use of org.apache.commons.httpclient.methods.PostMethod in project spatial-portal by AtlasOfLivingAustralia.
the class LayerLegendScatterplotController method onSelect$cbHighlightArea.
public void onSelect$cbHighlightArea(Event event) {
if (cbHighlightArea.getSelectedItem() != null) {
if (cbHighlightArea.getSelectedItem().getValue() instanceof MapLayer) {
MapLayer ml = cbHighlightArea.getSelectedItem().getValue();
SelectedArea sa = new SelectedArea(ml, ml.getFacets() == null ? ml.getWKT() : null);
data.setHighlightSa(sa);
} else {
String wkt = cbHighlightArea.getSelectedItem().getValue();
SelectedArea sa = new SelectedArea(null, wkt);
data.setHighlightSa(sa);
}
} else {
data.setHighlightSa(null);
}
try {
HttpClient client = new HttpClient();
PostMethod post = new PostMethod(CommonData.getSatServer() + "/ws/scatterplot/style/" + data.getId());
//add style parameters (highlight area)
if (data.getHighlightSa() != null) {
post.addParameter(StringConstants.HIGHLIGHT_WKT, data.getHighlightSa().getWkt());
} else {
post.addParameter(StringConstants.HIGHLIGHT_WKT, "");
}
post.addRequestHeader(StringConstants.ACCEPT, StringConstants.APPLICATION_JSON);
client.executeMethod(post);
} catch (Exception e) {
LOGGER.error("error getting a new scatterplot id", e);
}
data.setImagePath(null);
redraw();
}
use of org.apache.commons.httpclient.methods.PostMethod in project zm-mailbox by Zimbra.
the class ProxyServlet method doProxy.
private void doProxy(HttpServletRequest req, HttpServletResponse resp) throws IOException {
ZimbraLog.clearContext();
boolean isAdmin = isAdminRequest(req);
AuthToken authToken = isAdmin ? getAdminAuthTokenFromCookie(req, resp, true) : getAuthTokenFromCookie(req, resp, true);
if (authToken == null) {
String zAuthToken = req.getParameter(QP_ZAUTHTOKEN);
if (zAuthToken != null) {
try {
authToken = AuthProvider.getAuthToken(zAuthToken);
if (authToken.isExpired()) {
resp.sendError(HttpServletResponse.SC_UNAUTHORIZED, "authtoken expired");
return;
}
if (!authToken.isRegistered()) {
resp.sendError(HttpServletResponse.SC_UNAUTHORIZED, "authtoken is invalid");
return;
}
if (isAdmin && !authToken.isAdmin()) {
resp.sendError(HttpServletResponse.SC_UNAUTHORIZED, "permission denied");
return;
}
} catch (AuthTokenException e) {
resp.sendError(HttpServletResponse.SC_UNAUTHORIZED, "unable to parse authtoken");
return;
}
}
}
if (authToken == null) {
resp.sendError(HttpServletResponse.SC_UNAUTHORIZED, "no authtoken cookie");
return;
}
// get the posted body before the server read and parse them.
