{
// set to true if the request is to be redirected by the page
boolean requestRedirected = false;
// Placeholder for the RunData object.
RunData data = null;
try
{
// Check to make sure that we started up properly.
if (initFailure != null)
{
throw initFailure;
}
// Get general RunData here...
// Perform turbine specific initialization below.
data = RunDataFactory.getRunData(req, res, getServletConfig());
// If this is the first invocation, perform some
// initialization. Certain services need RunData to initialize
// themselves.
if (firstDoGet)
{
init(data);
}
// set the session timeout if specified in turbine's properties
// file if this is a new session
if (data.getSession().isNew())
{
int timeout = TurbineResources.getInt("session.timeout", -1);
if (timeout != -1)
{
data.getSession().setMaxInactiveInterval(timeout);
}
}
// Fill in the screen and action variables.
data.setScreen(data.getParameters().getString("screen"));
data.setAction(data.getParameters().getString("action"));
// Special case for login and logout, this must happen before the
// session validator is executed in order either to allow a user to
// even login, or to ensure that the session validator gets to
// mandate its page selection policy for non-logged in users
// after the logout has taken place.
if (data.hasAction()
&& data.getAction().equalsIgnoreCase(TurbineResources
.getString("action.login"))
|| data.getAction().equalsIgnoreCase(TurbineResources
.getString("action.logout")))
{
// If a User is logging in, we should refresh the
// session here. Invalidating session and starting a
// new session would seem to be a good method, but I
// (JDM) could not get this to work well (it always
// required the user to login twice). Maybe related
// to JServ? If we do not clear out the session, it
// is possible a new User may accidently (if they
// login incorrectly) continue on with information
// associated with the previous User. Currently the
// only keys stored in the session are "turbine.user"
// and "turbine.acl".
if (data.getAction().equalsIgnoreCase(TurbineResources
.getString("action.login")))
{
String[] names = data.getSession().getValueNames();
if (names != null)
{
for (int i = 0; i < names.length; i++)
{
data.getSession().removeValue(names[i]);
}
}
}
ActionLoader.getInstance().exec(data, data.getAction());
data.setAction(null);
}
// This is where the validation of the Session information
// is performed if the user has not logged in yet, then
// the screen is set to be Login. This also handles the
// case of not having a screen defined by also setting the
// screen to Login. If you want people to go to another
// screen other than Login, you need to change that within
// TurbineResources.properties...screen.homepage; or, you
// can specify your own SessionValidator action.
ActionLoader.getInstance().exec(
data, TurbineResources.getString("action.sessionvalidator"));
// Put the Access Control List into the RunData object, so
// it is easily available to modules. It is also placed
// into the session for serialization. Modules can null
// out the ACL to force it to be rebuilt based on more
// information.
ActionLoader.getInstance().exec(
data, TurbineResources.getString("action.accesscontroller"));
// Start the execution phase. DefaultPage will execute the
// appropriate action as well as get the Layout from the
// Screen and then execute that. The Layout is then
// responsible for executing the Navigation and Screen
// modules.
//
// Note that by default, this cannot be overridden from
// parameters passed in via post/query data. This is for
// security purposes. You should really never need more
// than just the default page. If you do, add logic to
// DefaultPage to do what you want.
String defaultPage = TurbineTemplate.getDefaultPageName(data);
if (defaultPage == null)
{
/*
* In this case none of the template services are running.
* The application may be using ECS for views, or a
* decendent of RawScreen is trying to produce output.
* If there is a 'page.default' property in the TR.props
* then use that, otherwise return DefaultPage which will
* handle ECS view scenerios and RawScreen scenerios. The
* app developer can still specify the 'page.default'
* if they wish but the DefaultPage should work in
* most cases.
*/
defaultPage = TurbineResources.getString(
"page.default", "DefaultPage");
}
PageLoader.getInstance().exec(data, defaultPage);
// If a module has set data.acl = null, remove acl from
// the session.
if (data.getACL() == null)
{
try
{
data.getSession().removeValue(
AccessControlList.SESSION_KEY);
}
catch (IllegalStateException ignored)
{
}
}
// handle a redirect request
requestRedirected = ((data.getRedirectURI() != null)
&& (data.getRedirectURI().length() > 0));
if (requestRedirected)
{
if (data.getResponse().isCommitted())
{
requestRedirected = false;
log("redirect requested, response already committed: " +
data.getRedirectURI());
}
else
{
data.getResponse().sendRedirect(data.getRedirectURI());
}
}
if (!requestRedirected)
{
try
{
if (data.isPageSet() == false && data.isOutSet() == false)
{
throw new Exception("Nothing to output");
}
// We are all done! if isPageSet() output that way
// otherwise, data.getOut() has already been written
// to the data.getOut().close() happens below in the
// finally.
if (data.isPageSet() && data.isOutSet() == false)
{
// Modules can override these.
data.getResponse().setLocale(data.getLocale());
data.getResponse()
.setContentType(data.getContentType());
// Set the status code.
data.getResponse().setStatus(data.getStatusCode());
// Output the Page.
data.getPage().output(data.getOut());
}
}
catch (Exception e)
{
// The output stream was probably closed by the client