getClass().getPackage().getName();
Class<?> serviceClass = Class.forName(myPackage + ".services." + serviceName);
// Check for authentication and roles
ServiceDefinition serviceDefinition = serviceClass.getAnnotation(ServiceDefinition.class);
if (serviceDefinition == null)
throw new IllegalArgumentException("The service '" + serviceName + "' has no service definition!");
if (Engine.isCloudMode()) {
boolean cloud_forbidden = serviceDefinition.cloud_forbidden();
Engine.logAdmin.debug("Is service forbidden for Cloud ? : " + cloud_forbidden);
if (cloud_forbidden) {
throw new EngineException("The service '" + serviceName + "' cannot be acceded on Cloud.");
}
}
if (isAdmin.isEmpty() && serviceDefinition.admin()) {
throw new ClassNotFoundException();
}
String corsOrigin = HttpUtils.applyCorsHeaders(request, response);
if (corsOrigin != null) {
Engine.logAdmin.trace("Add CORS header for: " + corsOrigin);
}
boolean needsAuthentication = !AuthenticatedSessionManager.hasRole(serviceDefinition.roles(), Role.ANONYMOUS);
Engine.logAdmin.debug("Needs authentication: " + needsAuthentication);
if (needsAuthentication) {
Engine.authenticatedSessionManager.checkRoles(request.getSession(false), serviceDefinition.roles());
}
Service service = (Service) serviceClass.getConstructor().newInstance();
try {
boolean xsrfAdmin = EnginePropertiesManager.getPropertyAsBoolean(PropertyName.XSRF_ADMIN);
if (xsrfAdmin) {
if (!serviceDefinition.allow_cors() || EnginePropertiesManager.getPropertyAsBoolean(PropertyName.XSRF_API)) {
HttpUtils.checkXSRF(request, response);
}
}
} catch (IllegalStateException e) {
Engine.logAdmin.warn("Cannot retrieve properties for XSRF, Engine probably stopped.");
}
service.run(serviceName, request, response);
} catch (ClassNotFoundException e) {
String message = "Unknown " + isAdmin + "service '" + serviceName + "'";
Engine.logAdmin.error(message);
if (show_error) {
ServiceUtils.handleError(message, request, response);
}
} catch (NoClassDefFoundError e) {
String message = "Unknown " + isAdmin + "service '" + serviceName + "'";
Engine.logAdmin.error(message);
if (show_error) {
ServiceUtils.handleError(message, request, response);
}
} catch (AuthenticationException e) {
String authMessage = e.getMessage();
Engine.logAdmin.warn(authMessage);
if (show_error) {
ServiceUtils.handleError(authMessage, request, response);
}
} catch (Exception e) {
Engine.logAdmin.error("Unable to execute the service '" + serviceName + "'", e);
if (show_error) {
ServiceUtils.handleError(e, request, response);
}
} finally {
response.flushBuffer();
}
} catch (Throwable e) {
if (show_error) {
throw new ServletException(e);
}
}
}
Also used :
AuthenticationException(com.twinsoft.convertigo.engine.AuthenticationException)
EngineException(com.twinsoft.convertigo.engine.EngineException)
Service(com.twinsoft.convertigo.engine.admin.services.Service)
ServletException(javax.servlet.ServletException)
IOException(java.io.IOException)
AuthenticationException(com.twinsoft.convertigo.engine.AuthenticationException)
EngineException(com.twinsoft.convertigo.engine.EngineException)
ServletException(javax.servlet.ServletException)
ServiceDefinition(com.twinsoft.convertigo.engine.admin.services.at.ServiceDefinition)
Example 2 with AuthenticationException
use of com.twinsoft.convertigo.engine.AuthenticationException in project convertigo by convertigo.
the class Update method getServiceResult.