byte[] body = copyPostedData(req);
// sanity check
String target = req.getParameter(TARGET_PARAM);
if (target == null) {
resp.sendError(HttpServletResponse.SC_BAD_REQUEST);
return;
}
// check for permission
URL url = new URL(target);
if (!isAdmin && !checkPermissionOnTarget(url, authToken)) {
resp.sendError(HttpServletResponse.SC_FORBIDDEN);
return;
}
// determine whether to return the target inline or store it as an upload
String uploadParam = req.getParameter(UPLOAD_PARAM);
boolean asUpload = uploadParam != null && (uploadParam.equals("1") || uploadParam.equalsIgnoreCase("true"));
HttpMethod method = null;
try {
HttpClient client = ZimbraHttpConnectionManager.getExternalHttpConnMgr().newHttpClient();
HttpProxyUtil.configureProxy(client);
String reqMethod = req.getMethod();
if (reqMethod.equalsIgnoreCase("GET")) {
method = new GetMethod(target);
} else if (reqMethod.equalsIgnoreCase("POST")) {
PostMethod post = new PostMethod(target);
if (body != null)
post.setRequestEntity(new ByteArrayRequestEntity(body, req.getContentType()));
method = post;
} else if (reqMethod.equalsIgnoreCase("PUT")) {
PutMethod put = new PutMethod(target);
if (body != null)
put.setRequestEntity(new ByteArrayRequestEntity(body, req.getContentType()));
method = put;
} else if (reqMethod.equalsIgnoreCase("DELETE")) {
method = new DeleteMethod(target);
} else {
ZimbraLog.zimlet.info("unsupported request method: " + reqMethod);
resp.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
return;
}
// handle basic auth
String auth, user, pass;
auth = req.getParameter(AUTH_PARAM);
user = req.getParameter(USER_PARAM);
pass = req.getParameter(PASS_PARAM);
if (auth != null && user != null && pass != null) {
if (!auth.equals(AUTH_BASIC)) {
ZimbraLog.zimlet.info("unsupported auth type: " + auth);
resp.sendError(HttpServletResponse.SC_BAD_REQUEST);
return;
}
HttpState state = new HttpState();
state.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(user, pass));
client.setState(state);
method.setDoAuthentication(true);
}
Enumeration headers = req.getHeaderNames();
while (headers.hasMoreElements()) {
String hdr = (String) headers.nextElement();
ZimbraLog.zimlet.debug("incoming: " + hdr + ": " + req.getHeader(hdr));
if (canProxyHeader(hdr)) {
ZimbraLog.zimlet.debug("outgoing: " + hdr + ": " + req.getHeader(hdr));
if (hdr.equalsIgnoreCase("x-host"))
method.getParams().setVirtualHost(req.getHeader(hdr));
else
method.addRequestHeader(hdr, req.getHeader(hdr));
}
}
try {
if (!(reqMethod.equalsIgnoreCase("POST") || reqMethod.equalsIgnoreCase("PUT"))) {
method.setFollowRedirects(true);
}
HttpClientUtil.executeMethod(client, method);
} catch (HttpException ex) {
ZimbraLog.zimlet.info("exception while proxying " + target, ex);
resp.sendError(HttpServletResponse.SC_NOT_FOUND);
return;
}
int status = method.getStatusLine() == null ? HttpServletResponse.SC_INTERNAL_SERVER_ERROR : method.getStatusCode();
// workaround for Alexa Thumbnails paid web service, which doesn't bother to return a content-type line
Header ctHeader = method.getResponseHeader("Content-Type");
String contentType = ctHeader == null || ctHeader.getValue() == null ? DEFAULT_CTYPE : ctHeader.getValue();
InputStream targetResponseBody = method.getResponseBodyAsStream();
if (asUpload) {
String filename = req.getParameter(FILENAME_PARAM);
if (filename == null || filename.equals(""))
filename = new ContentType(contentType).getParameter("name");
if ((filename == null || filename.equals("")) && method.getResponseHeader("Content-Disposition") != null)
filename = new ContentDisposition(method.getResponseHeader("Content-Disposition").getValue()).getParameter("filename");
if (filename == null || filename.equals(""))
filename = "unknown";
List<Upload> uploads = null;
if (targetResponseBody != null) {
try {
Upload up = FileUploadServlet.saveUpload(targetResponseBody, filename, contentType, authToken.getAccountId());
uploads = Arrays.asList(up);
} catch (ServiceException e) {
if (e.getCode().equals(MailServiceException.UPLOAD_REJECTED))
status = HttpServletResponse.SC_REQUEST_ENTITY_TOO_LARGE;
else
status = HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
}
}
resp.setStatus(status);
FileUploadServlet.sendResponse(resp, status, req.getParameter(FORMAT_PARAM), null, uploads, null);
} else {
resp.setStatus(status);
resp.setContentType(contentType);
for (Header h : method.getResponseHeaders()) if (canProxyHeader(h.getName()))
resp.addHeader(h.getName(), h.getValue());
if (targetResponseBody != null)
ByteUtil.copy(targetResponseBody, true, resp.getOutputStream(), true);
}
} finally {
if (method != null)
method.releaseConnection();
}
}
use of org.apache.commons.httpclient.methods.PostMethod in project zm-mailbox by Zimbra.
the class TestServiceServlet method testUnDeployAdminExtension.
