Source code

001// --------------------------------------------------------------------------------
002// Copyright 2002-2024 Echo Three, LLC
003//
004// Licensed under the Apache License, Version 2.0 (the "License");
005// you may not use this file except in compliance with the License.
006// You may obtain a copy of the License at
007//
008//     http://www.apache.org/licenses/LICENSE-2.0
009//
010// Unless required by applicable law or agreed to in writing, software
011// distributed under the License is distributed on an "AS IS" BASIS,
012// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013// See the License for the specific language governing permissions and
014// limitations under the License.
015// --------------------------------------------------------------------------------
016
017/*
018 * ====================================================================
019 *
020 * The Apache Software License, Version 1.1
021 *
022 * Copyright (c) 1999-2003 The Apache Software Foundation.  All rights
023 * reserved.
024 *
025 * Redistribution and use in source and binary forms, with or without
026 * modification, are permitted provided that the following conditions
027 * are met:
028 *
029 * 1. Redistributions of source code must retain the above copyright
030 *    notice, this list of conditions and the following disclaimer.
031 *
032 * 2. Redistributions in binary form must reproduce the above copyright
033 *    notice, this list of conditions and the following disclaimer in
034 *    the documentation and/or other materials provided with the
035 *    distribution.
036 *
037 * 3. The end-user documentation included with the redistribution, if
038 *    any, must include the following acknowlegement:
039 *       "This product includes software developed by the
040 *        Apache Software Foundation (http://www.apache.org/)."
041 *    Alternately, this acknowlegement may appear in the software itself,
042 *    if and wherever such third-party acknowlegements normally appear.
043 *
044 * 4. The names "The Jakarta Project", "Struts", and "Apache Software
045 *    Foundation" must not be used to endorse or promote products derived
046 *    from this software without prior written permission. For written
047 *    permission, please contact apache@apache.org.
048 *
049 * 5. Products derived from this software may not be called "Apache"
050 *    nor may "Apache" appear in their names without prior written
051 *    permission of the Apache Group.
052 *
053 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
054 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
055 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
056 * DISCLAIMED.  IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
057 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
058 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
059 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
060 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
061 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
062 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
063 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
064 * SUCH DAMAGE.
065 * ====================================================================
066 *
067 * This software consists of voluntary contributions made by many
068 * individuals on behalf of the Apache Software Foundation.  For more
069 * information on the Apache Software Foundation, please see
070 * <http://www.apache.org/>.
071 *
072 */
073
074package com.echothree.view.client.web.struts.sslext.action;
075
076import com.echothree.view.client.web.struts.sslext.config.SecureActionMapping;
077import com.echothree.view.client.web.struts.sslext.util.SecureRequestUtils;
078import java.io.IOException;
079import javax.servlet.http.HttpServletRequest;
080import javax.servlet.http.HttpServletResponse;
081import org.apache.struts.tiles.TilesRequestProcessor;
082
083/**
084 * Extension of a RequestProcessor for use with sslext & Tiles combination
085 */
086public class SecureTilesRequestProcessor
087        extends TilesRequestProcessor {
088    
089    /**
090     * Override of the base class's processPreprocess() method,
091     * delegates to the superclass method at the end
092     * @param request The current request
093     * @param response The current response
094     * @return true, if the request should continue to be processed, false otherwise
095     */
096    @Override
097    protected boolean processPreprocess(HttpServletRequest request, HttpServletResponse response) {        
098        // Identify the path component we will use to select a mapping
099        // At this point it has already been checked by the calling method,
100        // so we know it is good
101        String path = null;
102        try {
103            path = processPath(request, response);
104        } catch (IOException e) {
105            // Nothing
106        }
107        
108        // Look up the corresponding mapping
109        // This will also be checked later by the calling method,
110        // so we'll leave any error message generation to it
111        SecureActionMapping mapping = null;
112        try {
113            mapping = (SecureActionMapping)processMapping(request, response, path);
114        } catch (IOException ioe) {
115            // Nothing
116        }
117        
118        if(mapping == null) {
119            return false;
120        }
121        
122        // Redirect to https/http if necesssary
123        if(SecureRequestUtils.checkSsl(mapping, getServletContext(), request, response)) {
124            return false;
125        }
126        
127        // Made it through, delegate to the superclass
128        return super.processPreprocess(request, response);
129    }
130    
131}