protected void getServiceResult(HttpServletRequest request, Document document) throws Exception {
Element rootElement = document.getDocumentElement();
Document post = null;
post = XMLUtils.parseDOM(request.getInputStream());
NodeList nl = post.getElementsByTagName("property");
Role[] roles = Engine.authenticatedSessionManager.getRoles(request.getSession());
for (int i = 0; i < nl.getLength(); i++) {
String propKey = ((Element) nl.item(i)).getAttribute("key");
PropertyName property = PropertyName.valueOf(propKey);
if (property.isVisible()) {
if (!AuthenticatedSessionManager.hasRole(roles, Role.WEB_ADMIN) && !AuthenticatedSessionManager.hasRole(roles, property.getCategory().configRoles())) {
throw new AuthenticationException("Authentication failure: user has not sufficient rights!");
}
}
if (property == PropertyName.SECURITY_FILTER) {
if (!SecurityFilter.isAccept(request)) {
throw new InvalidParameterException("Turn on '" + property.getDescription() + "' will block you current session, not allowed.");
}
}
}
for (int i = 0; i < nl.getLength(); i++) {
String propKey = ((Element) nl.item(i)).getAttribute("key");
PropertyName property = PropertyName.valueOf(propKey);
if (property.isVisible()) {
String propValue = ((Element) nl.item(i)).getAttribute("value");
if (PropertyName.TEST_PLATFORM_PASSWORD.equals(property) || PropertyName.ADMIN_PASSWORD.equals(property)) {
AuthenticatedSessionManager.validatePassword(propValue);
}
EnginePropertiesManager.setProperty(property, propValue);
Engine.logAdmin.info("The engine property '" + propKey + "' has been updated to '" + propValue + "'");
}
}
EnginePropertiesManager.saveProperties();
Element update = document.createElement("update");
update.setAttribute("status", "ok");
rootElement.appendChild(update);
}
Also used :
Role(com.twinsoft.convertigo.engine.AuthenticatedSessionManager.Role)
PropertyName(com.twinsoft.convertigo.engine.EnginePropertiesManager.PropertyName)
InvalidParameterException(java.security.InvalidParameterException)
AuthenticationException(com.twinsoft.convertigo.engine.AuthenticationException)
Element(org.w3c.dom.Element)
NodeList(org.w3c.dom.NodeList)
Document(org.w3c.dom.Document)
Example 3 with AuthenticationException
use of com.twinsoft.convertigo.engine.AuthenticationException in project convertigo by convertigo.
the class GetBuildStatus method getServiceResult.
@Override
protected void getServiceResult(HttpServletRequest request, Document document) throws Exception {
String project = Keys.project.value(request);
MobileApplication mobileApplication = getMobileApplication(project);
if (mobileApplication == null) {
throw new ServiceException("no such mobile application");
} else {
boolean bTpPrivateRole = Engine.authenticatedSessionManager.hasRole(request.getSession(), Role.TEST_PLATFORM_PRIVATE);
if (!bTpPrivateRole && mobileApplication.getAccessibility() == Accessibility.Private) {
throw new AuthenticationException("Authentication failure: user has not sufficient rights!");
}
}
String platformName = Keys.platform.value(request);
String sResult = perform(mobileApplication, platformName, request);
JSONObject jsonResult = new JSONObject(sResult);
Element statusElement = document.createElement("build");
statusElement.setAttribute(Keys.project.name(), project);
statusElement.setAttribute(Keys.platform.name(), platformName);
if (jsonResult.has(platformName + "_status")) {
statusElement.setAttribute("status", jsonResult.getString(platformName + "_status"));
} else {
statusElement.setAttribute("status", "none");
}
if (jsonResult.has(platformName + "_bn")) {
statusElement.setAttribute("bn", jsonResult.getString(platformName + "_bn"));
statusElement.setAttribute("bp_url", EnginePropertiesManager.getProperty(PropertyName.MOBILE_BUILDER_PLATFORM_URL).replaceFirst("(.*)/.*?$", "$1"));
}
if (jsonResult.has(platformName + "_error")) {
statusElement.setAttribute("error", jsonResult.getString(platformName + "_error"));
}
statusElement.setAttribute("version", jsonResult.has("version") ? jsonResult.getString("version") : "n/a");
statusElement.setAttribute("phonegap_version", jsonResult.has("phonegap_version") ? jsonResult.getString("phonegap_version") : "n/a");
statusElement.setAttribute("revision", jsonResult.has("revision") ? jsonResult.getString("revision") : "n/a");
statusElement.setAttribute("endpoint", jsonResult.has("endpoint") ? jsonResult.getString("endpoint") : "n/a");
document.getDocumentElement().appendChild(statusElement);
}
Also used :
ServiceException(com.twinsoft.convertigo.engine.admin.services.ServiceException)
JSONObject(org.codehaus.jettison.json.JSONObject)
AuthenticationException(com.twinsoft.convertigo.engine.AuthenticationException)
MobileApplication(com.twinsoft.convertigo.beans.core.MobileApplication)
Element(org.w3c.dom.Element)
Example 4 with AuthenticationException
use of com.twinsoft.convertigo.engine.AuthenticationException in project convertigo by convertigo.
the class GetLocalRevision method getServiceResult.