@Test
public void testUnDeployAdminExtension() throws Exception {
deployAdminVersionCheck();
ZMailbox mbox = TestUtil.getZMailbox(USER_NAME);
HttpClient client = new HttpClient();
String url = baseURL + "undeployzimlet";
PostMethod method = new PostMethod(url);
addAuthTokenHeader(method, mbox.getAuthToken().getValue());
method.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_adminversioncheck");
int respCode = HttpClientUtil.executeMethod(client, method);
Assert.assertEquals("Should be getting error code with user's auth token", HttpStatus.SC_UNAUTHORIZED, respCode);
method = new PostMethod(url);
addAuthTokenHeader(method, getAdminAuthToken(delegatedAdminWithRights.getName()));
method.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_adminversioncheck");
respCode = HttpClientUtil.executeMethod(client, method);
Assert.assertEquals("Delegated admin should not be allowed to undeploy admin extensions even with deployZimlet right", HttpStatus.SC_UNAUTHORIZED, respCode);
method = new PostMethod(url);
addAuthTokenHeader(method, getAdminAuthToken(delegatedAdminWithoutRights.getName()));
method.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_adminversioncheck");
respCode = HttpClientUtil.executeMethod(client, method);
Assert.assertEquals("Delegated admin should not be allowed to undeploy admin extensions with or without deployZimlet right", HttpStatus.SC_UNAUTHORIZED, respCode);
method = new PostMethod(url);
addAuthTokenHeader(method, AuthProvider.getAdminAuthToken().getEncoded());
method.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "com_zimbra_adminversioncheck");
respCode = HttpClientUtil.executeMethod(client, method);
Assert.assertEquals("Super admin should be able to undeploy com_zimbra_adminversioncheck admin extension", HttpStatus.SC_OK, respCode);
}
use of org.apache.commons.httpclient.methods.PostMethod in project zm-mailbox by Zimbra.
the class TestServiceServlet method testUnDeployBadZimletname.
@Test
public void testUnDeployBadZimletname() throws Exception {
ZMailbox mbox = TestUtil.getZMailbox(USER_NAME);
HttpClient client = new HttpClient();
String url = baseURL + "undeployzimlet";
PostMethod method = new PostMethod(url);
addAuthTokenHeader(method, mbox.getAuthToken().getValue());
method.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "../conf/nginx.key");
int respCode = HttpClientUtil.executeMethod(client, method);
Assert.assertEquals("Should be getting error code with user's auth token", HttpStatus.SC_UNAUTHORIZED, respCode);
method = new PostMethod(url);
addAuthTokenHeader(method, AuthProvider.getAdminAuthToken().getEncoded());
method.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "../conf/nginx.key");
respCode = HttpClientUtil.executeMethod(client, method);
Assert.assertEquals("Should be getting code 400 with super admin's auth token", HttpStatus.SC_BAD_REQUEST, respCode);
}
use of org.apache.commons.httpclient.methods.PostMethod in project zm-mailbox by Zimbra.
the class TestServiceServlet method testDeployBadZimletName.
@Test
public void testDeployBadZimletName() throws Exception {
ZMailbox mbox = TestUtil.getZMailbox(USER_NAME);
HttpClient client = new HttpClient();
String url = baseURL + "deployzimlet";
PostMethod method = new PostMethod(url);
addAuthTokenHeader(method, mbox.getAuthToken().getValue());
method.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "../conf/nginx.key");
//standard zimlet, should always be there. No harm in redeploying it
File zimletFile = new File("/opt/zimbra/zimlets/com_zimbra_phone.zip");
if (zimletFile.exists()) {
InputStream targetStream = new FileInputStream(zimletFile);
method.setRequestBody(targetStream);
}
int respCode = HttpClientUtil.executeMethod(client, method);
Assert.assertEquals("Should be getting error code with user's auth token", HttpStatus.SC_UNAUTHORIZED, respCode);
method = new PostMethod(url);
addAuthTokenHeader(method, AuthProvider.getAdminAuthToken().getEncoded());
method.addRequestHeader(ZimletUtil.PARAM_ZIMLET, "../conf/nginx.key");
if (zimletFile.exists()) {
InputStream targetStream = new FileInputStream(zimletFile);
method.setRequestBody(targetStream);
}
respCode = HttpClientUtil.executeMethod(client, method);
Assert.assertEquals("Should be getting code 400 with super admin's auth token w/o upload", HttpStatus.SC_BAD_REQUEST, respCode);
}
Aggregations