@Override
protected void getServiceResult(HttpServletRequest request, Document document) throws Exception {
String project = Keys.project.value(request);
MobileApplication mobileApplication = GetBuildStatus.getMobileApplication(project);
if (mobileApplication == null) {
throw new ServiceException("no such mobile application");
} else {
boolean bTpPrivateRole = Engine.authenticatedSessionManager.hasRole(request.getSession(), Role.TEST_PLATFORM_PRIVATE);
if (!bTpPrivateRole && mobileApplication.getAccessibility() == Accessibility.Private) {
throw new AuthenticationException("Authentication failure: user has not sufficient rights!");
}
}
String platformName = Keys.platform.value(request);
MobileResourceHelper mobileResourceHelper = new MobileResourceHelper(request, "mobile/flashupdate", project, platformName);
mobileResourceHelper.prepareFilesForFlashupdate();
Element elt = document.createElement("revision");
elt.setTextContent(mobileResourceHelper.getRevision());
document.getDocumentElement().appendChild(elt);
}
Also used :
ServiceException(com.twinsoft.convertigo.engine.admin.services.ServiceException)
AuthenticationException(com.twinsoft.convertigo.engine.AuthenticationException)
MobileApplication(com.twinsoft.convertigo.beans.core.MobileApplication)
Element(org.w3c.dom.Element)
Example 5 with AuthenticationException
use of com.twinsoft.convertigo.engine.AuthenticationException in project convertigo by convertigo.
the class GetPackage method writeResponseResult.
@Override
protected void writeResponseResult(HttpServletRequest request, HttpServletResponse response) throws Exception {
String project = Keys.project.value(request);
MobileApplication mobileApplication = GetBuildStatus.getMobileApplication(project);
if (mobileApplication == null) {
throw new ServiceException("no such mobile application");
} else {
boolean bTpPrivateRole = Engine.authenticatedSessionManager.hasRole(request.getSession(), Role.TEST_PLATFORM_PRIVATE);
if (!bTpPrivateRole && mobileApplication.getAccessibility() == Accessibility.Private) {
throw new AuthenticationException("Authentication failure: user has not sufficient rights!");
}
}
String platformName = Keys.platform.value(request);
HttpMethod method = null;
try {
method = perform(mobileApplication, platformName, request);
try {
String contentDisposition = method.getResponseHeader(HeaderName.ContentDisposition.value()).getValue();
HeaderName.ContentDisposition.setHeader(response, contentDisposition);
} catch (Exception e) {
HeaderName.ContentDisposition.setHeader(response, "attachment; filename=\"" + project + "\"");
}
try {
response.setContentType(method.getResponseHeader(HeaderName.ContentType.value()).getValue());
} catch (Exception e) {
response.setContentType(MimeType.OctetStream.value());
}
OutputStream responseOutputStream = response.getOutputStream();
IOUtils.copy(method.getResponseBodyAsStream(), responseOutputStream);
} catch (IOException ioex) {
// Fix for ticket #4698
if (!ioex.getClass().getSimpleName().equalsIgnoreCase("ClientAbortException")) {
// fix for #5042
throw ioex;
}
} finally {
if (method != null) {
method.releaseConnection();
}
}
}
Also used :
ServiceException(com.twinsoft.convertigo.engine.admin.services.ServiceException)
AuthenticationException(com.twinsoft.convertigo.engine.AuthenticationException)
MobileApplication(com.twinsoft.convertigo.beans.core.MobileApplication)
OutputStream(java.io.OutputStream)
IOException(java.io.IOException)
HttpMethod(org.apache.commons.httpclient.HttpMethod)
ServiceException(com.twinsoft.convertigo.engine.admin.services.ServiceException)
AuthenticationException(com.twinsoft.convertigo.engine.AuthenticationException)
IOException(java.io.IOException)
Aggregations
AuthenticationException (com.twinsoft.convertigo.engine.AuthenticationException)7
ServiceException (com.twinsoft.convertigo.engine.admin.services.ServiceException)5
MobileApplication (com.twinsoft.convertigo.beans.core.MobileApplication)4
Element (org.w3c.dom.Element)4
IOException (java.io.IOException)2
JSONObject (org.codehaus.jettison.json.JSONObject)2
Role (com.twinsoft.convertigo.engine.AuthenticatedSessionManager.Role)1
EngineException (com.twinsoft.convertigo.engine.EngineException)1
PropertyName (com.twinsoft.convertigo.engine.EnginePropertiesManager.PropertyName)1
Service (com.twinsoft.convertigo.engine.admin.services.Service)1
ServiceDefinition (com.twinsoft.convertigo.engine.admin.services.at.ServiceDefinition)1
File (java.io.File)1
FileInputStream (java.io.FileInputStream)1
OutputStream (java.io.OutputStream)1
InvalidParameterException (java.security.InvalidParameterException)1
ServletException (javax.servlet.ServletException)1
HttpMethod (org.apache.commons.httpclient.HttpMethod)1
Document (org.w3c.dom.Document)1
NodeList (org.w3c.dom.NodeList)1
